Bug 137608
| Summary: | Unmatched CSS selector crashes tab. | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Jeroen Bensch <jeroen> |
| Component: | Page Loading | Assignee: | Benjamin Poulain <benjamin> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | ap, benjamin |
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | iPhone / iPad | ||
| OS: | Unspecified | ||
| URL: | http://test.internetarchitects.be/ios8.html | ||
Jeroen Bensch
Whenever we try to load this in Safari on iOS 8.0.2 the tab crashes.
The CSS won't match the HTML it seems and crashes.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Alexey Proskuryakov
This seems like it may be fixed in trunk WebKit already. Ben?
Benjamin Poulain
After the branch, I did some big refactoring of style resolution. WebKit trunk uses a completely different algorithm for adjacent relations so it is not ideal for testing.
The branch of iOS 8-8.0.2 has a silly bug on 32bits device when :nth-child() is used inside a backtracking chain. The patch was integrated here: http://trac.webkit.org/changeset/173732
Jeroen, what device have you tested?
Jeroen Bensch
Benjamin,
I've tested it on an iPhone 5 and iPad mini (non-retina). A colleague of mine tested it on iPhone 5s and iPad 3.
iPhone 5 and iPad mini are running iOS 8.0.2.
iPhone 5s and iPad 3 were running iOS 8.0.1.
Benjamin Poulain
Ok.
The crash on 5S is really odd, I can't think of a reason why that would happen. I tried the test case on an iPhone 6 just in case. The CPU architecture is close enough for testing, the JIT is exactly the same for 5S and 6.
I updated an iPhone 5 to the latest seed and the test page does not crash. All the data I have seems to show this is fixed by http://trac.webkit.org/changeset/173732, I close this bug since there is nothing else to do.