Bug 82910

Summary: REGRESSION (109091): Crash when creating a WebArchive of a page with @page style rules
Product: WebKit Reporter: Brady Eidson <beidson>
Component: CSSAssignee: Brady Eidson <beidson>
Status: RESOLVED FIXED    
Severity: Normal CC: koivisto, macpherson, menard, webkit.review.bot
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Attachments:
Description Flags
Patch v1 - Fix + layout test koivisto: review+

Brady Eidson
Reported 2012-04-02 10:38:01 PDT
REGRESSION (98963 and 109091): Crash when creating a WebArchive of a page with @page style rules > 1 com.apple.WebCore 0x7fff8efa3a47 WebCore::StylePropertySet::addSubresourceStyleURLs(WTF::ListHashSet<WebCore::KURL, 256ul, WebCore::KURLHash>&, WebCore::CSSStyleSheet*) + 0x17 2 com.apple.WebCore 0x7fff8ea2291b WebCore::CSSStyleSheet::addSubresourceStyleURLs(WTF::ListHashSet<WebCore::KURL, 256ul, WebCore::KURLHash>&) + 0xfb 3 com.apple.WebCore 0x7fff8ea2280e WebCore::HTMLLinkElement::addSubresourceAttributeURLs(WTF::ListHashSet<WebCore::KURL, 256ul, WebCore::KURLHash>&) const + 0xee 4 com.apple.WebCore 0x7fff8eea0fdd WebCore::LegacyWebArchive::create(WTF::String const&, WebCore::Frame*, WTF::Vector<WebCore::Node*, 0ul> const&, WebCore::FrameFilter*) + 0x50d 5 com.apple.WebCore 0x7fff8eea0a69 WebCore::LegacyWebArchive::create(WebCore::Node*, WebCore::FrameFilter*) + 0x219 6 com.apple.WebKit2 0x7fff8cfd50fb WebKit::WebFrame::webArchiveData(bool (*)(OpaqueWKBundleFrame const*, OpaqueWKBundleFrame const*, void*), void*) + 0x3d The cause is code in CSSStyleSheet::addSubresourceStyleURLs that does: if (rule->isStyleRule() || rule->isPageRule()) static_cast<CSSStyleRule*>(rule)->styleRule()->addSubresourceStyleURLs(urls, this); Page rules are casted to CSSStyleRule* which is bogus. Patch coming soon. In radar as <rdar://problem/11020155>
Attachments
Patch v1 - Fix + layout test (3.98 KB, patch)
2012-04-02 10:44 PDT, Brady Eidson 		koivisto: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Brady Eidson
Comment 1 2012-04-02 10:44:38 PDT
Created attachment 135130 [details] Patch v1 - Fix + layout test
Antti Koivisto
Comment 2 2012-04-02 10:54:45 PDT
Comment on attachment 135130 [details] Patch v1 - Fix + layout test The patch in bug 82728 refactors the code here and also fixed the bug. The test is nice though.
Antti Koivisto
Comment 3 2012-04-02 11:07:03 PDT
(In reply to comment #2) > (From update of attachment 135130 [details]) > The patch in bug 82728 refactors the code here and also fixed the bug. The test is nice though. s/fixed/fixes/
Brady Eidson
Comment 4 2012-04-02 11:14:46 PDT
Andreas pointed out elsewhere: @page rules used to be style rules prior to <http://trac.webkit.org/changeset/107526>. That's why it worked back then. Of course, it was never necessary to collect sub-resource URLs from them. :/
Brady Eidson
Comment 5 2012-04-02 11:23:40 PDT
http://trac.webkit.org/changeset/112913
Note You need to log in before you can comment on or make changes to this bug.