Bug 110359 - Web Inspector: CSSAgent.setStyleSheetText crashes on inline styles
Summary: Web Inspector: CSSAgent.setStyleSheetText crashes on inline styles
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Web Inspector (Deprecated) (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Alexander Pavlov (apavlov)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-02-20 11:20 PST by Timothy Hatcher
Modified: 2013-02-26 01:17 PST (History)
11 users (show)

See Also:

Attachments
Patch (9.61 KB, patch)
2013-02-21 03:36 PST, Alexander Pavlov (apavlov) 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Timothy Hatcher 2013-02-20 11:20:12 PST 
While experimenting with style editing I found that calling CSSAgent.setStyleSheetText on an inline style's StyleSheetId will cause a crash.

This happens because m_pageStyleSheet is always null for InspectorStyleSheetForInlineStyle.

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000010

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.WebCore             	0x0000000101af332e WebCore::InspectorStyleSheet::reparseStyleSheet(WTF::String const&) + 62 (RefPtr.h:58)
1   com.apple.WebCore             	0x0000000101a953aa WebCore::InspectorCSSAgent::SetStyleSheetTextAction::redo(int&) + 42 (InspectorCSSAgent.cpp:334)
2   com.apple.WebCore             	0x0000000101a9532b WebCore::InspectorCSSAgent::SetStyleSheetTextAction::perform(int&) + 43 (InspectorCSSAgent.cpp:319)
3   com.apple.WebCore             	0x0000000101aca931 WebCore::InspectorHistory::perform(WTF::PassOwnPtr<WebCore::InspectorHistory::Action>, int&) + 33 (InspectorHistory.cpp:92)
4   com.apple.WebCore             	0x0000000101a8cc1c WebCore::InspectorCSSAgent::setStyleSheetText(WTF::String*, WTF::String const&, WTF::String const&) + 108 (PassOwnPtr.h:56)
5   com.apple.WebCore             	0x0000000101a609e2 WebCore::InspectorBackendDispatcherImpl::CSS_setStyleSheetText(long, WebCore::InspectorObject*) + 882 (PassRefPtr.h:97)
6   com.apple.WebCore             	0x0000000101a7e507 WebCore::InspectorBackendDispatcherImpl::dispatch(WTF::String const&) + 1687 (RefPtr.h:56)
7   com.apple.WebCore             	0x0000000101ac7ad5 WebCore::InspectorBackendDispatchTask::onTimer(WebCore::Timer<WebCore::InspectorBackendDispatchTask>*) + 69 (RefPtr.h:56)
8   com.apple.WebCore             	0x0000000102243c6f WebCore::ThreadTimers::sharedTimerFiredInternal() + 175 (ThreadTimers.cpp:132)
9   com.apple.WebCore             	0x00000001020cbeda WebCore::timerFired(__CFRunLoopTimer*, void*) + 58 (SharedTimerMac.mm:167)
10  com.apple.CoreFoundation      	0x00007fff902e4804 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20
11  com.apple.CoreFoundation      	0x00007fff902e431d __CFRunLoopDoTimer + 557
12  com.apple.CoreFoundation      	0x00007fff902c9ad9 __CFRunLoopRun + 1529
13  com.apple.CoreFoundation      	0x00007fff902c90e2 CFRunLoopRunSpecific + 290
14  com.apple.HIToolbox           	0x00007fff95e3eeb4 RunCurrentEventLoopInMode + 209
15  com.apple.HIToolbox           	0x00007fff95e3ec52 ReceiveNextEventCommon + 356
16  com.apple.HIToolbox           	0x00007fff95e3eae3 BlockUntilNextEventMatchingListInMode + 62
17  com.apple.AppKit              	0x00007fff93bf5563 _DPSNextEvent + 685
18  com.apple.AppKit              	0x00007fff93bf4e22 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
19  com.apple.AppKit              	0x00007fff93bec1d3 -[NSApplication run] + 517
20  com.apple.WebCore             	0x0000000102076e8c WebCore::RunLoop::run() + 76 (RunLoopMac.mm:43)
21  com.apple.WebKit2             	0x000000010029d29c int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebContentProcessMainDelegate>(int, char**) + 702 (ChildProcessEntryPoint.h:100)
22  com.apple.WebProcess          	0x0000000100000df7 main + 228 (ChildProcessMain.mm:73)
23  libdyld.dylib                 	0x00007fff8e0c07e1 start + 1
Comment 1 Alexander Pavlov (apavlov) 2013-02-20 12:13:31 PST 
In fact, as you figure InspectorStyleSheetForInlineStyle is not intended to be given a new stylesheet text. How did you extract the styleSheetId for that?
Comment 2 Timothy Hatcher 2013-02-20 13:21:22 PST 
The styleSheetId property on the CSSStyleId.
Comment 3 Alexander Pavlov (apavlov) 2013-02-20 22:24:29 PST 
(In reply to comment #2)
> The styleSheetId property on the CSSStyleId.

OK, so you didn't get it through getAllStyleSheets() or something. Do you think the best option is to make setStyleSheetText() (and some other operations, like addRule()) a no-op (return error) for these stylesheets? Or can you think of some special semantics for [some of] those?
Comment 4 Alexander Pavlov (apavlov) 2013-02-21 03:36:41 PST 
Created attachment 189499 [details]
Patch
Comment 5 Timothy Hatcher 2013-02-21 12:55:37 PST 
Returning an error is fine. Setting the text for any style declaration is tracked by bug 109340. And that should work for inline styles.
Comment 6 WebKit Review Bot 2013-02-26 01:17:08 PST 
Comment on attachment 189499 [details]
Patch

Clearing flags on attachment: 189499

Committed r144025: <http://trac.webkit.org/changeset/144025>
Comment 7 WebKit Review Bot 2013-02-26 01:17:12 PST 
All reviewed patches have been landed.  Closing bug.