Bug 141451 - Web Inspector: Crash inspecting styles of element with mutated stylesheet
Summary: Web Inspector: Crash inspecting styles of element with mutated stylesheet
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Web Inspector (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Joseph Pecoraro
URL:
Keywords: DoNotImportToRadar
Depends on:
Blocks:
 
Reported: 2015-02-10 17:26 PST by Joseph Pecoraro
Modified: 2024-03-04 16:44 PST (History)
12 users (show)

See Also:

Attachments
[PATCH] Proposed Fix (9.41 KB, patch)
2015-02-10 17:32 PST, Joseph Pecoraro 		buildbot: commit-queue-
Details | Formatted Diff | Diff
Archive of layout-test-results from ews103 for mac-mavericks (583.24 KB, application/zip)
2015-02-10 17:54 PST, Build Bot 		no flags Details
Archive of layout-test-results from ews105 for mac-mavericks-wk2 (668.97 KB, application/zip)
2015-02-10 18:09 PST, Build Bot 		no flags Details
[PATCH] Proposed Fix (9.41 KB, patch)
2015-02-10 18:34 PST, Joseph Pecoraro 		no flags Details | Formatted Diff | Diff
Show Obsolete (3) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Joseph Pecoraro 2015-02-10 17:26:28 PST 
* SUMMARY
Crash inspecting styles of element with mutated stylesheet.

* REDUCTION
<style>.foo, .bar { color: red }</style>
<div class="bar">Inspect Me</div>
<script>document.styleSheets[0].insertRule("body { padding: 10px; }", 0);</script>

* STEPS TO REPRODUCE
1. Inspect .bar in test case
  => CRASH
Comment 1 Joseph Pecoraro 2015-02-10 17:26:41 PST 
<rdar://problem/19783568>
Comment 2 Joseph Pecoraro 2015-02-10 17:32:43 PST 
Created attachment 246353 [details]
[PATCH] Proposed Fix
Comment 3 Build Bot 2015-02-10 17:54:00 PST 
Comment on attachment 246353 [details]
[PATCH] Proposed Fix

Attachment 246353 [details] did not pass mac-ews (mac):
Output: http://webkit-queues.appspot.com/results/5035795962396672

New failing tests:
inspector/css/stylesheet-with-mutations.html
Comment 4 Build Bot 2015-02-10 17:54:03 PST 
Created attachment 246361 [details]
Archive of layout-test-results from ews103 for mac-mavericks

The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: ews103  Port: mac-mavericks  Platform: Mac OS X 10.9.5
Comment 5 Build Bot 2015-02-10 18:09:00 PST 
Comment on attachment 246353 [details]
[PATCH] Proposed Fix

Attachment 246353 [details] did not pass mac-wk2-ews (mac-wk2):
Output: http://webkit-queues.appspot.com/results/5484304364732416

New failing tests:
inspector/css/stylesheet-with-mutations.html
Comment 6 Build Bot 2015-02-10 18:09:04 PST 
Created attachment 246362 [details]
Archive of layout-test-results from ews105 for mac-mavericks-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews105  Port: mac-mavericks-wk2  Platform: Mac OS X 10.9.5
Comment 7 Joseph Pecoraro 2015-02-10 18:32:20 PST 
Oh oops. Will update patch with new strings.
Comment 8 Joseph Pecoraro 2015-02-10 18:34:47 PST 
Created attachment 246364 [details]
[PATCH] Proposed Fix
Comment 9 Timothy Hatcher 2015-02-12 10:15:32 PST 
Comment on attachment 246364 [details]
[PATCH] Proposed Fix

View in context: https://bugs.webkit.org/attachment.cgi?id=246364&action=review

> Source/WebCore/css/CSSStyleSheet.h:91
> +    bool hadRulesMutation() const { return m_mutatedRules; }

hasRulesMutation?

> Source/WebCore/css/CSSStyleSheet.h:92
> +    void clearHadRulesMutation() { m_mutatedRules = false; }

s/had/has/
Comment 10 Chris Dumez 2015-02-12 10:19:46 PST 
Comment on attachment 246364 [details]
[PATCH] Proposed Fix

View in context: https://bugs.webkit.org/attachment.cgi?id=246364&action=review

> Source/WebCore/inspector/InspectorStyleSheet.cpp:865
>      for (size_t i = 0, size = ranges.size(); i < size; ++i) {

nit: We could use a nice C++11 range loop here.
Comment 11 Joseph Pecoraro 2015-02-12 12:03:52 PST 
(In reply to comment #9)
> Comment on attachment 246364 [details]
> [PATCH] Proposed Fix
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=246364&action=review
> 
> > Source/WebCore/css/CSSStyleSheet.h:91
> > +    bool hadRulesMutation() const { return m_mutatedRules; }
> 
> hasRulesMutation?
> 
> > Source/WebCore/css/CSSStyleSheet.h:92
> > +    void clearHadRulesMutation() { m_mutatedRules = false; }
> 
> s/had/has/

I like "had" here. At some point, the rules mutated, they might have reverted back to the original, but all this tracks is that there was some mutation in the past.
Comment 12 WebKit Commit Bot 2015-02-12 12:47:17 PST 
Comment on attachment 246364 [details]
[PATCH] Proposed Fix

Clearing flags on attachment: 246364

Committed r180005: <http://trac.webkit.org/changeset/180005>
Comment 13 WebKit Commit Bot 2015-02-12 12:47:24 PST 
All reviewed patches have been landed.  Closing bug.
Comment 14 Alexey Proskuryakov 2015-02-13 22:03:36 PST 
The new test doesn't work well on some bots, filed bug 141601.