30105 – Crash in WebCore::StringImpl::reverseFind when trying to load a null stylesheet for a site specific hack.

Bug 30105 - Crash in WebCore::StringImpl::reverseFind when trying to load a null stylesheet for a site specific hack.

Summary: Crash in WebCore::StringImpl::reverseFind when trying to load a null styleshe...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	CSS (show other bugs)
Version:	528+ (Nightly build)
Hardware:	PC OS X 10.5

Importance:	P2 Normal
Assignee:	Stephanie Lewis

URL:
Keywords:

Duplicates (1):	30114 (view as bug list)
Depends on:
Blocks:

Reported:	2009-10-05 21:09 PDT by Stephanie Lewis
Modified:	2009-10-08 13:51 PDT (History)
CC List:	2 users (show)

See Also:

Attachments
Crashlog (39.92 KB, application/octet-stream) 2009-10-05 21:09 PDT, Stephanie Lewis	no flags	Details
testcase - needs to be run from a server (145 bytes, text/html) 2009-10-05 21:09 PDT, Stephanie Lewis	no flags	Details
patch (1.80 KB, patch) 2009-10-05 21:12 PDT, Stephanie Lewis	mitz: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stephanie Lewis 2009-10-05 21:09:19 PDT

Created attachment 40680 [details]
Crashlog

Crash when trying to load a null KHTMLFixes stylesheet.  Caused by http://trac.webkit.org/changeset/48818

Found on membuster.  Crashes on TOT with Safari on Mac and Windows

Thread 0 Crashed:  Dispatch queue: com.apple.main-thread
0   com.apple.WebCore             	0x00000001011e101a WebCore::StringImpl::reverseFind(WebCore::StringImpl*, int, bool) + 42 (StringImpl.cpp:673)
1   com.apple.WebCore             	0x0000000100d90c34 WebCore::HTMLLinkElement::setCSSStyleSheet(WebCore::String const&, WebCore::String const&, WebCore::CachedCSSStyleSheet const*) + 660 (PlatformString.h:123)
2   com.apple.WebCore             	0x0000000100b0db32 WebCore::CachedCSSStyleSheet::checkNotify() + 146 (RefPtr.h:53)
3   com.apple.WebCore             	0x0000000101051f99 WebCore::Loader::Host::didReceiveData(WebCore::SubresourceLoader*, char const*, int) + 281 (loader.cpp:509)
4   com.apple.WebCore             	0x00000001011e8e6e WebCore::SubresourceLoader::didReceiveData(char const*, int, long long, bool) + 94 (SubresourceLoader.cpp:170)
5   com.apple.Foundation          	0x00007fff86f6d50b _NSURLConnectionDidReceiveData + 137
6   com.apple.CFNetwork           	0x00007fff80696770 URLConnectionClient::_clientDidReceiveData(__CFData const*, URLConnectionClient::ClientConnectionEventQueue*) + 236
7   com.apple.CFNetwork           	0x00007fff806f9282 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 218
8   com.apple.CFNetwork           	0x00007fff806f9512 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 874
9   com.apple.CFNetwork           	0x00007fff8068362b URLConnectionClient::processEvents() + 121
10  com.apple.CFNetwork           	0x00007fff80683406 MultiplexerSource::perform() + 160
11  com.apple.CoreFoundation      	0x00007fff82efd281 __CFRunLoopDoSources0 + 1361
12  com.apple.CoreFoundation      	0x00007fff82efb879 __CFRunLoopRun + 873
13  com.apple.CoreFoundation      	0x00007fff82efb03f CFRunLoopRunSpecific + 575
14  com.apple.HIToolbox           	0x00007fff87380c4e RunCurrentEventLoopInMode + 333
15  com.apple.HIToolbox           	0x00007fff87380a53 ReceiveNextEventCommon + 310
16  com.apple.HIToolbox           	0x00007fff8738090c BlockUntilNextEventMatchingListInMode + 59
17  com.apple.AppKit              	0x00007fff8464e570 _DPSNextEvent + 718
18  com.apple.AppKit              	0x00007fff8464ded9 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 155
19  com.apple.Safari              	0x00000001000375b5 -[BrowserApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 177 (BrowserApplication.mm:322)
20  com.apple.AppKit              	0x00007fff84613b29 -[NSApplication run] + 395
21  com.apple.AppKit              	0x00007fff8460c844 NSApplicationMain + 364
22  com.apple.Safari              	0x000000010000226c start + 52

Comment 1 Stephanie Lewis 2009-10-05 21:09:50 PDT

Created attachment 40681 [details]
testcase - needs to be run from a server

Comment 2 Stephanie Lewis 2009-10-05 21:12:19 PDT

Created attachment 40682 [details]
patch

Comment 3 Stephanie Lewis 2009-10-05 21:17:58 PDT

Committed revision 49145

Comment 4 Alexey Proskuryakov 2009-10-08 13:51:35 PDT

*** Bug 30114 has been marked as a duplicate of this bug. ***