82910 – REGRESSION (109091): Crash when creating a WebArchive of a page with @page style rules

RESOLVED FIXED Bug 82910

REGRESSION (109091): Crash when creating a WebArchive of a page with @page style rules

https://bugs.webkit.org/show_bug.cgi?id=82910

Summary REGRESSION (109091): Crash when creating a WebArchive of a page with @page s...

Brady Eidson

Reported 2012-04-02 10:38:01 PDT

REGRESSION (98963 and 109091): Crash when creating a WebArchive of a page with @page style rules > 1 com.apple.WebCore 0x7fff8efa3a47 WebCore::StylePropertySet::addSubresourceStyleURLs(WTF::ListHashSet<WebCore::KURL, 256ul, WebCore::KURLHash>&, WebCore::CSSStyleSheet*) + 0x17 2 com.apple.WebCore 0x7fff8ea2291b WebCore::CSSStyleSheet::addSubresourceStyleURLs(WTF::ListHashSet<WebCore::KURL, 256ul, WebCore::KURLHash>&) + 0xfb 3 com.apple.WebCore 0x7fff8ea2280e WebCore::HTMLLinkElement::addSubresourceAttributeURLs(WTF::ListHashSet<WebCore::KURL, 256ul, WebCore::KURLHash>&) const + 0xee 4 com.apple.WebCore 0x7fff8eea0fdd WebCore::LegacyWebArchive::create(WTF::String const&, WebCore::Frame*, WTF::Vector<WebCore::Node*, 0ul> const&, WebCore::FrameFilter*) + 0x50d 5 com.apple.WebCore 0x7fff8eea0a69 WebCore::LegacyWebArchive::create(WebCore::Node*, WebCore::FrameFilter*) + 0x219 6 com.apple.WebKit2 0x7fff8cfd50fb WebKit::WebFrame::webArchiveData(bool (*)(OpaqueWKBundleFrame const*, OpaqueWKBundleFrame const*, void*), void*) + 0x3d The cause is code in CSSStyleSheet::addSubresourceStyleURLs that does: if (rule->isStyleRule() || rule->isPageRule()) static_cast<CSSStyleRule*>(rule)->styleRule()->addSubresourceStyleURLs(urls, this); Page rules are casted to CSSStyleRule* which is bogus. Patch coming soon. In radar as <rdar://problem/11020155>

Attachments
Patch v1 - Fix + layout test (3.98 KB, patch) 2012-04-02 10:44 PDT, Brady Eidson	koivisto: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Brady Eidson

Comment 1 2012-04-02 10:44:38 PDT

Created attachment 135130 [details] Patch v1 - Fix + layout test

Antti Koivisto

Comment 2 2012-04-02 10:54:45 PDT

Comment on attachment 135130 [details] Patch v1 - Fix + layout test The patch in bug 82728 refactors the code here and also fixed the bug. The test is nice though.

Antti Koivisto

Comment 3 2012-04-02 11:07:03 PDT

(In reply to comment #2) > (From update of attachment 135130 [details]) > The patch in bug 82728 refactors the code here and also fixed the bug. The test is nice though. s/fixed/fixes/

Brady Eidson

Comment 4 2012-04-02 11:14:46 PDT

Andreas pointed out elsewhere: @page rules used to be style rules prior to <http://trac.webkit.org/changeset/107526>. That's why it worked back then. Of course, it was never necessary to collect sub-resource URLs from them. :/

Brady Eidson

Comment 5 2012-04-02 11:23:40 PDT

http://trac.webkit.org/changeset/112913

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware All

OS All

Product WebKit

Component CSS

Assignee

Brady Eidson

Reported

2012-04-02 10:38 PDT

Modified

2012-04-02 11:23 PDT History

CC List

4 users Show

URL

Keywords InRadar

Depends on

Blocks