Skip to site navigation (Press enter)

[webkit-changes] [134473] branches/safari-536.28-branch

lforschler Tue, 13 Nov 2012 13:16:34 -0800

Title: [134473] branches/safari-536.28-branch

Revision: 134473
Author: [email protected]
Date: 2012-11-13 13:18:07 -0800 (Tue, 13 Nov 2012)

Log Message

Merged r127000.  <rdar://problem/12536475>


Modified Paths

branches/safari-536.28-branch/LayoutTests/ChangeLog
branches/safari-536.28-branch/Source/WebCore/ChangeLog
branches/safari-536.28-branch/Source/WebCore/inspector/InspectorStyleSheet.cpp


Added Paths

branches/safari-536.28-branch/LayoutTests/inspector/styles/import-pseudoclass-crash-expected.txt
branches/safari-536.28-branch/LayoutTests/inspector/styles/import-pseudoclass-crash.html
branches/safari-536.28-branch/LayoutTests/inspector/styles/resources/import-pseudoclass-crash-empty.css
branches/safari-536.28-branch/LayoutTests/inspector/styles/resources/import-pseudoclass-crash.css

Diff

Modified: branches/safari-536.28-branch/LayoutTests/ChangeLog (134472 => 134473)


--- branches/safari-536.28-branch/LayoutTests/ChangeLog	2012-11-13 21:11:24 UTC (rev 134472)
+++ branches/safari-536.28-branch/LayoutTests/ChangeLog	2012-11-13 21:18:07 UTC (rev 134473)
@@ -1,5 +1,22 @@
 2012-11-13  Lucas Forschler  <[email protected]>
 
+        Merge r127000
+
+    2012-08-29  Alexander Pavlov  <[email protected]>
+
+            Web Inspector: Page with @import and :last-child in an edited stylesheet will crash
+            https://bugs.webkit.org/show_bug.cgi?id=95324
+
+            Reviewed by Antti Koivisto.
+
+            * inspector/styles/import-pseudoclass-crash-expected.txt: Added.
+            * inspector/styles/import-pseudoclass-crash.html: Added.
+            * inspector/styles/resources/import-pseudoclass-crash-empty.css: Added.
+            * inspector/styles/resources/import-pseudoclass-crash.css: Added.
+            (:last-child):
+
+2012-11-13  Lucas Forschler  <[email protected]>
+
         Rollout r133090
 
 2012-11-12  Lucas Forschler  <[email protected]>
@@ -11398,3 +11415,4 @@
 .
 .
 .
+.

Copied: branches/safari-536.28-branch/LayoutTests/inspector/styles/import-pseudoclass-crash-expected.txt (from rev 127000, trunk/LayoutTests/inspector/styles/import-pseudoclass-crash-expected.txt) (0 => 134473)


--- branches/safari-536.28-branch/LayoutTests/inspector/styles/import-pseudoclass-crash-expected.txt	                        (rev 0)
+++ branches/safari-536.28-branch/LayoutTests/inspector/styles/import-pseudoclass-crash-expected.txt	2012-11-13 21:18:07 UTC (rev 134473)
@@ -0,0 +1,3 @@
+Tests that modifying stylesheet text with @import and :last-child selector does not crash (Bug 95324).
+
+:last-child

Copied: branches/safari-536.28-branch/LayoutTests/inspector/styles/import-pseudoclass-crash.html (from rev 127000, trunk/LayoutTests/inspector/styles/import-pseudoclass-crash.html) (0 => 134473)


--- branches/safari-536.28-branch/LayoutTests/inspector/styles/import-pseudoclass-crash.html	                        (rev 0)
+++ branches/safari-536.28-branch/LayoutTests/inspector/styles/import-pseudoclass-crash.html	2012-11-13 21:18:07 UTC (rev 134473)
@@ -0,0 +1,50 @@
+<html>
+<head>
+<link rel="stylesheet" href=""
+<script src=""
+<script src=""
+<script>
+
+function test()
+{
+    WebInspector.showPanel("elements");
+    InspectorTest.nodeWithId("lastchild", nodeFound);
+
+    function nodeFound(node)
+    {
+        WebInspector.cssModel.getMatchedStylesAsync(node.id, true, false, matchedStylesCallback);
+    }
+
+    var styleSheetId;
+
+    function matchedStylesCallback(styles)
+    {
+        styleSheetId = styles.matchedCSSRules[1].id.styleSheetId;
+        CSSAgent.setStyleSheetText(styleSheetId,
+            "@import url(\"import-pseudoclass-crash-empty.css\");\n\n:last-child { color: #000001; }\n", modifiedCallback);
+    }
+
+    function modifiedCallback()
+    {
+        CSSAgent.setStyleSheetText(styleSheetId, "@import url(\"import-pseudoclass-crash-empty.css\");\n\n:last-child { color: #002001; }\n", modifiedCallback2);
+    }
+
+    function modifiedCallback2()
+    {
+        InspectorTest.completeTest();
+    }
+}
+
+</script>
+</head>
+
+<body _onload_="runTest()">
+<p>
+Tests that modifying stylesheet text with @import and :last-child selector does not crash (<a href="" 95324</a>).
+</p>
+
+<div>
+    <p id="lastchild">:last-child</p>
+</div>
+</body>
+</html>

Copied: branches/safari-536.28-branch/LayoutTests/inspector/styles/resources/import-pseudoclass-crash-empty.css (from rev 127000, trunk/LayoutTests/inspector/styles/resources/import-pseudoclass-crash-empty.css) ( => )


Copied: branches/safari-536.28-branch/LayoutTests/inspector/styles/resources/import-pseudoclass-crash.css (from rev 127000, trunk/LayoutTests/inspector/styles/resources/import-pseudoclass-crash.css)
===================================================================
--- branches/safari-536.28-branch/LayoutTests/inspector/styles/resources/import-pseudoclass-crash.css	                        (rev 0)
+++ branches/safari-536.28-branch/LayoutTests/inspector/styles/resources/import-pseudoclass-crash.css	2012-11-13 21:18:07 UTC (rev 134473)
@@ -0,0 +1,5 @@
+@import url("import-pseudoclass-crash-empty.css");
+
+:last-child {
+  color: #000;
+}

Modified: branches/safari-536.28-branch/Source/WebCore/ChangeLog (134472 => 134473)


--- branches/safari-536.28-branch/Source/WebCore/ChangeLog	2012-11-13 21:11:24 UTC (rev 134472)
+++ branches/safari-536.28-branch/Source/WebCore/ChangeLog	2012-11-13 21:18:07 UTC (rev 134473)
@@ -1,5 +1,23 @@
 2012-11-13  Lucas Forschler  <[email protected]>
 
+        Merge r127000
+
+    2012-08-29  Alexander Pavlov  <[email protected]>
+
+            Web Inspector: Page with @import and :last-child in an edited stylesheet will crash
+            https://bugs.webkit.org/show_bug.cgi?id=95324
+
+            Reviewed by Antti Koivisto.
+
+            Ensure the destroyed StyleRules removal from StyleResolver by creating a separate RuleMutationScope for clearing the StyleSheetContents.
+
+            Test: inspector/styles/import-pseudoclass-crash.html
+
+            * inspector/InspectorStyleSheet.cpp:
+            (WebCore::InspectorStyleSheet::reparseStyleSheet):
+
+2012-11-13  Lucas Forschler  <[email protected]>
+
         Rollout r133090
 
 2012-11-12  Lucas Forschler  <[email protected]>
@@ -207401,3 +207419,4 @@
 .
 .
 .
+.

Modified: branches/safari-536.28-branch/Source/WebCore/inspector/InspectorStyleSheet.cpp (134472 => 134473)


--- branches/safari-536.28-branch/Source/WebCore/inspector/InspectorStyleSheet.cpp	2012-11-13 21:11:24 UTC (rev 134472)
+++ branches/safari-536.28-branch/Source/WebCore/inspector/InspectorStyleSheet.cpp	2012-11-13 21:18:07 UTC (rev 134473)
@@ -718,12 +718,18 @@
 
 void InspectorStyleSheet::reparseStyleSheet(const String& text)
 {
-    CSSStyleSheet::RuleMutationScope mutationScope(m_pageStyleSheet.get());
-    m_pageStyleSheet->internal()->clearRules();
-    m_pageStyleSheet->internal()->parseString(text);
-    m_pageStyleSheet->clearChildRuleCSSOMWrappers();
-    m_inspectorStyles.clear();
-    fireStyleSheetChanged();
+    { 
+        // Have a separate scope for clearRules() (bug 95324). 
+        CSSStyleSheet::RuleMutationScope mutationScope(m_pageStyleSheet.get()); 
+        m_pageStyleSheet->internal()->clearRules(); 
+    } 
+    { 
+        CSSStyleSheet::RuleMutationScope mutationScope(m_pageStyleSheet.get());
+        m_pageStyleSheet->internal()->parseString(text);
+        m_pageStyleSheet->clearChildRuleCSSOMWrappers();
+        m_inspectorStyles.clear();
+        fireStyleSheetChanged();
+    }
 }
 
 bool InspectorStyleSheet::setText(const String& text)

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes