[Webkit-unassigned] [Bug 23125] New: Safari 3 CSS max-height with absolute positioned div

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jan 5 14:50:47 PST 2009 

https://bugs.webkit.org/show_bug.cgi?id=23125

           Summary: Safari 3 CSS max-height with absolute positioned div
           Product: WebKit
           Version: 525.x (Safari 3.2)
          Platform: Macintosh
        OS/Version: Mac OS X 10.5
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: CSS
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: nick at meltmedia.com
                CC: nick at meltmedia.com


This is a very odd bug which I will do my best to describe. What I believe is
causing the problem is a CSS rendering problem in Safari 3 that is failing
internally when performing a metrics calculation. (Just a guess based on what
I've seen) The example I've attached illustrates the issue. It utilizes YUI
components as well as some custom JS components used internally at the company
I work for. I've narrowed down the CSS to the failing elements. The JS just
exposes the problem but I don't believe it is causing the problem.

The problem appears to be with an absolutely positioned DIV that has a
max-height with an overflow of auto. Now to create the problem it requires JS
to be used. The auto fill textarea will grab an option element's text and place
it in the textarea. When you select an item in the results the textarea becomes
unusable and Safari 3 is unstable. The select below if changed, after causing
the initial problem, displays bad text which changes each time the select is
changed. If you also try and paste text into the textarea Safari will crash
giving the following crash report (truncated):

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000008
Crashed Thread:  0

Thread 0 Crashed:
0   com.apple.WebCore                   0x94d15e42
WebCore::highestAncestor(WebCore::Node*) + 18
1   com.apple.WebCore                   0x94ea76cc
WebCore::ApplyStyleCommand::applyBlockStyle(WebCore::CSSMutableStyleDeclaration*)
+ 188
2   com.apple.WebCore                   0x94ea11bf
WebCore::ApplyStyleCommand::doApply() + 287

Now oddly enough if you create the problem and then scroll the page it
re-renders the elements and the problem is no longer there. If in the CSS you
remove the max-height attribute the problem no longer occurs.

Below is my system information:

OS:             Leopard 10.5.6
Version:         3.2.1 (5525.27.1)
Build Info:      WebBrowser-55252701~1

I have also tried this in WebKit revision 39450 and was able to reproduce the
bug. I could not reproduce the bug in Safari 2.0.4


-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list