[Webkit-unassigned] [Bug 51477] New: Web Inspector: ASSERT removing inline HTML style property

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Dec 22 09:52:01 PST 2010 

https://bugs.webkit.org/show_bug.cgi?id=51477

           Summary: Web Inspector: ASSERT removing inline HTML style
                    property
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: Web Inspector
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: joepeck at webkit.org
                CC: timothy at apple.com, rik at webkit.org, keishi at webkit.org,
                    pmuellr at yahoo.com, joepeck at webkit.org,
                    pfeldman at chromium.org, yurys at chromium.org,
                    bweinstein at apple.com, apavlov at chromium.org,
                    loislo at chromium.org


Steps to Reproduce:

    1. Inspect <body> on webkit.org
    2. Add a new element.style of "height: 20px" (commit it with enter)
    3. Double click the new style="height: 20px" in <body> in the Elements Tree Hierarchy
    4. Delete the value leaving it just style="" (commit with enter)
    => ASSERTION FAILED: end <= styleDeclaration.length()
        (WebCore/inspector/InspectorStyleSheet.h:110 void WebCore::InspectorStyleProperty::setRawTextFromStyleDeclaration(const WTF::String&))

Assertion:

    void setRawTextFromStyleDeclaration(const String& styleDeclaration)
    {
        unsigned start = sourceData.range.start;
        unsigned end = sourceData.range.end;
        ASSERT(start < end);
        ASSERT(end <= styleDeclaration.length()); // <-- this one
        rawText = styleDeclaration.substring(start, end - start);
    }

Limited Crash Report:

    Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
    Exception Codes: KERN_INVALID_ADDRESS at 0x00000000bbadbeef
    Crashed Thread:  0  Dispatch queue: com.apple.main-thread

    Thread 0 Crashed:  Dispatch queue: com.apple.main-thread
    0   WebCore::InspectorStyleProperty::setRawTextFromStyleDeclaration(WTF::String const&) + 148 (InspectorStyleSheet.h:110)
    1   WebCore::InspectorStyle::populateAllProperties(WTF::Vector<WebCore::InspectorStyleProperty, 0ul>*) const + 695 (InspectorStyleSheet.cpp:398)
    2   WebCore::InspectorStyle::populateObjectWithStyleProperties(WebCore::InspectorObject*) const + 73 (InspectorStyleSheet.cpp:425)
    3   WebCore::InspectorStyle::buildObjectForStyle() const + 1007 (InspectorStyleSheet.cpp:153)
    4   WebCore::InspectorStyleSheet::buildObjectForStyle(WebCore::CSSStyleDeclaration*) + 566 (InspectorStyleSheet.cpp:739)
    5   WebCore::InspectorCSSAgent::getStylesForNode2(long, WTF::RefPtr<WebCore::InspectorValue>*) + 163 (InspectorCSSAgent.cpp:186)
    6   WebCore::InspectorBackendDispatcher::getStylesForNode2(long, WebCore::InspectorObject*) + 412 (InspectorBackendDispatcher.cpp:1445)
    7   WebCore::InspectorBackendDispatcher::dispatch(WTF::String const&) + 10143 (InspectorBackendDispatcher.cpp:2876)
    8   WebCore::InspectorFrontendClientLocal::sendMessageToBackend(WTF::String const&) + 41 (InspectorFrontendClientLocal.cpp:155)
    9   WebCore::InspectorFrontendHost::sendMessageToBackend(WTF::String const&) + 48 (InspectorFrontendHost.cpp:224)
    10  WebCore::jsInspectorFrontendHostPrototypeFunctionSendMessageToBackend(JSC::ExecState*) + 202 (JSInspectorFrontendHost.cpp:405)
    11  0 + 104292579017144
    12  JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*) + 73 (JITCode.h:77)
    13  JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1107 (Interpreter.cpp:849)
    14  JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 162 (CallData.cpp:39)
    15  WebCore::JSMainThreadExecState::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 87 (JSMainThreadExecState.h:48)
    16  WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 1222 (JSEventListener.cpp:124)
    17  WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul>&) + 296 (EventTarget.cpp:328)
    18  WebCore::EventTarget::fireEventListeners(WebCore::Event*) + 334 (EventTarget.cpp:313)
    19  WebCore::Node::handleLocalEvents(WebCore::Event*) + 159 (Node.cpp:2512)
    20  WebCore::Node::dispatchGenericEvent(WTF::PassRefPtr<WebCore::Event>) + 1002 (Node.cpp:2637)
    21  WebCore::Node::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 149 (Node.cpp:2580)
    22  WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&) + 178 (EventTarget.cpp:289)
    23  WebCore::EventHandler::keyEvent(WebCore::PlatformKeyboardEvent const&) + 1053 (EventHandler.cpp:2352)
    24  WebCore::EventHandler::keyEvent(NSEvent*) + 181 (EventHandlerMac.mm:148)
    25  -[WebHTMLView keyDown:] + 430 (WebHTMLView.mm:4217)
    26  -[NSWindow sendEvent:] + 8769
    27  -[NSApplication sendEvent:] + 4719
    28  0x100000000 + 233798
    29  -[NSApplication run] + 474
    30  NSApplicationMain + 364
    31  0x100000000 + 41408

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list