Title: [137466] trunk
- Revision
- 137466
- Author
- [email protected]
- Date
- 2012-12-12 07:54:20 -0800 (Wed, 12 Dec 2012)
Log Message
Web Inspector: Crash in InspectorDOMAgent::pushNodePathToFrontend when inspecting document with CSS generated content
https://bugs.webkit.org/show_bug.cgi?id=104780
Patch by Antoine Quint <[email protected]> on 2012-12-12
Reviewed by Pavel Feldman.
Source/WebCore:
The pushNodePathForRenderLayerToFrontend() method added to InspectorDOMAgent naively assumed
that all RenderLayers have a Node associated to them. However, in the case of CSS generated
content, that will not be the case and we would call into pushNodePathToFrontend() with a 0
parameter that would hit the first ASSERT in this method. We're now checking that we indeed
have an associated node for the provided RenderLayer and return 0 in case we don't, without
calling into pushNodePathToFrontend().
Test: inspector-protocol/layer-tree-generated-content.html
* inspector/InspectorDOMAgent.cpp:
(WebCore::InspectorDOMAgent::pushNodePathForRenderLayerToFrontend):
LayoutTests:
Adding a new test for the LayerTreeAgent to check that it does not crash when inspecting
a page with CSS generated content, and correctly returns nodeId === 0 in the situation
where there is no Node associated with a given RenderLayer.
* inspector-protocol/layer-tree-generated-content-expected.txt: Added.
* inspector-protocol/layer-tree-generated-content.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (137465 => 137466)
--- trunk/LayoutTests/ChangeLog 2012-12-12 15:52:08 UTC (rev 137465)
+++ trunk/LayoutTests/ChangeLog 2012-12-12 15:54:20 UTC (rev 137466)
@@ -1,3 +1,17 @@
+2012-12-12 Antoine Quint <[email protected]>
+
+ Web Inspector: Crash in InspectorDOMAgent::pushNodePathToFrontend when inspecting document with CSS generated content
+ https://bugs.webkit.org/show_bug.cgi?id=104780
+
+ Reviewed by Pavel Feldman.
+
+ Adding a new test for the LayerTreeAgent to check that it does not crash when inspecting
+ a page with CSS generated content, and correctly returns nodeId === 0 in the situation
+ where there is no Node associated with a given RenderLayer.
+
+ * inspector-protocol/layer-tree-generated-content-expected.txt: Added.
+ * inspector-protocol/layer-tree-generated-content.html: Added.
+
2012-12-12 Dominik Röttsches <[email protected]>
[EFL] Unreviewed gardening.
Added: trunk/LayoutTests/inspector-protocol/layer-tree-generated-content-expected.txt (0 => 137466)
--- trunk/LayoutTests/inspector-protocol/layer-tree-generated-content-expected.txt (rev 0)
+++ trunk/LayoutTests/inspector-protocol/layer-tree-generated-content-expected.txt 2012-12-12 15:54:20 UTC (rev 137466)
@@ -0,0 +1,17 @@
+
+=== Get the Document ===
+
+PASS
+
+=== Enable the LayerTree agent ===
+
+PASS
+
+=== Get the layer tree ===
+
+PASS
+
+=== Obtain all node IDs for layers in the tree ===
+
+PASS
+
Added: trunk/LayoutTests/inspector-protocol/layer-tree-generated-content.html (0 => 137466)
--- trunk/LayoutTests/inspector-protocol/layer-tree-generated-content.html (rev 0)
+++ trunk/LayoutTests/inspector-protocol/layer-tree-generated-content.html 2012-12-12 15:54:20 UTC (rev 137466)
@@ -0,0 +1,159 @@
+<html>
+<head>
+<script type="text/_javascript_" src=""
+<script type="text/_javascript_">
+
+function test()
+{
+
+ getDocument();
+
+ function getDocument()
+ {
+ // We must first get the document so that later on we may get sensible nodeIds.
+ step({
+ name: "Get the Document",
+ command: "DOM.getDocument",
+ parameters: {},
+ callback: enableLayerTreeAgent
+ });
+ };
+
+ function enableLayerTreeAgent(result)
+ {
+ step({
+ name: "Enable the LayerTree agent",
+ command: "LayerTree.enable",
+ parameters: {},
+ callback: getLayerTree
+ });
+ };
+
+ function getLayerTree(result)
+ {
+ step({
+ name: "Get the layer tree",
+ command: "LayerTree.getLayerTree",
+ parameters: {},
+ callback: gotLayerTree
+ });
+ };
+
+ var layerCount;
+
+ function gotLayerTree(result)
+ {
+ var flatTree = flattenedLayerTree(result.layerTree);
+ var layerIds = Object.keys(flatTree);
+
+ layerCount = layerIds.length;
+
+ logTestName("Obtain all node IDs for layers in the tree");
+
+ function obtainNodeIdForLayerId(layerId)
+ {
+ runCommand({
+ command: "LayerTree.nodeIdForLayerId",
+ parameters: {"layerId": layerId},
+ callback: gotNodeIdForLayer
+ });
+ };
+
+ layerIds.forEach(obtainNodeIdForLayerId);
+ };
+
+ var nodeIds = [];
+
+ function gotNodeIdForLayer(result)
+ {
+ var id = result.nodeId;
+
+ nodeIds.push(id);
+
+ if (!--layerCount)
+ finishTest();
+ };
+
+ function finishTest()
+ {
+ // We pass if we got this far and we have some node IDs reported to be 0,
+ // which is what is expected to be returned for layers not associated with
+ // a Node, for instance CSS generated content.
+ if (nodeIds.indexOf(0) !== -1)
+ InspectorTest.log("PASS");
+ else
+ InspectorTest.log("FAIL: Did not get any node ID equal to 0.");
+
+ InspectorTest.completeTest();
+ };
+
+ function flattenedLayerTree(layerTree)
+ {
+ var layerByIds = {};
+
+ function recurse(layer)
+ {
+ layerByIds[layer.layerId] = layer;
+ if (layer.childLayers)
+ layer.childLayers.forEach(recurse);
+ };
+
+ recurse(layerTree);
+
+ return layerByIds;
+ };
+
+ function step(test)
+ {
+ logTestName(test.name);
+ runCommand(test);
+ };
+
+ function logTestName(name)
+ {
+ InspectorTest.log("\n=== " + name + " ===\n");
+ };
+
+ function runCommand(command)
+ {
+ InspectorTest.sendCommand(command.command, command.parameters, function(messageObject) {
+ if (messageObject.hasOwnProperty("error")) {
+ InspectorTest.log("FAIL: " + messageObject.error.message + " (" + messageObject.error.code + ")");
+ InspectorTest.completeTest();
+ return;
+ }
+
+ if (command.name)
+ InspectorTest.log("PASS");
+
+ command.callback(messageObject.result);
+ });
+ };
+
+};
+
+window.addEventListener("DOMContentLoaded", function()
+{
+ runTest();
+}, false);
+
+</script>
+<style type="text/css">
+
+ div::after {
+ position: absolute;
+ width: 100px;
+ height: 100px;
+ background-color: black;
+ -webkit-transform: translateZ(0);
+ content: "";
+ }
+
+</style>
+</head>
+<body>
+
+ <div></div>
+
+</body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (137465 => 137466)
--- trunk/Source/WebCore/ChangeLog 2012-12-12 15:52:08 UTC (rev 137465)
+++ trunk/Source/WebCore/ChangeLog 2012-12-12 15:54:20 UTC (rev 137466)
@@ -1,3 +1,22 @@
+2012-12-12 Antoine Quint <[email protected]>
+
+ Web Inspector: Crash in InspectorDOMAgent::pushNodePathToFrontend when inspecting document with CSS generated content
+ https://bugs.webkit.org/show_bug.cgi?id=104780
+
+ Reviewed by Pavel Feldman.
+
+ The pushNodePathForRenderLayerToFrontend() method added to InspectorDOMAgent naively assumed
+ that all RenderLayers have a Node associated to them. However, in the case of CSS generated
+ content, that will not be the case and we would call into pushNodePathToFrontend() with a 0
+ parameter that would hit the first ASSERT in this method. We're now checking that we indeed
+ have an associated node for the provided RenderLayer and return 0 in case we don't, without
+ calling into pushNodePathToFrontend().
+
+ Test: inspector-protocol/layer-tree-generated-content.html
+
+ * inspector/InspectorDOMAgent.cpp:
+ (WebCore::InspectorDOMAgent::pushNodePathForRenderLayerToFrontend):
+
2012-12-12 Alexander Pavlov <[email protected]>
Web Inspector: [Crash] Clear cached stylesheet rules in InspectorStyleSheet::deleteRule()
Modified: trunk/Source/WebCore/inspector/InspectorDOMAgent.cpp (137465 => 137466)
--- trunk/Source/WebCore/inspector/InspectorDOMAgent.cpp 2012-12-12 15:52:08 UTC (rev 137465)
+++ trunk/Source/WebCore/inspector/InspectorDOMAgent.cpp 2012-12-12 15:54:20 UTC (rev 137466)
@@ -567,7 +567,14 @@
int InspectorDOMAgent::pushNodePathForRenderLayerToFrontend(const RenderLayer* renderLayer)
{
- return pushNodePathToFrontend(renderLayer->renderer()->node());
+ Node* node = renderLayer->renderer()->node();
+
+ // RenderLayers may not be associated with a Node, for instance
+ // in the case of CSS generated content.
+ if (!node)
+ return 0;
+
+ return pushNodePathToFrontend(node);
}
int InspectorDOMAgent::boundNodeId(Node* node)
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes
