RESOLVED FIXED 8677
REGRESSION: wkSetUpFontCache() may be called before the SPIs are connected. 
https://bugs.webkit.org/show_bug.cgi?id=8677
Summary REGRESSION: wkSetUpFontCache() may be called before the SPIs are connected.
Rosyna
Reported 2006-05-01 00:13:18 PDT
If a menu (such as the bookmarks menu) is opened before a WebViewFrame is created, then wkSetUpFontCache will be a NULL pointer. As the menu rendering calls +[WebStringTruncator centerTruncateString:toWidth:] which then calls +[WebTextRendererFactory sharedFactory] the wkSetUpFontCache pointer won't have a chance to be "connected" and thus will cause a crash. Thread 0 Crashed: 0 <<00000000>> 0x00000000 0 + 0 1 com.apple.WebCore 0x01b19068 +[WebTextRendererFactory sharedFactory] + 124 (WebTextRendererFactory.mm:236) 2 com.apple.WebCore 0x01b0f404 truncateString(NSString*, float, NSFont*, unsigned (*)(NSString*, unsigned, unsigned, unsigned short*)) + 520 (WebCoreStringTruncator.mm:119) 3 com.apple.WebCore 0x01b0fa34 +[WebCoreStringTruncator centerTruncateString:toWidth:] + 72 (WebCoreStringTruncator.mm:207) 4 com.apple.WebKit 0x00319448 +[WebStringTruncator centerTruncateString:toWidth:] + 92 (WebStringTruncator.m:37) 5 com.apple.Safari 0x00012948 0x1000 + 72008 6 com.apple.Safari 0x00049344 0x1000 + 295748 7 com.apple.Safari 0x00049fd0 0x1000 + 298960 8 com.apple.Safari 0x00049448 0x1000 + 296008 9 com.apple.Safari 0x00049fd0 0x1000 + 298960 10 com.apple.Safari 0x00049f18 0x1000 + 298776 11 com.apple.Safari 0x00049d5c 0x1000 + 298332 12 com.apple.Safari 0x00049c44 0x1000 + 298052 13 com.apple.AppKit 0x93818dac -[NSMenu _populate:] + 120 14 com.apple.AppKit 0x93818990 AppKitMenuEventHandler + 512
Attachments
Add attachment proposed patch, testcase, etc.
Darin Adler
Comment 1 2006-05-02 09:40:59 PDT
Hyatt has a fix for this on his machine. We just need to set up the connection in the "WebStringTruncator" APIs.
Darin Adler
Comment 2 2006-05-02 09:41:45 PDT
I'm not sure this bug can be reproduced without some kind of hack installed in Safari. As far as I know, normally there's no way to bring up the Bookmarks menu before the first WebFrameView is created.
Rosyna
Comment 3 2006-05-02 12:38:39 PDT
In certain circumstances it is possible to reproduce this with accessibility. Although I wonder if that matters since this is both a regression and "easy fix". Especially since hyatt has the fix already. But I ultimately wonder why the menus are using WebStringTruncator at all.
Note You need to log in before you can comment on or make changes to this bug.