104937 2012-12-13 11:53:51 -0800 REGRESSION(r137406): NodeTraversal changes causing large renderer crash 2012-12-13 12:58:02 -0800 1 1 1 Unclassified WebKit HTML Editing 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED P1 Normal --- 1 karen+webkit rniwa kling koivisto mifenton rniwa webkit.review.bot oldest_to_newest 790800 0 karen+webkit 2012-12-13 11:53:51 -0800 A recent webkit change on node traversal: http://trac.webkit.org/changeset/137406 is causing a large renderer crash in chromium. https://code.google.com/p/chromium/issues/detail?id=165988 Is it possible to fix or revert this change temporarily? 790817 1 179315 rniwa 2012-12-13 12:29:28 -0800 Created attachment 179315 Fixes the bug 790821 2 179315 koivisto 2012-12-13 12:40:14 -0800 Comment on attachment 179315 Fixes the bug View in context: https://bugs.webkit.org/attachment.cgi?id=179315&action=review > Source/WebCore/editing/FrameSelection.cpp:1958 > - Element* element = start && start->isElementNode() ? toElement(start) : ElementTraversal::next(start); > + if (!start) > + return 0; > + Element* element = start->isElementNode() ? toElement(start) : ElementTraversal::next(start); I meant to write !start || start->isElementNode() here but this works too. 790841 3 179315 webkit.review.bot 2012-12-13 12:57:58 -0800 Comment on attachment 179315 Fixes the bug Clearing flags on attachment: 179315 Committed r137642: <http://trac.webkit.org/changeset/137642> 790842 4 webkit.review.bot 2012-12-13 12:58:02 -0800 All reviewed patches have been landed. Closing bug. 179315 2012-12-13 12:29:28 -0800 2012-12-13 12:57:58 -0800 Fixes the bug bug-104937-20121213122648.patch text/plain 1645 rniwa SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDEzNzYzNikKKysrIFNvdXJjZS9XZWJDb3JlL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE3IEBACisyMDEyLTEyLTEzICBSeW9zdWtl IE5pd2EgIDxybml3YUB3ZWJraXQub3JnPgorCisgICAgICAgIFJFR1JFU1NJT04ocjEzNzQwNik6 IE5vZGVUcmF2ZXJzYWwgY2hhbmdlcyBjYXVzaW5nIGxhcmdlIHJlbmRlcmVyIGNyYXNoCisgICAg ICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xMDQ5MzcKKworICAg ICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBBZGQgYSBudWxsIHBv aW50ZXIgY2hlY2sgdG8gZXhpdCBlYXJseSBzaW5jZSBFbGVtZW50VHJhdmVyc2FsOjpuZXh0IGFz c3VtZXMgYSBub24tbnVsbCBwb2ludGVyLgorCisgICAgICAgIE5vIG5ldyB0ZXN0cyBzaW5jZSBJ IGRvbid0IHRoaW5rIHRoaXMgZnVuY3Rpb24gaXMgZXZlciBleHBvc2VkIHRvIGFueSBFUzUgYmlu ZGluZ3MuCisKKyAgICAgICAgKiBlZGl0aW5nL0ZyYW1lU2VsZWN0aW9uLmNwcDoKKyAgICAgICAg KFdlYkNvcmU6OnNjYW5Gb3JGb3JtKToKKwogMjAxMi0xMi0xMyAgRGF2aWQgR3JvZ2FuICA8ZGdy b2dhbkBjaHJvbWl1bS5vcmc+CiAKICAgICAgICAgSW5kZXhlZERCOiBJbXByb3ZlIGVycm9yIG1l c3NhZ2VzCkluZGV4OiBTb3VyY2UvV2ViQ29yZS9lZGl0aW5nL0ZyYW1lU2VsZWN0aW9uLmNwcAo9 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09Ci0tLSBTb3VyY2UvV2ViQ29yZS9lZGl0aW5nL0ZyYW1lU2VsZWN0aW9uLmNwcAko cmV2aXNpb24gMTM3NDE2KQorKysgU291cmNlL1dlYkNvcmUvZWRpdGluZy9GcmFtZVNlbGVjdGlv bi5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTE5NTMsNyArMTk1Myw5IEBAIHZvaWQgRnJhbWVTZWxl Y3Rpb246OmdldENsaXBwZWRWaXNpYmxlVGUKIC8vIFNjYW5zIGxvZ2ljYWxseSBmb3J3YXJkIGZy b20gInN0YXJ0IiwgaW5jbHVkaW5nIGFueSBjaGlsZCBmcmFtZXMuCiBzdGF0aWMgSFRNTEZvcm1F bGVtZW50KiBzY2FuRm9yRm9ybShOb2RlKiBzdGFydCkKIHsKLSAgICBFbGVtZW50KiBlbGVtZW50 ID0gc3RhcnQgJiYgc3RhcnQtPmlzRWxlbWVudE5vZGUoKSA/IHRvRWxlbWVudChzdGFydCkgOiBF bGVtZW50VHJhdmVyc2FsOjpuZXh0KHN0YXJ0KTsKKyAgICBpZiAoIXN0YXJ0KQorICAgICAgICBy ZXR1cm4gMDsKKyAgICBFbGVtZW50KiBlbGVtZW50ID0gc3RhcnQtPmlzRWxlbWVudE5vZGUoKSA/ IHRvRWxlbWVudChzdGFydCkgOiBFbGVtZW50VHJhdmVyc2FsOjpuZXh0KHN0YXJ0KTsKICAgICBm b3IgKDsgZWxlbWVudDsgZWxlbWVudCA9IEVsZW1lbnRUcmF2ZXJzYWw6Om5leHQoZWxlbWVudCkp IHsKICAgICAgICAgaWYgKGVsZW1lbnQtPmhhc1RhZ05hbWUoZm9ybVRhZykpCiAgICAgICAgICAg ICByZXR1cm4gc3RhdGljX2Nhc3Q8SFRNTEZvcm1FbGVtZW50Kj4oZWxlbWVudCk7Cg==