22160 2008-11-10 10:59:12 -0800 Nil deref because nextLinePosition (previousLinePosition, too) uses a nil node 2008-11-29 11:30:40 -0800 1 1 1 Unclassified WebKit HTML Editing 528+ (Nightly build) Mac OS X 10.5 RESOLVED FIXED InRadar P2 Normal --- 1 darin darin oldest_to_newest 98176 0 darin 2008-11-10 10:59:12 -0800 Chris Fleizach noticed this crash while in a mail message. looks like a node needs to be checked for nil somewhere Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000000 0x000000010113bf1a in WebCore::Node::hasTagName (this=0x0, name=@0x10224b698) at Node.h:95 95 bool hasTagName(const QualifiedName& name) const { return virtualHasTagName(name); } (gdb) bt #0 0x000000010113bf1a in WebCore::Node::hasTagName (this=0x0, name=@0x10224b698) at Node.h:95 #1 0x00000001017d87ec in WebCore::canHaveChildrenForEditing (node=0x0) at /Volumes/data/WebKit/WebCore/editing/htmlediting.cpp:78 #2 0x00000001017d895b in WebCore::editingIgnoresContent (node=0x0) at /Volumes/data/WebKit/WebCore/editing/htmlediting.cpp:62 #3 0x00000001017fcfa0 in WebCore::nextLinePosition (visiblePosition=@0x7fff5fbfe4a0, x=95) at /Volumes/data/WebKit/WebCore/editing/visible_units.cpp:605 #4 0x0000000101755d62 in WebCore::SelectionController::modifyMovingForward (this=0x7fff5fbfe580, granularity=WebCore::LineGranularity) at /Volumes/data/WebKit/WebCore/editing/SelectionController.cpp:335 etc. 98177 1 25022 darin 2008-11-10 11:03:22 -0800 Created attachment 25022 patch 98180 2 25022 mitz 2008-11-10 11:06:51 -0800 Comment on attachment 25022 patch r=me 98298 3 darin 2008-11-11 10:00:20 -0800 http://trac.webkit.org/changeset/38304 100715 4 ddkilzer 2008-11-29 11:28:01 -0800 See also Bug 20482. 100717 5 ddkilzer 2008-11-29 11:30:40 -0800 <rdar://problem/5995450> 25022 2008-11-10 11:03:22 -0800 2008-11-10 11:06:51 -0800 patch NextLinePositionPatch.txt text/plain 2846 darin SW5kZXg6IFdlYkNvcmUvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvQ2hhbmdlTG9n CShyZXZpc2lvbiAzODI2NCkKKysrIFdlYkNvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMTggQEAKKzIwMDgtMTEtMTAgIERhcmluIEFkbGVyICA8ZGFyaW5AYXBwbGUuY29t PgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIC0gaHR0 cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTIyMTYwCisgICAgICAgIHNwZWN1 bGF0aXZlIGZpeCBmb3IgPHJkYXI6Ly9wcm9ibGVtLzU5OTU0NTA+IE5pbCBkZXJlZiBiZWNhdXNl IG5leHRMaW5lUG9zaXRpb24KKyAgICAgICAgKHByZXZpb3VzTGluZVBvc2l0aW9uLCB0b28pIHVz ZXMgYSBuaWwgbm9kZQorCisgICAgICAgICogZWRpdGluZy92aXNpYmxlX3VuaXRzLmNwcDoKKyAg ICAgICAgKFdlYkNvcmU6Om5leHRMaW5lUG9zaXRpb24pOiBVc2UgUmVuZGVyT2JqZWN0Ojpub2Rl IGluc3RlYWQgb2YgUmVuZGVyT2JqZWN0OjplbGVtZW50CisgICAgICAgIHRvIGNoZWNrIGVkaXRp bmdJZ25vcmVzQ29udGVudC4gSXQgbWFrZXMgc2Vuc2UgdG8gdXNlIHRoZSBhc3NvY2lhdGVkIERP TSBub2RlIGZvcgorICAgICAgICB0aGlzLCBldmVuIGluIGNhc2VzIG9mIGFub255bW91cyBjb250 ZW50LCBhbmQgaXQgYXZvaWRzIHRoZSBjYXNlIHdoZXJlIGVsZW1lbnQoKSBjYW4KKyAgICAgICAg YmUgMC4KKyAgICAgICAgKFdlYkNvcmU6OnByZXZpb3VzTGluZVBvc2l0aW9uKTogRGl0dG8uCisK IDIwMDgtMTEtMTAgIERhcmluIEFkbGVyICA8ZGFyaW5AYXBwbGUuY29tPgogCiAgICAgICAgIFJl dmlld2VkIGJ5IEFkYW0gUm9iZW4uCkluZGV4OiBXZWJDb3JlL2VkaXRpbmcvdmlzaWJsZV91bml0 cy5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PQotLS0gV2ViQ29yZS9lZGl0aW5nL3Zpc2libGVfdW5pdHMuY3BwCShy ZXZpc2lvbiAzODI2NCkKKysrIFdlYkNvcmUvZWRpdGluZy92aXNpYmxlX3VuaXRzLmNwcAkod29y a2luZyBjb3B5KQpAQCAtNDkzLDEyICs0OTMsMTIgQEAgVmlzaWJsZVBvc2l0aW9uIHByZXZpb3Vz TGluZVBvc2l0aW9uKGNvbgogICAgIH0KICAgICAKICAgICBpZiAocm9vdCkgewotICAgICAgICAv LyBGSVhNRTogQ2FuIGJlIHdyb25nIGZvciBtdWx0aS1jb2x1bW4gbGF5b3V0LCBhbmQgd2l0aCB0 cmFuc2Zvcm1zCisgICAgICAgIC8vIEZJWE1FOiBDYW4gYmUgd3JvbmcgZm9yIG11bHRpLWNvbHVt biBsYXlvdXQgYW5kIHdpdGggdHJhbnNmb3Jtcy4KICAgICAgICAgRmxvYXRQb2ludCBhYnNQb3Mg PSBjb250YWluaW5nQmxvY2stPmxvY2FsVG9BYnNvbHV0ZUZvckNvbnRlbnQoRmxvYXRQb2ludCgp KTsKICAgICAgICAgaWYgKGNvbnRhaW5pbmdCbG9jay0+aGFzT3ZlcmZsb3dDbGlwKCkpCiAgICAg ICAgICAgICBhYnNQb3MgLT0gY29udGFpbmluZ0Jsb2NrLT5sYXllcigpLT5zY3JvbGxlZENvbnRl bnRPZmZzZXQoKTsKICAgICAgICAgUmVuZGVyT2JqZWN0ICpyZW5kZXJlciA9IHJvb3QtPmNsb3Nl c3RMZWFmQ2hpbGRGb3JYUG9zKHggLSBhYnNQb3MueCgpLCBpc0VkaXRhYmxlUG9zaXRpb24ocCkp LT5vYmplY3QoKTsKLSAgICAgICAgTm9kZSogbm9kZSA9IHJlbmRlcmVyLT5lbGVtZW50KCk7Cisg ICAgICAgIE5vZGUqIG5vZGUgPSByZW5kZXJlci0+bm9kZSgpOwogICAgICAgICBpZiAoZWRpdGlu Z0lnbm9yZXNDb250ZW50KG5vZGUpKQogICAgICAgICAgICAgcmV0dXJuIFBvc2l0aW9uKG5vZGUt PnBhcmVudCgpLCBub2RlLT5ub2RlSW5kZXgoKSk7CiAgICAgICAgIHJldHVybiByZW5kZXJlci0+ cG9zaXRpb25Gb3JDb29yZGluYXRlcyh4IC0gYWJzUG9zLngoKSwgcm9vdC0+dG9wT3ZlcmZsb3co KSk7CkBAIC01OTQsMTIgKzU5NCwxMiBAQCBWaXNpYmxlUG9zaXRpb24gbmV4dExpbmVQb3NpdGlv bihjb25zdCBWCiAgICAgfQogICAgIAogICAgIGlmIChyb290KSB7Ci0gICAgICAgIC8vIEZJWE1F OiBDYW4gYmUgd3JvbmcgZm9yIG11bHRpLWNvbHVtbiBsYXlvdXQgYW5kIHdpdGggdHJhbnNmb3Jt cworICAgICAgICAvLyBGSVhNRTogQ2FuIGJlIHdyb25nIGZvciBtdWx0aS1jb2x1bW4gbGF5b3V0 IGFuZCB3aXRoIHRyYW5zZm9ybXMuCiAgICAgICAgIEZsb2F0UG9pbnQgYWJzUG9zID0gY29udGFp bmluZ0Jsb2NrLT5sb2NhbFRvQWJzb2x1dGVGb3JDb250ZW50KEZsb2F0UG9pbnQoKSk7CiAgICAg ICAgIGlmIChjb250YWluaW5nQmxvY2stPmhhc092ZXJmbG93Q2xpcCgpKQogICAgICAgICAgICAg YWJzUG9zIC09IGNvbnRhaW5pbmdCbG9jay0+bGF5ZXIoKS0+c2Nyb2xsZWRDb250ZW50T2Zmc2V0 KCk7CiAgICAgICAgIFJlbmRlck9iamVjdCAqcmVuZGVyZXIgPSByb290LT5jbG9zZXN0TGVhZkNo aWxkRm9yWFBvcyh4IC0gYWJzUG9zLngoKSwgaXNFZGl0YWJsZVBvc2l0aW9uKHApKS0+b2JqZWN0 KCk7Ci0gICAgICAgIE5vZGUqIG5vZGUgPSByZW5kZXJlci0+ZWxlbWVudCgpOworICAgICAgICBO b2RlKiBub2RlID0gcmVuZGVyZXItPm5vZGUoKTsKICAgICAgICAgaWYgKGVkaXRpbmdJZ25vcmVz Q29udGVudChub2RlKSkKICAgICAgICAgICAgIHJldHVybiBQb3NpdGlvbihub2RlLT5wYXJlbnQo KSwgbm9kZS0+bm9kZUluZGV4KCkpOwogICAgICAgICByZXR1cm4gcmVuZGVyZXItPnBvc2l0aW9u Rm9yQ29vcmRpbmF0ZXMoeCAtIGFic1Bvcy54KCksIHJvb3QtPnRvcE92ZXJmbG93KCkpOwo=