23509 2009-01-23 14:40:33 -0800 Crash at -[WebCoreAXObject doAXNextSentenceEndTextMarkerForTextMarker:] 2009-01-23 17:21:52 -0800 1 1 1 Unclassified WebKit Accessibility 528+ (Nightly build) Mac OS X 10.5 RESOLVED FIXED P2 Normal --- 1 cfleizach webkit-unassigned oldest_to_newest 106804 0 cfleizach 2009-01-23 14:40:33 -0800 WebKit can crash at this position when startOfLine returns null 106805 1 26984 cfleizach 2009-01-23 14:42:01 -0800 Created attachment 26984 patch to stop a crasher 106806 2 cfleizach 2009-01-23 14:42:56 -0800 no good steps to reproduce listed in the bug, but the backtrace is pretty clear as to what's happening. as a result, i could not devise a layout test to that elicited the crash 106808 3 cfleizach 2009-01-23 15:03:44 -0800 http://trac.webkit.org/changeset/40191 106816 4 26984 darin 2009-01-23 16:12:35 -0800 Comment on attachment 26984 patch to stop a crasher Seems to me that makeRange should probably return 0 if passed null positions. And plainText already handles the case where the range is 0. So I would suggest fixing this in the makeRange function rather than in the AccessibilityObject class. 106819 5 26987 cfleizach 2009-01-23 16:23:47 -0800 Created attachment 26987 new patch based on review 106820 6 cfleizach 2009-01-23 16:24:12 -0800 updated patch based on Darin's review 106821 7 cfleizach 2009-01-23 16:24:48 -0800 Darin, is this what you had in mind (In reply to comment #4) > (From update of attachment 26984 [review]) > Seems to me that makeRange should probably return 0 if passed null positions. > And plainText already handles the case where the range is 0. So I would suggest > fixing this in the makeRange function rather than in the AccessibilityObject > class. > 106823 8 26987 darin 2009-01-23 17:18:02 -0800 Comment on attachment 26987 new patch based on review r=me 106824 9 cfleizach 2009-01-23 17:21:52 -0800 http://trac.webkit.org/changeset/40202 26984 2009-01-23 14:42:01 -0800 2009-01-23 15:00:33 -0800 patch to stop a crasher patch.txt text/plain 2549 cfleizach SW5kZXg6IFdlYkNvcmUvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvQ2hhbmdlTG9n CShyZXZpc2lvbiA0MDE4NykKKysrIFdlYkNvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMTYgQEAKKzIwMDktMDEtMjMgIENocmlzIEZsZWl6YWNoICA8Y2ZsZWl6YWNoQGFw cGxlLmNvbT4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAg ICBCdWcgMjM1MDk6IENyYXNoIGF0IC1bV2ViQ29yZUFYT2JqZWN0IGRvQVhOZXh0U2VudGVuY2VF bmRUZXh0TWFya2VyRm9yVGV4dE1hcmtlcjpdCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQu b3JnL3Nob3dfYnVnLmNnaT9pZD0yMzUwOQorICAKKyAgICAgICAgQWRkIG51bGwgY2hlY2tpbmcg YXJvdW5kIG5leHQvcHJldmlvdXMgc2VudGVuY2UgcmV0cmlldmFsIGluIEFYIGNvZGUKKworICAg ICAgICAqIHBhZ2UvQWNjZXNzaWJpbGl0eU9iamVjdC5jcHA6CisgICAgICAgIChXZWJDb3JlOjpB Y2Nlc3NpYmlsaXR5T2JqZWN0OjpuZXh0U2VudGVuY2VFbmRQb3NpdGlvbik6CisgICAgICAgIChX ZWJDb3JlOjpBY2Nlc3NpYmlsaXR5T2JqZWN0OjpwcmV2aW91c1NlbnRlbmNlU3RhcnRQb3NpdGlv bik6CisKIDIwMDktMDEtMjMgIERhdmlkIEh5YXR0ICA8aHlhdHRAYXBwbGUuY29tPgogCiAgICAg ICAgIEZpeCBmb3IgPHJkYXI6Ly9wcm9ibGVtLzY1MTg4NTA+IFJFR1JFU1NJT046IGhvdmVyIGZl ZWRiYWNrIG5vdCBzaG93aW5nIG9uIG1hbnkgc2l0ZXMKSW5kZXg6IFdlYkNvcmUvcGFnZS9BY2Nl c3NpYmlsaXR5T2JqZWN0LmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBXZWJDb3JlL3BhZ2UvQWNjZXNzaWJp bGl0eU9iamVjdC5jcHAJKHJldmlzaW9uIDQwMTgxKQorKysgV2ViQ29yZS9wYWdlL0FjY2Vzc2li aWxpdHlPYmplY3QuY3BwCSh3b3JraW5nIGNvcHkpCkBAIC03MzksNyArNzM5LDEzIEBAIFZpc2li bGVQb3NpdGlvbiBBY2Nlc3NpYmlsaXR5T2JqZWN0OjpuZXgKICAgICAvLyBhbiBlbXB0eSBsaW5l IGlzIGNvbnNpZGVyZWQgYSBzZW50ZW5jZS4gSWYgaXQncyBza2lwcGVkLCB0aGVuIHRoZSBzZW50 ZW5jZSBwYXJzZXIgd2lsbCBub3QKICAgICAvLyBzZWUgdGhpcyBlbXB0eSBsaW5lLiAgSW5zdGVh ZCwgcmV0dXJuIHRoZSBlbmQgcG9zaXRpb24gb2YgdGhlIGVtcHR5IGxpbmUuCiAgICAgVmlzaWJs ZVBvc2l0aW9uIGVuZFBvc2l0aW9uOwotICAgIFN0cmluZyBsaW5lU3RyaW5nID0gcGxhaW5UZXh0 KG1ha2VSYW5nZShzdGFydE9mTGluZSh2aXNpYmxlUG9zKSwgZW5kT2ZMaW5lKHZpc2libGVQb3Mp KS5nZXQoKSk7CisgICAgVmlzaWJsZVBvc2l0aW9uIHN0YXJ0T2ZMaW5lUG9zaXRpb24gPSBzdGFy dE9mTGluZShuZXh0VmlzaWJsZVBvcyk7CisgICAgVmlzaWJsZVBvc2l0aW9uIGVuZE9mTGluZVBv c2l0aW9uID0gZW5kT2ZMaW5lKG5leHRWaXNpYmxlUG9zKTsKKworICAgIFN0cmluZyBsaW5lU3Ry aW5nOworICAgIGlmIChzdGFydE9mTGluZVBvc2l0aW9uLmlzTm90TnVsbCgpICYmIGVuZE9mTGlu ZVBvc2l0aW9uLmlzTm90TnVsbCgpKQorICAgICAgICBsaW5lU3RyaW5nID0gcGxhaW5UZXh0KG1h a2VSYW5nZShzdGFydE9mTGluZVBvc2l0aW9uLCBlbmRPZkxpbmVQb3NpdGlvbikuZ2V0KCkpOwor CiAgICAgaWYgKGxpbmVTdHJpbmcuaXNFbXB0eSgpKQogICAgICAgICBlbmRQb3NpdGlvbiA9IG5l eHRWaXNpYmxlUG9zOwogICAgIGVsc2UKQEAgLTc2Miw3ICs3NjgsMTMgQEAgVmlzaWJsZVBvc2l0 aW9uIEFjY2Vzc2liaWxpdHlPYmplY3Q6OnByZQogCiAgICAgLy8gdHJlYXQgZW1wdHkgbGluZSBh cyBhIHNlcGFyYXRlIHNlbnRlbmNlLgogICAgIFZpc2libGVQb3NpdGlvbiBzdGFydFBvc2l0aW9u OwotICAgIFN0cmluZyBsaW5lU3RyaW5nID0gcGxhaW5UZXh0KG1ha2VSYW5nZShzdGFydE9mTGlu ZShwcmV2aW91c1Zpc2libGVQb3MpLCBlbmRPZkxpbmUocHJldmlvdXNWaXNpYmxlUG9zKSkuZ2V0 KCkpOworICAgIFZpc2libGVQb3NpdGlvbiBzdGFydE9mTGluZVBvc2l0aW9uID0gc3RhcnRPZkxp bmUocHJldmlvdXNWaXNpYmxlUG9zKTsKKyAgICBWaXNpYmxlUG9zaXRpb24gZW5kT2ZMaW5lUG9z aXRpb24gPSBlbmRPZkxpbmUocHJldmlvdXNWaXNpYmxlUG9zKTsKKyAgICAKKyAgICBTdHJpbmcg bGluZVN0cmluZzsKKyAgICBpZiAoc3RhcnRPZkxpbmVQb3NpdGlvbi5pc05vdE51bGwoKSAmJiBl bmRPZkxpbmVQb3NpdGlvbi5pc05vdE51bGwoKSkKKyAgICAgICAgbGluZVN0cmluZyA9IHBsYWlu VGV4dChtYWtlUmFuZ2Uoc3RhcnRPZkxpbmVQb3NpdGlvbiwgZW5kT2ZMaW5lUG9zaXRpb24pLmdl dCgpKTsKKyAgICAKICAgICBpZiAobGluZVN0cmluZy5pc0VtcHR5KCkpCiAgICAgICAgIHN0YXJ0 UG9zaXRpb24gPSBwcmV2aW91c1Zpc2libGVQb3M7CiAgICAgZWxzZQo= 26987 2009-01-23 16:23:47 -0800 2009-01-23 17:18:02 -0800 new patch based on review patch.txt text/plain 3207 cfleizach SW5kZXg6IFdlYkNvcmUvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvQ2hhbmdlTG9n CShyZXZpc2lvbiA0MDE5NikKKysrIFdlYkNvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMTggQEAKKzIwMDktMDEtMjMgIENocmlzIEZsZWl6YWNoICA8Y2ZsZWl6YWNoQGFw cGxlLmNvbT4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAg ICBCdWcgMjM1MDk6IENyYXNoIGF0IC1bV2ViQ29yZUFYT2JqZWN0IGRvQVhOZXh0U2VudGVuY2VF bmRUZXh0TWFya2VyRm9yVGV4dE1hcmtlcjpdCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQu b3JnL3Nob3dfYnVnLmNnaT9pZD0yMzUwOQorICAKKyAgICAgICAgQWRkIG51bGwgY2hlY2tpbmcg aW4gbWFrZVJhbmdlIGluc3RlYWQgb2YgQVggY29kZQorCisgICAgICAgICogZWRpdGluZy9WaXNp YmxlUG9zaXRpb24uY3BwOgorICAgICAgICAoV2ViQ29yZTo6bWFrZVJhbmdlKToKKyAgICAgICAg KiBwYWdlL0FjY2Vzc2liaWxpdHlPYmplY3QuY3BwOgorICAgICAgICAoV2ViQ29yZTo6QWNjZXNz aWJpbGl0eU9iamVjdDo6bmV4dFNlbnRlbmNlRW5kUG9zaXRpb24pOgorICAgICAgICAoV2ViQ29y ZTo6QWNjZXNzaWJpbGl0eU9iamVjdDo6cHJldmlvdXNTZW50ZW5jZVN0YXJ0UG9zaXRpb24pOgor CiAyMDA5LTAxLTIzICBLZXZpbiBPbGxpdmllciAgPGtldmlub0B0aGVvbGxpdmllcnMuY29tPgog CiAgICAgICAgIEJ1aWxkIGZpeGVzIGZvciByZWNlbnQgY2hhbmdlcy4KSW5kZXg6IFdlYkNvcmUv ZWRpdGluZy9WaXNpYmxlUG9zaXRpb24uY3BwCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvZWRpdGlu Zy9WaXNpYmxlUG9zaXRpb24uY3BwCShyZXZpc2lvbiA0MDE5MCkKKysrIFdlYkNvcmUvZWRpdGlu Zy9WaXNpYmxlUG9zaXRpb24uY3BwCSh3b3JraW5nIGNvcHkpCkBAIC01OTMsNiArNTkzLDkgQEAg dm9pZCBWaXNpYmxlUG9zaXRpb246OnNob3dUcmVlRm9yVGhpcygpIAogCiBQYXNzUmVmUHRyPFJh bmdlPiBtYWtlUmFuZ2UoY29uc3QgVmlzaWJsZVBvc2l0aW9uICZzdGFydCwgY29uc3QgVmlzaWJs ZVBvc2l0aW9uICZlbmQpCiB7CisgICAgaWYgKHN0YXJ0LmlzTnVsbCgpIHx8IGVuZC5pc051bGwo KSkKKyAgICAgICAgcmV0dXJuIDA7CisgICAgCiAgICAgUG9zaXRpb24gcyA9IHJhbmdlQ29tcGxp YW50RXF1aXZhbGVudChzdGFydCk7CiAgICAgUG9zaXRpb24gZSA9IHJhbmdlQ29tcGxpYW50RXF1 aXZhbGVudChlbmQpOwogICAgIHJldHVybiBSYW5nZTo6Y3JlYXRlKHMubm9kZSgpLT5kb2N1bWVu dCgpLCBzLm5vZGUoKSwgcy5vZmZzZXQoKSwgZS5ub2RlKCksIGUub2Zmc2V0KCkpOwpJbmRleDog V2ViQ29yZS9wYWdlL0FjY2Vzc2liaWxpdHlPYmplY3QuY3BwCj09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNv cmUvcGFnZS9BY2Nlc3NpYmlsaXR5T2JqZWN0LmNwcAkocmV2aXNpb24gNDAxOTEpCisrKyBXZWJD b3JlL3BhZ2UvQWNjZXNzaWJpbGl0eU9iamVjdC5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTczOSwx MyArNzM5LDggQEAgVmlzaWJsZVBvc2l0aW9uIEFjY2Vzc2liaWxpdHlPYmplY3Q6Om5leAogICAg IC8vIGFuIGVtcHR5IGxpbmUgaXMgY29uc2lkZXJlZCBhIHNlbnRlbmNlLiBJZiBpdCdzIHNraXBw ZWQsIHRoZW4gdGhlIHNlbnRlbmNlIHBhcnNlciB3aWxsIG5vdAogICAgIC8vIHNlZSB0aGlzIGVt cHR5IGxpbmUuICBJbnN0ZWFkLCByZXR1cm4gdGhlIGVuZCBwb3NpdGlvbiBvZiB0aGUgZW1wdHkg bGluZS4KICAgICBWaXNpYmxlUG9zaXRpb24gZW5kUG9zaXRpb247Ci0gICAgVmlzaWJsZVBvc2l0 aW9uIHN0YXJ0T2ZMaW5lUG9zaXRpb24gPSBzdGFydE9mTGluZShuZXh0VmlzaWJsZVBvcyk7Ci0g ICAgVmlzaWJsZVBvc2l0aW9uIGVuZE9mTGluZVBvc2l0aW9uID0gZW5kT2ZMaW5lKG5leHRWaXNp YmxlUG9zKTsKLQotICAgIFN0cmluZyBsaW5lU3RyaW5nOwotICAgIGlmIChzdGFydE9mTGluZVBv c2l0aW9uLmlzTm90TnVsbCgpICYmIGVuZE9mTGluZVBvc2l0aW9uLmlzTm90TnVsbCgpKQotICAg ICAgICBsaW5lU3RyaW5nID0gcGxhaW5UZXh0KG1ha2VSYW5nZShzdGFydE9mTGluZVBvc2l0aW9u LCBlbmRPZkxpbmVQb3NpdGlvbikuZ2V0KCkpOwotCisgICAgCisgICAgU3RyaW5nIGxpbmVTdHJp bmcgPSBwbGFpblRleHQobWFrZVJhbmdlKHN0YXJ0T2ZMaW5lKG5leHRWaXNpYmxlUG9zKSwgZW5k T2ZMaW5lKG5leHRWaXNpYmxlUG9zKSkuZ2V0KCkpOwogICAgIGlmIChsaW5lU3RyaW5nLmlzRW1w dHkoKSkKICAgICAgICAgZW5kUG9zaXRpb24gPSBuZXh0VmlzaWJsZVBvczsKICAgICBlbHNlCkBA IC03NjgsMTMgKzc2Myw4IEBAIFZpc2libGVQb3NpdGlvbiBBY2Nlc3NpYmlsaXR5T2JqZWN0Ojpw cmUKIAogICAgIC8vIHRyZWF0IGVtcHR5IGxpbmUgYXMgYSBzZXBhcmF0ZSBzZW50ZW5jZS4KICAg ICBWaXNpYmxlUG9zaXRpb24gc3RhcnRQb3NpdGlvbjsKLSAgICBWaXNpYmxlUG9zaXRpb24gc3Rh cnRPZkxpbmVQb3NpdGlvbiA9IHN0YXJ0T2ZMaW5lKHByZXZpb3VzVmlzaWJsZVBvcyk7Ci0gICAg VmlzaWJsZVBvc2l0aW9uIGVuZE9mTGluZVBvc2l0aW9uID0gZW5kT2ZMaW5lKHByZXZpb3VzVmlz aWJsZVBvcyk7Ci0gICAgCi0gICAgU3RyaW5nIGxpbmVTdHJpbmc7Ci0gICAgaWYgKHN0YXJ0T2ZM aW5lUG9zaXRpb24uaXNOb3ROdWxsKCkgJiYgZW5kT2ZMaW5lUG9zaXRpb24uaXNOb3ROdWxsKCkp Ci0gICAgICAgIGxpbmVTdHJpbmcgPSBwbGFpblRleHQobWFrZVJhbmdlKHN0YXJ0T2ZMaW5lUG9z aXRpb24sIGVuZE9mTGluZVBvc2l0aW9uKS5nZXQoKSk7CiAgICAgCisgICAgU3RyaW5nIGxpbmVT dHJpbmcgPSBwbGFpblRleHQobWFrZVJhbmdlKHN0YXJ0T2ZMaW5lKHByZXZpb3VzVmlzaWJsZVBv cyksIGVuZE9mTGluZShwcmV2aW91c1Zpc2libGVQb3MpKS5nZXQoKSk7CiAgICAgaWYgKGxpbmVT dHJpbmcuaXNFbXB0eSgpKQogICAgICAgICBzdGFydFBvc2l0aW9uID0gcHJldmlvdXNWaXNpYmxl UG9zOwogICAgIGVsc2UK