31545 2009-11-16 04:34:45 -0800 WebCore::SelectionController::setSelection NULL pointer 2010-03-23 22:40:16 -0700 1 1 1 Unclassified WebKit SVG 528+ (Nightly build) PC Windows Vista RESOLVED FIXED http://skypher.com/SkyLined/Repro/WebKit/Bug%2031545%20-%20WebCore..SelectionController..setSelection%20NULL%20pointer/repro.html P1 Normal --- 1 skylined webkit-unassigned ap commit-queue eric morrita oldest_to_newest 163944 0 43293 skylined 2009-11-16 04:34:45 -0800 Created attachment 43293 Repro case The below code causes a NULL pointer: <SCRIPT> html_document=document.implementation.createHTMLDocument(); svg_element=html_document.createElementNS("http://www.w3.org/2000/svg","svg"); svg_element.deselectAll(); </SCRIPT> Relevant functions on stack: WebCore::SelectionController::setSelection(class WebCore::VisibleSelection * s = 0x0012ef0c, bool closeTyping = true, bool clearTypingStyle = true, bool userTriggered = false)+0x9 WebCore::SelectionController::clear(void)+0x1f WebCore::SVGSVGElementInternal::deselectAllCallback(class v8::Arguments * args = 0x0012efac)+0x4c 163945 1 skylined 2009-11-16 04:37:42 -0800 Added link to online repro 202979 2 51405 morrita 2010-03-23 03:23:06 -0700 Created attachment 51405 patch v0; add NULL check 202988 3 skylined 2010-03-23 04:02:19 -0700 LGTM 202992 4 51405 morrita 2010-03-23 04:15:35 -0700 Comment on attachment 51405 patch v0; add NULL check Thank you for reviewing! I cannot figure out what style-cheker claims. It is OK for my local working copy... 203061 5 51405 dglazkov 2010-03-23 08:50:53 -0700 Comment on attachment 51405 patch v0; add NULL check Please don't r+ the patch unless you're a reviewer. 203062 6 51405 ap 2010-03-23 09:01:24 -0700 Comment on attachment 51405 patch v0; add NULL check > +++ b/LayoutTests/svg/dom/frame-related-api-during-load-expected.txt > @@ -0,0 +1 @@ > +OK unless it got crashed. A test should ideally say a few words about what is being tested, and maybe provide a link to the bug. r=me as is though. 203091 7 51405 commit-queue 2010-03-23 10:10:48 -0700 Comment on attachment 51405 patch v0; add NULL check Clearing flags on attachment: 51405 Committed r56401: <http://trac.webkit.org/changeset/56401> 203092 8 commit-queue 2010-03-23 10:10:52 -0700 All reviewed patches have been landed. Closing bug. 203328 9 morrita 2010-03-23 22:40:16 -0700 ap: Thank you for reviewing. > A test should ideally say a few words about what is being tested, and maybe > provide a link to the bug. Agreed. So I filed this fix on Bug 36517 with a patch. 43293 2009-11-16 04:34:45 -0800 2009-11-16 04:34:45 -0800 Repro case repro.html text/html 188 skylined PFNDUklQVD4NCmh0bWxfZG9jdW1lbnQ9ZG9jdW1lbnQuaW1wbGVtZW50YXRpb24uY3JlYXRlSFRN TERvY3VtZW50KCk7DQpzdmdfZWxlbWVudD1odG1sX2RvY3VtZW50LmNyZWF0ZUVsZW1lbnROUygi aHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciLCJzdmciKTsNCnN2Z19lbGVtZW50LmRlc2VsZWN0 QWxsKCk7DQo8L1NDUklQVD4= 51405 2010-03-23 03:23:06 -0700 2010-03-23 10:10:48 -0700 patch v0; add NULL check bug-31545-20100323192304.patch text/plain 3013 morrita ZGlmZiAtLWdpdCBhL0xheW91dFRlc3RzL0NoYW5nZUxvZyBiL0xheW91dFRlc3RzL0NoYW5nZUxv ZwppbmRleCAwNGExNTEzLi5jMGI5OTQ2IDEwMDY0NAotLS0gYS9MYXlvdXRUZXN0cy9DaGFuZ2VM b2cKKysrIGIvTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTMgQEAKKzIwMTAtMDMt MjMgIE1PUklUQSBIYWppbWUgIDxtb3JyaXRhQGdvb2dsZS5jb20+CisKKyAgICAgICAgUmV2aWV3 ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgV2ViQ29yZTo6U2VsZWN0aW9uQ29udHJv bGxlcjo6c2V0U2VsZWN0aW9uIE5VTEwgcG9pbnRlcgorICAgICAgICBodHRwczovL2J1Z3Mud2Vi a2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MzE1NDUKKworICAgICAgICAqIHN2Zy9kb20vZnJhbWUt cmVsYXRlZC1hcGktZHVyaW5nLWxvYWQtZXhwZWN0ZWQudHh0OiBBZGRlZC4KKyAgICAgICAgKiBz dmcvZG9tL2ZyYW1lLXJlbGF0ZWQtYXBpLWR1cmluZy1sb2FkLmh0bWw6IEFkZGVkLgorCiAyMDEw LTAzLTIyICBEYXZpZCBLaWx6ZXIgIDxkZGtpbHplckBhcHBsZS5jb20+CiAKICAgICAgICAgUmVt b3ZlIGh0dHAvdGVzdHMvY29va2llcy9zaW1wbGUtY29va2llcy1leHBpcmVkLmh0bWwgZnJvbSBz a2lwIGxpc3QgYWZ0ZXIgQ0ZOZXR3b3JrIGlzc3VlIGlzIHJlc29sdmVkCmRpZmYgLS1naXQgYS9M YXlvdXRUZXN0cy9zdmcvZG9tL2ZyYW1lLXJlbGF0ZWQtYXBpLWR1cmluZy1sb2FkLWV4cGVjdGVk LnR4dCBiL0xheW91dFRlc3RzL3N2Zy9kb20vZnJhbWUtcmVsYXRlZC1hcGktZHVyaW5nLWxvYWQt ZXhwZWN0ZWQudHh0Cm5ldyBmaWxlIG1vZGUgMTAwNjQ0CmluZGV4IDAwMDAwMDAuLmE1YjQ5MGUK LS0tIC9kZXYvbnVsbAorKysgYi9MYXlvdXRUZXN0cy9zdmcvZG9tL2ZyYW1lLXJlbGF0ZWQtYXBp LWR1cmluZy1sb2FkLWV4cGVjdGVkLnR4dApAQCAtMCwwICsxIEBACitPSyB1bmxlc3MgaXQgZ290 IGNyYXNoZWQuCmRpZmYgLS1naXQgYS9MYXlvdXRUZXN0cy9zdmcvZG9tL2ZyYW1lLXJlbGF0ZWQt YXBpLWR1cmluZy1sb2FkLmh0bWwgYi9MYXlvdXRUZXN0cy9zdmcvZG9tL2ZyYW1lLXJlbGF0ZWQt YXBpLWR1cmluZy1sb2FkLmh0bWwKbmV3IGZpbGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAwMC4u NDI5YzQzMwotLS0gL2Rldi9udWxsCisrKyBiL0xheW91dFRlc3RzL3N2Zy9kb20vZnJhbWUtcmVs YXRlZC1hcGktZHVyaW5nLWxvYWQuaHRtbApAQCAtMCwwICsxLDIyIEBACis8aHRtbD4KKzxoZWFk PgorPHNjcmlwdD4KK2lmICh3aW5kb3cubGF5b3V0VGVzdENvbnRyb2xsZXIpCisgICAgIGxheW91 dFRlc3RDb250cm9sbGVyLmR1bXBBc1RleHQoKTsKKworZnVuY3Rpb24gdGVzdCgpCit7CisgICAg aHRtbF9kb2N1bWVudCA9IGRvY3VtZW50LmltcGxlbWVudGF0aW9uLmNyZWF0ZUhUTUxEb2N1bWVu dCgpOworICAgIHN2Z19lbGVtZW50ID0gaHRtbF9kb2N1bWVudC5jcmVhdGVFbGVtZW50TlMoImh0 dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiwic3ZnIik7CisgICAgLy8gSW1wbGVtZW50YXRpb25z IG9mIGZvbGxvd2luZyBBUElzIGFjY2VzcyBGcmFtZSBvYmplY3QsIHdoaWNoIGNhbiBiZSBOVUxM LgorICAgIHN2Z19lbGVtZW50LmRlc2VsZWN0QWxsKCk7CisgICAgc3ZnX2VsZW1lbnQuY3VycmVu dFNjYWxlID0gc3ZnX2VsZW1lbnQuY3VycmVudFNjYWxlOworCisgICAgZG9jdW1lbnQuZ2V0RWxl bWVudEJ5SWQoImNvbnNvbGUiKS5pbm5lckhUTUwgPSAiT0sgdW5sZXNzIGl0IGdvdCBjcmFzaGVk LiI7Cit9Cis8L3NjcmlwdD4KKzwvaGVhZD4KKzxib2R5IG9ubG9hZD0idGVzdCgpIj4KKzxkaXYg aWQ9ImNvbnNvbGUiPjwvZGl2PgorPC9ib2R5PgorPC9odG1sPgpkaWZmIC0tZ2l0IGEvV2ViQ29y ZS9DaGFuZ2VMb2cgYi9XZWJDb3JlL0NoYW5nZUxvZwppbmRleCBmOGE3ZjdiLi5mN2JhOTdkIDEw MDY0NAotLS0gYS9XZWJDb3JlL0NoYW5nZUxvZworKysgYi9XZWJDb3JlL0NoYW5nZUxvZwpAQCAt MSwzICsxLDE3IEBACisyMDEwLTAzLTIzICBNT1JJVEEgSGFqaW1lICA8bW9ycml0YUBnb29nbGUu Y29tPgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFdl YkNvcmU6OlNlbGVjdGlvbkNvbnRyb2xsZXI6OnNldFNlbGVjdGlvbiBOVUxMIHBvaW50ZXIKKyAg ICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTMxNTQ1CisKKyAg ICAgICAgQWRkZWQgbWlzc2luZyBOVUxMLWNoZWNrIHRoYXQgb3RoZXIgQVBJcyBoYXZlLgorCisg ICAgICAgIFRlc3Q6IHN2Zy9kb20vZnJhbWUtcmVsYXRlZC1hcGktZHVyaW5nLWxvYWQuaHRtbAor CisgICAgICAgICogc3ZnL1NWR1NWR0VsZW1lbnQuY3BwOgorICAgICAgICAoV2ViQ29yZTo6U1ZH U1ZHRWxlbWVudDo6ZGVzZWxlY3RBbGwpOgorCiAyMDEwLTAzLTIyICBGdW1pdG9zaGkgVWthaSAg PHVrYWlAY2hyb21pdW0ub3JnPgogCiAgICAgICAgIFVucmV2aWV3ZWQgYnVpbGQgZml4IGZvciBD aHJvbWltIE1hYyBhdCByNTYzNzYKZGlmZiAtLWdpdCBhL1dlYkNvcmUvc3ZnL1NWR1NWR0VsZW1l bnQuY3BwIGIvV2ViQ29yZS9zdmcvU1ZHU1ZHRWxlbWVudC5jcHAKaW5kZXggN2E2ZGI4NC4uNGMw NjAwOCAxMDA2NDQKLS0tIGEvV2ViQ29yZS9zdmcvU1ZHU1ZHRWxlbWVudC5jcHAKKysrIGIvV2Vi Q29yZS9zdmcvU1ZHU1ZHRWxlbWVudC5jcHAKQEAgLTM5NCw3ICszOTQsOCBAQCBib29sIFNWR1NW R0VsZW1lbnQ6OmNoZWNrRW5jbG9zdXJlKFNWR0VsZW1lbnQqLCBjb25zdCBGbG9hdFJlY3QmIHJl Y3QpCiAKIHZvaWQgU1ZHU1ZHRWxlbWVudDo6ZGVzZWxlY3RBbGwoKQogewotICAgIGRvY3VtZW50 KCktPmZyYW1lKCktPnNlbGVjdGlvbigpLT5jbGVhcigpOworICAgIGlmIChGcmFtZSogZnJhbWUg PSBkb2N1bWVudCgpLT5mcmFtZSgpKQorICAgICAgICBmcmFtZS0+c2VsZWN0aW9uKCktPmNsZWFy KCk7CiB9CiAKIGZsb2F0IFNWR1NWR0VsZW1lbnQ6OmNyZWF0ZVNWR051bWJlcigpCg==