90216 2012-06-28 15:55:40 -0700 Undo handling in WebKit2 is not robust against some page-closing code paths 2013-03-16 22:38:02 -0700 1 1 1 Unclassified WebKit WebKit2 528+ (Nightly build) Mac All RESOLVED FIXED InRadar P2 Major --- 1 sullivan sullivan oldest_to_newest 659904 0 sullivan 2012-06-28 15:55:40 -0700 This is in radar as <rdar://problem/11766518> PageClientImpl registers entries on the undo stack, but does not guarantee that all such entries will be removed from the undo stack before the PageClientImpl is dealloc'ed. This leads to some code paths in which a bad undo target can be left on the undo stack, leading to a crash when Undo is then performed. 659912 1 150034 sullivan 2012-06-28 16:03:15 -0700 Created attachment 150034 Patch that clears Undo actions when the WKView moves to another window (including the nil window) 659927 2 150034 enrica 2012-06-28 16:12:05 -0700 Comment on attachment 150034 Patch that clears Undo actions when the WKView moves to another window (including the nil window) Looks good to me 856673 3 ap 2013-03-16 22:38:02 -0700 This was committed in <http://trac.webkit.org/changeset/121482>. 150034 2012-06-28 16:03:15 -0700 2012-06-28 16:12:04 -0700 Patch that clears Undo actions when the WKView moves to another window (including the nil window) undoCrash_patch.txt text/plain 2794 sullivan SW5kZXg6IFNvdXJjZS9XZWJLaXQyL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi S2l0Mi9DaGFuZ2VMb2cJKHJldmlzaW9uIDEyMTQ3NikKKysrIFNvdXJjZS9XZWJLaXQyL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDIzIEBACisyMDEyLTA2LTI4ICBKb2huIFN1 bGxpdmFuICA8c3VsbGl2YW5AYXBwbGUuY29tPgorCisgICAgICAgIDxodHRwczovL2J1Z3Mud2Vi a2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9OTAyMTY+CisgICAgICAgIDxyZGFyOi8vcHJvYmxlbS8x MTc2NjUxOD4KKyAgICAgICAgVW5kbyBoYW5kbGluZyBpbiBXZWJLaXQyIGlzIG5vdCByb2J1c3Qg YWdhaW5zdCBzb21lIHBhZ2UtY2xvc2luZyBjb2RlIHBhdGhzCisKKyAgICAgICAgUmV2aWV3ZWQg YnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgKiBVSVByb2Nlc3MvQVBJL21hYy9QYWdlQ2xp ZW50SW1wbC5oOgorICAgICAgICBEZWNsYXJlZCBwdWJsaWMgZnVuY3Rpb24gdmlld1dpbGxNb3Zl VG9Bbm90aGVyV2luZG93KCkuCisgICAgICAgIAorICAgICAgICAqIFVJUHJvY2Vzcy9BUEkvbWFj L1BhZ2VDbGllbnRJbXBsLm1tOgorICAgICAgICAoV2ViS2l0OjpQYWdlQ2xpZW50SW1wbDo6dmll d1dpbGxNb3ZlVG9Bbm90aGVyV2luZG93KToKKyAgICAgICAgTmV3IGZ1bmN0aW9uLCBjYWxscyBj bGVhckFsbEVkaXRDb21tYW5kcygpIHRvIHJlbW92ZSBhbnkgVW5kbyBhY3Rpb25zIGZyb20gdGhl IHN0YWNrLgorICAgICAgICBUaGlzIGd1YXJhbnRlZXMgdGhhdCBubyBVbmRvIGFjdGlvbnMgd2ls bCBiZSBhYmFuZG9uZWQgd2hlbiB0aGUgUGFnZUNsaWVudEltcGwgaXMgZGVhbGxvYydlZC4KKwor ICAgICAgICAqIFVJUHJvY2Vzcy9BUEkvbWFjL1dLVmlldy5tbToKKyAgICAgICAgKC1bV0tWaWV3 IHZpZXdXaWxsTW92ZVRvV2luZG93Ol0pOgorICAgICAgICBOb3cgaW5mb3JtcyBQYWdlQ2xpZW50 SW1wbCB2aWEgbmV3IGZ1bmN0aW9uIFBhZ2VDbGllbnRJbXBsOjp2aWV3V2lsbE1vdmVUb0Fub3Ro ZXJXaW5kb3coKS4KKwogMjAxMi0wNi0yOCAgQ2hyaXN0b3BoZSBEdW1leiAgPGNocmlzdG9waGUu ZHVtZXpAaW50ZWwuY29tPgogCiAgICAgICAgIFtXSzJdIEFkZCBDIEFQSSB0byBpbnNwZWN0IGEg V2ViIEludGVudCBzZXJ2aWNlCkluZGV4OiBTb3VyY2UvV2ViS2l0Mi9VSVByb2Nlc3MvQVBJL21h Yy9QYWdlQ2xpZW50SW1wbC5oCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XZWJLaXQyL1VJUHJvY2Vz cy9BUEkvbWFjL1BhZ2VDbGllbnRJbXBsLmgJKHJldmlzaW9uIDEyMTM0NikKKysrIFNvdXJjZS9X ZWJLaXQyL1VJUHJvY2Vzcy9BUEkvbWFjL1BhZ2VDbGllbnRJbXBsLmgJKHdvcmtpbmcgY29weSkK QEAgLTQ0LDYgKzQ0LDggQEAgY2xhc3MgUGFnZUNsaWVudEltcGwgOiBwdWJsaWMgUGFnZUNsaWVu dAogcHVibGljOgogICAgIHN0YXRpYyBQYXNzT3duUHRyPFBhZ2VDbGllbnRJbXBsPiBjcmVhdGUo V0tWaWV3Kik7CiAgICAgdmlydHVhbCB+UGFnZUNsaWVudEltcGwoKTsKKyAgICAKKyAgICB2b2lk IHZpZXdXaWxsTW92ZVRvQW5vdGhlcldpbmRvdygpOwogCiBwcml2YXRlOgogICAgIFBhZ2VDbGll bnRJbXBsKFdLVmlldyopOwpJbmRleDogU291cmNlL1dlYktpdDIvVUlQcm9jZXNzL0FQSS9tYWMv UGFnZUNsaWVudEltcGwubW0KPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL1dlYktpdDIvVUlQcm9jZXNz L0FQSS9tYWMvUGFnZUNsaWVudEltcGwubW0JKHJldmlzaW9uIDEyMTM0NikKKysrIFNvdXJjZS9X ZWJLaXQyL1VJUHJvY2Vzcy9BUEkvbWFjL1BhZ2VDbGllbnRJbXBsLm1tCSh3b3JraW5nIGNvcHkp CkBAIC0yMDEsNiArMjAxLDExIEBAIGJvb2wgUGFnZUNsaWVudEltcGw6OmlzVmlld0luV2luZG93 KCkKICAgICByZXR1cm4gW21fd2tWaWV3IHdpbmRvd107CiB9CiAKK3ZvaWQgUGFnZUNsaWVudElt cGw6OnZpZXdXaWxsTW92ZVRvQW5vdGhlcldpbmRvdygpCit7CisgICAgY2xlYXJBbGxFZGl0Q29t bWFuZHMoKTsKK30KKwogTGF5ZXJIb3N0aW5nTW9kZSBQYWdlQ2xpZW50SW1wbDo6dmlld0xheWVy SG9zdGluZ01vZGUoKQogewogI2lmIEhBVkUoTEFZRVJfSE9TVElOR19JTl9XSU5ET1dfU0VSVkVS KQpJbmRleDogU291cmNlL1dlYktpdDIvVUlQcm9jZXNzL0FQSS9tYWMvV0tWaWV3Lm1tCj09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT0KLS0tIFNvdXJjZS9XZWJLaXQyL1VJUHJvY2Vzcy9BUEkvbWFjL1dLVmlldy5tbQkocmV2 aXNpb24gMTIxMzQ2KQorKysgU291cmNlL1dlYktpdDIvVUlQcm9jZXNzL0FQSS9tYWMvV0tWaWV3 Lm1tCSh3b3JraW5nIGNvcHkpCkBAIC0xODgzLDYgKzE4ODMsOCBAQCAtICh2b2lkKXZpZXdXaWxs TW92ZVRvV2luZG93OihOU1dpbmRvdyAqCiAgICAgaWYgKHdpbmRvdyA9PSBjdXJyZW50V2luZG93 KQogICAgICAgICByZXR1cm47CiAgICAgCisgICAgX2RhdGEtPl9wYWdlQ2xpZW50LT52aWV3V2ls bE1vdmVUb0Fub3RoZXJXaW5kb3coKTsKKyAgICAKICAgICBbc2VsZiByZW1vdmVXaW5kb3dPYnNl cnZlcnNdOwogICAgIFtzZWxmIGFkZFdpbmRvd09ic2VydmVyc0ZvcldpbmRvdzp3aW5kb3ddOwog Cg==