Bug 151187

Summary: Null dereference loading Blink layout test editing/execCommand/indent-button-crash.html
Product: WebKit Reporter: Carlos Garcia Campos <cgarcia>
Component: HTML EditingAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: clopez, darin
Priority: P2 Keywords: Gtk, LayoutTestFailure
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch darin: review+

Description Carlos Garcia Campos 2015-11-12 04:21:20 PST 
Program received signal SIGSEGV, Segmentation fault.
0x00007f432d4e5310 in WebCore::CompositeEditCommand::insertNodeAt(WTF::PassRefPtr<WebCore::Node>, WebCore::Position const&) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
(gdb) bt
#0  0x00007f432d4e5310 in WebCore::CompositeEditCommand::insertNodeAt(WTF::PassRefPtr<WebCore::Node>, WebCore::Position const&) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#1  0x00007f432d4d20eb in WebCore::ApplyBlockElementCommand::formatSelection(WebCore::VisiblePosition const&, WebCore::VisiblePosition const&) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#2  0x00007f432d4ce715 in WebCore::ApplyBlockElementCommand::doApply() () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#3  0x00007f432d4e2ec3 in WebCore::CompositeEditCommand::apply() () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#4  0x00007f432d519455 in WebCore::executeIndent(WebCore::Frame&, WebCore::Event*, WebCore::EditorCommandSource, WTF::String const&) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#5  0x00007f432d429822 in WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#6  0x00007f432e077a42 in WebCore::jsDocumentPrototypeFunctionExecCommand(JSC::ExecState*) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#7  0x00007f42c7fff0c8 in ?? ()
#8  0x00007ffe9911cec0 in ?? ()
#9  0x00007f432b6b872f in llint_entry () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
Backtrace stopped: frame did not save the PC

The test seems to be passing in mac bots, though.
Comment 1 Carlos Garcia Campos 2015-11-12 04:27:23 PST 
Created attachment 265382 [details]
Patch

Merge blink patch.
Comment 2 Carlos Garcia Campos 2015-11-13 05:56:08 PST 
*** Bug 151260 has been marked as a duplicate of this bug. ***
Comment 3 Carlos Alberto Lopez Perez 2015-11-13 13:05:55 PST 
I marked this test as crashing on the GTK TestExpectations on https://trac.webkit.org/r192435

Please remove it from the expectations when landing this patch.

Thanks.
Comment 4 Carlos Garcia Campos 2015-11-17 23:52:58 PST 
Committed r192567: <http://trac.webkit.org/changeset/192567>