Bug 49962

Summary:

REGRESSION: Crash when deleting text after textarea's value is modified on input event

Product:

WebKit

Reporter:

Martin Wittemann <martin.wittemann>

Component:

HTML Editing

Assignee:

Ryosuke Niwa <rniwa>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

adele, ap, darin, enrica, jonnytrap, justin.garcia, leviw, mjs, ojan, rniwa, tkent, tony

Priority:

Keywords:

Regression

Version:

528+ (Nightly build)

Hardware:

All

OS:

All

Attachments:

Description	Flags
Test-Case	none
reduction	none
fixes the crash	none
demo for insertText case	none
fixes the bug for good	darin: review+

Martin Wittemann

Reported 2010-11-23 02:17:17 PST

Created attachment 74635 [details] Test-Case I used a textarea and implemented a max length myself using JavaScript. The code is pretty simple, listen to the input event and set the value using substring if its longer than desired. Unfortunately, I found a way to crash the whole browser with that. Just take a look at the attached HTML file to get it reproduced. Here is error report from the OS: Process: Safari [16809] Path: /Applications/Safari.app/Contents/MacOS/Safari Identifier: org.webkit.nightly.WebKit Version: r72487 (72487) Code Type: X86-64 (Native) Parent Process: launchd [111] Date/Time: 2010-11-23 11:10:29.995 +0100 OS Version: Mac OS X 10.6.5 (10H574) Report Version: 6 Interval Since Last Report: 263228 sec Crashes Since Last Report: 4 Per-App Interval Since Last Report: 10 sec Per-App Crashes Since Last Report: 1 Anonymous UUID: 5CB4CEA0-9960-40A1-891D-2912B992C400 Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000050 Crashed Thread: 0 Dispatch queue: com.apple.main-thread Thread 0 Crashed: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x000000010180c1ef WebCore::TypingCommand::makeEditableRootEmpty() + 31 1 com.apple.WebCore 0x000000010180deb8 WebCore::TypingCommand::deleteKeyPressed(WebCore::TextGranularity, bool) + 4312 2 com.apple.WebCore 0x000000010180e9fe WebCore::TypingCommand::deleteKeyPressed(WebCore::Document*, bool, WebCore::TextGranularity, bool) + 286 3 com.apple.WebCore 0x0000000100edd711 WebCore::Editor::deleteWithDirection(WebCore::SelectionController::EDirection, WebCore::TextGranularity, bool, bool) + 321 4 com.apple.WebCore 0x0000000100ee5ccf WebCore::executeDeleteBackward(WebCore::Frame*, WebCore::Event*, WebCore::EditorCommandSource, WTF::String const&) + 31 5 com.apple.WebCore 0x0000000100ee4a41 WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const + 113 6 com.apple.WebCore 0x0000000100ee5de2 WebCore::Editor::Command::execute(WebCore::Event*) const + 34 7 com.apple.WebKit 0x0000000100a528b0 -[WebHTMLView(WebNSTextInputSupport) doCommandBySelector:] + 560 8 com.apple.WebKit 0x0000000100a52636 -[WebHTMLView(WebInternal) _interceptEditingKeyEvent:shouldSaveCommand:] + 726 9 com.apple.WebKit 0x0000000100a18cf8 WebEditorClient::handleKeyboardEvent(WebCore::KeyboardEvent*) + 88 10 com.apple.WebCore 0x0000000100f01f72 WebCore::EventHandler::defaultKeyboardEventHandler(WebCore::KeyboardEvent*) + 258 11 com.apple.WebCore 0x000000010155e815 WebCore::Node::defaultEventHandler(WebCore::Event*) + 709 12 com.apple.WebCore 0x000000010155c18f WebCore::Node::dispatchGenericEvent(WTF::PassRefPtr<WebCore::Event>) + 1151 13 com.apple.WebCore 0x000000010155c422 WebCore::Node::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 178 14 com.apple.WebCore 0x0000000100f08537 WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&) + 135 15 com.apple.WebCore 0x0000000100ef9bf9 WebCore::EventHandler::keyEvent(WebCore::PlatformKeyboardEvent const&) + 681 16 com.apple.WebCore 0x0000000100f04b20 WebCore::EventHandler::keyEvent(NSEvent*) + 128 17 com.apple.WebKit 0x0000000100a4d762 -[WebHTMLView keyDown:] + 274 18 com.apple.AppKit 0x00007fff8278406f -[NSWindow sendEvent:] + 8769 19 com.apple.Safari 0x0000000100042489 0x100000000 + 271497 20 com.apple.Safari 0x0000000100042416 0x100000000 + 271382 21 com.apple.AppKit 0x00007fff826b8a86 -[NSApplication sendEvent:] + 4719 22 com.apple.Safari 0x0000000100039146 0x100000000 + 233798 23 com.apple.AppKit 0x00007fff8264f4da -[NSApplication run] + 474 24 com.apple.AppKit 0x00007fff826481a8 NSApplicationMain + 364 25 com.apple.Safari 0x000000010000a1c0 0x100000000 + 41408 Thread 1: Dispatch queue: com.apple.libdispatch-manager 0 libSystem.B.dylib 0x00007fff8149516a kevent + 10 1 libSystem.B.dylib 0x00007fff8149703d _dispatch_mgr_invoke + 154 2 libSystem.B.dylib 0x00007fff81496d14 _dispatch_queue_invoke + 185 3 libSystem.B.dylib 0x00007fff8149683e _dispatch_worker_thread2 + 252 4 libSystem.B.dylib 0x00007fff81496168 _pthread_wqthread + 353 5 libSystem.B.dylib 0x00007fff81496005 start_wqthread + 13 Thread 2: 0 libSystem.B.dylib 0x00007fff81495f8a __workq_kernreturn + 10 1 libSystem.B.dylib 0x00007fff8149639c _pthread_wqthread + 917 2 libSystem.B.dylib 0x00007fff81496005 start_wqthread + 13 Thread 3: WebCore: IconDatabase 0 libSystem.B.dylib 0x00007fff814b6fca __semwait_signal + 10 1 libSystem.B.dylib 0x00007fff814bade1 _pthread_cond_wait + 1286 2 com.apple.WebCore 0x000000010106c24d WebCore::IconDatabase::syncThreadMainLoop() + 269 3 com.apple.WebCore 0x000000010106c38c WebCore::IconDatabase::iconDatabaseSyncThread() + 172 4 libSystem.B.dylib 0x00007fff814b5536 _pthread_start + 331 5 libSystem.B.dylib 0x00007fff814b53e9 thread_start + 13 Thread 4: Safari: SafeBrowsingManager 0 libSystem.B.dylib 0x00007fff8147c2da mach_msg_trap + 10 1 libSystem.B.dylib 0x00007fff8147c94d mach_msg + 59 2 com.apple.CoreFoundation 0x00007fff80cf4932 __CFRunLoopRun + 1698 3 com.apple.CoreFoundation 0x00007fff80cf3dbf CFRunLoopRunSpecific + 575 4 com.apple.Safari 0x000000010002f899 0x100000000 + 194713 5 com.apple.Safari 0x000000010002f829 0x100000000 + 194601 6 libSystem.B.dylib 0x00007fff814b5536 _pthread_start + 331 7 libSystem.B.dylib 0x00007fff814b53e9 thread_start + 13 Thread 5: 0 libSystem.B.dylib 0x00007fff8147c2da mach_msg_trap + 10 1 libSystem.B.dylib 0x00007fff8147c94d mach_msg + 59 2 com.apple.CoreFoundation 0x00007fff80cf4932 __CFRunLoopRun + 1698 3 com.apple.CoreFoundation 0x00007fff80cf3dbf CFRunLoopRunSpecific + 575 4 com.apple.Foundation 0x00007fff806d207f +[NSURLConnection(NSURLConnectionReallyInternal) _resourceLoadLoop:] + 297 5 com.apple.Foundation 0x00007fff806530a5 __NSThread__main__ + 1429 6 libSystem.B.dylib 0x00007fff814b5536 _pthread_start + 331 7 libSystem.B.dylib 0x00007fff814b53e9 thread_start + 13 Thread 6: com.apple.CFSocket.private 0 libSystem.B.dylib 0x00007fff814bfe92 select$DARWIN_EXTSN + 10 1 com.apple.CoreFoundation 0x00007fff80d16498 __CFSocketManager + 824 2 libSystem.B.dylib 0x00007fff814b5536 _pthread_start + 331 3 libSystem.B.dylib 0x00007fff814b53e9 thread_start + 13 Thread 7: Safari: SnapshotStore 0 libSystem.B.dylib 0x00007fff814b6fca __semwait_signal + 10 1 libSystem.B.dylib 0x00007fff814bade1 _pthread_cond_wait + 1286 2 com.apple.JavaScriptCore 0x000000010090c140 WTF::ThreadCondition::timedWait(WTF::Mutex&, double) + 64 3 com.apple.Safari 0x00000001001be869 0x100000000 + 1828969 4 com.apple.Safari 0x000000010004737b 0x100000000 + 291707 5 com.apple.Safari 0x00000001000471f9 0x100000000 + 291321 6 libSystem.B.dylib 0x00007fff814b5536 _pthread_start + 331 7 libSystem.B.dylib 0x00007fff814b53e9 thread_start + 13 Thread 0 crashed with X86 Thread State (64-bit): rax: 0x0000000000000000 rbx: 0x0000000000000000 rcx: 0x0000000000000000 rdx: 0x00000001177397e8 rdi: 0x0000000000000000 rsi: 0x0000000000000000 rbp: 0x00007fff5fbfe660 rsp: 0x00007fff5fbfe5b0 r8: 0x0000000000000001 r9: 0x0000000000000000 r10: 0x000000011772853c r11: 0x0000000100cea3d0 r12: 0x0000000117682ce8 r13: 0x0000000117682c60 r14: 0x0000000000000000 r15: 0x0000000000000000 rip: 0x000000010180c1ef rfl: 0x0000000000010202 cr2: 0x0000000000000050 Binary Images: 0x100000000 - 0x1006afff7 com.apple.Safari 5.0.3 (6533.19.4) <B19794C1-5278-9BBE-1505-AB9C9DDA84E0> /Applications/Safari.app/Contents/MacOS/Safari 0x100758000 - 0x10075bfff +WebKitNightlyEnabler.dylib ??? (???) <DA8C170E-F60F-7B64-82B2-34C57B71362B> /Applications/WebKit.app/Contents/Resources/WebKitNightlyEnabler.dylib 0x100760000 - 0x10096bff7 com.apple.JavaScriptCore 534+ (534.13+) <9EF5ED80-75D4-F25D-C613-69C2894AE751> /Applications/WebKit.app/Contents/Frameworks/10.6/JavaScriptCore.framework/Versions/A/JavaScriptCore 0x1009df000 - 0x100b6bfef com.apple.WebKit r72487 (534.13+) <A59EAD09-1169-E3F0-A527-F0243D870AB0> /Applications/WebKit.app/Contents/Frameworks/10.6/WebKit.framework/Versions/A/WebKit 0x100c41000 - 0x101be8ff7 com.apple.WebCore 534+ (534.13+) <2DC355E5-D25A-83EB-A975-06208CA6F0B4> /Applications/WebKit.app/Contents/Frameworks/10.6/WebCore.framework/Versions/A/WebCore 0x1022e4000 - 0x10230dff7 +org.andymatuschak.Sparkle 1.5 Beta (git) (830f633) <945EA036-7EC3-D020-C889-29ECB588B891> /Applications/WebKit.app/Contents/Frameworks/10.6/Sparkle.framework/Versions/A/Sparkle 0x102328000 - 0x10240efe7 libcrypto.0.9.7.dylib 0.9.7 (compatibility 0.9.7) <64B3566E-5F3A-A466-ED3F-B91F4B3E5F56> /usr/lib/libcrypto.0.9.7.dylib 0x7fff5fc00000 - 0x7fff5fc3bdef dyld 132.1 (???) <B536F2F1-9DF1-3B6C-1C2C-9075EA219A06> /usr/lib/dyld 0x7fff80003000 - 0x7fff80005fff libRadiance.dylib ??? (???) <76438F90-DD4B-9941-9367-F2DFDF927876> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib 0x7fff80006000 - 0x7fff8005bfef com.apple.framework.familycontrols 2.0.1 (2010) <239940AC-2427-44C6-9E29-998D0ABECDF3> /System/Library/PrivateFrameworks/FamilyControls.framework/Versions/A/FamilyControls 0x7fff8005c000 - 0x7fff800d9fef com.apple.backup.framework 1.2.2 (1.2.2) <BB72F0C7-20E2-76DC-6764-5B93A7AC0EB5> /System/Library/PrivateFrameworks/Backup.framework/Versions/A/Backup 0x7fff800da000 - 0x7fff80121ff7 com.apple.coreui 2 (114) <31118426-355F-206A-65AB-CCA2D2D3EBD7> /System/Library/PrivateFrameworks/CoreUI.framework/Versions/A/CoreUI 0x7fff80122000 - 0x7fff8015dfff com.apple.AE 496.4 (496.4) <CB905496-4D6B-F26A-399D-840D26DBEE5B> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE 0x7fff8015e000 - 0x7fff8031cfff libicucore.A.dylib 40.0.0 (compatibility 1.0.0) <781E7B63-2AD0-E9BA-927C-4521DB616D02> /usr/lib/libicucore.A.dylib 0x7fff80322000 - 0x7fff80322ff7 com.apple.Cocoa 6.6 (???) <C69E895A-1C66-3DA9-5F63-8BE85DB9C4E1> /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa 0x7fff80323000 - 0x7fff80325fff com.apple.print.framework.Print 6.1 (237.1) <CA8564FB-B366-7413-B12E-9892DA3C6157> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/Versions/A/Print 0x7fff8033f000 - 0x7fff803b0ff7 com.apple.AppleVAFramework 4.10.12 (4.10.12) <1B68BE43-4C54-87F5-0723-0B0A14CD21E8> /System/Library/PrivateFrameworks/AppleVA.framework/Versions/A/AppleVA 0x7fff803ee000 - 0x7fff805a5fef com.apple.ImageIO.framework 3.0.4 (3.0.4) <2CB9997A-A28D-80BC-5921-E7D50BBCACA7> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/ImageIO 0x7fff805d6000 - 0x7fff805ebff7 com.apple.LangAnalysis 1.6.6 (1.6.6) <DC999B32-BF41-94C8-0583-27D9AB463E8B> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis 0x7fff805ec000 - 0x7fff80629fff com.apple.LDAPFramework 2.0 (120.1) <F3B7B267-D580-F287-6DE7-8AC91C92AB35> /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP 0x7fff8062a000 - 0x7fff80635ff7 com.apple.speech.recognition.framework 3.11.1 (3.11.1) <C359B93B-CC9B-FC0B-959E-FB10674103A7> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition 0x7fff80642000 - 0x7fff808c5ff7 com.apple.Foundation 6.6.4 (751.42) <9A99D378-E97A-8C0F-3857-D0FAA30FCDD5> /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation 0x7fff808c6000 - 0x7fff808d5fff com.apple.opengl 1.6.11 (1.6.11) <43D5BE71-E1F6-6974-210C-17C68919AE08> /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL 0x7fff808d6000 - 0x7fff809effef libGLProgrammability.dylib ??? (???) <13E8114C-6E07-A66E-35E6-C185E54840AE> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgrammability.dylib 0x7fff809f0000 - 0x7fff80acafff com.apple.vImage 4.0 (4.0) <B5A8B93B-D302-BC30-5A18-922645DB2F56> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage 0x7fff80acb000 - 0x7fff80b1aff7 com.apple.DirectoryService.PasswordServerFramework 6.0 (6.0) <F5B744D7-AEAF-6B66-43CF-6E31CDA18EAB> /System/Library/PrivateFrameworks/PasswordServer.framework/Versions/A/PasswordServer 0x7fff80ca8000 - 0x7fff80e1ffe7 com.apple.CoreFoundation 6.6.4 (550.42) <770C572A-CF70-168F-F43C-242B9114FCB5> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation 0x7fff80e20000 - 0x7fff80ea5ff7 com.apple.print.framework.PrintCore 6.3 (312.7) <CDFE82DD-D811-A091-179F-6E76069B432D> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore 0x7fff80f33000 - 0x7fff81037fff com.apple.PubSub 1.0.5 (65.20) <67A088DF-7F4A-DC23-6F96-F9BAA4C238DC> /System/Library/Frameworks/PubSub.framework/Versions/A/PubSub 0x7fff81038000 - 0x7fff81142ff7 com.apple.MeshKitIO 1.1 (49.2) <D7227401-9DC9-C2CB-C83B-C2B10C61D4E4> /System/Library/PrivateFrameworks/MeshKit.framework/Versions/A/Frameworks/MeshKitIO.framework/Versions/A/MeshKitIO 0x7fff81143000 - 0x7fff81149ff7 com.apple.DiskArbitration 2.3 (2.3) <AAB5CC56-334A-3C60-3C27-54E8F34D754E> /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration 0x7fff8114a000 - 0x7fff81448fe7 com.apple.HIToolbox 1.6.3 (???) <CF0C8524-FA82-3908-ACD0-A9176C704AED> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox 0x7fff81449000 - 0x7fff81449ff7 com.apple.Accelerate 1.6 (Accelerate 1.6) <15DF8B4A-96B2-CB4E-368D-DEC7DF6B62BB> /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate 0x7fff8147b000 - 0x7fff8163cfff libSystem.B.dylib 125.2.1 (compatibility 1.0.0) <71E6D4C9-F945-6EC2-998C-D61AD590DAB6> /usr/lib/libSystem.B.dylib 0x7fff8163d000 - 0x7fff8166ffff libTrueTypeScaler.dylib ??? (???) <B9ECE1BD-A716-9F65-6466-4444D641F584> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Resources/libTrueTypeScaler.dylib 0x7fff81670000 - 0x7fff816b9ff7 com.apple.securityinterface 4.0.1 (37214) <08DB37D6-A716-DC37-536C-7889999EF395> /System/Library/Frameworks/SecurityInterface.framework/Versions/A/SecurityInterface 0x7fff816ba000 - 0x7fff816d5ff7 com.apple.openscripting 1.3.1 (???) <DC329CD4-1159-A40A-A769-70CAA70F601A> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting 0x7fff818d5000 - 0x7fff81916fff com.apple.SystemConfiguration 1.10.5 (1.10.2) <FB39F09C-57BB-D8CC-348D-93E00C602F7D> /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration 0x7fff8199e000 - 0x7fff819c1fff com.apple.opencl 12.3 (12.3) <D30A45FC-4520-45AF-3CA5-092313DB5D54> /System/Library/Frameworks/OpenCL.framework/Versions/A/OpenCL 0x7fff819c2000 - 0x7fff81a3eff7 com.apple.ISSupport 1.9.4 (52) <93A57F16-3BD5-25AD-5CFF-00007A141129> /System/Library/PrivateFrameworks/ISSupport.framework/Versions/A/ISSupport 0x7fff81a3f000 - 0x7fff81b60fe7 libcrypto.0.9.8.dylib 0.9.8 (compatibility 0.9.8) <48AEAFE1-21F4-B3C8-4199-35AD5E8D0613> /usr/lib/libcrypto.0.9.8.dylib 0x7fff81b61000 - 0x7fff82065fe7 com.apple.VideoToolbox 0.484.20 (484.20) <8B6B82D2-350B-E9D3-5433-51453CDA65B4> /System/Library/PrivateFrameworks/VideoToolbox.framework/Versions/A/VideoToolbox 0x7fff82066000 - 0x7fff82067ff7 com.apple.audio.units.AudioUnit 1.6.5 (1.6.5) <14F14B5E-9287-BC36-0C3F-6592E6696CD4> /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit 0x7fff82144000 - 0x7fff82205fe7 libFontParser.dylib ??? (???) <8B12D37E-3A95-5A73-509C-3AA991E0C546> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Resources/libFontParser.dylib 0x7fff82206000 - 0x7fff82249ff7 libRIP.A.dylib 545.0.0 (compatibility 64.0.0) <7E30B5F6-99FD-C716-8670-5DD4B4BAED72> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib 0x7fff8225f000 - 0x7fff822a7ff7 libvDSP.dylib 268.0.1 (compatibility 1.0.0) <98FC4457-F405-0262-00F7-56119CA107B6> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib 0x7fff822a8000 - 0x7fff82645fe7 com.apple.QuartzCore 1.6.3 (227.34) <215222AF-B30A-7CE5-C46C-1A766C1D1D2E> /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore 0x7fff82646000 - 0x7fff8303cfff com.apple.AppKit 6.6.7 (1038.35) <9F4DF818-9DB9-98DA-490C-EF29EA757A97> /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit 0x7fff8303d000 - 0x7fff8307efef com.apple.QD 3.36 (???) <5DC41E81-32C9-65B2-5528-B33E934D5BB4> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD 0x7fff8307f000 - 0x7fff83084fff libGFXShared.dylib ??? (???) <A94DE483-A586-A172-104F-1CFC5F0BFD57> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGFXShared.dylib 0x7fff830d0000 - 0x7fff8333afef com.apple.QuartzComposer 4.2 ({156.28}) <7586E7BD-D3BD-0EAC-5AC9-0BFA3679017C> /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuartzComposer.framework/Versions/A/QuartzComposer 0x7fff83400000 - 0x7fff83642fef com.apple.AddressBook.framework 5.0.3 (875) <78FDBCC6-8F4C-C4DF-4A60-BB038572B870> /System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook 0x7fff83643000 - 0x7fff838c9fef com.apple.security 6.1.1 (37594) <17CF7858-52D9-9665-3AE8-23F07CC8BEA1> /System/Library/Frameworks/Security.framework/Versions/A/Security 0x7fff838ca000 - 0x7fff83904fff libssl.0.9.8.dylib 0.9.8 (compatibility 0.9.8) <C7153747-50E3-32DA-426F-CC4C505D1D6C> /usr/lib/libssl.0.9.8.dylib 0x7fff83905000 - 0x7fff839bafe7 com.apple.ColorSync 4.6.3 (4.6.3) <AA93AD96-6974-9104-BF55-AF7A813C8A1B> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync 0x7fff83a30000 - 0x7fff83ae6fff libobjc.A.dylib 227.0.0 (compatibility 1.0.0) <1960E662-D35C-5D98-EB16-D43166AE6A22> /usr/lib/libobjc.A.dylib 0x7fff83ae7000 - 0x7fff83ae7ff7 com.apple.vecLib 3.6 (vecLib 3.6) <96FB6BAD-5568-C4E0-6FA7-02791A58B584> /System/Library/Frameworks/vecLib.framework/Versions/A/vecLib 0x7fff83b9f000 - 0x7fff83cddfff com.apple.CoreData 102.1 (251) <96C5E9A6-C28C-E9CC-A0DB-27801A22A49F> /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData 0x7fff83dd7000 - 0x7fff83ddafff com.apple.help 1.3.1 (41) <AEDDF93F-BAC0-0308-68FD-039A99F3A158> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Help.framework/Versions/A/Help 0x7fff83e24000 - 0x7fff83e61ff7 libFontRegistry.dylib ??? (???) <8C69F685-3507-1B8F-51AD-6183D5E88979> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Resources/libFontRegistry.dylib 0x7fff83ec0000 - 0x7fff83fa5fef com.apple.DesktopServices 1.5.9 (1.5.9) <27890B2C-0CD2-7C27-9D0C-D5952C5E8438> /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv 0x7fff83fa6000 - 0x7fff83fc3ff7 libPng.dylib ??? (???) <14043CBC-329F-4009-299E-DEE411E16134> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib 0x7fff83fc4000 - 0x7fff83fc4ff7 com.apple.quartzframework 1.5 (1.5) <FA660AAC-70CD-7EA2-5DF1-A8724D8F4B1B> /System/Library/Frameworks/Quartz.framework/Versions/A/Quartz 0x7fff83fc5000 - 0x7fff84009fe7 com.apple.ImageCaptureCore 1.0.3 (1.0.3) <913FFA89-0AC8-0A8D-CC2A-364CB0F303BA> /System/Library/Frameworks/ImageCaptureCore.framework/Versions/A/ImageCaptureCore 0x7fff8402d000 - 0x7fff840bdfff com.apple.SearchKit 1.3.0 (1.3.0) <45BA1053-9196-3C2F-2421-AFF5E09627CC> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit 0x7fff840be000 - 0x7fff84105fff com.apple.QuickLookFramework 2.3 (327.6) <11DFB135-24A6-C0BC-5B97-ECE352A4B488> /System/Library/Frameworks/QuickLook.framework/Versions/A/QuickLook 0x7fff84108000 - 0x7fff84119ff7 libz.1.dylib 1.2.3 (compatibility 1.0.0) <FB5EE53A-0534-0FFA-B2ED-486609433717> /usr/lib/libz.1.dylib 0x7fff8411a000 - 0x7fff84184fe7 libvMisc.dylib 268.0.1 (compatibility 1.0.0) <7BD7F19B-ACD4-186C-B42D-4DEBA6795628> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib 0x7fff844c9000 - 0x7fff84512fef libGLU.dylib ??? (???) <EB4255DD-A9E5-FAD0-52A4-CCB4E792B86F> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib 0x7fff84513000 - 0x7fff84524fff com.apple.DSObjCWrappers.Framework 10.6 (134) <CF1D9C05-8D77-0FFE-38E8-63D8A23E92E1> /System/Library/PrivateFrameworks/DSObjCWrappers.framework/Versions/A/DSObjCWrappers 0x7fff84525000 - 0x7fff84585fe7 com.apple.framework.IOKit 2.0 (???) <D107CB8A-5182-3AC4-35D0-07068A695C05> /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit 0x7fff845c5000 - 0x7fff845cbfff libCGXCoreImage.A.dylib 545.0.0 (compatibility 64.0.0) <4EE16374-A094-D542-5BC5-7E846D0CE56E> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGXCoreImage.A.dylib 0x7fff846cd000 - 0x7fff846cdff7 com.apple.CoreServices 44 (44) <DC7400FB-851E-7B8A-5BF6-6F50094302FB> /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices 0x7fff846ce000 - 0x7fff846e7fff com.apple.CFOpenDirectory 10.6 (10.6) <CCF79716-7CC6-2520-C6EB-A4F56AD0A207> /System/Library/Frameworks/OpenDirectory.framework/Versions/A/Frameworks/CFOpenDirectory.framework/Versions/A/CFOpenDirectory 0x7fff846fc000 - 0x7fff8477afff com.apple.CoreText 3.5.0 (???) <4D5C7932-293B-17FF-7309-B580BB1953EA> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText 0x7fff8477b000 - 0x7fff847e3fff com.apple.MeshKitRuntime 1.1 (49.2) <A490FE03-313D-1317-A9B8-25EF75CB1A81> /System/Library/PrivateFrameworks/MeshKit.framework/Versions/A/Frameworks/MeshKitRuntime.framework/Versions/A/MeshKitRuntime 0x7fff848bd000 - 0x7fff848cefff SyndicationUI ??? (???) <91DAD490-897C-E5E9-C30B-161D4F42BF98> /System/Library/PrivateFrameworks/SyndicationUI.framework/Versions/A/SyndicationUI 0x7fff848cf000 - 0x7fff84914fff com.apple.CoreMediaIOServices 133.0 (1158) <53F7A2A6-78CA-6C34-0BB6-471388019799> /System/Library/PrivateFrameworks/CoreMediaIOServices.framework/Versions/A/CoreMediaIOServices 0x7fff84ac8000 - 0x7fff84d03fef com.apple.imageKit 2.0.3 (1.0) <5D18C246-303A-6580-9DC9-79BE79467C95> /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/ImageKit.framework/Versions/A/ImageKit 0x7fff84d04000 - 0x7fff84d09fff libGIF.dylib ??? (???) <9A2723D8-61F9-6D65-D254-4F9273CDA54A> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib 0x7fff84d0a000 - 0x7fff84d8cfff com.apple.QuickLookUIFramework 2.3 (327.6) <9093682A-0E2D-7D27-5F22-C96FD00AE970> /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuickLookUI.framework/Versions/A/QuickLookUI 0x7fff84d8d000 - 0x7fff85597fe7 libBLAS.dylib 219.0.0 (compatibility 1.0.0) <2F26CDC7-DAE9-9ABE-6806-93BBBDA20DA0> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib 0x7fff85600000 - 0x7fff8560ffff com.apple.NetFS 3.2.1 (3.2.1) <DE59FB56-8536-9999-352A-2016ADCF4FCF> /System/Library/Frameworks/NetFS.framework/Versions/A/NetFS 0x7fff856c6000 - 0x7fff859fafff com.apple.CoreServices.CarbonCore 861.23 (861.23) <08F360FA-1771-4F0B-F356-BEF68BB9D421> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore 0x7fff859fb000 - 0x7fff85acdfe7 com.apple.CFNetwork 454.11.5 (454.11.5) <B3E2BE12-D7AA-5940-632A-1E5E7BF8E6E3> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork 0x7fff85ace000 - 0x7fff85b11fef libtidy.A.dylib ??? (???) <2F4273D3-418B-668C-F488-7E659D3A8C23> /usr/lib/libtidy.A.dylib 0x7fff85b12000 - 0x7fff85b1dfff com.apple.CrashReporterSupport 10.6.5 (252) <0895BE37-CC7E-1939-8020-489BFCB3E2C6> /System/Library/PrivateFrameworks/CrashReporterSupport.framework/Versions/A/CrashReporterSupport 0x7fff86792000 - 0x7fff86bd5fef libLAPACK.dylib 219.0.0 (compatibility 1.0.0) <57D38705-6F21-2A82-F3F6-03CFFF214775> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib 0x7fff86bd6000 - 0x7fff86becfff com.apple.ImageCapture 6.0.1 (6.0.1) <09ABF2E9-D110-71A9-4A6F-8A61B683E936> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture 0x7fff86bed000 - 0x7fff86c3cfef libTIFF.dylib ??? (???) <AE9DC484-1382-F7AD-FE25-C28082FCB5D9> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib 0x7fff86c3d000 - 0x7fff86c4bff7 libkxld.dylib ??? (???) <4016E9E6-0645-5384-A697-2775B5228113> /usr/lib/system/libkxld.dylib 0x7fff86c4c000 - 0x7fff86c50ff7 libCGXType.A.dylib 545.0.0 (compatibility 64.0.0) <63F77AC8-84CB-0C2F-8D2B-190EE5CCDB45> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGXType.A.dylib 0x7fff86c51000 - 0x7fff86c60fff libxar.1.dylib ??? (???) <CBAF862A-3C77-6446-56C2-9C4461631AAF> /usr/lib/libxar.1.dylib 0x7fff86cbf000 - 0x7fff86d4efff com.apple.PDFKit 2.5.1 (2.5.1) <C0E3AE4B-E71A-16D8-0D51-FB7D3E3AD793> /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/PDFKit.framework/Versions/A/PDFKit 0x7fff86d4f000 - 0x7fff86d4fff7 com.apple.ApplicationServices 38 (38) <0E2FC75E-2BE2-D04D-CA78-76E38A89DD30> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices 0x7fff86d50000 - 0x7fff8712afff com.apple.RawCamera.bundle 3.4.1 (546) <F7865FD2-4869-AB19-10AA-EFF1B3BC4178> /System/Library/CoreServices/RawCamera.bundle/Contents/MacOS/RawCamera 0x7fff8712b000 - 0x7fff871dafff edu.mit.Kerberos 6.5.10 (6.5.10) <F3F76EDF-5660-78F0-FE6E-33B6174F55A4> /System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos 0x7fff8723c000 - 0x7fff872a8ff7 com.apple.CorePDF 1.3 (1.3) <6770FFB0-DEA0-61E0-3520-4B95CCF5D1CF> /System/Library/PrivateFrameworks/CorePDF.framework/Versions/A/CorePDF 0x7fff872a9000 - 0x7fff872a9ff7 com.apple.Carbon 150 (152) <19B37B7B-1594-AD0A-7F14-FA2F85AD7241> /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon 0x7fff872aa000 - 0x7fff872fbfef com.apple.HIServices 1.8.1 (???) <BE479ABF-3D27-A5C7-800E-3FFC1731767A> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices 0x7fff872fc000 - 0x7fff87312fef libbsm.0.dylib ??? (???) <0321D32C-9FE1-3919-E03E-2530A0C1191B> /usr/lib/libbsm.0.dylib 0x7fff87313000 - 0x7fff87392fe7 com.apple.audio.CoreAudio 3.2.6 (3.2.6) <1DD64A62-0DE4-223F-F781-B272FECF80F0> /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio 0x7fff87393000 - 0x7fff87394fff com.apple.MonitorPanelFramework 1.3.0 (1.3.0) <EC039008-5367-090D-51FD-EA4D2623671A> /System/Library/PrivateFrameworks/MonitorPanel.framework/Versions/A/MonitorPanel 0x7fff87395000 - 0x7fff873a9fff libGL.dylib ??? (???) <1EB1BD0F-C17F-55DF-B8B4-8E9CF99359D4> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib 0x7fff873aa000 - 0x7fff874d0fff com.apple.audio.toolbox.AudioToolbox 1.6.5 (1.6.5) <B51023BB-A5C9-3C65-268B-6B86B901BB2C> /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox 0x7fff874ec000 - 0x7fff874fefe7 libsasl2.2.dylib 3.15.0 (compatibility 3.0.0) <30FE378B-99FE-8C7C-06D0-A3AA0A0A70D4> /usr/lib/libsasl2.2.dylib 0x7fff87584000 - 0x7fff87624fff com.apple.LaunchServices 362.1 (362.1) <B4083624-2C88-0C4F-B047-40D3CC5B3325> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices 0x7fff878f8000 - 0x7fff87975fef libstdc++.6.dylib 7.9.0 (compatibility 7.0.0) <35ECA411-2C08-FD7D-11B1-1B7A04921A5C> /usr/lib/libstdc++.6.dylib 0x7fff87976000 - 0x7fff87981fff com.apple.corelocation 12.1 (12.1) <0B15767B-D752-7DA6-A8BB-5A1C9C39C5C8> /System/Library/Frameworks/CoreLocation.framework/Versions/A/CoreLocation 0x7fff87982000 - 0x7fff8798ffe7 libCSync.A.dylib 545.0.0 (compatibility 64.0.0) <397B9057-5CDF-3B19-4E61-9DFD49369375> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCSync.A.dylib 0x7fff879e0000 - 0x7fff87a42fe7 com.apple.datadetectorscore 2.0 (80.7) <C3A68083-AFB0-CFC6-8AA5-517C9D1489B6> /System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/DataDetectorsCore 0x7fff87a43000 - 0x7fff87a44ff7 com.apple.TrustEvaluationAgent 1.1 (1) <A91CE5B9-3C63-5F8C-5052-95CCAB866F72> /System/Library/PrivateFrameworks/TrustEvaluationAgent.framework/Versions/A/TrustEvaluationAgent 0x7fff87a45000 - 0x7fff87a5bfe7 com.apple.MultitouchSupport.framework 207.10 (207.10) <1828C264-A54A-7FDD-FE1B-49DDE3F50779> /System/Library/PrivateFrameworks/MultitouchSupport.framework/Versions/A/MultitouchSupport 0x7fff87a8c000 - 0x7fff87a8cff7 com.apple.Accelerate.vecLib 3.6 (vecLib 3.6) <4CCE5D69-F1B3-8FD3-1483-E0271DB2CCF3> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib 0x7fff87a8d000 - 0x7fff87b46fff libsqlite3.dylib 9.6.0 (compatibility 9.0.0) <2C5ED312-E646-9ADE-73A9-6199A2A43150> /usr/lib/libsqlite3.dylib 0x7fff87b47000 - 0x7fff87b5bff7 com.apple.speech.synthesis.framework 3.10.35 (3.10.35) <574C1BE0-5E5E-CCAF-06F8-92A69CB2892D> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis 0x7fff87b5c000 - 0x7fff87c84ff7 com.apple.MediaToolbox 0.484.20 (484.20) <628A7245-7ADE-AD47-3368-CF8EDCA6CC1C> /System/Library/PrivateFrameworks/MediaToolbox.framework/Versions/A/MediaToolbox 0x7fff87c85000 - 0x7fff87d11fef SecurityFoundation ??? (???) <6860DE26-0D42-D1E8-CD7C-5B42D78C1E1D> /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation 0x7fff87d12000 - 0x7fff87d5cff7 com.apple.Metadata 10.6.3 (507.12) <9231045A-E2E3-B0C2-C81A-92C9EA98A4DF> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata 0x7fff87d5d000 - 0x7fff87d63ff7 IOSurface ??? (???) <04EDCEDE-E36F-15F8-DC67-E61E149D2C9A> /System/Library/Frameworks/IOSurface.framework/Versions/A/IOSurface 0x7fff87d64000 - 0x7fff87d65fff liblangid.dylib ??? (???) <D0666597-B331-C43C-67BB-F2E754079A7A> /usr/lib/liblangid.dylib 0x7fff87d66000 - 0x7fff87d72fff libbz2.1.0.dylib 1.0.5 (compatibility 1.0.0) <ECA200F9-9C46-579A-6447-16B8BFB93D96> /usr/lib/libbz2.1.0.dylib 0x7fff87ec0000 - 0x7fff87f75fe7 com.apple.ink.framework 1.3.3 (107) <A68339AA-909D-E46C-35C0-72808EE3D043> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink 0x7fff87fb5000 - 0x7fff87fbeff7 com.apple.DisplayServicesFW 2.3.0 (283) <3D05929C-AB17-B8A4-DC81-87C27C59E664> /System/Library/PrivateFrameworks/DisplayServices.framework/Versions/A/DisplayServices 0x7fff87fbf000 - 0x7fff87fe0fff libresolv.9.dylib 41.0.0 (compatibility 1.0.0) <6993F348-428F-C97E-7A84-7BD2EDC46A62> /usr/lib/libresolv.9.dylib 0x7fff87fe1000 - 0x7fff88150fe7 com.apple.QTKit 7.6.6 (1756) <250AB242-816D-9F5D-94FB-18BF2AE9AAE7> /System/Library/Frameworks/QTKit.framework/Versions/A/QTKit 0x7fff88151000 - 0x7fff88176ff7 com.apple.CoreVideo 1.6.2 (45.6) <E138C8E7-3CB6-55A9-0A2C-B73FE63EA288> /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo 0x7fff8835b000 - 0x7fff88360ff7 com.apple.CommonPanels 1.2.4 (91) <8B088D78-E508-6622-E477-E34C22CF2F67> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/CommonPanels.framework/Versions/A/CommonPanels 0x7fff88361000 - 0x7fff88368fff com.apple.OpenDirectory 10.6 (10.6) <4200CFB0-DBA1-62B8-7C7C-91446D89551F> /System/Library/Frameworks/OpenDirectory.framework/Versions/A/OpenDirectory 0x7fff88369000 - 0x7fff8836cff7 com.apple.securityhi 4.0 (36638) <38935851-09E4-DDAB-DB1D-30ADC39F7ED0> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI 0x7fff8836d000 - 0x7fff883a6ff7 com.apple.MeshKit 1.1 (49.2) <B85DDDC7-4053-4DB8-E1B5-AA0CBD4CDD1C> /System/Library/PrivateFrameworks/MeshKit.framework/Versions/A/MeshKit 0x7fff883a7000 - 0x7fff883d6fff com.apple.quartzfilters 1.6.0 (1.6.0) <52D41730-D485-A7AE-4937-FE37FC732F65> /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuartzFilters.framework/Versions/A/QuartzFilters 0x7fff883d7000 - 0x7fff883fdfe7 libJPEG.dylib ??? (???) <6690F15D-E970-2678-430E-590A94F5C8E9> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib 0x7fff883fe000 - 0x7fff884bbff7 com.apple.CoreServices.OSServices 357 (357) <718F0719-DC9F-E392-7C64-9D7DFE3D02E2> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices 0x7fff884bc000 - 0x7fff88556fff com.apple.ApplicationServices.ATS 4.4 (???) <395849EE-244A-7323-6CBA-E71E3B722984> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS 0x7fff88747000 - 0x7fff88780fef libcups.2.dylib 2.8.0 (compatibility 2.0.0) <97F968EB-80ED-36FB-7819-D438B489E46E> /usr/lib/libcups.2.dylib 0x7fff88797000 - 0x7fff887e3fff libauto.dylib ??? (???) <F7221B46-DC4F-3153-CE61-7F52C8C293CF> /usr/lib/libauto.dylib 0x7fff887e4000 - 0x7fff8880fff7 libxslt.1.dylib 3.24.0 (compatibility 3.0.0) <6589F0FC-41DB-8494-CA8B-487F4E328EB9> /usr/lib/libxslt.1.dylib 0x7fff88810000 - 0x7fff88813ff7 libCoreVMClient.dylib ??? (???) <B1F41E5B-8B59-DB81-1654-C1F9B11E885F> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libCoreVMClient.dylib 0x7fff88814000 - 0x7fff88f1106f com.apple.CoreGraphics 1.545.0 (???) <356D59D6-1DD1-8BFF-F9B3-1CE51D2F1EC7> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics 0x7fff88f33000 - 0x7fff88f64fff libGLImage.dylib ??? (???) <57DA0064-4581-62B8-37A8-A07ADEF46EE2> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib 0x7fff88f65000 - 0x7fff88f8dfff com.apple.DictionaryServices 1.1.2 (1.1.2) <E9269069-93FA-2B71-F9BA-FDDD23C4A65E> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/DictionaryServices 0x7fff88fb6000 - 0x7fff88ff7ff7 com.apple.CoreMedia 0.484.20 (484.20) <42F3B74A-F886-33A0-40EE-8399B12BD32A> /System/Library/PrivateFrameworks/CoreMedia.framework/Versions/A/CoreMedia 0x7fff88ff8000 - 0x7fff8902dfef com.apple.framework.Apple80211 6.2.3 (623.1) <E58C0A3A-BA14-9703-F6A3-3951A862570C> /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Apple80211 0x7fff8902e000 - 0x7fff89145fef libxml2.2.dylib 10.3.0 (compatibility 10.0.0) <AFE91118-DBF3-6313-37B8-8A2002C6A46B> /usr/lib/libxml2.2.dylib 0x7fff89146000 - 0x7fff89166ff7 com.apple.DirectoryService.Framework 3.6 (621.9) <FF6567B5-56BD-F3EC-E59D-1EC583C3CF73> /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService 0x7fff89167000 - 0x7fff8916bff7 libmathCommon.A.dylib 315.0.0 (compatibility 1.0.0) <95718673-FEEE-B6ED-B127-BCDBDB60D4E5> /usr/lib/system/libmathCommon.A.dylib 0x7fffffe00000 - 0x7fffffe01fff libSystem.B.dylib ??? (???) <71E6D4C9-F945-6EC2-998C-D61AD590DAB6> /usr/lib/libSystem.B.dylib Model: MacBookPro7,1, BootROM MBP71.0039.B0B, 2 processors, Intel Core 2 Duo, 2.4 GHz, 4 GB, SMC 1.62f6 Graphics: NVIDIA GeForce 320M, NVIDIA GeForce 320M, PCI, 256 MB Memory Module: global_name AirPort: spairport_wireless_card_type_airport_extreme (0x14E4, 0x8D), Broadcom BCM43xx 1.0 (5.10.131.36.1) Bluetooth: Version 2.3.8f7, 2 service, 19 devices, 1 incoming serial ports Network Service: Ethernet, Ethernet, en0 Serial ATA Device: TOSHIBA MK2555GSXF, 232,89 GB Serial ATA Device: MATSHITADVD-R UJ-898 USB Device: Built-in iSight, 0x05ac (Apple Inc.), 0x8507, 0x24600000 USB Device: Internal Memory Card Reader, 0x05ac (Apple Inc.), 0x8403, 0x26100000 USB Device: Hub in Apple Pro Keyboard, 0x05ac (Apple Inc.), 0x1003, 0x06400000 USB Device: Optical USB Mouse, 0x046d (Logitech Inc.), 0xc016, 0x06420000 USB Device: Apple Pro Keyboard, 0x05ac (Apple Inc.), 0x020c, 0x06430000 USB Device: BRCM2046 Hub, 0x0a5c (Broadcom Corp.), 0x4500, 0x06600000 USB Device: Bluetooth USB Host Controller, 0x05ac (Apple Inc.), 0x8213, 0x06610000 USB Device: IR Receiver, 0x05ac (Apple Inc.), 0x8242, 0x06500000 USB Device: Apple Internal Keyboard / Trackpad, 0x05ac (Apple Inc.), 0x0237, 0x06300000

Attachments
Test-Case (689 bytes, text/html) 2010-11-23 02:17 PST, Martin Wittemann	no flags	Details
reduction (633 bytes, text/html) 2010-12-01 12:41 PST, Ryosuke Niwa	no flags	Details
fixes the crash (5.08 KB, patch) 2010-12-01 15:23 PST, Ryosuke Niwa	no flags	Details Formatted Diff Diff
demo for insertText case (957 bytes, text/html) 2010-12-02 17:11 PST, Ryosuke Niwa	no flags	Details
fixes the bug for good (13.88 KB, patch) 2010-12-03 00:46 PST, Ryosuke Niwa	darin: review+	Details Formatted Diff Diff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.

Ryosuke Niwa

Comment 1 2010-12-01 12:25:03 PST

Is this really a regression?

Ryosuke Niwa

Comment 2 2010-12-01 12:41:27 PST

Created attachment 75307 [details] reduction

Alexey Proskuryakov

Comment 3 2010-12-01 12:45:29 PST

Doesn't crash Safari 5.0.2.

Ryosuke Niwa

Comment 4 2010-12-01 13:14:28 PST

(In reply to comment #3) > Doesn't crash Safari 5.0.2. I see. Thanks for the clarification. The problem appears to be that the endingSelection() and form's selections are pointing at different nodes. Namely, in enabledDelete, selection returned by frame->editor()->selectionForCommand is pointing at new text node replaced by the input event handler ("b" in my reduced test case) but endingSelection used in TypingCommand::deleteKeyPressed is pointing at the old node ("a" in my reduced test case).

Ryosuke Niwa

Comment 5 2010-12-01 13:49:54 PST

The problem is that EditCommand::endingSelection() is just retrieving the stored value. We should update m_endingSelection or stop using it whenever we invoke the last edit command's m_endingSelection may be out of date.

Ryosuke Niwa

Comment 6 2010-12-01 15:14:55 PST

I'm not even sure if we should be using the last typing command if the selection has changed. It seems like we should create a new typing command. Consider the following case: 1. User type "hello " into input element, and delete the last space. 2. Script modifies it to "world" 3. User undo In this case, undo isn't even going to work.

Ryosuke Niwa

Comment 7 2010-12-01 15:23:03 PST

Created attachment 75328 [details] fixes the crash

Ryosuke Niwa

Comment 8 2010-12-01 15:27:51 PST

(In reply to comment #7) > Created an attachment (id=75328) [details] > fixes the crash I'm not sure if this is the correct fix for the problem because always updating the selection breaks undo. As I wrote on the previous comment, I feel like we should be closing the typing command when we're updating the selection in the event handler. However, setSelection is called before the typing command corresponding to InsertLineBreak concludes, and this prevents us from closing the type command because the command hasn't been added to the undo stack. Furthermore, in some cases, we need to let typing command and its child commands update selection without closing itself. Could someone familiar with typing command comment on this issue?

Darin Adler

Comment 9 2010-12-01 16:49:14 PST

Comment on attachment 75328 [details] fixes the crash View in context: https://bugs.webkit.org/attachment.cgi?id=75328&action=review I’m not sure this fix is quite right. It seems to me that a node involved in an editing operation might be removed for multiple reasons. Maybe there’s a better way to cope with it than changing the selection. > WebCore/editing/TypingCommand.cpp:97 > + VisibleSelection lastSelection = lastTypingCommand->endingSelection(); > + VisibleSelection currentSelection = frame->selection()->selection(); > + if (lastSelection != currentSelection) { I don’t think you need the lastSelection local here. Might read better without it.

Ryosuke Niwa

Comment 10 2010-12-01 18:30:22 PST

(In reply to comment #9) > I’m not sure this fix is quite right. It seems to me that a node involved in an editing operation might be removed for multiple reasons. Right. But because those changes happen in the event handler, there are basically two options: 1. Update the selection of the previous typing command 2. Start a new typing command; i.e. close the last typing command. But I'm not sure what is the correct timing to close the typing command if we chose option 2. I chose option 1 because there's already code that does very similar thing in TypingCommand::inputText. > > WebCore/editing/TypingCommand.cpp:97 > > + VisibleSelection lastSelection = lastTypingCommand->endingSelection(); > > + VisibleSelection currentSelection = frame->selection()->selection(); > > + if (lastSelection != currentSelection) { > > I don’t think you need the lastSelection local here. Might read better without it. Good point. Will fix later.

Ryosuke Niwa

Comment 11 2010-12-01 21:14:26 PST

The similar selection changes made in TypingCommand::insertText is made by http://trac.webkit.org/changeset/19313.

Ryosuke Niwa

Comment 12 2010-12-01 21:36:34 PST

(In reply to comment #11) > The similar selection changes made in TypingCommand::insertText is made by http://trac.webkit.org/changeset/19313. This change is addressing a slightly different issue though, which is to use the selection for insertion when it differs from what selection controller has. But I can't think of why this should ever be the case because we update the frame's selection after modifying form text control's selection range. Could someone tell me how this condition may arise?

Ryosuke Niwa

Comment 13 2010-12-02 17:11:53 PST

Created attachment 75438 [details] demo for insertText case The same problem exists for insertText as well, and here's a demo. We can fix this bug by the following change: Index: WebCore/editing/InsertTextCommand.h =================================================================== --- WebCore/editing/InsertTextCommand.h (revision 73113) +++ WebCore/editing/InsertTextCommand.h (working copy) @@ -54,6 +54,8 @@ bool performTrivialReplace(const String&, bool selectInsertedText); unsigned m_charactersAdded; + + friend class TypingCommand; }; } // namespace WebCore Index: WebCore/editing/TypingCommand.cpp =================================================================== --- WebCore/editing/TypingCommand.cpp (revision 73113) +++ WebCore/editing/TypingCommand.cpp (working copy) @@ -163,12 +163,12 @@ RefPtr<EditCommand> lastEditCommand = frame->editor()->lastEditCommand(); if (isOpenForMoreTypingCommand(lastEditCommand.get())) { TypingCommand* lastTypingCommand = static_cast<TypingCommand*>(lastEditCommand.get()); - if (changeSelection) { + if (lastTypingCommand->endingSelection() != selectionForInsertion) { lastTypingCommand->setStartingSelection(selectionForInsertion); lastTypingCommand->setEndingSelection(selectionForInsertion); } lastTypingCommand->insertText(newText, selectInsertedText); - if (changeSelection) { + if (lastTypingCommand->endingSelection() != selectionForInsertion) { lastTypingCommand->setEndingSelection(currentSelection); frame->selection()->setSelection(currentSelection); } @@ -371,6 +371,10 @@ command = InsertTextCommand::create(document()); applyCommandToComposite(command); } + if (endingSelection() != command->endingSelection()) { + command->setStartingSelection(endingSelection()); + command->setEndingSelection(endingSelection()); + } command->input(text, selectInsertedText); typingAddedToOpenCommand(InsertText); }

Ryosuke Niwa

Comment 14 2010-12-03 00:46:24 PST

Created attachment 75469 [details] fixes the bug for good

Darin Adler

Comment 15 2010-12-03 09:27:07 PST

Comment on attachment 75469 [details] fixes the bug for good Seems OK. It’s not good that the selection handling is so intimately tied in with the editing commands; at some point I think we can improve this greatly by refactoring and breaking the selection management away from the DOM mutation itself.

Ryosuke Niwa

Comment 16 2010-12-03 09:58:35 PST

(In reply to comment #15) > (From update of attachment 75469 [details]) > Seems OK. It’s not good that the selection handling is so intimately tied in with the editing commands; at some point I think we can improve this greatly by refactoring and breaking the selection management away from the DOM mutation itself. Yeah, we need a better way of managing position in editing commands instead of using selection. Ideally, we can make editing commands agnostic of what current selection is except when they're first instantiated.

Ryosuke Niwa

Comment 17 2010-12-03 10:56:57 PST

Thanks for the review, Darin. I'll be landing it shortly.

Ryosuke Niwa

Comment 18 2010-12-03 11:26:37 PST

Committed r73279: <http://trac.webkit.org/changeset/73279>

Note You need to log in before you can comment on or make changes to this bug.