Bug 199126 - Nullptr crash in DeleteSelectionCommand::handleGeneralDelete
Summary: Nullptr crash in DeleteSelectionCommand::handleGeneralDelete
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: HTML Editing (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Ryosuke Niwa
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2019-06-21 19:28 PDT by Ryosuke Niwa
Modified: 2019-06-21 21:05 PDT (History)
3 users (show)

See Also:


Attachments
Fixes the crash (2.74 KB, patch)
2019-06-21 19:31 PDT, Ryosuke Niwa
wenson_hsieh: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ryosuke Niwa 2019-06-21 19:28:15 PDT
e.g.

0   WebCore                       	0x00000001bdd37420 WebCore::DeleteSelectionCommand::handleGeneralDelete() + 2348 (Node.h:595)
1   WebCore                       	0x00000001bdd36fbc WebCore::DeleteSelectionCommand::handleGeneralDelete() + 1224 (DeleteSelectionCommand.cpp:593)
2   WebCore                       	0x00000001bdd3993c WebCore::DeleteSelectionCommand::doApply() + 1228 (DeleteSelectionCommand.cpp:926)
3   WebCore                       	0x00000001bdd26ca0 WebCore::CompositeEditCommand::applyCommandToComposite(WTF::Ref<WebCore::EditCommand, WTF::DumbPtrTraits<WebCore::EditCommand> >&&) + 68 (CompositeEditCommand.cpp:463)
4   WebCore                       	0x00000001bdd28754 WebCore::CompositeEditCommand::deleteSelection(WebCore::VisibleSelection const&, bool, bool, bool, bool, bool) + 128 (CompositeEditCommand.cpp:855)
5   WebCore                       	0x00000001bdda5d78 WebCore::TypingCommand::deleteKeyPressed(WebCore::TextGranularity, bool) + 3284 (TypingCommand.cpp:763)
6   WebCore                       	0x00000001bdd26914 WebCore::CompositeEditCommand::apply() + 304 (CompositeEditCommand.cpp:372)
7   WebCore                       	0x00000001bdda4da8 WebCore::TypingCommand::deleteKeyPressed(WebCore::Document&, unsigned int, WebCore::TextGranularity) + 104 (TypingCommand.cpp:196)
8   WebCore                       	0x00000001bdd4e808 WebCore::Editor::deleteWithDirection(WebCore::SelectionDirection, WebCore::TextGranularity, bool, bool) + 480 (Editor.cpp:0)
9   WebCore                       	0x00000001bdd73a7c WebCore::executeDeleteBackward(WebCore::Frame&, WebCore::Event*, WebCore::EditorCommandSource, WTF::String const&) + 36 (EditorCommand.cpp:309)
10  WebCore                       	0x00000001bdd56b78 WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const + 332 (EditorCommand.cpp:1852)
11  WebKit                        	0x00000001b0ecc4cc WebKit::WebPage::executeEditingCommand(WTF::String const&, WTF::String const&) + 120 (WebPage.cpp:1240)
12  WebKit                        	0x00000001b0eebf4c void IPC::handleMessage<Messages::WebPage::ExecuteEditCommand, WebKit::WebPage, void (WebKit::WebPage::*)(WTF::String const&, WTF::String const&)>(IPC::Decoder&, WebKit::WebPage*, void (WebKit::WebPage::*)(WTF::String const&, WTF::String const&)) + 116 (HandleMessage.h:41)

<rdar://problem/51161612>
Comment 1 Ryosuke Niwa 2019-06-21 19:31:36 PDT
Created attachment 372669 [details]
Fixes the crash
Comment 2 Megan Gardner 2019-06-21 19:36:48 PDT
Comment on attachment 372669 [details]
Fixes the crash

R+ as well.
Comment 3 Ryosuke Niwa 2019-06-21 19:44:28 PDT
Waiting for EWS...
Comment 4 Ryosuke Niwa 2019-06-21 21:04:25 PDT
Committed r246706: <https://trac.webkit.org/changeset/246706>
Comment 5 Radar WebKit Bug Importer 2019-06-21 21:05:39 PDT
<rdar://problem/52012691>