[Webkit-unassigned] [Bug 10127] REGRESSION: Crash undoing delete in textarea

Wed Feb 14 20:32:22 PST 2007

http://bugs.webkit.org/show_bug.cgi?id=10127


------- Comment #10 from ddkilzer at webkit.org  2007-02-14 20:32 PDT -------
Yes, I am still able to reproduce using a local debug build of WebKit r19621
with Safari 2.0.4 (419.3) on Mac OS X 10.4.8 (8L127).  I will rebuild and try
with r19636 next.  Stack trace from r19621:

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_PROTECTION_FAILURE (0x0002) at 0x00000014

Thread 0 Crashed:
0   com.apple.WebCore           0x0162bd80
WebCore::Shared<WebCore::StringImpl>::ref() + 36 (Shared.h:41)
1   com.apple.WebCore           0x0162fbd8
WTF::RefPtr<WebCore::StringImpl>::RefPtr[in-charge](WTF::RefPtr<WebCore::StringImpl>
const&) + 80 (RefPtr.h:37)
2   com.apple.WebCore           0x01630fe8
WebCore::String::String[in-charge](WebCore::String const&) + 48
(PlatformString.h:51)
3   com.apple.WebCore           0x0164753c
WebCore::DocumentMarker::DocumentMarker[in-charge](WebCore::DocumentMarker
const&) + 104 (DocumentMarker.h:33)
4   com.apple.WebCore           0x011412cc
WebCore::Document::removeMarkers(WebCore::Node*, unsigned, int,
WebCore::DocumentMarker::MarkerType) + 320 (Document.cpp:2865)
5   com.apple.WebCore           0x012b4320
WebCore::CharacterData::deleteData(unsigned, unsigned, int&) + 388
(CharacterData.cpp:178)
6   com.apple.WebCore           0x01280b20
WebCore::InsertIntoTextNodeCommand::doUnapply() + 352
(InsertIntoTextNodeCommand.cpp:62)
7   com.apple.WebCore           0x0127a0c8 WebCore::EditCommand::unapply() +
276 (EditCommand.cpp:113)
8   com.apple.WebCore           0x0126fd94
WebCore::CompositeEditCommand::doUnapply() + 112 (CompositeEditCommand.cpp:78)
9   com.apple.WebCore           0x0127a0c8 WebCore::EditCommand::unapply() +
276 (EditCommand.cpp:113)
10  com.apple.WebCore           0x0126fd94
WebCore::CompositeEditCommand::doUnapply() + 112 (CompositeEditCommand.cpp:78)
11  com.apple.WebCore           0x0127a0c8 WebCore::EditCommand::unapply() +
276 (EditCommand.cpp:113)
12  com.apple.WebKit            0x003c5968 -[WebEditorUndoTarget undoEditing:]
+ 224 (WebEditorClient.mm:124)
13  com.apple.Foundation        0x929fd190 -[_NSUndoStack popAndInvoke] + 268
14  com.apple.Foundation        0x929fd034 -[NSUndoManager undoNestedGroup] +
328
15  com.apple.AppKit            0x937acc4c -[NSApplication sendAction:to:from:]
+ 108
16  com.apple.Safari            0x0002956c 0x1000 + 165228
17  com.apple.AppKit            0x938074b8 -[NSMenu
performActionForItemAtIndex:] + 392
18  com.apple.AppKit            0x9380723c -[NSCarbonMenuImpl
performActionWithHighlightingForItemAtIndex:] + 104
19  com.apple.AppKit            0x93806ce4 -[NSMenu performKeyEquivalent:] +
272
20  com.apple.AppKit            0x93806930 -[NSApplication
_handleKeyEquivalent:] + 328
21  com.apple.AppKit            0x93710408 -[NSApplication sendEvent:] + 2944
22  com.apple.Safari            0x00021238 0x1000 + 131640
23  com.apple.AppKit            0x93707d10 -[NSApplication run] + 508
24  com.apple.AppKit            0x937f887c NSApplicationMain + 452
25  com.apple.Safari            0x0005c77c 0x1000 + 374652
26  com.apple.Safari            0x0005c624 0x1000 + 374308


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.