[Webkit-unassigned] [Bug 30116] New: execCommand: NULL ptr ReadAV at chrome!WebCore::InsertLineBreakCommand::shouldUseBreakElement
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Oct 6 04:06:01 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=30116
Summary: execCommand: NULL ptr
ReadAV at chrome!WebCore::InsertLineBreakCommand::shouldU
seBreakElement
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Windows Vista
Status: NEW
Keywords: GoogleBug
Severity: Normal
Priority: P1
Component: HTML Editing
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: skylined at chromium.org
CC: eric at webkit.org
This HTML triggers a NULL pointer read access violation in Chromium ToT about
50% of the time, but does appear to affect Safari 4:
<HTML>
<BODY onload="go()"></BODY>
<SCRIPT>
function go() {
document.designMode = "on";
document.execCommand("SelectAll");
document.execCommand("InsertLineBreak");
document.execCommand("Indent");
document.execCommand("insertparagraph");
}
</SCRIPT>
</HTML>
Here's some potentially useful info:
Attempt to read from a NULL pointer (+0x1C), instruction:
6c96e2b7 8b411c mov eax,dword ptr [ecx+1Ch]
Registers:
eax=003ce9f8 ebx=ffffffff ecx=00000000 edx=00000000 esi=0496c900
edi=0496c900 esp=003ce9ec ebp=003cea08 eip=6c96e2b7
Stack:
ChildEBP RetAddr
003cea08 6c96e40d
chrome_6bed0000!WebCore::InsertLineBreakCommand::shouldUseBreakElement(class
WebCore::Position * insertionPos = 0x003ceb20)+0x17
003ceb30 6c6f8967
chrome_6bed0000!WebCore::InsertLineBreakCommand::doApply(void)+0x10d
003ceb40 6c8b66ec
chrome_6bed0000!WebCore::EditCommand::apply(void)+0x67
003ceb58 6c96fa9b
chrome_6bed0000!WebCore::CompositeEditCommand::applyCommandToComposite(class
WTF::PassRefPtr<WebCore::EditCommand> cmd = class
WTF::PassRefPtr<WebCore::EditCommand>)+0x1c
003cec58 6c6f8967
chrome_6bed0000!WebCore::InsertParagraphSeparatorCommand::doApply(void)+0xb6b
003cec68 6c8b66ec
chrome_6bed0000!WebCore::EditCommand::apply(void)+0x67
003cec80 6c875b72
chrome_6bed0000!WebCore::CompositeEditCommand::applyCommandToComposite(class
WTF::PassRefPtr<WebCore::EditCommand> cmd = class
WTF::PassRefPtr<WebCore::EditCommand>)+0x1c
003cec90 6c6f8967
chrome_6bed0000!WebCore::TypingCommand::insertParagraphSeparator(void)+0x32
003ceca0 6c6f8c7e
chrome_6bed0000!WebCore::EditCommand::apply(void)+0x67
003cecac 6c8777f7 chrome_6bed0000!WebCore::applyCommand(class
WTF::PassRefPtr<WebCore::EditCommand> command = class
WTF::PassRefPtr<WebCore::EditCommand>)+0xe
003cecc0 6c6f8fb1
chrome_6bed0000!WebCore::TypingCommand::insertParagraphSeparator(class
WebCore::Document * document = 0x00f52d40)+0x77
003ceccc 6c6fa310
chrome_6bed0000!WebCore::executeInsertParagraph(class WebCore::Frame * frame =
0x0152a000, class WebCore::Event * __formal = 0x00000000,
WebCore::EditorCommandSource __formal = CommandFromDOM (1), class
WebCore::String * __formal = 0x003ced48)+0x11
003cecec 6c67ba17
chrome_6bed0000!WebCore::Editor::Command::execute(class WebCore::String *
parameter = 0x003ced48, class WebCore::Event * triggeringEvent =
0x00000000)+0x90
003ced14 6c739da8
chrome_6bed0000!WebCore::Document::execCommand(class WebCore::String *
commandName = 0x003ced38, bool userInterface = false, class WebCore::String *
value = 0x003ced48)+0x57
003ced3c 6c429a88
chrome_6bed0000!WebCore::DocumentInternal::execCommandCallback(class
v8::Arguments * args = 0x0469d2e0)+0xe8
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list