[Webkit-unassigned] [Bug 131539] New: REGRESSION: Crash in WebCore::TextIterator::range()

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Apr 11 08:29:26 PDT 2014 

https://bugs.webkit.org/show_bug.cgi?id=131539

           Summary: REGRESSION: Crash in WebCore::TextIterator::range()
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh Intel
        OS/Version: Mac OS X 10.9
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore JavaScript
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: rex_4539 at yahoo.com


Created an attachment (id=229132)
 --> (https://bugs.webkit.org/attachment.cgi?id=229132&action=review)
Crash log

r167020

Reproducibility: often

Steps:
Start typing inside a text field and make some typos.

What happened:
Auto-correction kicks in and WebKit crashes.

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.WebCore                 0x0000000112a88191 WebCore::TextIterator::range() const + 49
1   com.apple.WebCore                 0x0000000112a88f7e WebCore::CharacterIterator::range() const + 30
2   com.apple.WebCore                 0x0000000112a89b5f WebCore::characterSubrange(WebCore::CharacterIterator&, int, int) + 47
3   com.apple.WebCore                 0x0000000112a89b06 WebCore::TextIterator::subrange(WebCore::Range*, int, int) + 134
4   com.apple.WebCore                 0x0000000111db68da WebCore::AlternativeTextController::applyAlternativeTextToRange(WebCore::Range const*, WTF::String const&, WebCore::AlternativeTextType, WTF::Vector<WebCore::DocumentMarker::MarkerType, 0ul, WTF::CrashOnOverflow> const&) + 1754
5   com.apple.WebCore                 0x0000000111db5e4f WebCore::AlternativeTextController::handleAlternativeTextUIResult(WTF::String const&) + 703
6   com.apple.WebCore                 0x0000000111db6c12 WebCore::AlternativeTextController::applyAutocorrectionBeforeTypingIfAppropriate() + 386
7   com.apple.WebCore                 0x000000011200eeaf WebCore::Editor::insertTextWithoutSendingTextEvent(WTF::String const&, bool, WebCore::TextEvent*) + 447
8   com.apple.WebCore                 0x000000011200e48c WebCore::Editor::handleTextEvent(WebCore::TextEvent*) + 204
9   com.apple.WebCore                 0x0000000112043dd8 WebCore::EventHandler::defaultTextInputEventHandler(WebCore::TextEvent*) + 24
10  com.apple.WebCore                 0x00000001126f95d9 WebCore::Node::defaultEventHandler(WebCore::Event*) + 473
11  com.apple.WebCore                 0x0000000112153bed WebCore::HTMLInputElement::defaultEventHandler(WebCore::Event*) + 765
12  com.apple.WebCore                 0x0000000112037b21 WebCore::EventDispatcher::dispatchEvent(WebCore::Node*, WTF::PassRefPtr<WebCore::Event>) + 1553
13  com.apple.WebCore                 0x00000001126f8f5d WebCore::Node::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 29
14  com.apple.WebCore                 0x000000011204cddf WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&) + 127
15  com.apple.WebCore                 0x0000000112043c6a WebCore::EventHandler::handleTextInputEvent(WTF::String const&, WebCore::Event*, WebCore::TextEventInputType) + 282
16  com.apple.WebCore                 0x0000000112013765 WebCore::Editor::insertText(WTF::String const&, WebCore::Event*) + 21
17  com.apple.WebKit2                 0x0000000111414790 WebKit::WebPage::executeKeypressCommandsInternal(WTF::Vector<WebCore::KeypressCommand, 0ul, WTF::CrashOnOverflow> const&, WebCore::KeyboardEvent*) + 222
18  com.apple.WebKit2                 0x0000000111415084 WebKit::WebPage::handleEditingKeyboardEvent(WebCore::KeyboardEvent*) + 386
19  com.apple.WebKit2                 0x00000001113d6bca WebKit::WebEditorClient::handleKeyboardEvent(WebCore::KeyboardEvent*) + 18
20  com.apple.WebCore                 0x00000001120433f8 WebCore::EventHandler::defaultKeyboardEventHandler(WebCore::KeyboardEvent*) + 472
21  com.apple.WebCore                 0x00000001126f9519 WebCore::Node::defaultEventHandler(WebCore::Event*) + 281
22  com.apple.WebCore                 0x00000001121539d4 WebCore::HTMLInputElement::defaultEventHandler(WebCore::Event*) + 228
23  com.apple.WebCore                 0x0000000112037b21 WebCore::EventDispatcher::dispatchEvent(WebCore::Node*, WTF::PassRefPtr<WebCore::Event>) + 1553
24  com.apple.WebCore                 0x00000001126f8f5d WebCore::Node::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) + 29
25  com.apple.WebCore                 0x000000011204cddf WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, int&) + 127
26  com.apple.WebCore                 0x0000000112042e80 WebCore::EventHandler::keyEvent(WebCore::PlatformKeyboardEvent const&) + 1968
27  com.apple.WebCore                 0x0000000112abee47 WebCore::UserInputBridge::handleKeyEvent(WebCore::PlatformKeyboardEvent const&, WebCore::InputSource) + 375
28  com.apple.WebKit2                 0x000000011140790a WebKit::handleKeyEvent(WebKit::WebKeyboardEvent const&, WebCore::Page*) + 113
29  com.apple.WebKit2                 0x0000000111407850 WebKit::WebPage::keyEvent(WebKit::WebKeyboardEvent const&) + 56
30  com.apple.WebKit2                 0x000000011141c689 void IPC::handleMessage<Messages::WebPage::KeyEvent, WebKit::WebPage, void (WebKit::WebPage::*)(WebKit::WebKeyboardEvent const&)>(IPC::MessageDecoder&, WebKit::WebPage*, void (WebKit::WebPage::*)(WebKit::WebKeyboardEvent const&)) + 83
31  com.apple.WebKit2                 0x0000000111419f49 WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection*, IPC::MessageDecoder&) + 1197
32  com.apple.WebKit2                 0x0000000111323fe3 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection*, IPC::MessageDecoder&) + 125
33  com.apple.WebKit2                 0x000000011146174e WebKit::WebProcess::didReceiveMessage(IPC::Connection*, IPC::MessageDecoder&) + 28
34  com.apple.WebKit2                 0x00000001112d07ee IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >) + 94
35  com.apple.WebKit2                 0x00000001112d285a IPC::Connection::dispatchOneMessage() + 106
36  com.apple.JavaScriptCore          0x0000000111bd1085 WTF::RunLoop::performWork() + 421
37  com.apple.JavaScriptCore          0x0000000111bd1762 WTF::RunLoop::performWork(void*) + 34
38  com.apple.CoreFoundation          0x00007fff8bfdc661 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
39  com.apple.CoreFoundation          0x00007fff8bfcdd12 __CFRunLoopDoSources0 + 242
40  com.apple.CoreFoundation          0x00007fff8bfcd49f __CFRunLoopRun + 831
41  com.apple.CoreFoundation          0x00007fff8bfccf25 CFRunLoopRunSpecific + 309
42  com.apple.HIToolbox               0x00007fff9311ca0d RunCurrentEventLoopInMode + 226
43  com.apple.HIToolbox               0x00007fff9311c7b7 ReceiveNextEventCommon + 479
44  com.apple.HIToolbox               0x00007fff9311c5bc _BlockUntilNextEventMatchingListInModeWithFilter + 65
45  com.apple.AppKit                  0x00007fff9453126e _DPSNextEvent + 1434
46  com.apple.AppKit                  0x00007fff945308bb -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 122
47  com.apple.AppKit                  0x00007fff945249bc -[NSApplication run] + 553
48  com.apple.AppKit                  0x00007fff9450f7a3 NSApplicationMain + 940
49  com.apple.XPCService              0x00007fff8e2d1c0f _xpc_main + 385
50  libxpc.dylib                      0x00007fff91447bde xpc_main + 399
51  com.apple.WebKit.WebContent.Development    0x000000010de746a0 main + 16
52  libdyld.dylib                     0x00007fff8d9d95fd start + 1

Expected result:
WebKit does not crash.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list