Go to: http://bennolan.com/articles/2007/01/24/moon-lander-using-the-canvas-tag Try pressing the arrow keys and/or reloading the page. The current WebKit build (19136) will crash.
Created attachment 12684 [details] the crash log
Confirmed with r19158. 0 WebCore::Node::renderer() const + 20 (Node.h:322) 1 WebCore::SelectionController::xPosForVerticalArrowNavigation(WebCore::SelectionController::EPositionType, bool) const + 644 (SelectionController.cpp:657) 2 WebCore::SelectionController::modifyMovingLeftBackward(WebCore::TextGranularity) + 796 (SelectionController.cpp:386) 3 WebCore::SelectionController::modify(WebCore::SelectionController::EAlteration, WebCore::SelectionController::EDirection, WebCore::TextGranularity, bool) + 600 (SelectionController.cpp:491) 4 WebCore::SelectionController::modify(WebCore::SelectionController::EAlteration, WebCore::SelectionController::EDirection, WebCore::TextGranularity, bool) + 132 (SelectionController.cpp:466) 5 WebCore::execMoveUp(WebCore::Frame*) + 60 (Editor.cpp:920) 6 WebCore::Editor::execCommand(WebCore::String const&) + 280 (Editor.cpp:1167) 7 -[WebHTMLView moveUp:] + 144 (WebHTMLView.mm:3587) 8 -[WebHTMLView(WebNSTextInputSupport) doCommandBySelector:] + 300 (WebHTMLView.mm:5471) 9 -[NSKeyBindingManager(NSKeyBindingManager_MultiClients) interpretEventAsCommand:forClient:] + 1700
<rdar://problem/4960116>
I can't reproduce this in r19216.
I can reproduce this with r19208 (debug) and r19216 (release). I loaded the page, clicked in the canvas area, and mashed the arrow keys for a few seconds. It worked first time in the debug build and second time in release build, so it may not be completely simple to reproduce.
To repro reliably with r19136 you must load the URL while Safari is the active application. Wait for the page to load, then press one of the arrow keys. I can't reproduce with the latest nightly (r19418+). Closing.
This still reproduces very easily with r19445. Steps as follows: 1. Load http://bennolan.com/articles/2007/01/24/moon-lander-using-the-canvas-tag and wait for it to complete. 2. Hit reload. 3. As the page loads, click in the white space where the canvas element will appear. 4. Press and hold the down arrow key.
Created attachment 13039 [details] Reduction of this case down to the game I couldn't get it to automatically trigger the bug, so I suspect the down arrow is holding up some event queue and colliding with some other code.
Reduction attached! woot!
Fixed in r19543.