Summary: | Safari 2.0 crashes on an accesskey associated with a button | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Joost de Valk (AlthA) <joost> | ||||||||||
Component: | Forms | Assignee: | Dave Hyatt <hyatt> | ||||||||||
Status: | VERIFIED FIXED | ||||||||||||
Severity: | Normal | CC: | andersca, speno | ||||||||||
Priority: | P1 | ||||||||||||
Version: | 412 | ||||||||||||
Hardware: | Mac | ||||||||||||
OS: | OS X 10.4 | ||||||||||||
Attachments: |
|
Description
Joost de Valk (AlthA)
2005-06-10 01:00:49 PDT
Created attachment 2206 [details]
testcase
Created attachment 2207 [details]
Improved testcase
spell error Ctrl-n instead of Ctrl-h
The problem here is if (renderer() && (widget = static_cast<RenderWidget *>(renderer())->widget())) { since the renderer associated with a HTMLButtonElementImpl is a RenderBlock element (since button elements aren't widget elements. Thus widget becomes an invalid value and that's the reason for the crash. Created attachment 2208 [details]
Crash report
Created attachment 2210 [details]
Fix
This fixes the segfault
I can confirm that the patch works, the accesskey now enables the action on the button. *** Bug 3413 has been marked as a duplicate of this bug. *** Apple Bug: <rdar://problem/4117035> Comment on attachment 2210 [details]
Fix
Good fix. It's very strange that this code, appropriate for <input
type=button>, was put here inside the <button> element implementation.
I prefer to completely eliminate the HTMLButtonElementImpl::click function,
however, rather than simply removing its "guts". So ideally someone landing
this would go that extra step.
I can confirmed this has been fixed on TOT WebKit (checked out 6/18). Reporter, mark this bug as Verified after you have tested with the latest TOT Webkit. Tested with TOT and fix verified. Thx ppl :) There was a Radar report of this as <rdar://problem/4117035> (In reply to comment #12) > There was a Radar report of this as <rdar://problem/4117035> ------- Additional Comment #8 From Chris Petersen 2005-06-10 16:32 PST [reply] ------- Apple Bug: <rdar://problem/4117035> doh :) if i'd have access i'd close it for you guys, but i guess you have to do that yourselves :) Reopening to put it on verified fixed. Closed fixed is the next state, it will reach this state when this bug gets fixed in a released version of Safari. |