18218 2008-03-30 09:16:36 -0700 [Gtk] segfault when clicking on a disabled button 2008-04-18 04:16:15 -0700 1 1 1 Unclassified WebKit WebKitGTK 528+ (Nightly build) PC Linux RESOLVED FIXED Gtk P2 Normal --- 1 islandofcalmness webkit-unassigned alp jchaffraix jmalonzo zuh oldest_to_newest 75824 0 islandofcalmness 2008-03-30 09:16:36 -0700 Webkit segfaults when clicking on a disabled button. This only happens when the disabled button is on the first page loaded by the engine AND is the first thing clicked on. So, for example, if I start GtkLauncher with a test-file and click the button, it crashes, but it doesn't crash if I click somewhere else on the page first. 75825 1 20212 islandofcalmness 2008-03-30 09:17:59 -0700 Created attachment 20212 test file for bug 76727 2 jchaffraix 2008-04-09 08:56:08 -0700 Confirmed on ToT. The cause is in webkit_web_view_button_release_event (webkitwebview.cpp) when focusFrame is null. There is no null check so we call one of focusFrame's methods which results in a crash. 77443 3 20511 jmalonzo 2008-04-13 19:30:34 -0700 Created attachment 20511 Add a null check before using the focused frame The patch checks for a null focusedFrame before calling the event handler. Thanks jchaffraix for the hint. 77906 4 zuh 2008-04-17 04:02:12 -0700 Apparently this bug is also an issue with having a "mousedown" event handler that calls event.preventDefault(). I tested Jan's patch, and it fixes things for both cases. 78084 5 20511 alp 2008-04-18 04:01:31 -0700 Comment on attachment 20511 Add a null check before using the focused frame r- The correct fix is to use the main frame for mouse events since it has the logic to bubble the event to the correct owner. I'll take care of this one. 78085 6 alp 2008-04-18 04:16:15 -0700 (Different) fix landed in r32203. Thanks for tracking this issue Jan! 20212 2008-03-30 09:17:59 -0700 2008-03-30 09:17:59 -0700 test file for bug crash_test.html text/html 32 islandofcalmness PGJ1dHRvbiBkaXNhYmxlZD5jcmFzaDwvYnV0dG9uPgo= 20511 2008-04-13 19:30:34 -0700 2008-04-18 04:01:31 -0700 Add a null check before using the focused frame webkitgtk-nullcheck-focusedframe.patch text/plain 1302 jmalonzo ZGlmZiAtLWdpdCBhL1dlYktpdC9ndGsvQ2hhbmdlTG9nIGIvV2ViS2l0L2d0ay9DaGFuZ2VMb2cK aW5kZXggZThmYTZhMC4uMzBiYTk2YiAxMDA2NDQKLS0tIGEvV2ViS2l0L2d0ay9DaGFuZ2VMb2cK KysrIGIvV2ViS2l0L2d0ay9DaGFuZ2VMb2cKQEAgLTEsMyArMSwxMyBAQAorMjAwOC0wNC0xMyAg SmFuIE1pY2hhZWwgQWxvbnpvICA8am1hbG9uem9AdW5wbHVnZ2FibGUuY29tPgorCisgICAgICAg IFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIGh0dHA6Ly9idWdzLndlYmtp dC5vcmcvc2hvd19idWcuY2dpP2lkPTE4MjE4CisgICAgICAgIFtHdGtdIHNlZ2ZhdWx0IHdoZW4g Y2xpY2tpbmcgb24gYSBkaXNhYmxlZCBidXR0b24KKworICAgICAgICAqIHdlYmtpdC93ZWJraXR3 ZWJ2aWV3LmNwcDogY2hlY2sgZm9yIGEgbnVsbCBmcmFtZSBiZWZvcmUgY2FsbGluZworICAgICAg ICB0aGUgZXZlbnQgaGFuZGxlcgorCiAyMDA4LTA0LTEwICBNYXJpbyBCZW5zaSAgPG1iZW5zaUBw bGV5by5jb20+CiAKICAgICAgICAgUmV2aWV3ZWQgYnkgQWxwIFRva2VyLgpkaWZmIC0tZ2l0IGEv V2ViS2l0L2d0ay93ZWJraXQvd2Via2l0d2Vidmlldy5jcHAgYi9XZWJLaXQvZ3RrL3dlYmtpdC93 ZWJraXR3ZWJ2aWV3LmNwcAppbmRleCBjZDlkZGZjLi4zNTk1OTljIDEwMDY0NAotLS0gYS9XZWJL aXQvZ3RrL3dlYmtpdC93ZWJraXR3ZWJ2aWV3LmNwcAorKysgYi9XZWJLaXQvZ3RrL3dlYmtpdC93 ZWJraXR3ZWJ2aWV3LmNwcApAQCAtMzQ3LDcgKzM0NywxMCBAQCBzdGF0aWMgZ2Jvb2xlYW4gd2Vi a2l0X3dlYl92aWV3X2J1dHRvbl9yZWxlYXNlX2V2ZW50KEd0a1dpZGdldCogd2lkZ2V0LCBHZGtF dmVudAogICAgIFdlYktpdFdlYlZpZXdQcml2YXRlKiBwcml2ID0gd2ViVmlldy0+cHJpdjsKICAg ICBGcmFtZSogZm9jdXNlZEZyYW1lID0gY29yZSh3ZWJWaWV3KS0+Zm9jdXNDb250cm9sbGVyKCkt PmZvY3VzZWRGcmFtZSgpOwogCi0gICAgaWYgKGZvY3VzZWRGcmFtZSAmJiBmb2N1c2VkRnJhbWUt PmVkaXRvcigpLT5jYW5FZGl0KCkpIHsKKyAgICBpZiAoIWZvY3VzZWRGcmFtZSkKKyAgICAgICAg cmV0dXJuIEZBTFNFOworCisgICAgaWYgKGZvY3VzZWRGcmFtZS0+ZWRpdG9yKCktPmNhbkVkaXQo KSkgewogICAgICAgICBHZGtXaW5kb3cqIHdpbmRvdyA9IGd0a193aWRnZXRfZ2V0X3BhcmVudF93 aW5kb3cod2lkZ2V0KTsKICAgICAgICAgZ3RrX2ltX2NvbnRleHRfc2V0X2NsaWVudF93aW5kb3co cHJpdi0+aW1Db250ZXh0LCB3aW5kb3cpOwogI2lmZGVmIE1BRU1PX0NIQU5HRVMK