Summary: | [Gtk] Segfault when examining an object of ROLE_TABLE via at-spi | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Joanmarie Diggs <jdiggs> | ||||||
Component: | Accessibility | Assignee: | Nobody <webkit-unassigned> | ||||||
Status: | VERIFIED FIXED | ||||||||
Severity: | Major | CC: | apinheiro, walker.willie, xan.lopez | ||||||
Priority: | P2 | Keywords: | Gtk | ||||||
Version: | 528+ (Nightly build) | ||||||||
Hardware: | PC | ||||||||
OS: | Linux | ||||||||
Bug Depends on: | |||||||||
Bug Blocks: | 25531 | ||||||||
Attachments: |
|
Created attachment 33079 [details]
fixcrash.patch
Fix the crash.
Verifying. Thanks! |
Created attachment 32479 [details] Screenshot of Epiphany + Accerciser Steps to reproduce: 1. Launch Epiphany and Accerciser. 2. Perform a search in Google (e.g. 'webkit'). 3. In the search results page there should be an accessible of ROLE_TABLE. Locate it in the hierarchy in the tree of Accessibles (see attached screenshot). 4. Attempt to expand the accessible of ROLE_TABLE to see its children. Expected results: Epiphany wouldn't segfault Actual results: Epiphany segfaults (see below). I am using the current Epiphany and the current WebKit each from git and can reproduce this problem reliably. ~~~~~~ Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb7380760 (LWP 18812)] 0x0174c290 in webkit_accessible_get_role () from /usr/lib/libwebkit-1.0.so.2 Current language: auto; currently asm (gdb) thread apply all bt Thread 1 (Thread 0xb7380760 (LWP 18812)): #0 0x0174c290 in webkit_accessible_get_role () from /usr/lib/libwebkit-1.0.so.2 #1 0x0011b26b in atk_object_get_role () from /usr/lib/libatk-1.0.so.0 #2 0x05b952d6 in impl_accessibility_accessible_get_role_name ( servant=0xa3e41c4, ev=0xbf8dcb4c) at accessible.c:415 #3 0x05b918c6 in _ORBIT_skel_small_Accessibility_Accessible_getRoleName ( _o_servant=0xa3e41c4, _o_retval=0xbf8dc9a0, _o_args=0x0, _o_ctx=0xbf8dca38, _o_ev=0xbf8dcb4c, _impl_getRoleName=0x5b952b0 <impl_accessibility_accessible_get_role_name>) at Accessibility-common.c:136 #4 0x006ec537 in ?? () from /usr/lib/libORBit-2.so.0 #5 0x006f2b45 in ORBit_OAObject_invoke () from /usr/lib/libORBit-2.so.0 #6 0x006dee63 in ORBit_small_invoke_adaptor () from /usr/lib/libORBit-2.so.0 #7 0x006f0649 in ?? () from /usr/lib/libORBit-2.so.0 #8 0x006f0d22 in ?? () from /usr/lib/libORBit-2.so.0 #9 0x006f0ed9 in ?? () from /usr/lib/libORBit-2.so.0 #10 0x006f2f92 in ORBit_handle_request () from /usr/lib/libORBit-2.so.0 #11 0x006db155 in giop_connection_handle_input () from /usr/lib/libORBit-2.so.0 #12 0x006fa743 in ?? () from /usr/lib/libORBit-2.so.0 #13 0x006fd016 in ?? () from /usr/lib/libORBit-2.so.0 #14 0x005dabc8 in IA__g_main_context_dispatch (context=0x9d2d688) at /build/buildd/glib2.0-2.21.3/glib/gmain.c:1960 #15 0x005de470 in g_main_context_iterate (context=0x9d2d688, block=<value optimized out>, dispatch=1, self=0x9cfb470) at /build/buildd/glib2.0-2.21.3/glib/gmain.c:2591 #16 0x005de8df in IA__g_main_loop_run (loop=0x9d72d20) at /build/buildd/glib2.0-2.21.3/glib/gmain.c:2799 #17 0x066f2619 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0 #18 0x0806f02f in main (argc=1, argv=0xbf8ddf84) at ephy-main.c:781