Bug 46237

Summary: Crash due to bad cast in AXObjectCacheChromium.cpp
Product: WebKit Reporter: Chris Guillory <ctguil>
Component: AccessibilityAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Major CC: atwilson, commit-queue, dglazkov, webkit.review.bot
Priority: P1    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: OS X 10.5   
Attachments:
Description Flags
Move accessibility functions from ChromeClientChromium to ChromeClient none

Chris Guillory
Reported 2010-09-21 18:33:59 PDT
Chromium bug: http://code.google.com/p/chromium/issues/detail?id=56473 toChromeClientChromium in WebCore\accessibility\chromium\AXObjectCacheChromium.cpp is incorrectly casting a WebCore::SVGImageChromeClient to a WebCore::ChromeClientChromium This crashes when AXObjectCache::postPlatformNotification tries to call virtual method postAccessibilityNotification on a ChromeClientChromium.
Attachments
Move accessibility functions from ChromeClientChromium to ChromeClient (4.60 KB, patch)
2010-09-21 19:25 PDT, Chris Guillory 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Guillory
Comment 1 2010-09-21 19:25:11 PDT
Created attachment 68327 [details] Move accessibility functions from ChromeClientChromium to ChromeClient
WebKit Review Bot
Comment 2 2010-09-21 19:30:29 PDT
Attachment 68327 [details] did not pass style-queue: Failed to run "['WebKitTools/Scripts/check-webkit-style']" exit_code: 1 WebCore/page/ChromeClient.h:50: Code inside a namespace should not be indented. [whitespace/indent] [4] Total errors found: 1 in 3 files If any of these errors are false positives, please file a bug against check-webkit-style.
chris fleizach
Comment 3 2010-09-21 23:57:51 PDT
Comment on attachment 68327 [details] Move accessibility functions from ChromeClientChromium to ChromeClient r=me
WebKit Commit Bot
Comment 4 2010-09-22 01:59:05 PDT
Comment on attachment 68327 [details] Move accessibility functions from ChromeClientChromium to ChromeClient Clearing flags on attachment: 68327 Committed r68031: <http://trac.webkit.org/changeset/68031>
WebKit Commit Bot
Comment 5 2010-09-22 01:59:09 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.