Bug 46822

Summary: [GTK] editing/selection/selection-modify-crash.html crashes when run in Xvfb
Product: WebKit Reporter: Martin Robinson <mrobinson>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: cfleizach, mario
Priority: P3 Keywords: Gtk
Version: 528+ (Nightly build)   
Hardware: PC   
OS: Linux   
Attachments:
Description Flags
Patch for this issue cfleizach: review+

Martin Robinson
Reported 2010-09-29 10:46:30 PDT
This is the crashing section of code: AccessibilityObject* objectAndOffsetUnignored(AccessibilityObject* coreObject, int& offset, bool ignoreLinks) { Node* endNode = static_cast<AccessibilityRenderObject*>(coreObject)->renderer()->node(); int endOffset = coreObject->selection().end().computeOffsetInContainerNode(); // Indication that something bogus has transpired. offset = -1; AccessibilityObject* realObject = coreObject; if (realObject->accessibilityIsIgnored()) realObject = realObject->parentObjectUnignored(); if (ignoreLinks && realObject->isLink()) <------- Guilty line realObject = realObject->parentObjectUnignored(); [...] } The issue here is that parentObjectUnignored may return null, particularly in the case that the AccessibilityObject is a WebArea.
Attachments
Patch for this issue (4.56 KB, patch)
2010-09-29 10:50 PDT, Martin Robinson 		cfleizach: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Martin Robinson
Comment 1 2010-09-29 10:50:56 PDT
Created attachment 69218 [details] Patch for this issue
chris fleizach
Comment 2 2010-09-29 10:53:59 PDT
Comment on attachment 69218 [details] Patch for this issue r=me
Martin Robinson
Comment 3 2010-09-29 10:58:47 PDT
Committed r68665: <http://trac.webkit.org/changeset/68665>
Note You need to log in before you can comment on or make changes to this bug.