Bug 47942

Summary: REGRESSION(66391): http://ligth-arts.all-up.com/ crashes in EventHandler::selectCursor
Product: WebKit Reporter: James Robinson <jamesr>
Component: New BugsAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: simon.fraser
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: OS X 10.5   
URL: http://ligth-arts.all-up.com
Attachments:
Description Flags
Patch
none
Patch dglazkov: review+

James Robinson
Reported 2010-10-19 15:51:17 PDT
in EventHandler.cpp:1081 image is NULL. looks like the old code would continue if (!cimage)
Attachments
Patch (4.62 KB, patch)
2010-10-19 17:04 PDT, James Robinson 		no flags
DetailsFormatted DiffDiff
Patch (5.59 KB, patch)
2010-10-22 16:28 PDT, James Robinson 		dglazkov: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
James Robinson
Comment 1 2010-10-19 17:04:40 PDT
Created attachment 71231 [details] Patch
James Robinson
Comment 2 2010-10-19 17:07:09 PDT
This fixes the crashes, but it doesn't include a regression test as I'm not sure how to construct one. The null check in EventHandler.cpp is needed to avoid the crash on startup, the check in CSSComputedStyleDeclaration.cpp is needed so it doesn't crash when opening the inspector. The rest of the changes are by inspection. This doesn't appear to regress the existing manual tests. Any ideas on how to construct regression tests? I know very little about cursors. FYI this is one of the top 5 crashers in Chromium nightlies.
Simon Fraser (smfr)
Comment 3 2010-10-19 17:22:31 PDT
The page in question has body { cursor: url(''), url('http://img715.imageshack.us/img715/4435/cur.png'), auto; } so we should be able to mimic this in a manual test.
James Robinson
Comment 4 2010-10-22 16:28:21 PDT
Created attachment 71608 [details] Patch
Dimitri Glazkov (Google)
Comment 5 2010-10-22 16:35:54 PDT
Comment on attachment 71608 [details] Patch yay!
James Robinson
Comment 6 2010-10-22 16:39:25 PDT
Committed r70365: <http://trac.webkit.org/changeset/70365>
Note You need to log in before you can comment on or make changes to this bug.