Bug 59155

Summary: [Mac] correctionPanelTimerFired() crashes due to rangeToBeReplaced being cleared.
Product: WebKit Reporter: Jia Pu <jiapu.mail>
Component: New BugsAssignee: Jia Pu <jiapu.mail>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: Mac (Intel)   
OS: OS X 10.6   
Attachments:
Description Flags
Patch (v1) none

Jia Pu
Reported 2011-04-21 16:56:58 PDT
In some situation, m_correctionPanelInfo.rangeToBeReplaced has been cleared when entering SpellingCorrectionController::correctionPanelTimerFired(), in which case, calling windowRectForRange() on the range will crash. <rdar://problem/9261698>
Attachments
Patch (v1) (4.72 KB, patch)
2011-04-21 17:01 PDT, Jia Pu 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Jia Pu
Comment 1 2011-04-21 17:01:56 PDT
Created attachment 90636 [details] Patch (v1)
Maciej Stachowiak
Comment 2 2011-04-21 17:15:27 PDT
Comment on attachment 90636 [details] Patch (v1) r=me Is it possible to make a regression test for this?
Jia Pu
Comment 3 2011-04-21 17:21:39 PDT
(In reply to comment #2) > (From update of attachment 90636 [details]) > r=me > > Is it possible to make a regression test for this? I will add one if I can nail down the exact sequence of actions that leads to the crash.
WebKit Commit Bot
Comment 4 2011-04-21 19:49:37 PDT
Comment on attachment 90636 [details] Patch (v1) Clearing flags on attachment: 90636 Committed r84592: <http://trac.webkit.org/changeset/84592>
WebKit Commit Bot
Comment 5 2011-04-21 19:49:41 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.