Bug 87484

Summary:

[BlackBerry] Browser crashed when selecting in textarea

Product:

WebKit

Reporter:

Sean Wang <xuewen.ok>

Component:

Platform

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

charles.wei, mifenton, rwlbuis, tonikitoo, webkit.review.bot

Priority:

Version:

528+ (Nightly build)

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
Patch	tonikitoo: review+, tonikitoo: commit-queue-
Patch	none

Sean Wang

Reported 2012-05-25 03:14:08 PDT

DESCRIPTION: Browser crashed when select text in textarea. HOW TO REPRODUCE: 1) load a page which contains <textarea> tag. 2) Input a string in it. 3) Insert <enter> in the middle of string to break it to two lines. 4) Touch and hold to select text in the second line. EXPECTED: A word in the second line should be selected. ACTUAL: Browser crashed. Note: the browser is debug build. Thread [3] (Suspended : Signal : SIGSEGV:Segmentation fault) WebCore::NoExceptionAssertionChecker::~NoExceptionAssertionChecker() WebCore::Range::Range() WebCore::Range::create() BlackBerry::WebKit::FatFingers::checkForText() BlackBerry::WebKit::FatFingers::findIntersectingRegions() BlackBerry::WebKit::FatFingers::findBestPoint() BlackBerry::WebKit::SelectionHandler::selectAtPoint() BlackBerry::WebKit::WebPage::selectAtPoint() SelectionHandler::selectAtPoint() TouchHandlerWebKitThread::displayContextMenu() TouchHandlerWebKitThread::handleTouchHold() TouchHandlerWebKitThread::onTouchEvent() WebKitThread::invokeOnTouchMoveEvent() BlackBerry::Platform::MethodDelegate3<void () BlackBerry::Platform::ExecutableMessage::execute() BlackBerry::Platform::MessageClient::executeMessage() BlackBerry::Platform::MessageClient::coalesceMessage() BlackBerry::Platform::MessageClient::receivePendingMessage() BlackBerry::Platform::MessageClient::processNextMessage() BlackBerry::Platform::MessageClient::exec() WebKitThread::exec() BlackBerry::Platform::MessageClient::run() pthread_atfork() pthread_atfork()

Attachments
Patch (2.72 KB, patch) 2012-05-25 03:21 PDT, Sean Wang	no flags	Details Formatted Diff Diff
Patch (2.79 KB, patch) 2012-05-29 21:16 PDT, Sean Wang	tonikitoo: review+ tonikitoo: commit-queue-	Details Formatted Diff Diff
Patch (2.82 KB, patch) 2012-05-29 22:51 PDT, Sean Wang	no flags	Details Formatted Diff Diff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.

Sean Wang

Comment 1 2012-05-25 03:21:30 PDT

Created attachment 144028 [details] Patch

Rob Buis

Comment 2 2012-05-25 03:57:49 PDT

(In reply to comment #1) > Created an attachment (id=144028) [details] > Patch Is this reviewed internally? Probably Mike Fenton or somebody who knows this code should do that first.

Sean Wang

Comment 3 2012-05-29 21:16:28 PDT

Created attachment 144694 [details] Patch

Antonio Gomes

Comment 4 2012-05-29 22:27:14 PDT

Comment on attachment 144694 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=144694&action=review > Source/WebKit/blackberry/WebKitSupport/FatFingers.cpp:498 > + (m_targetType == Text ? DoNotAllowShadowContent : AllowShadowContent)); lets move this x ? y : z out, to an earlier line.

Sean Wang

Comment 5 2012-05-29 22:51:20 PDT

Created attachment 144707 [details] Patch Antonio, did you mean like this patch or just move the two lines to a single line?

WebKit Review Bot

Comment 6 2012-05-30 04:57:37 PDT

Comment on attachment 144707 [details] Patch Clearing flags on attachment: 144707 Committed r118912: <http://trac.webkit.org/changeset/118912>

WebKit Review Bot

Comment 7 2012-05-30 04:57:42 PDT

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.