Bug 87484

Summary: [BlackBerry] Browser crashed when selecting in textarea
Product: WebKit Reporter: Sean Wang <xuewen.ok>
Component: PlatformAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: charles.wei, mifenton, rwlbuis, tonikitoo, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch
tonikitoo: review+, tonikitoo: commit-queue-
Patch none

Sean Wang
Reported 2012-05-25 03:14:08 PDT
DESCRIPTION: Browser crashed when select text in textarea. HOW TO REPRODUCE: 1) load a page which contains <textarea> tag. 2) Input a string in it. 3) Insert <enter> in the middle of string to break it to two lines. 4) Touch and hold to select text in the second line. EXPECTED: A word in the second line should be selected. ACTUAL: Browser crashed. Note: the browser is debug build. Thread [3] (Suspended : Signal : SIGSEGV:Segmentation fault) WebCore::NoExceptionAssertionChecker::~NoExceptionAssertionChecker() WebCore::Range::Range() WebCore::Range::create() BlackBerry::WebKit::FatFingers::checkForText() BlackBerry::WebKit::FatFingers::findIntersectingRegions() BlackBerry::WebKit::FatFingers::findBestPoint() BlackBerry::WebKit::SelectionHandler::selectAtPoint() BlackBerry::WebKit::WebPage::selectAtPoint() SelectionHandler::selectAtPoint() TouchHandlerWebKitThread::displayContextMenu() TouchHandlerWebKitThread::handleTouchHold() TouchHandlerWebKitThread::onTouchEvent() WebKitThread::invokeOnTouchMoveEvent() BlackBerry::Platform::MethodDelegate3<void () BlackBerry::Platform::ExecutableMessage::execute() BlackBerry::Platform::MessageClient::executeMessage() BlackBerry::Platform::MessageClient::coalesceMessage() BlackBerry::Platform::MessageClient::receivePendingMessage() BlackBerry::Platform::MessageClient::processNextMessage() BlackBerry::Platform::MessageClient::exec() WebKitThread::exec() BlackBerry::Platform::MessageClient::run() pthread_atfork() pthread_atfork()
Attachments
Patch (2.72 KB, patch)
2012-05-25 03:21 PDT, Sean Wang 		no flags
DetailsFormatted DiffDiff
Patch (2.79 KB, patch)
2012-05-29 21:16 PDT, Sean Wang 		tonikitoo: review+
tonikitoo: commit-queue-
DetailsFormatted DiffDiff
Patch (2.82 KB, patch)
2012-05-29 22:51 PDT, Sean Wang 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Sean Wang
Comment 1 2012-05-25 03:21:30 PDT
Created attachment 144028 [details] Patch
Rob Buis
Comment 2 2012-05-25 03:57:49 PDT
(In reply to comment #1) > Created an attachment (id=144028) [details] > Patch Is this reviewed internally? Probably Mike Fenton or somebody who knows this code should do that first.
Sean Wang
Comment 3 2012-05-29 21:16:28 PDT
Created attachment 144694 [details] Patch
Antonio Gomes
Comment 4 2012-05-29 22:27:14 PDT
Comment on attachment 144694 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=144694&action=review > Source/WebKit/blackberry/WebKitSupport/FatFingers.cpp:498 > + (m_targetType == Text ? DoNotAllowShadowContent : AllowShadowContent)); lets move this x ? y : z out, to an earlier line.
Sean Wang
Comment 5 2012-05-29 22:51:20 PDT
Created attachment 144707 [details] Patch Antonio, did you mean like this patch or just move the two lines to a single line?
WebKit Review Bot
Comment 6 2012-05-30 04:57:37 PDT
Comment on attachment 144707 [details] Patch Clearing flags on attachment: 144707 Committed r118912: <http://trac.webkit.org/changeset/118912>
WebKit Review Bot
Comment 7 2012-05-30 04:57:42 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.