15886 – LayoutTests/fast/events/mousedown_in_scrollbar.html crashes on WebKit/Qt

RESOLVED FIXED 15886

LayoutTests/fast/events/mousedown_in_scrollbar.html crashes on WebKit/Qt

https://bugs.webkit.org/show_bug.cgi?id=15886

Summary LayoutTests/fast/events/mousedown_in_scrollbar.html crashes on WebKit/Qt

Holger Freyther

Reported 2007-11-07 10:44:21 PST

The above test case crashes on WebKit/Qt and I would like to get some feedback: PlatformScrollBarQt (created by the RenderLayer) can crash in two ways: 1.) It was removed from the FrameView and it acceses parent() 2.) m_client is a dangling pointer after RenderLayer was destroyed. 1.) is easy to fix 2.) Adding a ScrollBar::setClient and calling it from RenderLayer::destroyScrollBar to avoid the dangling pointer. I assume this approach will be declared too scientific so see the other alternative EventHandler gives the PlatformScrollBar a 2nd live because m_lastScrollbarUnderMouse is a RefPtr and has the scrollbar stored. Rev 24942 introduced the test case and I extend the change to take m_lastScrollbarUnderMouse into consideration.

Attachments
Do not crash on mousedown_in_scrollbar.html (2.48 KB, patch) 2007-11-07 10:46 PST, Holger Freyther	mjs: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Holger Freyther

Comment 1 2007-11-07 10:46:02 PST

Created attachment 17112 [details] Do not crash on mousedown_in_scrollbar.html Change EventHandler to give up the reference to a Scrollbar created by the RenderLayer.

Holger Freyther

Comment 2 2007-11-29 21:52:53 PST

Finally landed in r28227.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware Other

OS OS X 10.4

Product WebKit

Component WebKit Qt

Assignee

George Staikos

Reported

2007-11-07 10:44 PST

Modified

2007-11-29 21:52 PST History

CC List

0 users

URL

Keywords

Depends on

Blocks