Bug 15886 - LayoutTests/fast/events/mousedown_in_scrollbar.html crashes on WebKit/Qt
Summary: LayoutTests/fast/events/mousedown_in_scrollbar.html crashes on WebKit/Qt
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Qt (show other bugs)
Version: 528+ (Nightly build)
Hardware: Other OS X 10.4
: P2 Normal
Assignee: George Staikos
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-11-07 10:44 PST by Holger Freyther
Modified: 2007-11-29 21:52 PST (History)
0 users

See Also:

Attachments
Do not crash on mousedown_in_scrollbar.html (2.48 KB, patch)
2007-11-07 10:46 PST, Holger Freyther 		mjs: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Holger Freyther 2007-11-07 10:44:21 PST 
The above test case crashes on WebKit/Qt and I would like to get some feedback:

PlatformScrollBarQt (created by the RenderLayer) can crash in two ways:
   1.) It was removed from the FrameView and it acceses parent()
   2.) m_client is a dangling pointer after RenderLayer was destroyed.

1.) is easy to fix
2.) Adding a ScrollBar::setClient and calling it from RenderLayer::destroyScrollBar to avoid the dangling pointer. I assume this approach will be declared too scientific so see the other alternative


EventHandler gives the PlatformScrollBar a 2nd live because m_lastScrollbarUnderMouse is a RefPtr and has the scrollbar stored. Rev 24942 introduced the test case and I extend the change to take m_lastScrollbarUnderMouse into consideration.
Comment 1 Holger Freyther 2007-11-07 10:46:02 PST 
Created attachment 17112 [details]
Do not crash on mousedown_in_scrollbar.html

Change EventHandler to give up the reference to a Scrollbar created by the RenderLayer.
Comment 2 Holger Freyther 2007-11-29 21:52:53 PST 
Finally landed in r28227.