In the attached testcases, use the "n" accesskey and see a crash.
Created attachment 2206 [details] testcase
Created attachment 2207 [details] Improved testcase spell error Ctrl-n instead of Ctrl-h
The problem here is if (renderer() && (widget = static_cast<RenderWidget *>(renderer())->widget())) { since the renderer associated with a HTMLButtonElementImpl is a RenderBlock element (since button elements aren't widget elements. Thus widget becomes an invalid value and that's the reason for the crash.
Created attachment 2208 [details] Crash report
Created attachment 2210 [details] Fix This fixes the segfault
I can confirm that the patch works, the accesskey now enables the action on the button.
*** Bug 3413 has been marked as a duplicate of this bug. ***
Apple Bug: <rdar://problem/4117035>
Comment on attachment 2210 [details] Fix Good fix. It's very strange that this code, appropriate for <input type=button>, was put here inside the <button> element implementation. I prefer to completely eliminate the HTMLButtonElementImpl::click function, however, rather than simply removing its "guts". So ideally someone landing this would go that extra step.
I can confirmed this has been fixed on TOT WebKit (checked out 6/18). Reporter, mark this bug as Verified after you have tested with the latest TOT Webkit.
Tested with TOT and fix verified. Thx ppl :)
There was a Radar report of this as <rdar://problem/4117035>
(In reply to comment #12) > There was a Radar report of this as <rdar://problem/4117035> ------- Additional Comment #8 From Chris Petersen 2005-06-10 16:32 PST [reply] ------- Apple Bug: <rdar://problem/4117035> doh :) if i'd have access i'd close it for you guys, but i guess you have to do that yourselves :)
Reopening to put it on verified fixed. Closed fixed is the next state, it will reach this state when this bug gets fixed in a released version of Safari.