Bug 87484 - [BlackBerry] Browser crashed when selecting in textarea
Summary: [BlackBerry] Browser crashed when selecting in textarea
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Platform (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-05-25 03:14 PDT by Sean Wang
Modified: 2012-05-30 04:57 PDT (History)
5 users (show)

See Also:

Attachments
Patch (2.72 KB, patch)
2012-05-25 03:21 PDT, Sean Wang 		no flags Details | Formatted Diff | Diff
Patch (2.79 KB, patch)
2012-05-29 21:16 PDT, Sean Wang 		tonikitoo: review+
tonikitoo: commit-queue-
Details | Formatted Diff | Diff
Patch (2.82 KB, patch)
2012-05-29 22:51 PDT, Sean Wang 		no flags Details | Formatted Diff | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sean Wang 2012-05-25 03:14:08 PDT 
DESCRIPTION:
Browser crashed when select text in textarea.

HOW TO REPRODUCE:
1) load a page which contains <textarea> tag.
2) Input a string in it.
3) Insert <enter> in the middle of string to break it to two lines.
4) Touch and hold to select text in the second line.

EXPECTED:
    A word in the second line should be selected.
ACTUAL:
    Browser crashed.

Note: the browser is debug build.


Thread [3] (Suspended : Signal : SIGSEGV:Segmentation fault)    
    WebCore::NoExceptionAssertionChecker::~NoExceptionAssertionChecker()
    WebCore::Range::Range()
    WebCore::Range::create()
    BlackBerry::WebKit::FatFingers::checkForText()
    BlackBerry::WebKit::FatFingers::findIntersectingRegions()
    BlackBerry::WebKit::FatFingers::findBestPoint()
    BlackBerry::WebKit::SelectionHandler::selectAtPoint()
    BlackBerry::WebKit::WebPage::selectAtPoint()
    SelectionHandler::selectAtPoint()
    TouchHandlerWebKitThread::displayContextMenu()
    TouchHandlerWebKitThread::handleTouchHold()
    TouchHandlerWebKitThread::onTouchEvent()
    WebKitThread::invokeOnTouchMoveEvent()
    BlackBerry::Platform::MethodDelegate3<void ()
    BlackBerry::Platform::ExecutableMessage::execute()
    BlackBerry::Platform::MessageClient::executeMessage()
    BlackBerry::Platform::MessageClient::coalesceMessage()
    BlackBerry::Platform::MessageClient::receivePendingMessage()
    BlackBerry::Platform::MessageClient::processNextMessage()
    BlackBerry::Platform::MessageClient::exec()
    WebKitThread::exec()
    BlackBerry::Platform::MessageClient::run()
    pthread_atfork()
    pthread_atfork()
Comment 1 Sean Wang 2012-05-25 03:21:30 PDT 
Created attachment 144028 [details]
Patch
Comment 2 Rob Buis 2012-05-25 03:57:49 PDT 
(In reply to comment #1)
> Created an attachment (id=144028) [details]
> Patch

Is this reviewed internally? Probably Mike Fenton or somebody who knows this code should do that first.
Comment 3 Sean Wang 2012-05-29 21:16:28 PDT 
Created attachment 144694 [details]
Patch
Comment 4 Antonio Gomes 2012-05-29 22:27:14 PDT 
Comment on attachment 144694 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=144694&action=review

> Source/WebKit/blackberry/WebKitSupport/FatFingers.cpp:498
> +                         (m_targetType == Text ? DoNotAllowShadowContent : AllowShadowContent));

lets move this x ? y : z out, to an earlier line.
Comment 5 Sean Wang 2012-05-29 22:51:20 PDT 
Created attachment 144707 [details]
Patch

Antonio, did you mean like this patch or just move the two lines to a single line?
Comment 6 WebKit Review Bot 2012-05-30 04:57:37 PDT 
Comment on attachment 144707 [details]
Patch

Clearing flags on attachment: 144707

Committed r118912: <http://trac.webkit.org/changeset/118912>
Comment 7 WebKit Review Bot 2012-05-30 04:57:42 PDT 
All reviewed patches have been landed.  Closing bug.