[Webkit-unassigned] [Bug 27275] Chromium popup menus can crash when the selected index is -1
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jul 15 16:19:30 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=27275
--- Comment #5 from Paul Godavari <paul at chromium.org> 2009-07-15 16:19:30 PDT ---
Unfortunately, the crash dumps are mini-dumps from users so they don't contain
enough of the stack to make complete sense.
What I do see is an attempt to check for menu item selectability after a mouse
move event. My guess is that the child window tracking the mouse has detected
the user has moved out of the popup window since PopupListBox::pointToRowIndex
is returning -1 to PopupListBox::selectIndex.
selectIndex has an ASSERT to catch the case of invalid index values, but that's
only in debug builds and won't protect the user in any case.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list