[Webkit-unassigned] [Bug 44815] crash: 0x101dad3ae in WebCore::RenderBox::positionForPoint at RenderBox.cpp:2817
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Aug 28 20:22:14 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=44815
--- Comment #4 from Darin Adler <darin at apple.com> 2010-08-28 20:22:13 PST ---
Yes, r40871 eliminated the old "safe" node() function that was guaranteed to always return a node. It would return the document for anonymous renderers.
So any call site that assumes node() can never be 0 but can process an anonymous renderer will now have to handle the anonymous case somehow. Previously, such code probably did crazy things, because it's unlikely the caller of node() expected to get the document node and it's hihgly likely it would do something undesirable in such cases.
But note that the old element() function had exactly the same behavior, so when you point out that r40871 replaced a call to element() with a call to node(), that means you're on the wrong track. The new node() function does exactly the same thing that the old element() function did.
There is no element() function any more. Checking for 0 or checking if the node is anonymous is probably the right thing, but then do what? We need to answer the higher level question of what we want to do. Skip forward or backward to the first non-anonymous content perhaps? At some level of the code.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list