[Webkit-unassigned] [Bug 49583] New: Crash in WebView.commitCopy() when selecting text on a pure image.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Nov 16 01:06:57 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=49583
Summary: Crash in WebView.commitCopy() when selecting text on a
pure image.
Product: WebKit
Version: 525.x (Safari 3.2)
Platform: Android
OS/Version: Android
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: WebKit API
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: krnf78 at motorola.com
User-Agent: Mozilla/5.0 (Linux; U; Android 2.2.1; en-us; MB520 Build/3.4.2_40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
Reproduce steps:
1. Open below url on Android phone with google browser.
http://www.google.com.hk/m/search?q=we&pbx=1&aq=&oq=&aqi=&fkt=&fsdt=&csll=&action=&site=images&gl=cn&source=mog&hl=zh-CN#i=1
2. Press Menu --> More --> Select text
3. Repeating select the area of pure image.
Expected result:
Nothing should be copied to clipboard.
Actual result:
Browser is crashed. Below is the tombstone.
#00 pc 0007f018 /system/lib/libskia.so external/skia/src/core/SkPicture.cpp:179
#01 pc 000627e0 /system/lib/libskia.so external/skia/src/core/SkCanvas.cpp:1406
#02 pc 002b4af4 /system/lib/libwebcore.so external/webkit/WebKit/android/nav/SelectText.cpp:377
#03 pc 002b4b2e /system/lib/libwebcore.so external/webkit/WebKit/android/nav/SelectText.cpp:439
#04 pc 001af8b8 /system/lib/libwebcore.so external/webkit/WebKit/android/nav/WebView.cpp:946
#05 pc 00010e34 /system/lib/libdvm.so
#06 pc 0003f370 /system/lib/libdvm.so
#07 pc 00015d98 /system/lib/libdvm.so
#08 pc 0001c7fc /system/lib/libdvm.so
#09 pc 0001b69c /system/lib/libdvm.so
#10 pc 0005692e /system/lib/libdvm.so
#11 pc 0005ef14 /system/lib/libdvm.so
#12 pc 00015d98 /system/lib/libdvm.so
#13 pc 0001c7fc /system/lib/libdvm.so
#14 pc 0001b69c /system/lib/libdvm.so
#15 pc 0005676c /system/lib/libdvm.so
#16 pc 00041d42 /system/lib/libdvm.so
#17 pc 0002de0c /system/lib/libandroid_runtime.so
#18 pc 0002ef08 /system/lib/libandroid_runtime.so
#19 pc 00008ca8 /system/bin/app_process
#20 pc 0000d410 /system/lib/libc.so
#00 pc 0007b8f0 /system/lib/libskia.so external/skia/src/core/SkPath.cpp:934
#01 pc 00062e58 /system/lib/libskia.so external/skia/src/core/SkCanvas.cpp:859
#02 pc 000803dc /system/lib/libskia.so external/skia/src/core/SkPicturePlayback.cpp:541
Rootcause analysis:
1. This issue is involved by webkit upgrade when android base upgrades from eclair to froyo. There are many big design changes on webkit.
Eclair implementation:
commitCopy() -> {WebView::nativeGetSelection() --> GraphicsJNI::createRegion()}-> mWebViewCore.sendMessage(EventHub.GET_SELECTION, selection) --> WebViewCore::nativeGetSelection() --> WebViewCore::GetSelection() --> WebViewCore::getSelection() --> WebViewCore::findTextBoxIndex() --> CacheBuilder::GetGlobalOffset()
Froyo implementation:
commitCopy() --> WebView::nativeGetSelection() --> WebView::getSelection() --> SelectText::getSelection() --> CopyPaste::text() --> {SkCanvas::drawPicture --> SkPicture::draw() --> SkPicturePlayback::draw()} + TextExtractor::text()
2. The only thought for me till now is to roll back the implementation of this part to Eclair's. However, below interfaces have been deleted by froyo. It would be of high risk to roll back them.
mWebViewCore.sendMessage(EventHub.GET_SELECTION, selection) --> WebViewCore::nativeGetSelection() --> WebViewCore::GetSelection() --> WebViewCore::getSelection() --> WebViewCore::findTextBoxIndex()
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list