[Webkit-unassigned] [Bug 119951] [GTK] 'pure virtual method called' in WebCore::JSNodeOwner::isReachableFromOpaqueRoots
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 22 02:03:33 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=119951
--- Comment #13 from Zan Dobersek <zandobersek at gmail.com> 2013-08-22 02:02:59 PST ---
(In reply to comment #4)
> To not trigger this, it's enough to install the recommend gstreamer1.0-plugins-base into the chroot. Not that this is only a workaround, it's not solving the bug.
>
This is actually essential. If the plugins are not installed, MediaPlayer::isAvailable() is returning false.
In the generated HTMLElementFactory.cpp, when HTMLElementFactory::createHTMLElement() is called with the audioTag, WebCore::audioConstructor is called, but it returns 0 since the MediaPlayer::isAvailable() is returning false due to the missing plugins. This causes the creation of the HTMLUnknownElement with the 'audio' tag name.
Later, in WebCore::isReachableFromDOM, this HTMLUnknownElement passes the isHTMLAudioElement test because it has the correct tag name. It's then cast to HTMLAudioElement through toHTMLAudioElement and the crash ensues.
Looking through HTMLElementFactory, constructors for the following HTML elements can return 0, falling back to creating HTMLUnknownElements with the same tag name:
audio, source, track, video - if either MediaPlayer::isAvailiable() or Settings::mediaEnabled is returning false,
content - if RuntimeEnabledFeatures::shadowDOMEnabled() is returning false,
dialog - if ContextFeatures::dialogElementEnabled() is returning false.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list