[Webkit-unassigned] [Bug 121537] Crashed while visit http://html5video.org/wiki/HTML5_Demos
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Sep 18 19:30:23 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=121537
--- Comment #7 from Xueqing Huang <xqhuang.webkit at gmail.com> 2013-09-18 19:29:30 PST ---
(In reply to comment #6)
> (From update of attachment 211979 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=211979&action=review
>
> >>> Source/WebCore/bindings/js/JSNodeCustom.cpp:115
> >>> + // |audioConstructor| then HTMLUnknowElement was created to instead HTMLAudioElement.
> >>
> >> Why does paused return false for HTMLUnknownElement?
> >
> > The problem was HTMLUnknownElement has not paused() member function, We convert HTMLUnknownElement to HTMLAudioElement illegally then call paused() will crash.
>
> How does that happen if the isHTMLAudioElement(node) check succeeded on the line just before?
isHTMLAudioElement(node) only check whether element has a tag name "audio", see HTMLElementTypeHelpers.h.
But |audioConstructor| in HTMLElementFactory.cpp create HTMLAudioElement failed since MediaPlayer::isAvailable() return false because QuickTime did not installed. HTMLUnknownELement was created as fallback, see HTMLElementFactory::createHTMLElement.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list