[Webkit-unassigned] [Bug 137658] New: Crash in AccessibilityMenuListOption::elementRect()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Oct 13 10:41:59 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=137658
Summary: Crash in AccessibilityMenuListOption::elementRect()
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Accessibility
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: cgarcia at igalia.com
CC: cfleizach at apple.com, jdiggs at igalia.com,
apinheiro at igalia.com, mario at webkit.org,
webkit-bug-importer at group.apple.com
Program received signal SIGSEGV, Segmentation fault.
0x00007f7789a157ac in WebCore::AccessibilityMenuListOption::elementRect() const [clone .localalias.4] () from libwebkit2gtk-4.0.so.37
(gdb) bt
#0 0x00007f7789a157ac in WebCore::AccessibilityMenuListOption::elementRect() const [clone .localalias.4] () from libwebkit2gtk-4.0.so.37
#1 0x00007f7789a1e71d in WebCore::AccessibilityObject::orientation() const () from libwebkit2gtk-4.0.so.37
#2 0x00007f778a6d5296 in webkitAccessibleRefStateSet(_AtkObject*) () from libwebkit2gtk-4.0.so.37
#3 0x00007f777eb09a6e in spi_atk_state_to_dbus_array (object=<optimized out>, array=0x7fffaf341830) at accessible-stateset.c:182
#4 0x00007f777eb10663 in impl_GetState (bus=<optimized out>, message=0x1c8dee0, user_data=<optimized out>) at accessible-adaptor.c:443
#5 0x00007f777eb0f88a in handle_other (pathstr=0x1c8dfb8 "/org/a11y/atspi/accessible/71", member=<optimized out>, iface=0x1c8dff0 "org.a11y.atspi.Accessible", path=0x1ba90b0,
message=0x1c8dee0, bus=0x1c14200) at droute.c:553
#6 handle_message (bus=0x1c14200, message=0x1c8dee0, user_data=0x1ba90b0) at droute.c:600
#7 0x00007f777888f5bf in ?? () from /lib/x86_64-linux-gnu/libdbus-1.so.3
#8 0x00007f7778881194 in dbus_connection_dispatch () from /lib/x86_64-linux-gnu/libdbus-1.so.3
#9 0x00007f7778ac8eb5 in message_queue_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at atspi-gmain.c:89
#10 0x00007f7784fd88ad in g_main_dispatch (context=0x1babb90) at gmain.c:3111
#11 g_main_context_dispatch (context=context at entry=0x1babb90) at gmain.c:3710
#12 0x00007f7784fd8b58 in g_main_context_iterate (context=0x1babb90, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at gmain.c:3781
#13 0x00007f7784fd8e72 in g_main_loop_run (loop=0x1e7cea0) at gmain.c:3975
#14 0x00007f778992f0a1 in WebProcessMainUnix () from libwebkit2gtk-4.0.so.37
#15 0x00007f7787dd0b45 in __libc_start_main (main=0x400700 <main>, argc=2, argv=0x7fffaf341d38, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>,
stack_end=0x7fffaf341d28) at libc-start.c:287
#16 0x0000000000400733 in _start ()
It happens when clicking on [duplicate] link in GNOME bugzilla (you need to be logged in), I'll try to make a test case. It seems the problem is that grandparent of the AccessibilityMenuListOption is NULL there, because the parent we are getting there is not the right one, but an old one and the parent of the old one cleared its children already.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list