2011-04-20 Chris Fleizach <cfleizach@apple.com>
authorcfleizach@apple.com <cfleizach@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 21 Apr 2011 00:54:25 +0000 (00:54 +0000)
committercfleizach@apple.com <cfleizach@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 21 Apr 2011 00:54:25 +0000 (00:54 +0000)
commit5d7c95aca5ab7e172a1ceeee7a167865cd337a32
tree28b1a8a6f268f6394319c00bf13823fbefda2713
parentc226da13a0031b59fd29b0e170b082cb7a4a388b
2011-04-20  Chris Fleizach  <cfleizach@apple.com>

        Reviewed by Beth Dakin.

        CrashTracer: 301 crashes in Safari at com.apple.WebCore: WebCore::AccessibilityRenderObject::visiblePositionForPoint const + 297
        https://bugs.webkit.org/show_bug.cgi?id=57405

        The offending line in this crash was a null pointer access in
           m_renderer->document()->topDocument()->renderer()->view()->frameView();
        It seems likely that one of those calls was invalid. I could not reproduce and there was no
        information on reproducible steps, hence the absence of a layout test.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::topRenderer):
        (WebCore::AccessibilityRenderObject::topDocument):
        (WebCore::AccessibilityRenderObject::topDocumentFrameView):
        (WebCore::AccessibilityRenderObject::visiblePositionForPoint):
        * accessibility/AccessibilityRenderObject.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@84444 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WebCore/ChangeLog
Source/WebCore/accessibility/AccessibilityRenderObject.cpp
Source/WebCore/accessibility/AccessibilityRenderObject.h