Status: Untriaged Owner: [email protected] Labels: Type-Bug Pri-2 OS-All Area-Misc Crash
New issue 6066 by [email protected]: Double-click crash in WebCore::Selection::toRange http://code.google.com/p/chromium/issues/detail?id=6066 See the attached reduced test case to reproduce. As the file suggests, double-click in the white region below the link to cause a renderer crash. The problem seems to be having a <a> tag inside of a <pre> tag. Only observed in trunk builds (currently r7587 reproduces the crash). Stack: WebCore::Selection::toRange+0x1ea WebCore::Frame::shouldChangeSelection+0x25 WebCore::Frame::shouldChangeSelection+0x1f WebCore::EventHandler::selectClosestWordFromMouseEvent+0xcc WebCore::EventHandler::handleMousePressEventDoubleClick+0x39 WebCore::EventHandler::handleMousePressEvent+0x178 WebCore::EventHandler::handleMousePressEvent+0x497 WebViewImpl::MouseDown+0x11e WebViewImpl::HandleInputEvent+0x7a RenderWidget::OnHandleInputEvent+0x4b IPC::Message::Dispatch<RenderWidget>+0x1d RenderWidget::OnMessageReceived+0x11e RenderView::OnMessageReceived+0x644 MessageRouter::RouteMessage+0x34 MessageRouter::OnMessageReceived+0x30 RenderThread::OnMessageReceived+0x115 RunnableMethod<CancelableRequest<CallbackRunner<Tuple2<int,scoped_refptr<Ba seSessionService::InternalGetCommandsRequest> > > >,void (__thiscall CancelableRequest<CallbackRunner<Tuple2<int,scoped_refptr<BaseSessionServic e::InternalGetCommandsRequest> > > >::*)(Tuple2<int,scoped_refptr<BaseSessionService::InternalGetCommandsReque st> > const &),Tuple1<Tuple2<int,scoped_refptr<BaseSessionService::InternalGetCommandsR equest> > > >::Run+0x17 MessageLoop::RunTask+0x80 MessageLoop::DoWork+0x1ea base::MessagePumpDefault::Run+0x111 MessageLoop::RunInternal+0xb7 MessageLoop::RunHandler+0xa0 MessageLoop::Run+0x3d base::Thread::ThreadMain+0x8a `anonymous namespace'::ThreadFunc+0xd kernel32!BaseThreadStart+0x37 Attachments: double_click_crash.html 184 bytes -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
