Title: [96868] trunk
- Revision
- 96868
- Author
- infe...@chromium.org
- Date
- 2011-10-06 15:55:20 -0700 (Thu, 06 Oct 2011)
Log Message
Crash in VisiblePosition::canonicalPosition.
https://bugs.webkit.org/show_bug.cgi?id=69568
Reviewed by Ryosuke Niwa.
Source/WebCore:
Move the position's containerNode calculation after layout is
complete(in updateLayoutIgnorePendingStylesheets).
Test: editing/selection/selection-plugin-clear-crash.html
* editing/VisiblePosition.cpp:
(WebCore::VisiblePosition::canonicalPosition):
LayoutTests:
* editing/selection/selection-plugin-clear-crash-expected.txt: Added.
* editing/selection/selection-plugin-clear-crash.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (96867 => 96868)
--- trunk/LayoutTests/ChangeLog 2011-10-06 22:47:17 UTC (rev 96867)
+++ trunk/LayoutTests/ChangeLog 2011-10-06 22:55:20 UTC (rev 96868)
@@ -1,3 +1,13 @@
+2011-10-06 Abhishek Arya <infe...@chromium.org>
+
+ Crash in VisiblePosition::canonicalPosition.
+ https://bugs.webkit.org/show_bug.cgi?id=69568
+
+ Reviewed by Ryosuke Niwa.
+
+ * editing/selection/selection-plugin-clear-crash-expected.txt: Added.
+ * editing/selection/selection-plugin-clear-crash.html: Added.
+
2011-10-06 James Simonsen <simon...@chromium.org>
[Chromium] Remove passing tests from test_expectations.txt.
Added: trunk/LayoutTests/editing/selection/selection-plugin-clear-crash-expected.txt (0 => 96868)
--- trunk/LayoutTests/editing/selection/selection-plugin-clear-crash-expected.txt (rev 0)
+++ trunk/LayoutTests/editing/selection/selection-plugin-clear-crash-expected.txt 2011-10-06 22:55:20 UTC (rev 96868)
@@ -0,0 +1 @@
+PASS
Added: trunk/LayoutTests/editing/selection/selection-plugin-clear-crash.html (0 => 96868)
--- trunk/LayoutTests/editing/selection/selection-plugin-clear-crash.html (rev 0)
+++ trunk/LayoutTests/editing/selection/selection-plugin-clear-crash.html 2011-10-06 22:55:20 UTC (rev 96868)
@@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<html>
+<script>
+if (window.layoutTestController)
+ layoutTestController.dumpAsText();
+
+function runTest()
+{
+ var obj = document.getElementById("test");
+ var s = window.getSelection();
+ s.setPosition(obj, 0);
+ document.body.innerHTML = "PASS";
+}
+</script>
+<body _onload_="runTest()">
+<div>
+<object id="test"></object>
+<embed type="application/x-webkit-test-netscape" cleardocumentduringnew></embed>
+</div>
+</body>
+</html>
\ No newline at end of file
Modified: trunk/Source/WebCore/ChangeLog (96867 => 96868)
--- trunk/Source/WebCore/ChangeLog 2011-10-06 22:47:17 UTC (rev 96867)
+++ trunk/Source/WebCore/ChangeLog 2011-10-06 22:55:20 UTC (rev 96868)
@@ -1,3 +1,18 @@
+2011-10-06 Abhishek Arya <infe...@chromium.org>
+
+ Crash in VisiblePosition::canonicalPosition.
+ https://bugs.webkit.org/show_bug.cgi?id=69568
+
+ Reviewed by Ryosuke Niwa.
+
+ Move the position's containerNode calculation after layout is
+ complete(in updateLayoutIgnorePendingStylesheets).
+
+ Test: editing/selection/selection-plugin-clear-crash.html
+
+ * editing/VisiblePosition.cpp:
+ (WebCore::VisiblePosition::canonicalPosition):
+
2011-10-06 Sheriff Bot <webkit.review....@gmail.com>
Unreviewed, rolling out r96861.
Modified: trunk/Source/WebCore/editing/VisiblePosition.cpp (96867 => 96868)
--- trunk/Source/WebCore/editing/VisiblePosition.cpp 2011-10-06 22:47:17 UTC (rev 96867)
+++ trunk/Source/WebCore/editing/VisiblePosition.cpp 2011-10-06 22:55:20 UTC (rev 96868)
@@ -484,11 +484,11 @@
if (position.isNull())
return Position();
- Node* node = position.containerNode();
-
ASSERT(position.document());
position.document()->updateLayoutIgnorePendingStylesheets();
+ Node* node = position.containerNode();
+
Position candidate = position.upstream();
if (candidate.isCandidate())
return candidate;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes