Title: [105309] branches/safari-534.54-branch
- Revision
- 105309
- Author
- lforsch...@apple.com
- Date
- 2012-01-18 12:33:30 -0800 (Wed, 18 Jan 2012)
Log Message
Merged r98935.
Modified Paths
Added Paths
Diff
Modified: branches/safari-534.54-branch/LayoutTests/ChangeLog (105308 => 105309)
--- branches/safari-534.54-branch/LayoutTests/ChangeLog 2012-01-18 20:29:30 UTC (rev 105308)
+++ branches/safari-534.54-branch/LayoutTests/ChangeLog 2012-01-18 20:33:30 UTC (rev 105309)
@@ -1,5 +1,19 @@
2011-01-18 Lucas Forschler <lforsch...@apple.com>
+ Merge 98935
+
+ 2011-10-31 Jeremy Apthorp <jere...@google.com>
+
+ Test case for a crash relating to merging of anonymous blocks in
+ RenderFullScreen::unwrapRenderer.
+ https://bugs.webkit.org/show_bug.cgi?id=70705
+
+ Reviewed by Simon Fraser.
+
+ * fullscreen/anonymous-block-merge-crash.html: Added.
+
+2011-01-18 Lucas Forschler <lforsch...@apple.com>
+
Merge 104275
2012-01-05 Kent Tamura <tk...@chromium.org>
Copied: branches/safari-534.54-branch/LayoutTests/fullscreen/anonymous-block-merge-crash-expected.txt (from rev 98935, trunk/LayoutTests/fullscreen/anonymous-block-merge-crash-expected.txt) (0 => 105309)
--- branches/safari-534.54-branch/LayoutTests/fullscreen/anonymous-block-merge-crash-expected.txt (rev 0)
+++ branches/safari-534.54-branch/LayoutTests/fullscreen/anonymous-block-merge-crash-expected.txt 2012-01-18 20:33:30 UTC (rev 105309)
@@ -0,0 +1,2 @@
+PASS
+
Copied: branches/safari-534.54-branch/LayoutTests/fullscreen/anonymous-block-merge-crash.html (from rev 98935, trunk/LayoutTests/fullscreen/anonymous-block-merge-crash.html) (0 => 105309)
--- branches/safari-534.54-branch/LayoutTests/fullscreen/anonymous-block-merge-crash.html (rev 0)
+++ branches/safari-534.54-branch/LayoutTests/fullscreen/anonymous-block-merge-crash.html 2012-01-18 20:33:30 UTC (rev 105309)
@@ -0,0 +1,16 @@
+<span><object><div>PASS</div></span>
+<script src=""
+<script>
+ if (Element.prototype.webkitRequestFullScreen == undefined) {
+ } else {
+ var span = document.getElementsByTagName('span')[0];
+
+ document._onwebkitfullscreenchange_ = function(event) {
+ document.body.appendChild(document.createElement('div'));
+ document.webkitCancelFullScreen();
+ layoutTestController.notifyDone();
+ };
+
+ runWithKeyDown(function(){span.webkitRequestFullScreen()});
+ }
+</script>
Modified: branches/safari-534.54-branch/Source/WebCore/ChangeLog (105308 => 105309)
--- branches/safari-534.54-branch/Source/WebCore/ChangeLog 2012-01-18 20:29:30 UTC (rev 105308)
+++ branches/safari-534.54-branch/Source/WebCore/ChangeLog 2012-01-18 20:33:30 UTC (rev 105309)
@@ -1,5 +1,22 @@
2011-01-18 Lucas Forschler <lforsch...@apple.com>
+ Merge 98935
+
+ 2011-10-31 Jeremy Apthorp <jere...@google.com>
+
+ Fix a crash relating to anonymous block merging in
+ RenderFullScreen::unwrapRenderer.
+ https://bugs.webkit.org/show_bug.cgi?id=70705
+
+ Reviewed by Simon Fraser.
+
+ Test: fullscreen/anonymous-block-merge-crash.html
+
+ * rendering/RenderFullScreen.cpp:
+ (RenderFullScreen::unwrapRenderer):
+
+2011-01-18 Lucas Forschler <lforsch...@apple.com>
+
Merge 104275
2012-01-05 Kent Tamura <tk...@chromium.org>
Modified: branches/safari-534.54-branch/Source/WebCore/rendering/RenderFullScreen.cpp (105308 => 105309)
--- branches/safari-534.54-branch/Source/WebCore/rendering/RenderFullScreen.cpp 2012-01-18 20:29:30 UTC (rev 105308)
+++ branches/safari-534.54-branch/Source/WebCore/rendering/RenderFullScreen.cpp 2012-01-18 20:33:30 UTC (rev 105309)
@@ -125,14 +125,11 @@
void RenderFullScreen::unwrapRenderer()
{
RenderObject* holder = placeholder() ? placeholder() : this;
- RenderObject* parent = holder->parent();
- if (parent) {
- RenderObject* child = firstChild();
- while (child) {
- RenderObject* nextChild = child->nextSibling();
+ if (holder->parent()) {
+ RenderObject* child;
+ while ((child = firstChild())) {
child->remove();
- parent->addChild(child, holder);
- child = nextChild;
+ holder->parent()->addChild(child, holder);
}
}
remove();
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
