Title: [181945] releases/WebKitGTK/webkit-2.8
- Revision
- 181945
- Author
- carlo...@webkit.org
- Date
- 2015-03-25 03:36:19 -0700 (Wed, 25 Mar 2015)
Log Message
Merge r181773 - Source/WebCore:
REGRESSION (r109593): Clicking after last inline element could cause a crash.
https://bugs.webkit.org/show_bug.cgi?id=142880
rdar://problem/17222294
Reviewed by Ryosuke Niwa.
Test: editing/selection/click-after-last-inline-crash.html
* rendering/RootInlineBox.cpp:
(WebCore::RootInlineBox::closestLeafChildForLogicalLeftPosition):
LayoutTests:
Web Inspector: Adopt ES6 Class Syntax for all Model Objects
https://bugs.webkit.org/show_bug.cgi?id=142858
Patch by Joseph Pecoraro <pecor...@apple.com> on 2015-03-19
Reviewed by Timothy Hatcher.
* inspector/model/parse-script-syntax-tree.html:
This test was calling a constructor without "new". Class
syntax enforces "new" and threw an exception.
Modified Paths
Added Paths
Diff
Modified: releases/WebKitGTK/webkit-2.8/LayoutTests/ChangeLog (181944 => 181945)
--- releases/WebKitGTK/webkit-2.8/LayoutTests/ChangeLog 2015-03-25 10:34:22 UTC (rev 181944)
+++ releases/WebKitGTK/webkit-2.8/LayoutTests/ChangeLog 2015-03-25 10:36:19 UTC (rev 181945)
@@ -1,3 +1,14 @@
+2015-03-19 Enrica Casucci <enr...@apple.com>
+
+ REGRESSION (r109593): Clicking after last inline element could cause a crash.
+ https://bugs.webkit.org/show_bug.cgi?id=142880
+ rdar://problem/17222294
+
+ Reviewed by Ryosuke Niwa.
+
+ * editing/selection/click-after-last-inline-crash-expected.txt: Added.
+ * editing/selection/click-after-last-inline-crash.html: Added.
+
2015-03-18 Said Abou-Hallawa <sabouhall...@apple.com>
Switching between two SVG images with no intrinsic sizes causes them to get the default SVG size instead of the container size.
Added: releases/WebKitGTK/webkit-2.8/LayoutTests/editing/selection/click-after-last-inline-crash-expected.txt (0 => 181945)
--- releases/WebKitGTK/webkit-2.8/LayoutTests/editing/selection/click-after-last-inline-crash-expected.txt (rev 0)
+++ releases/WebKitGTK/webkit-2.8/LayoutTests/editing/selection/click-after-last-inline-crash-expected.txt 2015-03-25 10:36:19 UTC (rev 181945)
@@ -0,0 +1,7 @@
+Click after the end of the line with link.
+
+This is a link
+
+It should NOT crash!
+
+PASS
Added: releases/WebKitGTK/webkit-2.8/LayoutTests/editing/selection/click-after-last-inline-crash.html (0 => 181945)
--- releases/WebKitGTK/webkit-2.8/LayoutTests/editing/selection/click-after-last-inline-crash.html (rev 0)
+++ releases/WebKitGTK/webkit-2.8/LayoutTests/editing/selection/click-after-last-inline-crash.html 2015-03-25 10:36:19 UTC (rev 181945)
@@ -0,0 +1,23 @@
+<html>
+<body>
+<div style="border: solid red 2px;">
+Click after the end of the line with link.<br><br><a id='test' href="" is a link</a><wbr><br><br>It should NOT crash!<br><br>
+</div>
+</body>
+<script>
+if (window.testRunner) {
+ testRunner.dumpAsText();
+
+ if (!window.eventSender)
+ document.writeln('This test requires eventSender');
+ else {
+ var testElement = document.getElementById('test');
+ eventSender.mouseMoveTo(testElement.offsetLeft + testElement.offsetWidth + 50, testElement.offsetTop + 5);
+ eventSender.mouseDown();
+ eventSender.mouseUp();
+ document.writeln('PASS');
+ }
+}
+
+</script>
+</html>
Modified: releases/WebKitGTK/webkit-2.8/Source/WebCore/ChangeLog (181944 => 181945)
--- releases/WebKitGTK/webkit-2.8/Source/WebCore/ChangeLog 2015-03-25 10:34:22 UTC (rev 181944)
+++ releases/WebKitGTK/webkit-2.8/Source/WebCore/ChangeLog 2015-03-25 10:36:19 UTC (rev 181945)
@@ -1,3 +1,16 @@
+2015-03-19 Enrica Casucci <enr...@apple.com>
+
+ REGRESSION (r109593): Clicking after last inline element could cause a crash.
+ https://bugs.webkit.org/show_bug.cgi?id=142880
+ rdar://problem/17222294
+
+ Reviewed by Ryosuke Niwa.
+
+ Test: editing/selection/click-after-last-inline-crash.html
+
+ * rendering/RootInlineBox.cpp:
+ (WebCore::RootInlineBox::closestLeafChildForLogicalLeftPosition):
+
2015-03-18 Manuel Rego Casasnovas <r...@igalia.com>
Unreviewed. GTK build fix after r181720.
Modified: releases/WebKitGTK/webkit-2.8/Source/WebCore/rendering/RootInlineBox.cpp (181944 => 181945)
--- releases/WebKitGTK/webkit-2.8/Source/WebCore/rendering/RootInlineBox.cpp 2015-03-25 10:34:22 UTC (rev 181944)
+++ releases/WebKitGTK/webkit-2.8/Source/WebCore/rendering/RootInlineBox.cpp 2015-03-25 10:36:19 UTC (rev 181945)
@@ -763,12 +763,12 @@
return firstLeaf;
// Avoid returning a list marker when possible.
- if (leftPosition <= firstLeaf->logicalLeft() && !firstLeaf->renderer().isListMarker() && (!onlyEditableLeaves || isEditableLeaf(firstLeaf)))
+ if (firstLeaf && leftPosition <= firstLeaf->logicalLeft() && !firstLeaf->renderer().isListMarker() && (!onlyEditableLeaves || isEditableLeaf(firstLeaf)))
// The leftPosition coordinate is less or equal to left edge of the firstLeaf.
// Return it.
return firstLeaf;
- if (leftPosition >= lastLeaf->logicalRight() && !lastLeaf->renderer().isListMarker() && (!onlyEditableLeaves || isEditableLeaf(lastLeaf)))
+ if (lastLeaf && leftPosition >= lastLeaf->logicalRight() && !lastLeaf->renderer().isListMarker() && (!onlyEditableLeaves || isEditableLeaf(lastLeaf)))
// The leftPosition coordinate is greater or equal to right edge of the lastLeaf.
// Return it.
return lastLeaf;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
