[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc

yurys at chromium.org yurys at chromium.org
Wed Dec 22 11:44:28 UTC 2010 

The following commit has been merged in the debian/experimental branch:
commit 9cdc572f9aafad02a2f5d378c2466f4bebda8e42
Author: yurys at chromium.org <yurys at chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Thu Aug 5 14:32:40 2010 +0000

    2010-08-05  Yury Semikhatsky  <yurys at chromium.org>
    
            Reviewed by Pavel Feldman.
    
            Web Inspector: inspected page crashes when there is a cyclic reference in Object prototype
            https://bugs.webkit.org/show_bug.cgi?id=43558
    
            Test: inspector/debugger-cyclic-ref.html
    
            * bindings/v8/ScriptValue.cpp:
            (WebCore::v8ToInspectorValue):
    
    2010-08-05  Yury Semikhatsky  <yurys at chromium.org>
    
            Reviewed by Pavel Feldman.
    
            Web Inspector: inspected page crashes when there is a cyclic reference in Object prototype
            https://bugs.webkit.org/show_bug.cgi?id=43558
    
            * inspector/debugger-cyclic-ref-expected.txt: Added.
            * inspector/debugger-cyclic-ref.html: Added.
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@64747 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index 69788dd..6a0d55f 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,13 @@
+2010-08-05  Yury Semikhatsky  <yurys at chromium.org>
+
+        Reviewed by Pavel Feldman.
+
+        Web Inspector: inspected page crashes when there is a cyclic reference in Object prototype
+        https://bugs.webkit.org/show_bug.cgi?id=43558
+
+        * inspector/debugger-cyclic-ref-expected.txt: Added.
+        * inspector/debugger-cyclic-ref.html: Added.
+
 2010-08-05  Satish Sampath  <satish at chromium.org>
 
         Reviewed by Jeremy Orlow.
diff --git a/LayoutTests/inspector/debugger-cyclic-ref-expected.txt b/LayoutTests/inspector/debugger-cyclic-ref-expected.txt
new file mode 100644
index 0000000..53fcf9a
--- /dev/null
+++ b/LayoutTests/inspector/debugger-cyclic-ref-expected.txt
@@ -0,0 +1,8 @@
+Tests that debugging a page where Object prototype has a cyclic reference won't crash the browser.Bug 43558
+
+Debugger was enabled.
+Set timer for test function.
+Script execution paused.
+Resumed script execution.
+Disabled debugger.
+
diff --git a/LayoutTests/inspector/debugger-cyclic-ref.html b/LayoutTests/inspector/debugger-cyclic-ref.html
new file mode 100755
index 0000000..fc82943
--- /dev/null
+++ b/LayoutTests/inspector/debugger-cyclic-ref.html
@@ -0,0 +1,53 @@
+<html>
+<head>
+<script src="../http/tests/inspector/inspector-test.js"></script>
+<script src="../http/tests/inspector/debugger-test.js"></script>
+<script>
+
+Object.prototype.cyclicRef = Object.prototype;
+
+function testFunction()
+{
+    var o = new Object();
+    debugger;
+}
+
+function doit()
+{
+    evaluateInWebInspector("frontend_testDebugObjectWithCyclicRef", completeTest);
+}
+
+function frontend_testDebugObjectWithCyclicRef(testController)
+{
+    testController.waitUntilDone();
+
+    WebInspector.showScriptsPanel();
+    frontend_ensureDebuggerEnabled(debuggerWasEnabledCallback);
+
+    function debuggerWasEnabledCallback()
+    {
+        testController.results.push("Debugger was enabled.");
+        frontend_evaluateInConsole("setTimeout(testFunction, 0)", function(result)
+        {
+            testController.results.push("Set timer for test function.");
+        });
+    }
+
+    frontend_addSniffer(WebInspector, "pausedScript", function(callFrames)
+    {
+        testController.results.push("Script execution paused.");
+        frontend_completeDebuggerTest(testController);
+    });
+}
+
+</script>
+</head>
+
+<body onload="onload()">
+<p>
+Tests that debugging a page where Object prototype has a cyclic reference won't
+crash the browser.<a href="https://bugs.webkit.org/show_bug.cgi?id=43558">Bug 43558</a>
+</p>
+
+</body>
+</html>
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index efdb297..9aa24a7 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,15 @@
+2010-08-05  Yury Semikhatsky  <yurys at chromium.org>
+
+        Reviewed by Pavel Feldman.
+
+        Web Inspector: inspected page crashes when there is a cyclic reference in Object prototype
+        https://bugs.webkit.org/show_bug.cgi?id=43558
+
+        Test: inspector/debugger-cyclic-ref.html
+
+        * bindings/v8/ScriptValue.cpp:
+        (WebCore::v8ToInspectorValue):
+
 2010-08-05  Satish Sampath  <satish at chromium.org>
 
         Reviewed by Jeremy Orlow.
diff --git a/WebCore/bindings/v8/ScriptValue.cpp b/WebCore/bindings/v8/ScriptValue.cpp
index d3d4785..6d3fe20 100755
--- a/WebCore/bindings/v8/ScriptValue.cpp
+++ b/WebCore/bindings/v8/ScriptValue.cpp
@@ -104,6 +104,9 @@ static PassRefPtr<InspectorValue> v8ToInspectorValue(v8::Handle<v8::Value> value
         uint32_t length = propertyNames->Length();
         for (uint32_t i = 0; i < length; i++) {
             v8::Local<v8::Value> name = propertyNames->Get(v8::Int32::New(i));
+            // FIXME(yurys): v8::Object should support GetOwnPropertyNames
+            if (!object->HasRealNamedProperty(v8::Handle<v8::String>::Cast(name)))
+                continue;
             RefPtr<InspectorValue> propertyValue = v8ToInspectorValue(object->Get(name));
             if (!propertyValue) {
                 ASSERT_NOT_REACHED();

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list