[SCM] WebKit Debian packaging branch, webkit-1.1, updated. upstream/1.1.19-706-ge5415e9
beidson at apple.com
beidson at apple.com
Thu Feb 4 21:35:35 UTC 2010
The following commit has been merged in the webkit-1.1 branch:
commit 3e28a84f0576aa578718de9223802d06b131d419
Author: beidson at apple.com <beidson at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Mon Feb 1 21:21:43 2010 +0000
Crash in Safari opening new tabs to "same page"
<rdar://problem/7593857> and https://bugs.webkit.org/show_bug.cgi?id=34444
Reviewed by Adele Peterson.
WebCore:
Test: fast/loader/crash-copying-backforwardlist.html
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadItem): Null check currentItem().
* page/Page.cpp:
(WebCore::Page::goToItem): Ditto.
WebKitTools:
Add a mode (Mac-only for now) that exercises the WebView SPI _loadBackForwardListFromOtherView:
* DumpRenderTree/LayoutTestController.cpp:
(LayoutTestController::LayoutTestController):
(setNewWindowsCopyBackForwardListCallback):
(LayoutTestController::staticFunctions):
* DumpRenderTree/LayoutTestController.h:
(LayoutTestController::newWindowsCopyBackForwardList):
(LayoutTestController::setNewWindowsCopyBackForwardList):
* DumpRenderTree/mac/UIDelegate.mm:
(-[UIDelegate webView:createWebViewWithRequest:]):
LayoutTests:
* fast/loader/crash-copying-backforwardlist-expected.txt: Added.
* fast/loader/crash-copying-backforwardlist.html: Added.
* platform/gtk/Skipped:
* platform/qt/Skipped:
* platform/win/Skipped:
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@54145 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index 4989f15..f1e134a 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,16 @@
+2010-02-01 Brady Eidson <beidson at apple.com>
+
+ Reviewed by Adele Peterson.
+
+ Crash in Safari opening new tabs to "same page"
+ <rdar://problem/7593857> and https://bugs.webkit.org/show_bug.cgi?id=34444
+
+ * fast/loader/crash-copying-backforwardlist-expected.txt: Added.
+ * fast/loader/crash-copying-backforwardlist.html: Added.
+ * platform/gtk/Skipped:
+ * platform/qt/Skipped:
+ * platform/win/Skipped:
+
2010-02-01 Eric Carlson <eric.carlson at apple.com>
Reviewed by Adele Peterson.
diff --git a/LayoutTests/fast/loader/crash-copying-backforwardlist-expected.txt b/LayoutTests/fast/loader/crash-copying-backforwardlist-expected.txt
new file mode 100644
index 0000000..b4334f6
--- /dev/null
+++ b/LayoutTests/fast/loader/crash-copying-backforwardlist-expected.txt
@@ -0,0 +1,3 @@
+This test only works in DRT by tickling the [WebView _loadBackForwardListFromOtherView:] method.
+If it doesn't crash, then the test passes.
+
diff --git a/LayoutTests/fast/loader/crash-copying-backforwardlist.html b/LayoutTests/fast/loader/crash-copying-backforwardlist.html
new file mode 100644
index 0000000..511c139
--- /dev/null
+++ b/LayoutTests/fast/loader/crash-copying-backforwardlist.html
@@ -0,0 +1,20 @@
+<html>
+<head>
+<script>
+
+if (window.layoutTestController) {
+ layoutTestController.dumpAsText();
+ layoutTestController.waitUntilDone();
+ layoutTestController.setCanOpenWindows(true);
+ layoutTestController.setNewWindowsCopyBackForwardList(true);
+}
+
+</script>
+</head>
+<body onload="window.open('data:text/html,<script>if (window.layoutTestController) layoutTestController.notifyDone();</script>');">
+<pre>
+This test only works in DRT by tickling the [WebView _loadBackForwardListFromOtherView:] method.
+If it doesn't crash, then the test passes.
+</pre>
+</body>
+</html>
diff --git a/LayoutTests/platform/gtk/Skipped b/LayoutTests/platform/gtk/Skipped
index 8589d8f..e9a867b 100644
--- a/LayoutTests/platform/gtk/Skipped
+++ b/LayoutTests/platform/gtk/Skipped
@@ -5785,3 +5785,7 @@ scrollbars/scrollbar-middleclick-nopaste.html
# https://bugs.webkit.org/show_bug.cgi?id=34246
fast/dom/Window/window-postmessage-clone-frames.html
+
+# Relies on WebKit API [WebView _loadBackForwardListFromOtherView:]
+fast/loader/crash-copying-backforwardlist.html
+
diff --git a/LayoutTests/platform/qt/Skipped b/LayoutTests/platform/qt/Skipped
index fc1dae6..931bcf2 100644
--- a/LayoutTests/platform/qt/Skipped
+++ b/LayoutTests/platform/qt/Skipped
@@ -5109,3 +5109,6 @@ http/tests/history/redirect-307.pl
# small caps vs. normal text
# https://bugs.webkit.org/show_bug.cgi?id=34286
css2.1/t1505-c524-font-var-00-b.html
+
+# Relies on WebKit API [WebView _loadBackForwardListFromOtherView:]
+fast/loader/crash-copying-backforwardlist.html
diff --git a/LayoutTests/platform/win/Skipped b/LayoutTests/platform/win/Skipped
index 21b77af..5a20cc5 100644
--- a/LayoutTests/platform/win/Skipped
+++ b/LayoutTests/platform/win/Skipped
@@ -739,3 +739,7 @@ fast/dom/Window/window-properties-geolocation.html
# Needs to pass cookies to the media player
# See http://bugs.webkit.org/show_bug.cgi?id=33954
http/tests/media/video-cookie.html
+
+# Relies on WebKit API [WebView _loadBackForwardListFromOtherView:]
+fast/loader/crash-copying-backforwardlist.html
+
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index b7ada48..d2b4ed6 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,18 @@
+2010-02-01 Brady Eidson <beidson at apple.com>
+
+ Reviewed by Adele Peterson.
+
+ Crash in Safari opening new tabs to "same page"
+ <rdar://problem/7593857> and https://bugs.webkit.org/show_bug.cgi?id=34444
+
+ Test: fast/loader/crash-copying-backforwardlist.html
+
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::loadItem): Null check currentItem().
+
+ * page/Page.cpp:
+ (WebCore::Page::goToItem): Ditto.
+
2010-02-01 Kevin Watters <kevinwatters at gmail.com>
Reviewed by Kevin Ollivier.
diff --git a/WebCore/loader/FrameLoader.cpp b/WebCore/loader/FrameLoader.cpp
index 4471c97..0f3b46e 100644
--- a/WebCore/loader/FrameLoader.cpp
+++ b/WebCore/loader/FrameLoader.cpp
@@ -3818,7 +3818,9 @@ void FrameLoader::loadItem(HistoryItem* item, FrameLoadType loadType)
// - The HistoryItem has a history state object
// - Navigating to an anchor within the page, with no form data stored on the target item or the current history entry,
// and the URLs in the frame tree match the history item for fragment scrolling.
- bool sameDocumentNavigation = (!item->formData() && !(history()->currentItem() && history()->currentItem()->formData()) && history()->urlsMatchItem(item)) || item->documentSequenceNumber() == history()->currentItem()->documentSequenceNumber();
+ HistoryItem* currentItem = history()->currentItem();
+ bool sameDocumentNavigation = (!item->formData() && !(currentItem && currentItem->formData()) && history()->urlsMatchItem(item))
+ || (currentItem && item->documentSequenceNumber() == currentItem->documentSequenceNumber());
#if ENABLE(WML)
// All WML decks should go through the real load mechanism, not the scroll-to-anchor code
diff --git a/WebCore/page/Page.cpp b/WebCore/page/Page.cpp
index 1704bfb..6a8c880 100644
--- a/WebCore/page/Page.cpp
+++ b/WebCore/page/Page.cpp
@@ -290,7 +290,8 @@ void Page::goBackOrForward(int distance)
void Page::goToItem(HistoryItem* item, FrameLoadType type)
{
// Abort any current load unless we're navigating the current document to a new state object
- if (!item->stateObject() || item->documentSequenceNumber() != m_mainFrame->loader()->history()->currentItem()->documentSequenceNumber()) {
+ HistoryItem* currentItem = m_mainFrame->loader()->history()->currentItem();
+ if (!item->stateObject() || !currentItem || item->documentSequenceNumber() != currentItem->documentSequenceNumber()) {
// Define what to do with any open database connections. By default we stop them and terminate the database thread.
DatabasePolicy databasePolicy = DatabasePolicyStop;
diff --git a/WebKitTools/ChangeLog b/WebKitTools/ChangeLog
index 6e16556..ac68118 100644
--- a/WebKitTools/ChangeLog
+++ b/WebKitTools/ChangeLog
@@ -1,3 +1,24 @@
+2010-02-01 Brady Eidson <beidson at apple.com>
+
+ Reviewed by Adele Peterson.
+
+ Crash in Safari opening new tabs to "same page"
+ <rdar://problem/7593857> and https://bugs.webkit.org/show_bug.cgi?id=34444
+
+ Add a mode (Mac-only for now) that exercises the WebView SPI _loadBackForwardListFromOtherView:
+
+ * DumpRenderTree/LayoutTestController.cpp:
+ (LayoutTestController::LayoutTestController):
+ (setNewWindowsCopyBackForwardListCallback):
+ (LayoutTestController::staticFunctions):
+
+ * DumpRenderTree/LayoutTestController.h:
+ (LayoutTestController::newWindowsCopyBackForwardList):
+ (LayoutTestController::setNewWindowsCopyBackForwardList):
+
+ * DumpRenderTree/mac/UIDelegate.mm:
+ (-[UIDelegate webView:createWebViewWithRequest:]):
+
2010-02-01 Carol Szabo <carol.szabo at nokia.com>
Unreviewed.
diff --git a/WebKitTools/DumpRenderTree/LayoutTestController.cpp b/WebKitTools/DumpRenderTree/LayoutTestController.cpp
index e71cd29..4fba8d0 100644
--- a/WebKitTools/DumpRenderTree/LayoutTestController.cpp
+++ b/WebKitTools/DumpRenderTree/LayoutTestController.cpp
@@ -61,6 +61,7 @@ LayoutTestController::LayoutTestController(const std::string& testPathOrURL, con
, m_callCloseOnWebViews(true)
, m_canOpenWindows(false)
, m_closeRemainingWindowsWhenComplete(true)
+ , m_newWindowsCopyBackForwardList(false)
, m_stopProvisionalFrameLoads(false)
, m_testOnscreen(false)
, m_testRepaint(false)
@@ -743,6 +744,18 @@ static JSValueRef setMockGeolocationErrorCallback(JSContextRef context, JSObject
return JSValueMakeUndefined(context);
}
+static JSValueRef setNewWindowsCopyBackForwardListCallback(JSContextRef context, JSObjectRef function, JSObjectRef thisObject, size_t argumentCount, const JSValueRef arguments[], JSValueRef* exception)
+{
+ // Has mac implementation
+ if (argumentCount < 1)
+ return JSValueMakeUndefined(context);
+
+ LayoutTestController* controller = static_cast<LayoutTestController*>(JSObjectGetPrivate(thisObject));
+ controller->setNewWindowsCopyBackForwardList(JSValueToBoolean(context, arguments[0]));
+
+ return JSValueMakeUndefined(context);
+}
+
static JSValueRef setGeolocationPermissionCallback(JSContextRef context, JSObjectRef function, JSObjectRef thisObject, size_t argumentCount, const JSValueRef arguments[], JSValueRef* exception)
{
// Has mac implementation
@@ -1324,6 +1337,7 @@ JSStaticFunction* LayoutTestController::staticFunctions()
{ "setMainFrameIsFirstResponder", setMainFrameIsFirstResponderCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete },
{ "setMockGeolocationPosition", setMockGeolocationPositionCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete },
{ "setMockGeolocationError", setMockGeolocationErrorCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete },
+ { "setNewWindowsCopyBackForwardList", setNewWindowsCopyBackForwardListCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete },
{ "setPersistentUserStyleSheetLocation", setPersistentUserStyleSheetLocationCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete },
{ "setPopupBlockingEnabled", setPopupBlockingEnabledCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete },
{ "setPrivateBrowsingEnabled", setPrivateBrowsingEnabledCallback, kJSPropertyAttributeReadOnly | kJSPropertyAttributeDontDelete },
diff --git a/WebKitTools/DumpRenderTree/LayoutTestController.h b/WebKitTools/DumpRenderTree/LayoutTestController.h
index c8da6ab..00a6ac2 100644
--- a/WebKitTools/DumpRenderTree/LayoutTestController.h
+++ b/WebKitTools/DumpRenderTree/LayoutTestController.h
@@ -66,28 +66,29 @@ public:
void queueReload();
void removeAllVisitedLinks();
void setAcceptsEditing(bool acceptsEditing);
- void setAppCacheMaximumSize(unsigned long long quota);
void setAllowUniversalAccessFromFileURLs(bool);
+ void setAppCacheMaximumSize(unsigned long long quota);
void setAuthorAndUserStylesEnabled(bool);
void setCacheModel(int);
void setCustomPolicyDelegate(bool setDelegate, bool permissive);
void setDatabaseQuota(unsigned long long quota);
void setDomainRelaxationForbiddenForURLScheme(bool forbidden, JSStringRef scheme);
- void setMockGeolocationPosition(double latitude, double longitude, double accuracy);
- void setMockGeolocationError(int code, JSStringRef message);
void setIconDatabaseEnabled(bool iconDatabaseEnabled);
void setJavaScriptProfilingEnabled(bool profilingEnabled);
void setMainFrameIsFirstResponder(bool flag);
+ void setMockGeolocationError(int code, JSStringRef message);
+ void setMockGeolocationPosition(double latitude, double longitude, double accuracy);
void setPersistentUserStyleSheetLocation(JSStringRef path);
void setPopupBlockingEnabled(bool flag);
void setPrivateBrowsingEnabled(bool flag);
- void setXSSAuditorEnabled(bool flag);
void setSelectTrailingWhitespaceEnabled(bool flag);
void setSmartInsertDeleteEnabled(bool flag);
void setTabKeyCyclesThroughElements(bool cycles);
void setUseDashboardCompatibilityMode(bool flag);
void setUserStyleSheetEnabled(bool flag);
void setUserStyleSheetLocation(JSStringRef path);
+ void setXSSAuditorEnabled(bool flag);
+
void waitForPolicyDelegate();
size_t webHistoryItemCount();
unsigned workerThreadCount() const;
@@ -161,6 +162,9 @@ public:
bool closeRemainingWindowsWhenComplete() const { return m_closeRemainingWindowsWhenComplete; }
void setCloseRemainingWindowsWhenComplete(bool closeRemainingWindowsWhenComplete) { m_closeRemainingWindowsWhenComplete = closeRemainingWindowsWhenComplete; }
+ bool newWindowsCopyBackForwardList() const { return m_newWindowsCopyBackForwardList; }
+ void setNewWindowsCopyBackForwardList(bool newWindowsCopyBackForwardList) { m_newWindowsCopyBackForwardList = newWindowsCopyBackForwardList; }
+
bool stopProvisionalFrameLoads() const { return m_stopProvisionalFrameLoads; }
void setStopProvisionalFrameLoads(bool stopProvisionalFrameLoads) { m_stopProvisionalFrameLoads = stopProvisionalFrameLoads; }
@@ -248,6 +252,7 @@ private:
bool m_callCloseOnWebViews;
bool m_canOpenWindows;
bool m_closeRemainingWindowsWhenComplete;
+ bool m_newWindowsCopyBackForwardList;
bool m_stopProvisionalFrameLoads;
bool m_testOnscreen;
bool m_testRepaint;
diff --git a/WebKitTools/DumpRenderTree/mac/UIDelegate.mm b/WebKitTools/DumpRenderTree/mac/UIDelegate.mm
index 81c03d2..19ceb95 100644
--- a/WebKitTools/DumpRenderTree/mac/UIDelegate.mm
+++ b/WebKitTools/DumpRenderTree/mac/UIDelegate.mm
@@ -38,6 +38,7 @@
#import <WebKit/WebSecurityOriginPrivate.h>
#import <WebKit/WebUIDelegatePrivate.h>
#import <WebKit/WebView.h>
+#import <WebKit/WebViewPrivate.h>
#import <wtf/Assertions.h>
DumpRenderTreeDraggingInfo *draggingInfo = nil;
@@ -122,6 +123,9 @@ DumpRenderTreeDraggingInfo *draggingInfo = nil;
WebView *webView = createWebViewAndOffscreenWindow();
+ if (gLayoutTestController->newWindowsCopyBackForwardList())
+ [webView _loadBackForwardListFromOtherView:sender];
+
return [webView autorelease];
}
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list