[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.2.3-2-25-gb2c19be
Gustavo Noronha Silva
gns at gnome.org
Mon Sep 6 13:08:33 UTC 2010
The following commit has been merged in the debian/unstable branch:
commit f5a22bf6b3951999255708361c9200f6d2fd8425
Author: tony at chromium.org <tony at chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Fri Jun 11 00:49:10 2010 +0000
2010-06-10 Tony Chang <tony at chromium.org>
Reviewed by Kent Tamura.
crash when focus is changed while trying to focus next element
https://bugs.webkit.org/show_bug.cgi?id=40407
* fast/events/focus-change-crash-expected.txt: Added.
* fast/events/focus-change-crash.html: Added.
2010-06-10 Tony Chang <tony at chromium.org>
Reviewed by Kent Tamura.
crash when focus is changed while trying to focus next element
https://bugs.webkit.org/show_bug.cgi?id=40407
Test: fast/events/focus-change-crash.html
* dom/Element.cpp:
(WebCore::Element::focus):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@60984 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index e0f769e..b6a5658 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,13 @@
+2010-06-10 Tony Chang <tony at chromium.org>
+
+ Reviewed by Kent Tamura.
+
+ crash when focus is changed while trying to focus next element
+ https://bugs.webkit.org/show_bug.cgi?id=40407
+
+ * fast/events/focus-change-crash-expected.txt: Added.
+ * fast/events/focus-change-crash.html: Added.
+
2010-05-14 Abhishek Arya <inferno at chromium.org>
Reviewed by David Hyatt.
diff --git a/LayoutTests/fast/events/focus-change-crash-expected.txt b/LayoutTests/fast/events/focus-change-crash-expected.txt
new file mode 100644
index 0000000..0b73fb9
--- /dev/null
+++ b/LayoutTests/fast/events/focus-change-crash-expected.txt
@@ -0,0 +1,3 @@
+Type something into the first input and press tab. The browser should not crash.
+
+PASSED
diff --git a/LayoutTests/fast/events/focus-change-crash.html b/LayoutTests/fast/events/focus-change-crash.html
new file mode 100644
index 0000000..9b28155
--- /dev/null
+++ b/LayoutTests/fast/events/focus-change-crash.html
@@ -0,0 +1,27 @@
+<div>Type something into the first input and press tab. The browser should not crash.</div>
+<div id="parent">
+<input id="a" />
+<input id="b" />
+</div>
+<div id="results"></div>
+<script>
+document.getElementById("a").addEventListener("change", function(e) {
+ var parent = document.getElementById("parent");
+ parent.innerHTML = "<input id='c' />";
+ document.getElementById("c").select();
+}, false);
+
+function runTest()
+{
+ document.getElementById("a").focus();
+ if (!window.layoutTestController)
+ return;
+ layoutTestController.dumpAsText();
+ eventSender.keyDown("x")
+ eventSender.keyDown("\t");
+ document.getElementById("results").innerText = "PASSED";
+}
+
+runTest();
+
+</script>
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 19a01a2..2338168 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,15 @@
+2010-06-10 Tony Chang <tony at chromium.org>
+
+ Reviewed by Kent Tamura.
+
+ crash when focus is changed while trying to focus next element
+ https://bugs.webkit.org/show_bug.cgi?id=40407
+
+ Test: fast/events/focus-change-crash.html
+
+ * dom/Element.cpp:
+ (WebCore::Element::focus):
+
2010-05-14 Abhishek Arya <inferno at chromium.org>
Reviewed by David Hyatt.
diff --git a/WebCore/dom/Element.cpp b/WebCore/dom/Element.cpp
index 90fc535..8967f14 100644
--- a/WebCore/dom/Element.cpp
+++ b/WebCore/dom/Element.cpp
@@ -1312,8 +1312,12 @@ void Element::focus(bool restorePreviousSelection)
return;
}
- if (Page* page = doc->page())
+ RefPtr<Node> protect;
+ if (Page* page = doc->page()) {
+ // Focus and change event handlers can cause us to lose our last ref.
+ protect = this;
page->focusController()->setFocusedNode(this, doc->frame());
+ }
// Setting the focused node above might have invalidated the layout due to scripts.
doc->updateLayoutIgnorePendingStylesheets();
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list