[webkit-changes] [166362] trunk

Thu, 27 Mar 2014 10:51:07 -0700

Title: [166362] trunk
Revision
166362
Author
bfulg...@apple.com
Date
2014-03-27 10:50:53 -0700 (Thu, 27 Mar 2014)

Log Message

Fix a crash caused by track insertion after load()
https://bugs.webkit.org/show_bug.cgi?id=130777

Reviewed by Eric Carlson.

Test: media/track/track-insert-after-load-crash.html

Based on the Blink change (patch by acolw...@chromium.org):
https://codereview.chromium.org/211373009/

Source/WebCore:

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::parseAttribute): Remove stale LoadMediaResource flag after explicit load.

LayoutTests:

* media/track/track-insert-after-load-crash-expected.txt: Added.
* media/track/track-insert-after-load-crash.html: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (166361 => 166362)


--- trunk/LayoutTests/ChangeLog	2014-03-27 17:42:48 UTC (rev 166361)
+++ trunk/LayoutTests/ChangeLog	2014-03-27 17:50:53 UTC (rev 166362)
@@ -1,3 +1,18 @@
+2014-03-27  Brent Fulgham  <bfulg...@apple.com>
+
+        Fix a crash caused by track insertion after load()
+        https://bugs.webkit.org/show_bug.cgi?id=130777
+
+        Reviewed by Eric Carlson.
+
+        Test: media/track/track-insert-after-load-crash.html
+
+        Based on the Blink change (patch by acolw...@chromium.org):
+        https://codereview.chromium.org/211373009/
+
+        * media/track/track-insert-after-load-crash-expected.txt: Added.
+        * media/track/track-insert-after-load-crash.html: Added.
+
 2014-03-27  Manuel Rego Casasnovas  <r...@igalia.com>
 
         [CSS Grid Layout] Remove unused variable in fast/css-grid-layout/implicit-position-dynamic-change.html

Added: trunk/LayoutTests/media/track/track-insert-after-load-crash-expected.txt (0 => 166362)


--- trunk/LayoutTests/media/track/track-insert-after-load-crash-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/media/track/track-insert-after-load-crash-expected.txt	2014-03-27 17:50:53 UTC (rev 166362)
@@ -0,0 +1,5 @@
+Tests that inserting a <track> element immediately after a load() doesn't crash.
+
+
+END OF TEST
+

Added: trunk/LayoutTests/media/track/track-insert-after-load-crash.html (0 => 166362)


--- trunk/LayoutTests/media/track/track-insert-after-load-crash.html	                        (rev 0)
+++ trunk/LayoutTests/media/track/track-insert-after-load-crash.html	2014-03-27 17:50:53 UTC (rev 166362)
@@ -0,0 +1,18 @@
+<!DOCTYPE  html>
+<html>
+    <head>
+        <script src=""
+        <script src=""
+    </head>
+    <body>
+      <p>Tests that inserting a &lt;track&gt; element immediately after a load() doesn't crash.</p>
+      <video id="v"></video>
+      <script>
+        var v = document.querySelector('#v');
+        v.src = "" '../content/test');
+        v.load();
+        v.appendChild(document.createElement('track'));
+        v.addEventListener('loadedmetadata', endTest);
+      </script>
+    </body>
+</html>
\ No newline at end of file

Modified: trunk/Source/WebCore/ChangeLog (166361 => 166362)


--- trunk/Source/WebCore/ChangeLog	2014-03-27 17:42:48 UTC (rev 166361)
+++ trunk/Source/WebCore/ChangeLog	2014-03-27 17:50:53 UTC (rev 166362)
@@ -1,3 +1,18 @@
+2014-03-27  Brent Fulgham  <bfulg...@apple.com>
+
+        Fix a crash caused by track insertion after load()
+        https://bugs.webkit.org/show_bug.cgi?id=130777
+
+        Reviewed by Eric Carlson.
+
+        Test: media/track/track-insert-after-load-crash.html
+
+        Based on the Blink change (patch by acolw...@chromium.org):
+        https://codereview.chromium.org/211373009/
+
+        * html/HTMLMediaElement.cpp:
+        (WebCore::HTMLMediaElement::parseAttribute): Remove stale LoadMediaResource flag after explicit load.
+
 2014-03-27  Alexey Proskuryakov  <a...@apple.com>
 
         Connection::dispatchOneMessage() can be re-entered while handling Cmd-key menu

Modified: trunk/Source/WebCore/html/HTMLMediaElement.cpp (166361 => 166362)


--- trunk/Source/WebCore/html/HTMLMediaElement.cpp	2014-03-27 17:42:48 UTC (rev 166361)
+++ trunk/Source/WebCore/html/HTMLMediaElement.cpp	2014-03-27 17:50:53 UTC (rev 166362)
@@ -938,6 +938,8 @@
     // Perform the cleanup required for the resource load algorithm to run.
     stopPeriodicTimers();
     m_loadTimer.stop();
+    // FIXME: Figure out appropriate place to reset LoadTextTrackResource if necessary and set m_pendingActionFlags to 0 here.
+    m_pendingActionFlags &= ~LoadMediaResource;
     m_sentEndEvent = false;
     m_sentStalledEvent = false;
     m_haveFiredLoadedData = false;

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to