Skip to site navigation (Press enter)

[webkit-changes] [228493] tags/Safari-605.1.27.2.1/Source/WebCore

jmarcell Wed, 14 Feb 2018 15:51:11 -0800

Title: [228493] tags/Safari-605.1.27.2.1/Source/WebCore

Revision: 228493
Author: jmarc...@apple.com
Date: 2018-02-14 15:50:04 -0800 (Wed, 14 Feb 2018)

Log Message

Cherry-pick r228476. rdar://problem/37549912


Modified Paths

tags/Safari-605.1.27.2.1/Source/WebCore/ChangeLog
tags/Safari-605.1.27.2.1/Source/WebCore/html/HTMLPlugInElement.cpp

Diff

Modified: tags/Safari-605.1.27.2.1/Source/WebCore/ChangeLog (228492 => 228493)


--- tags/Safari-605.1.27.2.1/Source/WebCore/ChangeLog	2018-02-14 23:41:55 UTC (rev 228492)
+++ tags/Safari-605.1.27.2.1/Source/WebCore/ChangeLog	2018-02-14 23:50:04 UTC (rev 228493)
@@ -1,5 +1,26 @@
 2018-02-14  Jason Marcell  <jmarc...@apple.com>
 
+        Cherry-pick r228476. rdar://problem/37549912
+
+    2018-02-14  Dean Jackson  <d...@apple.com>
+
+            CrashTracer: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot + 618
+            https://bugs.webkit.org/show_bug.cgi?id=182798
+            <rdar://problem/23337253>
+
+            Reviewed by Eric Carlson.
+
+            Speculative fix for a crash in HTMLPlugInImageElement::didAddUserAgentShadowRoot.
+            The guess is that the m_swapRendererTimer is set, and the display state changes to
+            something that does not require a shadow root, but before the timer fires.
+            Fix this by ensuring that the timer is reset on every display state change.
+
+            * html/HTMLPlugInElement.cpp:
+            (WebCore::HTMLPlugInElement::setDisplayState): Guard for sets that wouldn't
+            actually change value, and make sure we always reset the timer.
+
+2018-02-14  Jason Marcell  <jmarc...@apple.com>
+
         Cherry-pick r228435. rdar://problem/37538686
 
     2018-02-13  Antti Koivisto  <an...@apple.com>

Modified: tags/Safari-605.1.27.2.1/Source/WebCore/html/HTMLPlugInElement.cpp (228492 => 228493)


--- tags/Safari-605.1.27.2.1/Source/WebCore/html/HTMLPlugInElement.cpp	2018-02-14 23:41:55 UTC (rev 228492)
+++ tags/Safari-605.1.27.2.1/Source/WebCore/html/HTMLPlugInElement.cpp	2018-02-14 23:50:04 UTC (rev 228493)
@@ -286,9 +286,13 @@
 
 void HTMLPlugInElement::setDisplayState(DisplayState state)
 {
+    if (state == m_displayState)
+        return;
+
     m_displayState = state;
     
-    if ((state == DisplayingSnapshot || displayState() == PreparingPluginReplacement) && !m_swapRendererTimer.isActive())
+    m_swapRendererTimer.stop();
+    if (state == DisplayingSnapshot || displayState() == PreparingPluginReplacement)
         m_swapRendererTimer.startOneShot(0_s);
 }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes