[webkit-changes] [272640] trunk

Wed, 10 Feb 2021 01:14:26 -0800

Title: [272640] trunk
Revision
272640
Author
[email protected]
Date
2021-02-10 01:13:41 -0800 (Wed, 10 Feb 2021)

Log Message

Do not schedule update on embed creation
https://bugs.webkit.org/show_bug.cgi?id=221375

Patch by Rob Buis <[email protected]> on 2021-02-10
Reviewed by Ryosuke Niwa.

Source/WebCore:

Do not schedule update on embed creation.

Test: plugins/embed-creation-crash.html

* html/HTMLEmbedElement.cpp:
(WebCore::HTMLEmbedElement::create):
* html/HTMLObjectElement.cpp:
(WebCore::HTMLObjectElement::create):
* html/HTMLPlugInImageElement.cpp:
(WebCore::HTMLPlugInImageElement::finishCreating): Deleted.
* html/HTMLPlugInImageElement.h:

LayoutTests:

Add test for this.

* plugins/embed-creation-crash-expected.txt: Added.
* plugins/embed-creation-crash.html: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (272639 => 272640)


--- trunk/LayoutTests/ChangeLog	2021-02-10 08:53:20 UTC (rev 272639)
+++ trunk/LayoutTests/ChangeLog	2021-02-10 09:13:41 UTC (rev 272640)
@@ -1,3 +1,15 @@
+2021-02-10  Rob Buis  <[email protected]>
+
+        Do not schedule update on embed creation
+        https://bugs.webkit.org/show_bug.cgi?id=221375
+
+        Reviewed by Ryosuke Niwa.
+
+        Add test for this.
+
+        * plugins/embed-creation-crash-expected.txt: Added.
+        * plugins/embed-creation-crash.html: Added.
+
 2021-02-10  Lauro Moura  <[email protected]>
 
         [ATK] Support focusable-inside-hidden test

Added: trunk/LayoutTests/plugins/embed-creation-crash-expected.txt (0 => 272640)


--- trunk/LayoutTests/plugins/embed-creation-crash-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/plugins/embed-creation-crash-expected.txt	2021-02-10 09:13:41 UTC (rev 272640)
@@ -0,0 +1 @@
+This test should not hang.

Added: trunk/LayoutTests/plugins/embed-creation-crash.html (0 => 272640)


--- trunk/LayoutTests/plugins/embed-creation-crash.html	                        (rev 0)
+++ trunk/LayoutTests/plugins/embed-creation-crash.html	2021-02-10 09:13:41 UTC (rev 272640)
@@ -0,0 +1,9 @@
+<script>
+  _onload_ = () => {
+      testRunner.dumpAsText();
+      testRunner.waitUntilDone();
+      testRunner.notifyDone();
+      var a = document.createElement('embed');
+    }
+</script>
+<p>This test should not hang.</p>

Modified: trunk/Source/WebCore/ChangeLog (272639 => 272640)


--- trunk/Source/WebCore/ChangeLog	2021-02-10 08:53:20 UTC (rev 272639)
+++ trunk/Source/WebCore/ChangeLog	2021-02-10 09:13:41 UTC (rev 272640)
@@ -1,3 +1,22 @@
+2021-02-10  Rob Buis  <[email protected]>
+
+        Do not schedule update on embed creation
+        https://bugs.webkit.org/show_bug.cgi?id=221375
+
+        Reviewed by Ryosuke Niwa.
+
+        Do not schedule update on embed creation.
+
+        Test: plugins/embed-creation-crash.html
+
+        * html/HTMLEmbedElement.cpp:
+        (WebCore::HTMLEmbedElement::create):
+        * html/HTMLObjectElement.cpp:
+        (WebCore::HTMLObjectElement::create):
+        * html/HTMLPlugInImageElement.cpp:
+        (WebCore::HTMLPlugInImageElement::finishCreating): Deleted.
+        * html/HTMLPlugInImageElement.h:
+
 2021-02-09  Eric Carlson  <[email protected]>
 
         REGRESSION: (r272458): [BigSur Debug] ASSERTION FAILED: m_haveAddedMediaUsageManagerSession in WebCore::MediaElementSession::updateMediaUsageIfChanged()

Modified: trunk/Source/WebCore/html/HTMLEmbedElement.cpp (272639 => 272640)


--- trunk/Source/WebCore/html/HTMLEmbedElement.cpp	2021-02-10 08:53:20 UTC (rev 272639)
+++ trunk/Source/WebCore/html/HTMLEmbedElement.cpp	2021-02-10 09:13:41 UTC (rev 272640)
@@ -55,9 +55,7 @@
 
 Ref<HTMLEmbedElement> HTMLEmbedElement::create(const QualifiedName& tagName, Document& document)
 {
-    auto result = adoptRef(*new HTMLEmbedElement(tagName, document));
-    result->finishCreating();
-    return result;
+    return adoptRef(*new HTMLEmbedElement(tagName, document));
 }
 
 Ref<HTMLEmbedElement> HTMLEmbedElement::create(Document& document)

Modified: trunk/Source/WebCore/html/HTMLObjectElement.cpp (272639 => 272640)


--- trunk/Source/WebCore/html/HTMLObjectElement.cpp	2021-02-10 08:53:20 UTC (rev 272639)
+++ trunk/Source/WebCore/html/HTMLObjectElement.cpp	2021-02-10 09:13:41 UTC (rev 272640)
@@ -71,9 +71,7 @@
 
 Ref<HTMLObjectElement> HTMLObjectElement::create(const QualifiedName& tagName, Document& document, HTMLFormElement* form)
 {
-    auto result = adoptRef(*new HTMLObjectElement(tagName, document, form));
-    result->finishCreating();
-    return result;
+    return adoptRef(*new HTMLObjectElement(tagName, document, form));
 }
 
 HTMLObjectElement::~HTMLObjectElement()

Modified: trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp (272639 => 272640)


--- trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp	2021-02-10 08:53:20 UTC (rev 272639)
+++ trunk/Source/WebCore/html/HTMLPlugInImageElement.cpp	2021-02-10 09:13:41 UTC (rev 272640)
@@ -64,11 +64,6 @@
 {
 }
 
-void HTMLPlugInImageElement::finishCreating()
-{
-    scheduleUpdateForAfterStyleResolution();
-}
-
 HTMLPlugInImageElement::~HTMLPlugInImageElement()
 {
     if (m_needsDocumentActivationCallbacks)

Modified: trunk/Source/WebCore/html/HTMLPlugInImageElement.h (272639 => 272640)


--- trunk/Source/WebCore/html/HTMLPlugInImageElement.h	2021-02-10 08:53:20 UTC (rev 272639)
+++ trunk/Source/WebCore/html/HTMLPlugInImageElement.h	2021-02-10 09:13:41 UTC (rev 272640)
@@ -47,7 +47,6 @@
     
 protected:
     HTMLPlugInImageElement(const QualifiedName& tagName, Document&);
-    void finishCreating();
 
     void didMoveToNewDocument(Document& oldDocument, Document& newDocument) override;
 

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to