Title: [273298] trunk/Source/WebCore
- Revision
- 273298
- Author
- [email protected]
- Date
- 2021-02-22 19:50:54 -0800 (Mon, 22 Feb 2021)
Log Message
REGRESSION (r272928): ASSERT NOT REACHED in WebCore::FrameSelection::setSelectionWithoutUpdatingAppearance
https://bugs.webkit.org/show_bug.cgi?id=222219
<rdar://problem/74548257>
Reviewed by Wenson Hsieh.
The assertion failure was caused by confirmCompositionAndNotifyClient called in commitProvisionalLoad
committing the composition even though the composition node had been removed from the document.
Fixed the bug by canceling the composition if the composition node had been removed or the selection
had been moved away from it in confirmCompositionAndNotifyClient.
Test: editing/input/select-all-clear-input-method.html
* editing/Editor.cpp:
(WebCore::Editor::confirmOrCancelCompositionAndNotifyClient): Renamed from confirmCompositionAndNotifyClient.
* editing/Editor.h:
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::commitProvisionalLoad):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (273297 => 273298)
--- trunk/Source/WebCore/ChangeLog 2021-02-23 03:34:22 UTC (rev 273297)
+++ trunk/Source/WebCore/ChangeLog 2021-02-23 03:50:54 UTC (rev 273298)
@@ -1,3 +1,25 @@
+2021-02-22 Ryosuke Niwa <[email protected]>
+
+ REGRESSION (r272928): ASSERT NOT REACHED in WebCore::FrameSelection::setSelectionWithoutUpdatingAppearance
+ https://bugs.webkit.org/show_bug.cgi?id=222219
+ <rdar://problem/74548257>
+
+ Reviewed by Wenson Hsieh.
+
+ The assertion failure was caused by confirmCompositionAndNotifyClient called in commitProvisionalLoad
+ committing the composition even though the composition node had been removed from the document.
+
+ Fixed the bug by canceling the composition if the composition node had been removed or the selection
+ had been moved away from it in confirmCompositionAndNotifyClient.
+
+ Test: editing/input/select-all-clear-input-method.html
+
+ * editing/Editor.cpp:
+ (WebCore::Editor::confirmOrCancelCompositionAndNotifyClient): Renamed from confirmCompositionAndNotifyClient.
+ * editing/Editor.h:
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::commitProvisionalLoad):
+
2021-02-22 Wenson Hsieh <[email protected]>
WebMouseEvent.h should avoid pulling in WebCore headers that know about DOM nodes
Modified: trunk/Source/WebCore/editing/Editor.cpp (273297 => 273298)
--- trunk/Source/WebCore/editing/Editor.cpp 2021-02-23 03:34:22 UTC (rev 273297)
+++ trunk/Source/WebCore/editing/Editor.cpp 2021-02-23 03:50:54 UTC (rev 273298)
@@ -1943,7 +1943,7 @@
setComposition(m_compositionNode->data().substring(m_compositionStart, m_compositionEnd - m_compositionStart), ConfirmComposition);
}
-void Editor::confirmCompositionAndNotifyClient()
+void Editor::confirmOrCancelCompositionAndNotifyClient()
{
if (!hasComposition())
return;
@@ -1952,6 +1952,9 @@
if (!frame)
return;
+ if (cancelCompositionIfSelectionIsInvalid())
+ return;
+
confirmComposition();
if (auto editorClient = client()) {
Modified: trunk/Source/WebCore/editing/Editor.h (273297 => 273298)
--- trunk/Source/WebCore/editing/Editor.h 2021-02-23 03:34:22 UTC (rev 273297)
+++ trunk/Source/WebCore/editing/Editor.h 2021-02-23 03:50:54 UTC (rev 273298)
@@ -379,7 +379,7 @@
WEBCORE_EXPORT void setComposition(const String&, const Vector<CompositionUnderline>&, const Vector<CompositionHighlight>&, unsigned selectionStart, unsigned selectionEnd);
WEBCORE_EXPORT void confirmComposition();
WEBCORE_EXPORT void confirmComposition(const String&); // if no existing composition, replaces selection
- void confirmCompositionAndNotifyClient();
+ void confirmOrCancelCompositionAndNotifyClient();
WEBCORE_EXPORT void cancelComposition();
bool cancelCompositionIfSelectionIsInvalid();
WEBCORE_EXPORT Optional<SimpleRange> compositionRange() const;
Modified: trunk/Source/WebCore/loader/FrameLoader.cpp (273297 => 273298)
--- trunk/Source/WebCore/loader/FrameLoader.cpp 2021-02-23 03:34:22 UTC (rev 273297)
+++ trunk/Source/WebCore/loader/FrameLoader.cpp 2021-02-23 03:50:54 UTC (rev 273298)
@@ -1987,7 +1987,7 @@
// be connected to its frame yet, so the following call with be a no-op. We will
// attempt to confirm any active composition once again in this scenario after we
// finish restoring from the cached page.
- document->editor().confirmCompositionAndNotifyClient();
+ document->editor().confirmOrCancelCompositionAndNotifyClient();
}
if (!m_frame.tree().parent() && history().currentItem() && history().currentItem() != history().provisionalItem()) {
@@ -2068,7 +2068,7 @@
didOpenURL();
if (auto document = makeRefPtr(m_frame.document()))
- document->editor().confirmCompositionAndNotifyClient();
+ document->editor().confirmOrCancelCompositionAndNotifyClient();
LOG(Loading, "WebCoreLoading %s: Finished committing provisional load to URL %s", m_frame.tree().uniqueName().string().utf8().data(),
m_frame.document() ? m_frame.document()->url().stringCenterEllipsizedToLength().utf8().data() : "");
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
