Skip to site navigation (Press enter)

[webkit-changes] [121072] trunk

jchaffraix Fri, 22 Jun 2012 16:30:02 -0700

Title: [121072] trunk

Revision: 121072
Author: [email protected]
Date: 2012-06-22 16:29:30 -0700 (Fri, 22 Jun 2012)

Log Message

REGRESSION(r116446): Crash in RenderBoxModelObject::adjustedPositionRelativeToOffsetParent
https://bugs.webkit.org/show_bug.cgi?id=89785


Reviewed by Abhishek Arya.

Source/WebCore:

Test: fullscreen/full-screen-crash-offsetLeft.html

* rendering/RenderBoxModelObject.cpp:
(WebCore::RenderBoxModelObject::adjustedPositionRelativeToOffsetParent):
Added a NULL-check for parent() as it can be NULL in fullscreen mode. Also updated a stale
comment while touching the code.

LayoutTests:

* fullscreen/full-screen-crash-offsetLeft-expected.html: Added.
* fullscreen/full-screen-crash-offsetLeft.html: Added.

Modified Paths

trunk/LayoutTests/ChangeLog
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/rendering/RenderBoxModelObject.cpp

Added Paths

trunk/LayoutTests/fullscreen/full-screen-crash-offsetLeft-expected.txt
trunk/LayoutTests/fullscreen/full-screen-crash-offsetLeft.html

Diff

Modified: trunk/LayoutTests/ChangeLog (121071 => 121072)


--- trunk/LayoutTests/ChangeLog	2012-06-22 23:26:12 UTC (rev 121071)
+++ trunk/LayoutTests/ChangeLog	2012-06-22 23:29:30 UTC (rev 121072)
@@ -1,3 +1,13 @@
+2012-06-22  Julien Chaffraix  <[email protected]>
+
+        REGRESSION(r116446): Crash in RenderBoxModelObject::adjustedPositionRelativeToOffsetParent
+        https://bugs.webkit.org/show_bug.cgi?id=89785
+
+        Reviewed by Abhishek Arya.
+
+        * fullscreen/full-screen-crash-offsetLeft-expected.html: Added.
+        * fullscreen/full-screen-crash-offsetLeft.html: Added.
+
 2012-06-22  Beth Dakin  <[email protected]>
 
         Skipping this test because it's failing most of the time since

Added: trunk/LayoutTests/fullscreen/full-screen-crash-offsetLeft-expected.txt (0 => 121072)


--- trunk/LayoutTests/fullscreen/full-screen-crash-offsetLeft-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/fullscreen/full-screen-crash-offsetLeft-expected.txt	2012-06-22 23:29:30 UTC (rev 121072)
@@ -0,0 +1,5 @@
+Bug 89785: REGRESSION(r116446): Crash in RenderBoxModelObject::adjustedPositionRelativeToOffsetParent
+
+PASSED, the page didn't crash.
+END OF TEST
+

Added: trunk/LayoutTests/fullscreen/full-screen-crash-offsetLeft.html (0 => 121072)


--- trunk/LayoutTests/fullscreen/full-screen-crash-offsetLeft.html	                        (rev 0)
+++ trunk/LayoutTests/fullscreen/full-screen-crash-offsetLeft.html	2012-06-22 23:29:30 UTC (rev 121072)
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html>
+<body>
+<video></video>
+<p><a href="" 89785</a>: REGRESSION(r116446): Crash in RenderBoxModelObject::adjustedPositionRelativeToOffsetParent</p>
+<script src=""
+<script>
+    if ("webkitRequestFullScreen" in Element.prototype) {
+        if (!window.testRunner)
+            consoleWrite("To manually test this bug, switch to fullscreen. It shouldn't crash.");
+
+        video = document.getElementsByTagName("video")[0];
+        var fullscreenChanged = function(event)
+        {
+            video.offsetLeft;
+            video.offsetTop;
+            consoleWrite("PASSED, the page didn't crash.");
+            endTest();
+        };
+        document.addEventListener('webkitfullscreenchange', fullscreenChanged);
+
+        runWithKeyDown(function () {
+            video.webkitRequestFullScreen();
+        });
+    } else {
+        consoleWrite("FAILED, couldn't find webkitRequestFullScreen.");
+        endTest();
+    }
+</script>
+</body>
+</html>

Modified: trunk/Source/WebCore/ChangeLog (121071 => 121072)


--- trunk/Source/WebCore/ChangeLog	2012-06-22 23:26:12 UTC (rev 121071)
+++ trunk/Source/WebCore/ChangeLog	2012-06-22 23:29:30 UTC (rev 121072)
@@ -1,3 +1,17 @@
+2012-06-22  Julien Chaffraix  <[email protected]>
+
+        REGRESSION(r116446): Crash in RenderBoxModelObject::adjustedPositionRelativeToOffsetParent
+        https://bugs.webkit.org/show_bug.cgi?id=89785
+
+        Reviewed by Abhishek Arya.
+
+        Test: fullscreen/full-screen-crash-offsetLeft.html
+
+        * rendering/RenderBoxModelObject.cpp:
+        (WebCore::RenderBoxModelObject::adjustedPositionRelativeToOffsetParent):
+        Added a NULL-check for parent() as it can be NULL in fullscreen mode. Also updated a stale
+        comment while touching the code.
+
 2012-06-22  Kenneth Russell  <[email protected]>
 
         Unreviewed, rolling out r121064.

Modified: trunk/Source/WebCore/rendering/RenderBoxModelObject.cpp (121071 => 121072)


--- trunk/Source/WebCore/rendering/RenderBoxModelObject.cpp	2012-06-22 23:26:12 UTC (rev 121071)
+++ trunk/Source/WebCore/rendering/RenderBoxModelObject.cpp	2012-06-22 23:29:30 UTC (rev 121072)
@@ -517,11 +517,11 @@
 
 LayoutPoint RenderBoxModelObject::adjustedPositionRelativeToOffsetParent(const LayoutPoint& startPoint) const
 {
-    // If the element is the HTML body element or does not have an associated box
+    // If the element is the HTML body element or doesn't have a parent
     // return 0 and stop this algorithm.
-    if (isBody())
+    if (isBody() || !parent())
         return LayoutPoint();
-    
+
     LayoutPoint referencePoint = startPoint;
     referencePoint.move(parent()->offsetForColumns(referencePoint));

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes