Title: [128222] trunk
- Revision
- 128222
- Author
- [email protected]
- Date
- 2012-09-11 13:36:16 -0700 (Tue, 11 Sep 2012)
Log Message
Crash on a long press gesture when touch adjustment is enabled.
https://bugs.webkit.org/show_bug.cgi?id=96313
Patch by Kevin Ellis <[email protected]> on 2012-09-11
Reviewed by Antonio Gomes.
Source/WebCore:
Fix to ensure that a long-press on a shadow-DOM element does not
trigger a crash in TouchAdjustment::providesContextMenuItems.
Prior to the patch, a null-pointer exception was trigger because
of a null renderer in the check.
Test: touchadjustment/context-menu-shadow-node.html
* page/TouchAdjustment.cpp:
(WebCore::TouchAdjustment::providesContextMenuItems):
LayoutTests:
Add test to ensure that a long-press on a shadow DOM element does
not trigger a crash when determining if an element provides a context
menu.
* touchadjustment/context-menu-shadow-node-expected.txt: Added.
* touchadjustment/context-menu-shadow-node.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (128221 => 128222)
--- trunk/LayoutTests/ChangeLog 2012-09-11 20:34:08 UTC (rev 128221)
+++ trunk/LayoutTests/ChangeLog 2012-09-11 20:36:16 UTC (rev 128222)
@@ -1,3 +1,17 @@
+2012-09-11 Kevin Ellis <[email protected]>
+
+ Crash on a long press gesture when touch adjustment is enabled.
+ https://bugs.webkit.org/show_bug.cgi?id=96313
+
+ Reviewed by Antonio Gomes.
+
+ Add test to ensure that a long-press on a shadow DOM element does
+ not trigger a crash when determining if an element provides a context
+ menu.
+
+ * touchadjustment/context-menu-shadow-node-expected.txt: Added.
+ * touchadjustment/context-menu-shadow-node.html: Added.
+
2012-09-11 Zan Dobersek <[email protected]>
Unreviewed, manually rolling out r128175.
Added: trunk/LayoutTests/touchadjustment/context-menu-shadow-node-expected.txt (0 => 128222)
--- trunk/LayoutTests/touchadjustment/context-menu-shadow-node-expected.txt (rev 0)
+++ trunk/LayoutTests/touchadjustment/context-menu-shadow-node-expected.txt 2012-09-11 20:36:16 UTC (rev 128222)
@@ -0,0 +1,10 @@
+Test touch adjustment for context-menu gestures on a shadow-DOM element.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS adjusted node was null.
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: trunk/LayoutTests/touchadjustment/context-menu-shadow-node.html (0 => 128222)
--- trunk/LayoutTests/touchadjustment/context-menu-shadow-node.html (rev 0)
+++ trunk/LayoutTests/touchadjustment/context-menu-shadow-node.html 2012-09-11 20:36:16 UTC (rev 128222)
@@ -0,0 +1,57 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <title>Touch Adjustment : Handle long press on a shadow DOM element - bug 96313</title>
+ <script src=""
+ <script src=""
+ <style>
+ #sandbox {
+ background: #00f;
+ position: absolute;
+ top: 0px;
+ left: 0px;
+ width: 100px;
+ height: 100px;
+ }
+ #description {
+ margin-top: 110px;
+ }
+ </style>
+</head>
+
+<body>
+
+<div id="sandbox"></div>
+<p id='description'></p>
+<div id='console'></div>
+
+<script>
+ var sandbox = document.getElementById('sandbox');
+
+ function addShadowDOM() {
+ var targetDiv = document.getElementById("sandbox");
+ var root = internals.ensureShadowRoot(targetDiv);
+ var shadowDiv = document.createElement("div");
+ shadowDiv.style.width = "20px";
+ shadowDiv.style.height = "20px";
+ shadowDiv.style.background = ""
+ shadowDiv.style.position = "absolute";
+ shadowDiv.style.right = "10px";
+ shadowDiv.style.top = "10px";
+ root.appendChild(shadowDiv);
+ }
+
+ function runTests()
+ {
+ if (window.testRunner && window.internals && internals.touchNodeAdjustedToBestContextMenuNode && internals.ensureShadowRoot) {
+ description('Test touch adjustment for context-menu gestures on a shadow-DOM element.');
+ addShadowDOM();
+ // Test that a long press centered on a shadow-DOM element does not crash.
+ testTouchPointContextMenu(touchPoint(80, 20, 10), null);
+ }
+ }
+ runTests();
+</script>
+<script src=""
+</body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (128221 => 128222)
--- trunk/Source/WebCore/ChangeLog 2012-09-11 20:34:08 UTC (rev 128221)
+++ trunk/Source/WebCore/ChangeLog 2012-09-11 20:36:16 UTC (rev 128222)
@@ -1,3 +1,20 @@
+2012-09-11 Kevin Ellis <[email protected]>
+
+ Crash on a long press gesture when touch adjustment is enabled.
+ https://bugs.webkit.org/show_bug.cgi?id=96313
+
+ Reviewed by Antonio Gomes.
+
+ Fix to ensure that a long-press on a shadow-DOM element does not
+ trigger a crash in TouchAdjustment::providesContextMenuItems.
+ Prior to the patch, a null-pointer exception was trigger because
+ of a null renderer in the check.
+
+ Test: touchadjustment/context-menu-shadow-node.html
+
+ * page/TouchAdjustment.cpp:
+ (WebCore::TouchAdjustment::providesContextMenuItems):
+
2012-09-11 Zan Dobersek <[email protected]>
Unreviewed, manually rolling out r128175.
Modified: trunk/Source/WebCore/page/TouchAdjustment.cpp (128221 => 128222)
--- trunk/Source/WebCore/page/TouchAdjustment.cpp 2012-09-11 20:34:08 UTC (rev 128221)
+++ trunk/Source/WebCore/page/TouchAdjustment.cpp 2012-09-11 20:36:16 UTC (rev 128222)
@@ -96,6 +96,9 @@
{
// This function tries to match the nodes that receive special context-menu items in
// ContextMenuController::populate(), and should be kept uptodate with those.
+ ASSERT(node->renderer() || node->isShadowRoot());
+ if (!node->renderer())
+ return false;
if (node->isContentEditable())
return true;
if (node->isLink())
@@ -126,7 +129,7 @@
static inline void appendBasicSubtargetsForNode(Node* node, SubtargetGeometryList& subtargets)
{
- // Since the node is a result of a hit test, we are already ensured it has a renderer.
+ // Node guaranteed to have renderer due to check in node filter.
ASSERT(node->renderer());
Vector<FloatQuad> quads;
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes
