Bug 207582

Summary:

WebPage::getFocusedElementInformation should be robust when the focused element changes during layout

Product:

WebKit

Reporter:

Wenson Hsieh <wenson_hsieh>

Component:

HTML Editing

Assignee:

Wenson Hsieh <wenson_hsieh>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

bdakin, commit-queue, ddkilzer, megan_gardner, rniwa, thorton, webkit-bug-importer, wenson_hsieh

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Speculative fix	thorton: review+
Patch for landing	none

Wenson Hsieh

Reported 2020-02-11 13:46:12 PST

<rdar://problem/47634344>

Attachments
Speculative fix (11.15 KB, patch) 2020-02-11 14:10 PST, Wenson Hsieh	thorton: review+	Details Formatted Diff Diff
Patch for landing (11.15 KB, patch) 2020-02-11 16:07 PST, Wenson Hsieh	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Wenson Hsieh

Comment 1 2020-02-11 14:10:26 PST

Created attachment 390421 [details] Speculative fix

Tim Horton

Comment 2 2020-02-11 15:57:43 PST

Comment on attachment 390421 [details] Speculative fix View in context: https://bugs.webkit.org/attachment.cgi?id=390421&action=review > Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm:2988 > + auto focusedElement = m_focusedElement; auto makes it impossible to tell if this retains the element or not. But it needs to, right?

Wenson Hsieh

Comment 3 2020-02-11 15:59:42 PST

Comment on attachment 390421 [details] Speculative fix View in context: https://bugs.webkit.org/attachment.cgi?id=390421&action=review >> Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm:2988 >> + auto focusedElement = m_focusedElement; > > auto makes it impossible to tell if this retains the element or not. But it needs to, right? Since m_focusedElement is a RefPtr<Element>, auto will just copy it (and ensure that it is reffed). If you think it's more clear, I can change this to `auto focusedElement = m_focusedElement.copyRef();`

Tim Horton

Comment 4 2020-02-11 16:04:05 PST

(In reply to Wenson Hsieh from comment #3) > Comment on attachment 390421 [details] > Speculative fix > > View in context: > https://bugs.webkit.org/attachment.cgi?id=390421&action=review > > >> Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm:2988 > >> + auto focusedElement = m_focusedElement; > > > > auto makes it impossible to tell if this retains the element or not. But it needs to, right? > > Since m_focusedElement is a RefPtr<Element>, auto will just copy it (and > ensure that it is reffed). Right, but it's impossible to read the code above and tell that it is correct without referring to another file :D

Ryosuke Niwa

Comment 5 2020-02-11 16:05:43 PST

(In reply to Tim Horton from comment #4) > (In reply to Wenson Hsieh from comment #3) > > Comment on attachment 390421 [details] > > Speculative fix > > > > View in context: > > https://bugs.webkit.org/attachment.cgi?id=390421&action=review > > > > >> Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm:2988 > > >> + auto focusedElement = m_focusedElement; > > > > > > auto makes it impossible to tell if this retains the element or not. But it needs to, right? > > > > Since m_focusedElement is a RefPtr<Element>, auto will just copy it (and > > ensure that it is reffed). > > Right, but it's impossible to read the code above and tell that it is > correct without referring to another file :D Please do call copyRef().

Wenson Hsieh

Comment 6 2020-02-11 16:07:28 PST

Created attachment 390456 [details] Patch for landing

Wenson Hsieh

Comment 7 2020-02-11 16:08:26 PST

Changed to call copyRef() explicitly. Thanks for the review!

WebKit Commit Bot

Comment 8 2020-02-11 16:50:04 PST

Comment on attachment 390456 [details] Patch for landing Clearing flags on attachment: 390456 Committed r256401: <https://trac.webkit.org/changeset/256401>

Note You need to log in before you can comment on or make changes to this bug.