Bug 135157 - [CSS Regions] Create test for selection in named flow thread on beforeload event
Summary: [CSS Regions] Create test for selection in named flow thread on beforeload event
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: CSS (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords: AdobeTracked
Depends on:
Blocks: 57312
  Show dependency treegraph
 
Reported: 2014-07-22 05:17 PDT by Radu Stavila
Modified: 2014-07-28 03:58 PDT (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Radu Stavila 2014-07-22 05:17:00 PDT
The patch in https://bugs.webkit.org/show_bug.cgi?id=134303 generated a crash on fast/dom/HTMLObjectElement/beforeload-set-text-crash.xhtml (see https://bugs.webkit.org/show_bug.cgi?id=135055). This was caused by the renaming of selectionStart/End(Pos) members within RenderView, to prevent them from getting mixed with the ones in SelectionSubtreeRoot (which RenderView inherits from). The fix was, when in the no-named-flow-threads scenario, set both groups of parameters (the ones in RenderView and the ones in SelectionSubtreeRoot) to the correct values. A test should be created to check if a similar problem would occur when named flow threads are involved.
Comment 1 Radu Stavila 2014-07-28 03:58:42 PDT
Further findings:
- the renaming of the RenderView selection parameters was not the actual cause of this
- the real problem was that now the SelectionSubtreeRoot::adjustForVisibleSelection was also being called for the no-named-flow-threads scenario, which causes the RenderView::setSelection method to be called from within itself (while performing RenderView::updateSelectionForSubtrees, the SelectionSubtreeRoot::adjustForVisibleSelection method causes RenderView::setSelection to be called again). 

This caused existing test fast/dom/HTMLObjectElement/beforeload-set-text-crash.xhtml to crash. For the moment, I changed the code so that SelectionSubtreeRoot::adjustForVisibleSelection is not called for the -no-named-flow-threads scenario, but I believe its possible a similar problem would occur if the beforeload-set-text-crash.xhtml was modified to use flow threads.