Created attachment 249063 [details] Repro case Run the attached test case and click after the end of the line containing the link. Crash.
Created attachment 249065 [details] Patch
Attachment 249065 [details] did not pass style-queue: ERROR: Source/WebCore/rendering/RootInlineBox.cpp:766: Multi line control clauses should use braces. [whitespace/braces] [4] ERROR: Source/WebCore/rendering/RootInlineBox.cpp:771: Multi line control clauses should use braces. [whitespace/braces] [4] Total errors found: 2 in 6 files If any of these errors are false positives, please file a bug against check-webkit-style.
Created attachment 249068 [details] Patch2 Removing change to TestExpectations.
Attachment 249068 [details] did not pass style-queue: ERROR: Source/WebCore/rendering/RootInlineBox.cpp:766: Multi line control clauses should use braces. [whitespace/braces] [4] ERROR: Source/WebCore/rendering/RootInlineBox.cpp:771: Multi line control clauses should use braces. [whitespace/braces] [4] Total errors found: 2 in 5 files If any of these errors are false positives, please file a bug against check-webkit-style.
Comment on attachment 249068 [details] Patch2 Attachment 249068 [details] did not pass mac-ews (mac): Output: http://webkit-queues.appspot.com/results/5923792496885760 New failing tests: editing/selection/click-after-last-inline-crash.html
Created attachment 249069 [details] Archive of layout-test-results from ews101 for mac-mavericks The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews101 Port: mac-mavericks Platform: Mac OS X 10.9.5
Comment on attachment 249068 [details] Patch2 View in context: https://bugs.webkit.org/attachment.cgi?id=249068&action=review r=me provided you address the following comments. > Source/WebCore/rendering/RootInlineBox.cpp:766 > - if (leftPosition <= firstLeaf->logicalLeft() && !firstLeaf->renderer().isListMarker() && (!onlyEditableLeaves || isEditableLeaf(firstLeaf))) > + if (/*firstLeaf &&*/ leftPosition <= firstLeaf->logicalLeft() && !firstLeaf->renderer().isListMarker() && (!onlyEditableLeaves || isEditableLeaf(firstLeaf))) Surely, you didn't mean to comment out this code? > LayoutTests/editing/selection/click-after-last-inline-crash.html:1 > +<html> Missing DOCTYPE. > LayoutTests/editing/selection/click-after-last-inline-crash.html:16 > + var testElement = document.getElementById('test'); > + eventSender.mouseMoveTo(testElement.offsetLeft + testElement.offsetWidth + 50, testElement.offsetTop + 5); > + eventSender.mouseDown(); > + eventSender.mouseUp(); Please wrap this code inside else. Can we spit out "PASS" after running eventSender?
Comment on attachment 249068 [details] Patch2 Attachment 249068 [details] did not pass mac-wk2-ews (mac-wk2): Output: http://webkit-queues.appspot.com/results/5360842543464448 New failing tests: editing/selection/click-after-last-inline-crash.html
Created attachment 249070 [details] Archive of layout-test-results from ews107 for mac-mavericks-wk2 The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews. Bot: ews107 Port: mac-mavericks-wk2 Platform: Mac OS X 10.9.5
(In reply to comment #7) > Comment on attachment 249068 [details] > Patch2 > > View in context: > https://bugs.webkit.org/attachment.cgi?id=249068&action=review > > r=me provided you address the following comments. > > > Source/WebCore/rendering/RootInlineBox.cpp:766 > > - if (leftPosition <= firstLeaf->logicalLeft() && !firstLeaf->renderer().isListMarker() && (!onlyEditableLeaves || isEditableLeaf(firstLeaf))) > > + if (/*firstLeaf &&*/ leftPosition <= firstLeaf->logicalLeft() && !firstLeaf->renderer().isListMarker() && (!onlyEditableLeaves || isEditableLeaf(firstLeaf))) > > Surely, you didn't mean to comment out this code? > > > LayoutTests/editing/selection/click-after-last-inline-crash.html:1 > > +<html> > > Missing DOCTYPE. > > > LayoutTests/editing/selection/click-after-last-inline-crash.html:16 > > + var testElement = document.getElementById('test'); > > + eventSender.mouseMoveTo(testElement.offsetLeft + testElement.offsetWidth + 50, testElement.offsetTop + 5); > > + eventSender.mouseDown(); > > + eventSender.mouseUp(); > > Please wrap this code inside else. > Can we spit out "PASS" after running eventSender? My brain is out today.
Committed revision 181773.