RESOLVED FIXED 200744
Don't use union to store NodeRareData* and RenderObject* 
https://bugs.webkit.org/show_bug.cgi?id=200744
Summary Don't use union to store NodeRareData* and RenderObject*
Ryosuke Niwa
Reported 2019-08-14 17:00:13 PDT
Don't use union for NodeRareData* and RenderObject*. That can lead to type confusion bugs.
Attachments
WIP - simple patch (6.61 KB, patch)
2019-08-14 17:00 PDT, Ryosuke Niwa 		no flags
DetailsFormatted DiffDiff
WIP2 (29.50 KB, patch)
2019-08-15 01:05 PDT, Ryosuke Niwa 		no flags
DetailsFormatted DiffDiff
WIP3 (29.20 KB, patch)
2019-08-15 01:33 PDT, Ryosuke Niwa 		no flags
DetailsFormatted DiffDiff
Patch (40.14 KB, patch)
2019-08-15 15:21 PDT, Ryosuke Niwa 		koivisto: review+
DetailsFormatted DiffDiff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1 2019-08-14 17:00:35 PDT
Created attachment 376334 [details] WIP - simple patch
Ryosuke Niwa
Comment 2 2019-08-15 01:05:05 PDT
Created attachment 376367 [details] WIP2 Compensating the size increase of Node by moving some element flags to Node. Somehow this causes focus within tests to fail. I can't spot a bug anywhere...
Ryosuke Niwa
Comment 3 2019-08-15 01:06:53 PDT
Comment on attachment 376367 [details] WIP2 View in context: https://bugs.webkit.org/attachment.cgi?id=376367&action=review > Source/WebCore/dom/Node.h:541 > + StyleAffectedByFocusWithinFlag = 1 < 11, Ugh... what a stupid bug. I need <<, not <.
Ryosuke Niwa
Comment 4 2019-08-15 01:33:39 PDT
Created attachment 376369 [details] WIP3
Ryosuke Niwa
Comment 5 2019-08-15 15:21:24 PDT
Created attachment 376431 [details] Patch
Ryosuke Niwa
Comment 6 2019-08-16 17:41:06 PDT
Committed r248807: <https://trac.webkit.org/changeset/248807>
Radar WebKit Bug Importer
Comment 7 2019-08-16 17:42:17 PDT
<rdar://problem/54415130>
Note You need to log in before you can comment on or make changes to this bug.