Bug 26026 - infinite loop when using keyboard in select popups
: infinite loop when using keyboard in select popups
Status: RESOLVED FIXED
: WebKit
Platform
: 528+ (Nightly build)
: PC Windows XP
: P2 Normal
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2009-05-26 12:51 PST by
Modified: 2009-06-01 00:43 PST (History)


Attachments
v1 (1.38 KB, patch)
2009-05-26 12:55 PST, Tony Chang
dglazkov: review+
Review Patch | Details | Formatted Diff | Diff


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2009-05-26 12:51:49 PST
To repro, open a select drop down, use the arrow keys, then close the select.

This triggers an infinite loop in PopupMenuChromium.cpp which crashes once we overflow the stack:
WebCore::PopupMenu::updateFromElement()  Line 1177
WebCore::RenderMenuList::updateFromElement()  Line 176
WebCore::HTMLSelectElement::setSelectedIndex(...)  Line 183
WebCore::RenderMenuList::valueChanged(...)  Line 307
WebCore::PopupListBox::updateFromElement()  Line 1026
WebCore::PopupMenu::updateFromElement()  Line 1177

One line fix coming...
------- Comment #1 From 2009-05-26 12:55:24 PST -------
Created an attachment (id=30676) [details]
v1

Make sure to set the flag so we don't recurse.
------- Comment #2 From 2009-06-01 00:36:25 PST -------
Will land.
------- Comment #3 From 2009-06-01 00:41:56 PST -------
In the future, please base your patches in the main WebKit directory so we can use the awesomesauce WebKitTools.
------- Comment #4 From 2009-06-01 00:43:41 PST -------
Sending        WebCore/ChangeLog
Sending        WebCore/platform/chromium/PopupMenuChromium.cpp
Transmitting file data ..
Committed revision 44312.