[webkit-dev] Top Crasher: Shadow DOM and Editing Collide Again

Ryosuke Niwa rniwa at webkit.org
Tue Aug 30 23:08:09 PDT 2011


After reading Dimitri's analysis and talking to him on IRC, I'm convinced
that we don't have to call setInnerTextValue in updateFromElement.  I've
uploaded a work-in-progress patch to the bug
66241<http://webkit.org/b/66241> that
realizes this idea.

- Ryosuke

On Mon, Aug 29, 2011 at 2:34 PM, Ryosuke Niwa <rniwa at webkit.org> wrote:

> On Mon, Aug 29, 2011 at 1:46 PM, Dimitri Glazkov <dglazkov at chromium.org>wrote:
>>
>> I just realized what's going on here. The lifetime of the shadow DOM
>> _used_ to be tied to the HTMLTextAreaElement's RenderObjects. Kent-san
>> changed that and now the shadow DOM's lifecycle matches that of the
>> rest of the DOM.
>
>
> Yes!
>
>
>> However, the update cycle still assumes that the
>> shadow DOM lives on the RenderObjects, and does this really freaky
>> thing with shuttling updated value via an extra style recalc (see
>>
>> http://codesearch.google.com/codesearch#OAMlx_jo-ck/src/third_party/WebKit/Source/WebCore/html/HTMLTextAreaElement.cpp&l=349
>> ).
>> We should just fix that and move updating code out of
>> updateFromElement.
>>
>
> Right.  I think making updateFromElement not call setInnerTextValue will
> fix this bug for good.
>
> - Ryosuke
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20110830/565257e7/attachment.html>


More information about the webkit-dev mailing list