REGRESSION(r157210): Crashes in WebCore::ScopedEventQueue::dispatchEvent for platform...
authorzandobersek@gmail.com <zandobersek@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 10 Oct 2013 13:29:54 +0000 (13:29 +0000)
committerzandobersek@gmail.com <zandobersek@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 10 Oct 2013 13:29:54 +0000 (13:29 +0000)
commit935b8ddd87988a33b69568875e5c4eff8a438adc
tree5f36710172904763f334bcfcdfb136c000adb3ab
parentdcd66d9c37197bc7566ec1765806b01eb42104e1
REGRESSION(r157210): Crashes in WebCore::ScopedEventQueue::dispatchEvent for platforms using GCC
https://bugs.webkit.org/show_bug.cgi?id=122592

Reviewed by Gustavo Noronha Silva.

* dom/ScopedEventQueue.cpp:
(WebCore::ScopedEventQueue::dispatchEvent): When calling EventDispatcher::dispatchEvent(), the GCC-compiled code
first creates a copy of the PassRefPtr<Event> object that's being passed into the method call. The copy will be used
in that method while the original is left with a null pointer. Only after that is the original queried for its pointer
while trying to get the Event's target, resulting in a crash due to calling the Event::target() on a null pointer.
To avoid it, pass a naked Event pointer to the method call. This will create a new PassRefPtr object without nullifying
the original one.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@157219 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WebCore/ChangeLog
Source/WebCore/dom/ScopedEventQueue.cpp