Title: [241018] trunk
- Revision
- 241018
- Author
- [email protected]
- Date
- 2019-02-06 07:44:28 -0800 (Wed, 06 Feb 2019)
Log Message
RELEASE_ASSERT(!m_document.isResolvingTreeStyle()) in com.apple.WebKit.WebContent at WebCore: WebCore::StyleResolver::~StyleResolver
https://bugs.webkit.org/show_bug.cgi?id=194333
<rdar://problem/47822929>
Reviewed by Zalan Bujtas.
Source/WebCore:
Content extensions may mutate the extension stylesheet in the middle of a style resolution as a result of
the legacy animation code triggering a resource load.
Test: http/tests/contentextensions/css-display-none-keyframe.html
* style/StyleScope.cpp:
(WebCore::Style::Scope::scheduleUpdate):
Avoid clearing the style resolver if we are in the middle of a style resolution.
A better fix that avoid doing this in the first place is tracked by https://bugs.webkit.org/show_bug.cgi?id=194335.
LayoutTests:
* http/tests/contentextensions/css-display-none-keyframe-expected.txt: Added.
* http/tests/contentextensions/css-display-none-keyframe.html: Added.
* http/tests/contentextensions/css-display-none-keyframe.html.json: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (241017 => 241018)
--- trunk/LayoutTests/ChangeLog 2019-02-06 15:40:30 UTC (rev 241017)
+++ trunk/LayoutTests/ChangeLog 2019-02-06 15:44:28 UTC (rev 241018)
@@ -1,3 +1,15 @@
+2019-02-06 Antti Koivisto <[email protected]>
+
+ RELEASE_ASSERT(!m_document.isResolvingTreeStyle()) in com.apple.WebKit.WebContent at WebCore: WebCore::StyleResolver::~StyleResolver
+ https://bugs.webkit.org/show_bug.cgi?id=194333
+ <rdar://problem/47822929>
+
+ Reviewed by Zalan Bujtas.
+
+ * http/tests/contentextensions/css-display-none-keyframe-expected.txt: Added.
+ * http/tests/contentextensions/css-display-none-keyframe.html: Added.
+ * http/tests/contentextensions/css-display-none-keyframe.html.json: Added.
+
2019-02-05 Ryosuke Niwa <[email protected]>
REGRESSION (r240909): Release assert in FrameLoader::loadURL when navigating with a non-existent target name
Added: trunk/LayoutTests/http/tests/contentextensions/css-display-none-keyframe-expected.txt (0 => 241018)
--- trunk/LayoutTests/http/tests/contentextensions/css-display-none-keyframe-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/contentextensions/css-display-none-keyframe-expected.txt 2019-02-06 15:44:28 UTC (rev 241018)
@@ -0,0 +1 @@
+Test content extension inserting a display:none rule triggered by a resource in a keyframe.
Added: trunk/LayoutTests/http/tests/contentextensions/css-display-none-keyframe.html (0 => 241018)
--- trunk/LayoutTests/http/tests/contentextensions/css-display-none-keyframe.html (rev 0)
+++ trunk/LayoutTests/http/tests/contentextensions/css-display-none-keyframe.html 2019-02-06 15:44:28 UTC (rev 241018)
@@ -0,0 +1,27 @@
+<!DOCTYPE HTML><!-- webkit-test-runner [ experimental:WebAnimationsCSSIntegrationEnabled=false ] -->
+<script>
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.waitUntilDone();
+}
+</script>
+<style>
+@keyframes bgimage {
+ from {
+ background-image: url("non-existent.png");
+ }
+ to {
+ background-image: url("non-existent-2.png");
+ }
+}
+div {
+ animation-duration: 0.1s;
+ animation-name: bgimage;
+}
+</style>
+<div _onanimationend_="testRunner.notifyDone()">
+Test content extension inserting a display:none rule triggered by a resource in a keyframe.
+</div>
+<div class="hidden">
+FAIL
+</div>
Added: trunk/LayoutTests/http/tests/contentextensions/css-display-none-keyframe.html.json (0 => 241018)
--- trunk/LayoutTests/http/tests/contentextensions/css-display-none-keyframe.html.json (rev 0)
+++ trunk/LayoutTests/http/tests/contentextensions/css-display-none-keyframe.html.json 2019-02-06 15:44:28 UTC (rev 241018)
@@ -0,0 +1,11 @@
+[
+ {
+ "action": {
+ "type": "css-display-none",
+ "selector": ".hidden"
+ },
+ "trigger": {
+ "url-filter": ".*png"
+ }
+ }
+]
Modified: trunk/Source/WebCore/ChangeLog (241017 => 241018)
--- trunk/Source/WebCore/ChangeLog 2019-02-06 15:40:30 UTC (rev 241017)
+++ trunk/Source/WebCore/ChangeLog 2019-02-06 15:44:28 UTC (rev 241018)
@@ -1,3 +1,22 @@
+2019-02-06 Antti Koivisto <[email protected]>
+
+ RELEASE_ASSERT(!m_document.isResolvingTreeStyle()) in com.apple.WebKit.WebContent at WebCore: WebCore::StyleResolver::~StyleResolver
+ https://bugs.webkit.org/show_bug.cgi?id=194333
+ <rdar://problem/47822929>
+
+ Reviewed by Zalan Bujtas.
+
+ Content extensions may mutate the extension stylesheet in the middle of a style resolution as a result of
+ the legacy animation code triggering a resource load.
+
+ Test: http/tests/contentextensions/css-display-none-keyframe.html
+
+ * style/StyleScope.cpp:
+ (WebCore::Style::Scope::scheduleUpdate):
+
+ Avoid clearing the style resolver if we are in the middle of a style resolution.
+ A better fix that avoid doing this in the first place is tracked by https://bugs.webkit.org/show_bug.cgi?id=194335.
+
2019-02-06 Pablo Saavedra <[email protected]>
Build failure after r240315
Modified: trunk/Source/WebCore/style/StyleScope.cpp (241017 => 241018)
--- trunk/Source/WebCore/style/StyleScope.cpp 2019-02-06 15:40:30 UTC (rev 241017)
+++ trunk/Source/WebCore/style/StyleScope.cpp 2019-02-06 15:44:28 UTC (rev 241018)
@@ -602,8 +602,10 @@
// :host and ::slotted rules might go away.
if (m_shadowRoot && m_resolver)
invalidateHostAndSlottedStyleIfNeeded(*m_shadowRoot, *m_resolver);
+ // FIXME: Animation code may trigger resource load in middle of style recalc and that can add a rule to a content extension stylesheet.
+ // Fix and remove isResolvingTreeStyle() test below, see https://bugs.webkit.org/show_bug.cgi?id=194335
// FIXME: The m_isUpdatingStyleResolver test is here because extension stylesheets can get us here from StyleResolver::appendAuthorStyleSheets.
- if (!m_isUpdatingStyleResolver)
+ if (!m_isUpdatingStyleResolver && !m_document.isResolvingTreeStyle())
clearResolver();
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
