Skip to site navigation (Press enter)

[webkit-changes] [255645] branches/safari-610.1.1-branch

alancoon Mon, 03 Feb 2020 19:10:32 -0800

Title: [255645] branches/safari-610.1.1-branch

Revision: 255645
Author: [email protected]
Date: 2020-02-03 19:09:21 -0800 (Mon, 03 Feb 2020)

Log Message

Cherry-pick r255359. rdar://problem/58570085


    REGRESSION: WK1 Accessibility: ASSERTION FAILED: FontCache::singleton().generation() == m_generation
    https://bugs.webkit.org/show_bug.cgi?id=206241
    <rdar://problem/58570085>

    Reviewed by Zalan Bujtas.

    Source/WebCore:

    Font cache generation bump empties all font related caches and triggers full style resolution. However it is possible
    for single element computed style resolution (triggeded by <title> element here) to happen before the full resolution.
    In this case a style computed based on parent style with old font generation may get inserted into matched declarations
    cache. A subsequent style resolution may then pick up this style and use it as render style.

    * style/StyleBuilderState.cpp:
    (WebCore::Style::BuilderState::updateFont):

    Fix by taking care that the font returned by style resolver is always updated to the current generation.

    LayoutTests:

    * platform/mac-wk1/TestExpectations:

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255359 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

branches/safari-610.1.1-branch/LayoutTests/ChangeLog
branches/safari-610.1.1-branch/Source/WebCore/ChangeLog
branches/safari-610.1.1-branch/Source/WebCore/style/StyleBuilderState.cpp

Diff

Modified: branches/safari-610.1.1-branch/LayoutTests/ChangeLog (255644 => 255645)


--- branches/safari-610.1.1-branch/LayoutTests/ChangeLog	2020-02-04 03:09:18 UTC (rev 255644)
+++ branches/safari-610.1.1-branch/LayoutTests/ChangeLog	2020-02-04 03:09:21 UTC (rev 255645)
@@ -1,3 +1,41 @@
+2020-02-03  Alan Coon  <[email protected]>
+
+        Cherry-pick r255359. rdar://problem/58570085
+
+    REGRESSION: WK1 Accessibility: ASSERTION FAILED: FontCache::singleton().generation() == m_generation
+    https://bugs.webkit.org/show_bug.cgi?id=206241
+    <rdar://problem/58570085>
+    
+    Reviewed by Zalan Bujtas.
+    
+    Source/WebCore:
+    
+    Font cache generation bump empties all font related caches and triggers full style resolution. However it is possible
+    for single element computed style resolution (triggeded by <title> element here) to happen before the full resolution.
+    In this case a style computed based on parent style with old font generation may get inserted into matched declarations
+    cache. A subsequent style resolution may then pick up this style and use it as render style.
+    
+    * style/StyleBuilderState.cpp:
+    (WebCore::Style::BuilderState::updateFont):
+    
+    Fix by taking care that the font returned by style resolver is always updated to the current generation.
+    
+    LayoutTests:
+    
+    * platform/mac-wk1/TestExpectations:
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255359 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2020-01-29  Antti Koivisto  <[email protected]>
+
+            REGRESSION: WK1 Accessibility: ASSERTION FAILED: FontCache::singleton().generation() == m_generation
+            https://bugs.webkit.org/show_bug.cgi?id=206241
+            <rdar://problem/58570085>
+
+            Reviewed by Zalan Bujtas.
+
+            * platform/mac-wk1/TestExpectations:
+
 2020-02-03  Russell Epstein  <[email protected]>
 
         Cherry-pick r255329. rdar://problem/58606666

Modified: branches/safari-610.1.1-branch/Source/WebCore/ChangeLog (255644 => 255645)


--- branches/safari-610.1.1-branch/Source/WebCore/ChangeLog	2020-02-04 03:09:18 UTC (rev 255644)
+++ branches/safari-610.1.1-branch/Source/WebCore/ChangeLog	2020-02-04 03:09:21 UTC (rev 255645)
@@ -1,5 +1,51 @@
 2020-02-03  Alan Coon  <[email protected]>
 
+        Cherry-pick r255359. rdar://problem/58570085
+
+    REGRESSION: WK1 Accessibility: ASSERTION FAILED: FontCache::singleton().generation() == m_generation
+    https://bugs.webkit.org/show_bug.cgi?id=206241
+    <rdar://problem/58570085>
+    
+    Reviewed by Zalan Bujtas.
+    
+    Source/WebCore:
+    
+    Font cache generation bump empties all font related caches and triggers full style resolution. However it is possible
+    for single element computed style resolution (triggeded by <title> element here) to happen before the full resolution.
+    In this case a style computed based on parent style with old font generation may get inserted into matched declarations
+    cache. A subsequent style resolution may then pick up this style and use it as render style.
+    
+    * style/StyleBuilderState.cpp:
+    (WebCore::Style::BuilderState::updateFont):
+    
+    Fix by taking care that the font returned by style resolver is always updated to the current generation.
+    
+    LayoutTests:
+    
+    * platform/mac-wk1/TestExpectations:
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255359 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2020-01-29  Antti Koivisto  <[email protected]>
+
+            REGRESSION: WK1 Accessibility: ASSERTION FAILED: FontCache::singleton().generation() == m_generation
+            https://bugs.webkit.org/show_bug.cgi?id=206241
+            <rdar://problem/58570085>
+
+            Reviewed by Zalan Bujtas.
+
+            Font cache generation bump empties all font related caches and triggers full style resolution. However it is possible
+            for single element computed style resolution (triggeded by <title> element here) to happen before the full resolution.
+            In this case a style computed based on parent style with old font generation may get inserted into matched declarations
+            cache. A subsequent style resolution may then pick up this style and use it as render style.
+
+            * style/StyleBuilderState.cpp:
+            (WebCore::Style::BuilderState::updateFont):
+
+            Fix by taking care that the font returned by style resolver is always updated to the current generation.
+
+2020-02-03  Alan Coon  <[email protected]>
+
         Cherry-pick r255141. rdar://problem/58815952
 
     [Web Animations] Update all DocumentTimeline objects when updating animations

Modified: branches/safari-610.1.1-branch/Source/WebCore/style/StyleBuilderState.cpp (255644 => 255645)


--- branches/safari-610.1.1-branch/Source/WebCore/style/StyleBuilderState.cpp	2020-02-04 03:09:18 UTC (rev 255644)
+++ branches/safari-610.1.1-branch/Source/WebCore/style/StyleBuilderState.cpp	2020-02-04 03:09:21 UTC (rev 255645)
@@ -38,6 +38,7 @@
 #include "CSSImageSetValue.h"
 #include "CSSImageValue.h"
 #include "CSSShadowValue.h"
+#include "FontCache.h"
 #include "HTMLElement.h"
 #include "RenderTheme.h"
 #include "SVGElement.h"
@@ -322,7 +323,22 @@
 
 void BuilderState::updateFont()
 {
-    if (!m_fontDirty && m_style.fontCascade().fonts())
+    auto& fontSelector = const_cast<Document&>(document()).fontSelector();
+
+    auto needsUpdate = [&] {
+        if (m_fontDirty)
+            return true;
+        auto* fonts = m_style.fontCascade().fonts();
+        if (!fonts)
+            return true;
+        if (fonts->generation() != FontCache::singleton().generation())
+            return true;
+        if (fonts->fontSelectorVersion() != fontSelector.version())
+            return true;
+        return false;
+    };
+
+    if (!needsUpdate())
         return;
 
 #if ENABLE(TEXT_AUTOSIZING)
@@ -332,7 +348,7 @@
     updateFontForZoomChange();
     updateFontForOrientationChange();
 
-    m_style.fontCascade().update(&const_cast<Document&>(document()).fontSelector());
+    m_style.fontCascade().update(&fontSelector);
 
     m_fontDirty = false;
 }

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes