[webkit-changes] [292585] trunk/Source/WebCore

[gnavamarino]

Title: [292585] trunk/Source/WebCore

Revision

292585

Author

gnavamar...@apple.com

Date

2022-04-07 18:03:40 -0700 (Thu, 07 Apr 2022)

Log Message

When using a TrackDisplayUpdateScope queue updateActiveTextTrackCues as a task
https://bugs.webkit.org/show_bug.cgi?id=238963

Reviewed by Eric Carlson.

The HTMLMediaElement::didRemoveTextTrack call is done under ScriptDisallowedScope but this path
currently can call updateActiveTextTrackCues which could result in updating the layout downstream.
To resolve this we execute updateActiveTextTrackCues under a queueCancellableTaskKeepingObjectAlive call.

We also add a needed check in RenderVTTCue::initializeLayoutParameters exposed by queueing the task.

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::endIgnoringTrackDisplayUpdateRequests):
(WebCore::HTMLMediaElement::cancelPendingTasks):
* html/HTMLMediaElement.h:
* rendering/RenderVTTCue.cpp:
(WebCore::RenderVTTCue::initializeLayoutParameters):

Modified Paths

• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/html/HTMLMediaElement.cpp
• trunk/Source/WebCore/html/HTMLMediaElement.h
• trunk/Source/WebCore/rendering/RenderVTTCue.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (292584 => 292585)

--- trunk/Source/WebCore/ChangeLog	2022-04-08 00:51:43 UTC (rev 292584)
+++ trunk/Source/WebCore/ChangeLog	2022-04-08 01:03:40 UTC (rev 292585)
@@ -1,3 +1,23 @@
+2022-04-07  Gabriel Nava Marino  <gnavamar...@apple.com>
+
+        When using a TrackDisplayUpdateScope queue updateActiveTextTrackCues as a task
+        https://bugs.webkit.org/show_bug.cgi?id=238963
+
+        Reviewed by Eric Carlson.
+
+        The HTMLMediaElement::didRemoveTextTrack call is done under ScriptDisallowedScope but this path
+        currently can call updateActiveTextTrackCues which could result in updating the layout downstream.
+        To resolve this we execute updateActiveTextTrackCues under a queueCancellableTaskKeepingObjectAlive call.
+
+        We also add a needed check in RenderVTTCue::initializeLayoutParameters exposed by queueing the task.
+
+        * html/HTMLMediaElement.cpp:
+        (WebCore::HTMLMediaElement::endIgnoringTrackDisplayUpdateRequests):
+        (WebCore::HTMLMediaElement::cancelPendingTasks):
+        * html/HTMLMediaElement.h:
+        * rendering/RenderVTTCue.cpp:
+        (WebCore::RenderVTTCue::initializeLayoutParameters):
+
 2022-04-07  Tim Nguyen  <n...@apple.com>
 
         [:has() pseudo-class] Support invalidation for :indeterminate pseudo class on <progress>

Modified: trunk/Source/WebCore/html/HTMLMediaElement.cpp (292584 => 292585)

--- trunk/Source/WebCore/html/HTMLMediaElement.cpp	2022-04-08 00:51:43 UTC (rev 292584)
+++ trunk/Source/WebCore/html/HTMLMediaElement.cpp	2022-04-08 01:03:40 UTC (rev 292585)
@@ -2018,8 +2018,11 @@
 {
     ASSERT(m_ignoreTrackDisplayUpdate);
     --m_ignoreTrackDisplayUpdate;
-    if (!m_ignoreTrackDisplayUpdate && m_inActiveDocument)
-        updateActiveTextTrackCues(currentMediaTime());
+
+    queueCancellableTaskKeepingObjectAlive(*this, TaskSource::MediaElement, m_updateTextTracksTaskCancellationGroup, [this] {
+        if (!m_ignoreTrackDisplayUpdate && m_inActiveDocument)
+            updateActiveTextTrackCues(currentMediaTime());
+    });
 }
 
 void HTMLMediaElement::textTrackAddCues(TextTrack& track, const TextTrackCueList& cues)
@@ -5792,6 +5795,7 @@
 void HTMLMediaElement::cancelPendingTasks()
 {
     m_configureTextTracksTaskCancellationGroup.cancel();
+    m_updateTextTracksTaskCancellationGroup.cancel();
     m_checkPlaybackTargetCompatibilityTaskCancellationGroup.cancel();
     m_updateMediaStateTaskCancellationGroup.cancel();
     m_mediaEngineUpdatedTaskCancellationGroup.cancel();

Modified: trunk/Source/WebCore/html/HTMLMediaElement.h (292584 => 292585)

--- trunk/Source/WebCore/html/HTMLMediaElement.h	2022-04-08 00:51:43 UTC (rev 292584)
+++ trunk/Source/WebCore/html/HTMLMediaElement.h	2022-04-08 01:03:40 UTC (rev 292585)
@@ -989,6 +989,7 @@
     Timer m_playbackControlsManagerBehaviorRestrictionsTimer;
     Timer m_seekToPlaybackPositionEndedTimer;
     TaskCancellationGroup m_configureTextTracksTaskCancellationGroup;
+    TaskCancellationGroup m_updateTextTracksTaskCancellationGroup;
     TaskCancellationGroup m_checkPlaybackTargetCompatibilityTaskCancellationGroup;
     TaskCancellationGroup m_updateMediaStateTaskCancellationGroup;
     TaskCancellationGroup m_mediaEngineUpdatedTaskCancellationGroup;

Modified: trunk/Source/WebCore/rendering/RenderVTTCue.cpp (292584 => 292585)

--- trunk/Source/WebCore/rendering/RenderVTTCue.cpp	2022-04-08 00:51:43 UTC (rev 292584)
+++ trunk/Source/WebCore/rendering/RenderVTTCue.cpp	2022-04-08 01:03:40 UTC (rev 292585)
@@ -79,9 +79,9 @@
 
     RenderBlock* parentBlock = containingBlock();
 
-    firstLineBox = cueBox().firstLineBox();
+    firstLineBox = cueBox().firstLineBox() ? cueBox().firstLineBox() : this->firstRootBox();
     if (!firstLineBox)
-        firstLineBox = this->firstRootBox();
+        return false;
 
     // 1. Horizontal: Let step be the height of the first line box in boxes.
     //    Vertical: Let step be the width of the first line box in boxes.

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes