[webkit-changes] [122886] trunk/Source/WebCore

Tue, 17 Jul 2012 16:06:42 -0700

Title: [122886] trunk/Source/WebCore
Revision
122886
Author
[email protected]
Date
2012-07-17 16:06:38 -0700 (Tue, 17 Jul 2012)

Log Message

REGRESSION(r122215) - RenderObject::willRenderImage crashes on null view()
https://bugs.webkit.org/show_bug.cgi?id=91525

Reviewed by Julien Chaffraix.

Fix by doing an early out check.  This is intended to fix the crash in
http://crbug.com/137161.

No new test, because unfortunately a layout test is ill-suited to
reproing this kind of Document creation/destruction bug.

* rendering/RenderObject.cpp:
(WebCore::RenderObject::willRenderImage):

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (122885 => 122886)


--- trunk/Source/WebCore/ChangeLog	2012-07-17 23:05:24 UTC (rev 122885)
+++ trunk/Source/WebCore/ChangeLog	2012-07-17 23:06:38 UTC (rev 122886)
@@ -1,3 +1,19 @@
+2012-07-17  Adrienne Walker  <[email protected]>
+
+        REGRESSION(r122215) - RenderObject::willRenderImage crashes on null view()
+        https://bugs.webkit.org/show_bug.cgi?id=91525
+
+        Reviewed by Julien Chaffraix.
+
+        Fix by doing an early out check.  This is intended to fix the crash in
+        http://crbug.com/137161.
+
+        No new test, because unfortunately a layout test is ill-suited to
+        reproing this kind of Document creation/destruction bug.
+
+        * rendering/RenderObject.cpp:
+        (WebCore::RenderObject::willRenderImage):
+
 2012-07-17  Emil A Eklund  <[email protected]>
 
         vertical-align: middle causes overflow with subpixel layout

Modified: trunk/Source/WebCore/rendering/RenderObject.cpp (122885 => 122886)


--- trunk/Source/WebCore/rendering/RenderObject.cpp	2012-07-17 23:05:24 UTC (rev 122885)
+++ trunk/Source/WebCore/rendering/RenderObject.cpp	2012-07-17 23:06:38 UTC (rev 122886)
@@ -2692,6 +2692,11 @@
     if (document()->inPageCache() || document()->view()->isOffscreen())
         return false;
 
+    // If the document is being destroyed or has not been attached, then this
+    // RenderObject will not be rendered.
+    if (!view())
+        return false;
+
     // If a renderer is outside the viewport, we won't render.
     return viewRect().intersects(absoluteClippedOverflowRect());
 }

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to