Skip to site navigation (Press enter)

[webkit-changes] [133651] branches/safari-536.28-branch

lforschler Tue, 06 Nov 2012 12:02:10 -0800

Title: [133651] branches/safari-536.28-branch

Revision: 133651
Author: [email protected]
Date: 2012-11-06 12:03:39 -0800 (Tue, 06 Nov 2012)

Log Message

Merged r125503.  <rdar://problem/12536466>


Modified Paths

branches/safari-536.28-branch/LayoutTests/ChangeLog
branches/safari-536.28-branch/Source/WebCore/ChangeLog
branches/safari-536.28-branch/Source/WebCore/rendering/RenderBlockLineLayout.cpp


Added Paths

branches/safari-536.28-branch/LayoutTests/fast/text/text-combine-first-line-crash-expected.txt
branches/safari-536.28-branch/LayoutTests/fast/text/text-combine-first-line-crash.html

Diff

Modified: branches/safari-536.28-branch/LayoutTests/ChangeLog (133650 => 133651)


--- branches/safari-536.28-branch/LayoutTests/ChangeLog	2012-11-06 19:24:34 UTC (rev 133650)
+++ branches/safari-536.28-branch/LayoutTests/ChangeLog	2012-11-06 20:03:39 UTC (rev 133651)
@@ -1,3 +1,17 @@
+2012-11-06  Lucas Forschler  <[email protected]>
+
+        Merge r125503
+
+    2012-08-13  Douglas Stockwell  <[email protected]>
+
+            Crash in WebCore::RenderBlock::LineBreaker::nextLineBreak
+            https://bugs.webkit.org/show_bug.cgi?id=93806
+
+            Reviewed by Abhishek Arya.
+
+            * fast/text/text-combine-first-line-crash-expected.txt: Added.
+            * fast/text/text-combine-first-line-crash.html: Added.
+
 2012-11-05  Lucas Forschler  <[email protected]>
 
         Merge r125351
@@ -11029,3 +11043,4 @@
 .
 .
 .
+.

Copied: branches/safari-536.28-branch/LayoutTests/fast/text/text-combine-first-line-crash-expected.txt (from rev 125503, trunk/LayoutTests/fast/text/text-combine-first-line-crash-expected.txt) (0 => 133651)


--- branches/safari-536.28-branch/LayoutTests/fast/text/text-combine-first-line-crash-expected.txt	                        (rev 0)
+++ branches/safari-536.28-branch/LayoutTests/fast/text/text-combine-first-line-crash-expected.txt	2012-11-06 20:03:39 UTC (rev 133651)
@@ -0,0 +1 @@
+This test passes if it does not CRASH.

Copied: branches/safari-536.28-branch/LayoutTests/fast/text/text-combine-first-line-crash.html (from rev 125503, trunk/LayoutTests/fast/text/text-combine-first-line-crash.html) (0 => 133651)


--- branches/safari-536.28-branch/LayoutTests/fast/text/text-combine-first-line-crash.html	                        (rev 0)
+++ branches/safari-536.28-branch/LayoutTests/fast/text/text-combine-first-line-crash.html	2012-11-06 20:03:39 UTC (rev 133651)
@@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html>
+<style>
+#test {
+    -webkit-text-combine: horizontal;
+    -webkit-writing-mode: vertical-rl;
+    height: 0px;
+}
+#test::first-line {
+    color: black;
+}
+</style>
+This test passes if it does not CRASH.
+<span id="test">'''
+</span>
+<script>
+document.documentElement.offsetTop;
+test.innerText = '';
+if (window.testRunner)
+    testRunner.dumpAsText();
+</script>
+</html>

Modified: branches/safari-536.28-branch/Source/WebCore/ChangeLog (133650 => 133651)


--- branches/safari-536.28-branch/Source/WebCore/ChangeLog	2012-11-06 19:24:34 UTC (rev 133650)
+++ branches/safari-536.28-branch/Source/WebCore/ChangeLog	2012-11-06 20:03:39 UTC (rev 133651)
@@ -1,3 +1,30 @@
+2012-11-06  Lucas Forschler  <[email protected]>
+
+        Merge r125503
+
+    2012-08-13  Douglas Stockwell  <[email protected]>
+
+            Crash in WebCore::RenderBlock::LineBreaker::nextLineBreak
+            https://bugs.webkit.org/show_bug.cgi?id=93806
+
+            Reviewed by Abhishek Arya.
+
+            When looking for line breaks on the first line, existing code was
+            checking for text-combine only in the first-line style. Since
+            text-combine isn't inherited this resulted in a line break being
+            chosen before combineText was called. When this happened and then
+            combineText was called subsequently, the position of the line break
+            iterator would be invalid.
+
+            This patch changes the check to use the regular style as in
+            skipLeadingWhitespace and textWidth.
+
+            Test: fast/text/text-combine-first-line-crash.html
+
+            * rendering/RenderBlockLineLayout.cpp:
+            (WebCore::RenderBlock::LineBreaker::nextLineBreak): Don't use the
+            first-line style when checking text-combine.
+
 2012-11-05  Lucas Forschler  <[email protected]>
 
         Merge r125353
@@ -206644,3 +206671,4 @@
 .
 .
 .
+.

Modified: branches/safari-536.28-branch/Source/WebCore/rendering/RenderBlockLineLayout.cpp (133650 => 133651)


--- branches/safari-536.28-branch/Source/WebCore/rendering/RenderBlockLineLayout.cpp	2012-11-06 19:24:34 UTC (rev 133650)
+++ branches/safari-536.28-branch/Source/WebCore/rendering/RenderBlockLineLayout.cpp	2012-11-06 20:03:39 UTC (rev 133651)
@@ -2295,10 +2295,10 @@
             bool isSVGText = t->isSVGInlineText();
 #endif
 
-            RenderStyle* style = t->style(lineInfo.isFirstLine());
-            if (style->hasTextCombine() && current.m_obj->isCombineText() && !toRenderCombineText(current.m_obj)->isCombined())
+            if (t->style()->hasTextCombine() && current.m_obj->isCombineText() && !toRenderCombineText(current.m_obj)->isCombined())
                 toRenderCombineText(current.m_obj)->combineText();
 
+            RenderStyle* style = t->style(lineInfo.isFirstLine());
             const Font& f = style->font();
             bool isFixedPitch = f.isFixedPitch();
             bool canHyphenate = style->hyphens() == HyphensAuto && WebCore::canHyphenate(style->locale());

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes