[webkit-changes] [143501] branches/chromium/1364

Wed, 20 Feb 2013 13:51:18 -0800

Title: [143501] branches/chromium/1364

Diff

Modified: branches/chromium/1364/LayoutTests/fast/block/float/float-not-removed-from-pre-block-expected.txt (143500 => 143501)


--- branches/chromium/1364/LayoutTests/fast/block/float/float-not-removed-from-pre-block-expected.txt	2013-02-20 21:48:25 UTC (rev 143500)
+++ branches/chromium/1364/LayoutTests/fast/block/float/float-not-removed-from-pre-block-expected.txt	2013-02-20 21:53:21 UTC (rev 143501)
@@ -1,3 +1,3 @@
 Bug 101970: Heap-use-after-free in WebCore::RenderLayerModelObject::hasSelfPaintingLayer
 Test passes if it does not crash.
-
+

Copied: branches/chromium/1364/LayoutTests/fast/css-generated-content/quote-layout-focus-crash-expected.txt (from rev 143060, trunk/LayoutTests/fast/css-generated-content/quote-layout-focus-crash-expected.txt) (0 => 143501)


--- branches/chromium/1364/LayoutTests/fast/css-generated-content/quote-layout-focus-crash-expected.txt	                        (rev 0)
+++ branches/chromium/1364/LayoutTests/fast/css-generated-content/quote-layout-focus-crash-expected.txt	2013-02-20 21:53:21 UTC (rev 143501)
@@ -0,0 +1,3 @@
+Bug 109616 - ASSERT(!renderer()->needsLayout()) when calling Element::focus() with generated content
+
+

Copied: branches/chromium/1364/LayoutTests/fast/css-generated-content/quote-layout-focus-crash.html (from rev 143060, trunk/LayoutTests/fast/css-generated-content/quote-layout-focus-crash.html) (0 => 143501)


--- branches/chromium/1364/LayoutTests/fast/css-generated-content/quote-layout-focus-crash.html	                        (rev 0)
+++ branches/chromium/1364/LayoutTests/fast/css-generated-content/quote-layout-focus-crash.html	2013-02-20 21:53:21 UTC (rev 143501)
@@ -0,0 +1,47 @@
+<!DOCTYPE html>
+
+<style>
+    /* Must be positioned absolute or static, must have margins to push it out view. */
+    .positioned {
+        position: absolute;
+        margin-top: 100%;
+    }
+
+    /* Any kind of quote will do, can be either :before or :after */
+    .positioned:before,
+    .focusable:before {
+        content: open-quote;
+    }
+</style>
+
+<p>Bug 109616 - ASSERT(!renderer()->needsLayout()) when calling Element::focus() with generated content</p>
+
+<!--
+    This is testing a case where RenderQuote::updateDepth would mark the RenderQuote
+    and its ancestors as needing layout in the middle of a layout of its ancestor.
+    When its ancestor finishes the layout it will mark itself and the ancestors
+    farther up as no longer needing layout. The end result is some subtree
+    needing layout, but the RenderView and possibly other ancestors of the subtree
+    not needing layout.
+
+    ex.
+
+    RenderView <- !needsLayout
+        \
+       RenderBlock (.focusable) <- needsLayout
+            \
+             RenderBlock (generated content) <- needsLayout
+                \
+                 RenderQuote <- needsLayout
+-->
+
+<div class="positioned"></div>
+<div class="focusable" tabindex="1"></div>
+
+<script>
+    if (window.testRunner)
+        testRunner.dumpAsText();
+    // .focusable still needs layout at this point, but RenderView doesn't
+    // think any descendants need layout.
+    document.querySelector('.focusable').focus();
+</script>

Modified: branches/chromium/1364/Source/WebCore/dom/PseudoElement.cpp (143500 => 143501)


--- branches/chromium/1364/Source/WebCore/dom/PseudoElement.cpp	2013-02-20 21:48:25 UTC (rev 143500)
+++ branches/chromium/1364/Source/WebCore/dom/PseudoElement.cpp	2013-02-20 21:53:21 UTC (rev 143501)
@@ -30,6 +30,7 @@
 #include "ContentData.h"
 #include "NodeRenderingContext.h"
 #include "RenderObject.h"
+#include "RenderQuote.h"
 
 namespace WebCore {
 
@@ -69,9 +70,11 @@
 
     for (const ContentData* content = style->contentData(); content; content = content->next()) {
         RenderObject* child = content->createRenderer(document(), style);
-        if (renderer->isChildAllowed(child, style))
+        if (renderer->isChildAllowed(child, style)) {
             renderer->addChild(child);
-        else
+            if (child->isQuote())
+                toRenderQuote(child)->attachQuote();
+        } else
             child->destroy();
     }
 }

Modified: branches/chromium/1364/Source/WebCore/rendering/RenderQuote.cpp (143500 => 143501)


--- branches/chromium/1364/Source/WebCore/rendering/RenderQuote.cpp	2013-02-20 21:48:25 UTC (rev 143500)
+++ branches/chromium/1364/Source/WebCore/rendering/RenderQuote.cpp	2013-02-20 21:53:21 UTC (rev 143501)
@@ -54,10 +54,15 @@
 void RenderQuote::willBeRemovedFromTree()
 {
     RenderText::willBeRemovedFromTree();
-
     detachQuote();
 }
 
+void RenderQuote::styleDidChange(StyleDifference diff, const RenderStyle* oldStyle)
+{
+    RenderText::styleDidChange(diff, oldStyle);
+    updateText();
+}
+
 typedef HashMap<AtomicString, const QuotesData*, CaseFoldingHash> QuotesMap;
 
 static const QuotesMap& quotesDataLanguageMap()
@@ -245,17 +250,9 @@
 
 void RenderQuote::updateText()
 {
-    computePreferredLogicalWidths(0);
+    setText(originalText());
 }
 
-void RenderQuote::computePreferredLogicalWidths(float lead)
-{
-    if (!m_attached)
-        attachQuote();
-    setTextInternal(originalText());
-    RenderText::computePreferredLogicalWidths(lead);
-}
-
 const QuotesData* RenderQuote::quotesData() const
 {
     if (QuotesData* customQuotes = style()->quotes())
@@ -275,14 +272,8 @@
     ASSERT(view());
     ASSERT(!m_attached);
     ASSERT(!m_next && !m_previous);
+    ASSERT(isRooted());
 
-    // FIXME: Don't set pref widths dirty during layout. See updateDepth() for
-    // more detail.
-    if (!isRooted()) {
-        setNeedsLayoutAndPrefWidthsRecalc();
-        return;
-    }
-
     if (!view()->renderQuoteHead()) {
         view()->setRenderQuoteHead(this);
         m_attached = true;
@@ -360,12 +351,8 @@
             break;
         }
     }
-    // FIXME: Don't call setNeedsLayout or dirty our preferred widths during layout.
-    // This is likely to fail anyway as one of our ancestor will call setNeedsLayout(false),
-    // preventing the future layout to occur on |this|. The solution is to move that to a
-    // pre-layout phase.
     if (oldDepth != m_depth)
-        setNeedsLayoutAndPrefWidthsRecalc();
+        updateText();
 }
 
 } // namespace WebCore

Modified: branches/chromium/1364/Source/WebCore/rendering/RenderQuote.h (143500 => 143501)


--- branches/chromium/1364/Source/WebCore/rendering/RenderQuote.h	2013-02-20 21:48:25 UTC (rev 143500)
+++ branches/chromium/1364/Source/WebCore/rendering/RenderQuote.h	2013-02-20 21:53:21 UTC (rev 143501)
@@ -36,17 +36,18 @@
     RenderQuote(Document*, const QuoteType);
     virtual ~RenderQuote();
     void attachQuote();
+
+    virtual void updateText() OVERRIDE;
+
+private:
     void detachQuote();
 
-private:
     virtual void willBeDestroyed() OVERRIDE;
     virtual const char* renderName() const OVERRIDE { return "RenderQuote"; };
     virtual bool isQuote() const OVERRIDE { return true; };
     virtual PassRefPtr<StringImpl> originalText() const OVERRIDE;
+    virtual void styleDidChange(StyleDifference, const RenderStyle*) OVERRIDE;
 
-    virtual void updateText() OVERRIDE;
-    virtual void computePreferredLogicalWidths(float leadWidth) OVERRIDE;
-
     // We don't override insertedIntoTree to call attachQuote() as it would be attached
     // too early and get the wrong depth since generated content is inserted into anonymous
     // renderers before going into the main render tree. Once we can ensure that insertIntoTree,

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to