Title: [191568] releases/WebKitGTK/webkit-2.10
- Revision
- 191568
- Author
- [email protected]
- Date
- 2015-10-26 01:16:18 -0700 (Mon, 26 Oct 2015)
Log Message
Merge r191403 - Null dereference loading Blink layout test svg/filters/display-none-filter-primitive.html
https://bugs.webkit.org/show_bug.cgi?id=150212
<rdar://problem/23137376>
Reviewed by Brent Fulgham.
Source/WebCore:
Handle the case where a filter element doesn't have a renderer. Inspired by the Blink
commit:
https://chromium.googlesource.com/chromium/src.git/+/fb79f7fc46552d45127acd2959a23662ad8f271e
Test: svg/filters/display-none-filter-primitive.html
* rendering/svg/RenderSVGResourceFilter.cpp:
(WebCore::RenderSVGResourceFilter::buildPrimitives):
* svg/graphics/filters/SVGFilterBuilder.cpp:
(WebCore::SVGFilterBuilder::appendEffectToEffectReferences):
LayoutTests:
* svg/filters/display-none-filter-primitive-expected.txt: Added.
* svg/filters/display-none-filter-primitive.html: Added.
Modified Paths
Added Paths
Diff
Modified: releases/WebKitGTK/webkit-2.10/LayoutTests/ChangeLog (191567 => 191568)
--- releases/WebKitGTK/webkit-2.10/LayoutTests/ChangeLog 2015-10-26 08:10:46 UTC (rev 191567)
+++ releases/WebKitGTK/webkit-2.10/LayoutTests/ChangeLog 2015-10-26 08:16:18 UTC (rev 191568)
@@ -1,3 +1,14 @@
+2015-10-21 Dean Jackson <[email protected]>
+
+ Null dereference loading Blink layout test svg/filters/display-none-filter-primitive.html
+ https://bugs.webkit.org/show_bug.cgi?id=150212
+ <rdar://problem/23137376>
+
+ Reviewed by Brent Fulgham.
+
+ * svg/filters/display-none-filter-primitive-expected.txt: Added.
+ * svg/filters/display-none-filter-primitive.html: Added.
+
2015-10-16 Jiewen Tan <[email protected]>
Avoid to insert TAB before HTML element.
Added: releases/WebKitGTK/webkit-2.10/LayoutTests/svg/filters/display-none-filter-primitive-expected.txt (0 => 191568)
--- releases/WebKitGTK/webkit-2.10/LayoutTests/svg/filters/display-none-filter-primitive-expected.txt (rev 0)
+++ releases/WebKitGTK/webkit-2.10/LayoutTests/svg/filters/display-none-filter-primitive-expected.txt 2015-10-26 08:16:18 UTC (rev 191568)
@@ -0,0 +1 @@
+PASS if no crash
Added: releases/WebKitGTK/webkit-2.10/LayoutTests/svg/filters/display-none-filter-primitive.html (0 => 191568)
--- releases/WebKitGTK/webkit-2.10/LayoutTests/svg/filters/display-none-filter-primitive.html (rev 0)
+++ releases/WebKitGTK/webkit-2.10/LayoutTests/svg/filters/display-none-filter-primitive.html 2015-10-26 08:16:18 UTC (rev 191568)
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<svg>
+ <filter id="f">
+ <feMerge style="display: none">
+ <feMergeNode/>
+ </feMerge>
+ <feDiffuseLighting/>
+ </filter>
+ <rect filter="url(#f)" width="100" height="100"/>
+</svg>
+<p>PASS if no crash</p>
+<script>
+if (window.testRunner)
+ testRunner.dumpAsText();
+</script>
\ No newline at end of file
Modified: releases/WebKitGTK/webkit-2.10/Source/WebCore/ChangeLog (191567 => 191568)
--- releases/WebKitGTK/webkit-2.10/Source/WebCore/ChangeLog 2015-10-26 08:10:46 UTC (rev 191567)
+++ releases/WebKitGTK/webkit-2.10/Source/WebCore/ChangeLog 2015-10-26 08:16:18 UTC (rev 191568)
@@ -1,3 +1,22 @@
+2015-10-21 Dean Jackson <[email protected]>
+
+ Null dereference loading Blink layout test svg/filters/display-none-filter-primitive.html
+ https://bugs.webkit.org/show_bug.cgi?id=150212
+ <rdar://problem/23137376>
+
+ Reviewed by Brent Fulgham.
+
+ Handle the case where a filter element doesn't have a renderer. Inspired by the Blink
+ commit:
+ https://chromium.googlesource.com/chromium/src.git/+/fb79f7fc46552d45127acd2959a23662ad8f271e
+
+ Test: svg/filters/display-none-filter-primitive.html
+
+ * rendering/svg/RenderSVGResourceFilter.cpp:
+ (WebCore::RenderSVGResourceFilter::buildPrimitives):
+ * svg/graphics/filters/SVGFilterBuilder.cpp:
+ (WebCore::SVGFilterBuilder::appendEffectToEffectReferences):
+
2015-10-21 Carlos Garcia Campos <[email protected]>
ASSERTION FAILED: markFontData in FontCascade::emphasisMarkHeight
Modified: releases/WebKitGTK/webkit-2.10/Source/WebCore/rendering/svg/RenderSVGResourceFilter.cpp (191567 => 191568)
--- releases/WebKitGTK/webkit-2.10/Source/WebCore/rendering/svg/RenderSVGResourceFilter.cpp 2015-10-26 08:10:46 UTC (rev 191567)
+++ releases/WebKitGTK/webkit-2.10/Source/WebCore/rendering/svg/RenderSVGResourceFilter.cpp 2015-10-26 08:16:18 UTC (rev 191568)
@@ -90,7 +90,8 @@
builder->appendEffectToEffectReferences(effect, element.renderer());
element.setStandardAttributes(effect.get());
effect->setEffectBoundaries(SVGLengthContext::resolveRectangle<SVGFilterPrimitiveStandardAttributes>(&element, filterElement().primitiveUnits(), targetBoundingBox));
- effect->setOperatingColorSpace(element.renderer()->style().svgStyle().colorInterpolationFilters() == CI_LINEARRGB ? ColorSpaceLinearRGB : ColorSpaceDeviceRGB);
+ if (element.renderer())
+ effect->setOperatingColorSpace(element.renderer()->style().svgStyle().colorInterpolationFilters() == CI_LINEARRGB ? ColorSpaceLinearRGB : ColorSpaceDeviceRGB);
builder->add(element.result(), effect.release());
}
return builder;
Modified: releases/WebKitGTK/webkit-2.10/Source/WebCore/svg/graphics/filters/SVGFilterBuilder.cpp (191567 => 191568)
--- releases/WebKitGTK/webkit-2.10/Source/WebCore/svg/graphics/filters/SVGFilterBuilder.cpp 2015-10-26 08:10:46 UTC (rev 191567)
+++ releases/WebKitGTK/webkit-2.10/Source/WebCore/svg/graphics/filters/SVGFilterBuilder.cpp 2015-10-26 08:16:18 UTC (rev 191568)
@@ -68,7 +68,7 @@
// The effect must be a newly created filter effect.
ASSERT(!m_effectReferences.contains(effect));
- ASSERT(object && !m_effectRenderer.contains(object));
+ ASSERT(!object || !m_effectRenderer.contains(object));
m_effectReferences.add(effect, FilterEffectSet());
unsigned numberOfInputEffects = effect->inputEffects().size();
@@ -76,7 +76,12 @@
// It is not possible to add the same value to a set twice.
for (unsigned i = 0; i < numberOfInputEffects; ++i)
effectReferences(effect->inputEffect(i)).add(effect.get());
- m_effectRenderer.add(object, effect.get());
+
+ // If object is null, that means the element isn't attached for some
+ // reason, which in turn mean that certain types of invalidation will not
+ // work (the LayoutObject -> FilterEffect mapping will not be defined).
+ if (object)
+ m_effectRenderer.add(object, effect.get());
}
void SVGFilterBuilder::clearEffects()
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
