Changeset 107059 in webkit
- Timestamp:
- Feb 8, 2012 2:42:55 AM (12 years ago)
- Location:
- trunk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r107058 r107059 1 2012-02-08 Nikolas Zimmermann <nzimmermann@rim.com> 2 3 [Qt] REGRESSION(r106918): It made svg/zoom/page/zoom-foreignObject.svg crash with Qt5-WK1 4 https://bugs.webkit.org/show_bug.cgi?id=77995 5 6 Reviewed by Csaba Osztrogonác. 7 8 * platform/qt/Skipped: Unskip previously skipped tests. 9 1 10 2012-02-08 Pablo Flouret <pablof@motorola.com> 2 11 -
trunk/LayoutTests/platform/qt/Skipped
r107052 r107059 2539 2539 # https://bugs.webkit.org/show_bug.cgi?id=78026 2540 2540 svg/as-object/nested-embedded-svg-size-changes.html 2541 2542 # [Qt] REGRESSION(r106918): It made svg/zoom/page/zoom-foreignObject.svg crash with Qt5-WK12543 # https://bugs.webkit.org/show_bug.cgi?id=779952544 svg/zoom/page/zoom-background-images.html2545 svg/zoom/page/zoom-coords-viewattr-01-b.svg -
trunk/Source/WebCore/ChangeLog
r107058 r107059 1 2012-02-08 Nikolas Zimmermann <nzimmermann@rim.com> 2 3 [Qt] REGRESSION(r106918): It made svg/zoom/page/zoom-foreignObject.svg crash with Qt5-WK1 4 https://bugs.webkit.org/show_bug.cgi?id=77995 5 6 Reviewed by Csaba Osztrogonác. 7 8 From the stack traces it's obvious that SVGImageChromeClient tried to invalidate the root view, 9 while its SVGImage was being destructed, due to an updateStyleIfNeeded() call, coming 10 from frameDetached(). There's no point in redrawing there, so we should just stop it. 11 12 Covered by existing tests on the Qt but, unfortunately I couldn't reproduce it on Mac. 13 14 * svg/graphics/SVGImage.cpp: 15 (WebCore::SVGImageChromeClient::invalidateContentsAndRootView): Stop invalidating if m_page is 0. 16 (WebCore::SVGImage::~SVGImage): Clear m_page, so that SVGImageChromeClient knows we're destructing. 17 * svg/graphics/SVGImage.h: 18 1 19 2012-02-08 Pablo Flouret <pablof@motorola.com> 2 20 -
trunk/Source/WebCore/svg/graphics/SVGImage.cpp
r105513 r107059 76 76 virtual void invalidateContentsAndRootView(const IntRect& r, bool) 77 77 { 78 if (m_image && m_image->imageObserver()) 78 // If m_image->m_page is null, we're being destructed, don't fire changedInRect() in that case. 79 if (m_image && m_image->imageObserver() && m_image->m_page) 79 80 m_image->imageObserver()->changedInRect(m_image, r); 80 81 } … … 91 92 { 92 93 if (m_page) { 93 m_page->mainFrame()->loader()->frameDetached(); // Break both the loader and view references to the frame 94 95 // Clear explicitly because we want to delete the page before the ChromeClient. 96 // FIXME: I believe that's already guaranteed by C++ object destruction rules, 97 // so this may matter only for the assertion below. 98 m_page.clear(); 94 // Store m_page in a local variable, clearing m_page, so that SVGImageChromeClient knows we're destructed. 95 OwnPtr<Page> currentPage = m_page.release(); 96 currentPage->mainFrame()->loader()->frameDetached(); // Break both the loader and view references to the frame 99 97 } 100 98 -
trunk/Source/WebCore/svg/graphics/SVGImage.h
r105513 r107059 62 62 63 63 private: 64 friend class SVGImageChromeClient; 64 65 virtual ~SVGImage(); 65 66
Note: See TracChangeset
for help on using the changeset viewer.