Changeset 116527 in webkit


Ignore:
Timestamp:
May 9, 2012 8:37:33 AM (12 years ago)
Author:
commit-queue@webkit.org
Message:

Crash in WebCore::RenderBoxModelObject::paddingLeft
https://bugs.webkit.org/show_bug.cgi?id=83889

Patch by Takashi Sakamoto <tasak@google.com> on 2012-05-09
Reviewed by Abhishek Arya.

Source/WebCore:

RenderScrollbar creates RenderScrollbarPart without any parent
renderers. However, if the scrollbar has percent padding styles,
non-null parent renderer is required. So after creating/destroying
RenderScrollbarPart instances, set owningRenderer(creating)/0
(destroying) as its parent renderer.

Test: scrollbars/scrollbar-percent-padding-crash.html

scrollbars/scrollbar-percent-padding-crash-expected.txt

  • rendering/RenderScrollbar.cpp:

(WebCore::RenderScrollbar::updateScrollbarPart):
Added setParent after creating/destroying RenderScrollbarPart.

  • rendering/RenderScrollbarPart.cpp:

Made RenderScollbar friend, because setParent is protected and
RenderScrollbar is not inherited from class RenderObject.

LayoutTests:

As just invoking layoutTestController.display() invokes scrollbar's
WebCore::RenderScrollbarPart::paintIntoRect(), adding display() after
invoking layoutTestController.dumpAsText().

  • scrollbars/scrollbar-percent-padding-crash.html: Added.
  • scrollbars/scrollbar-percent-padding-crash-expected.txt: Added.
Location:
trunk
Files:
2 added
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r116524 r116527  
     12012-05-09  Takashi Sakamoto  <tasak@google.com>
     2
     3        Crash in WebCore::RenderBoxModelObject::paddingLeft
     4        https://bugs.webkit.org/show_bug.cgi?id=83889
     5
     6        Reviewed by Abhishek Arya.
     7
     8        As just invoking layoutTestController.display() invokes scrollbar's
     9        WebCore::RenderScrollbarPart::paintIntoRect(), adding display() after
     10        invoking layoutTestController.dumpAsText().
     11
     12        * scrollbars/scrollbar-percent-padding-crash.html: Added.
     13        * scrollbars/scrollbar-percent-padding-crash-expected.txt: Added.
     14
    1152012-05-09  Antti Koivisto  <antti@apple.com>
    216
  • trunk/Source/WebCore/ChangeLog

    r116521 r116527  
     12012-05-09  Takashi Sakamoto  <tasak@google.com>
     2
     3        Crash in WebCore::RenderBoxModelObject::paddingLeft
     4        https://bugs.webkit.org/show_bug.cgi?id=83889
     5
     6        Reviewed by Abhishek Arya.
     7
     8        RenderScrollbar creates RenderScrollbarPart without any parent
     9        renderers. However, if the scrollbar has percent padding styles,
     10        non-null parent renderer is required. So after creating/destroying
     11        RenderScrollbarPart instances, set owningRenderer(creating)/0
     12        (destroying) as its parent renderer.
     13
     14        Test: scrollbars/scrollbar-percent-padding-crash.html
     15              scrollbars/scrollbar-percent-padding-crash-expected.txt
     16
     17        * rendering/RenderScrollbar.cpp:
     18        (WebCore::RenderScrollbar::updateScrollbarPart):
     19        Added setParent after creating/destroying RenderScrollbarPart.
     20        * rendering/RenderScrollbarPart.cpp:
     21        Made RenderScollbar friend, because setParent is protected and
     22        RenderScrollbar is not inherited from class RenderObject.
     23
    1242012-05-09  Takashi Sakamoto  <tasak@google.com>
    225
  • trunk/Source/WebCore/rendering/RenderScrollbar.cpp

    r116476 r116527  
    271271    if (!partRenderer && needRenderer) {
    272272        partRenderer = new (owningRenderer()->renderArena()) RenderScrollbarPart(owningRenderer()->document(), this, partType);
     273        partRenderer->setParent(owningRenderer());
    273274        m_parts.set(partType, partRenderer);
    274275    } else if (partRenderer && !needRenderer) {
    275276        m_parts.remove(partType);
     277        partRenderer->setParent(0);
    276278        partRenderer->destroy();
    277279        partRenderer = 0;
  • trunk/Source/WebCore/rendering/RenderScrollbarPart.h

    r110505 r116527  
    3636class RenderScrollbarPart : public RenderBlock {
    3737public:
     38    friend class RenderScrollbar;
     39
    3840    RenderScrollbarPart(Node*, RenderScrollbar* = 0, ScrollbarPart = NoPart);
    3941    virtual ~RenderScrollbarPart();
Note: See TracChangeset for help on using the changeset viewer.