Changeset 129955 in webkit
- Timestamp:
- Sep 28, 2012 3:42:57 PM (12 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r129954 r129955 1 2012-09-28 Julien Chaffraix <jchaffraix@webkit.org> 2 3 REGRESSION(r124168): Null crash in RenderLayer::createScrollbar 4 https://bugs.webkit.org/show_bug.cgi?id=96863 5 6 Reviewed by Abhishek Arya. 7 8 * scrollbars/scrollbar-content-crash-expected.txt: Added. 9 * scrollbars/scrollbar-content-crash.html: Added. 10 1 11 2012-09-28 Ojan Vafai <ojan@chromium.org> 2 12 -
trunk/Source/WebCore/ChangeLog
r129945 r129955 1 2012-09-28 Julien Chaffraix <jchaffraix@webkit.org> 2 3 REGRESSION(r124168): Null crash in RenderLayer::createScrollbar 4 https://bugs.webkit.org/show_bug.cgi?id=96863 5 6 Reviewed by Abhishek Arya. 7 8 After r124168, we synchronously create any overflow:scroll scrollbar on the first style change - we used to wait 9 until layout was called. The issue is that the logic in RenderLayer assumes that our node is completely attached 10 when the style change is dispatched. The crash occured because the 'content' image code path in 11 RenderObject::createObject triggered a style change too early. 12 13 Test: scrollbars/scrollbar-content-crash.html 14 15 * rendering/RenderObject.cpp: 16 (WebCore::RenderObject::createObject): 17 We need a style associated with the new RenderImage to call setImageResource but we don't need to trigger a 18 style change. 19 1 20 2012-09-28 Ben Wagner <bungeman@chromium.org> 2 21 -
trunk/Source/WebCore/rendering/RenderObject.cpp
r129934 r129955 133 133 if (contentData && !contentData->next() && contentData->isImage() && doc != node) { 134 134 RenderImage* image = new (arena) RenderImage(node); 135 image->setStyle(style); 135 // RenderImageResourceStyleImage requires a style being present on the image but we don't want to 136 // trigger a style change now as the node is not fully attached. Moving this code to style change 137 // doesn't make sense as it should be run once at renderer creation. 138 image->m_style = style; 136 139 if (const StyleImage* styleImage = static_cast<const ImageContentData*>(contentData)->image()) { 137 140 image->setImageResource(RenderImageResourceStyleImage::create(const_cast<StyleImage*>(styleImage))); … … 139 142 } else 140 143 image->setImageResource(RenderImageResource::create()); 144 image->m_style = 0; 141 145 return image; 142 146 }
Note: See TracChangeset
for help on using the changeset viewer.