Changeset 200031 in webkit


Ignore:
Timestamp:
Apr 25, 2016 10:03:04 AM (8 years ago)
Author:
Antti Koivisto
Message:

REGRESSION(r156846): Crashes with guard malloc
https://bugs.webkit.org/show_bug.cgi?id=156984

Reviewed by Andreas Kling.

RenderElement::cachedFirstLineStyle() returns pointer to local std::unique_ptr.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::uncachedFirstLineStyle):
(WebCore::RenderElement::cachedFirstLineStyle):
(WebCore::RenderElement::firstLineStyle):
(WebCore::firstLineStyleForCachedUncachedType): Deleted.

Don't try to use a single function for the cached and uncached cases. Separate the cases into the calling functions.

Location:
trunk/Source/WebCore
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebCore/ChangeLog

    r200030 r200031  
     12016-04-25  Antti Koivisto  <antti@apple.com>
     2
     3        REGRESSION(r156846): Crashes with guard malloc
     4        https://bugs.webkit.org/show_bug.cgi?id=156984
     5
     6        Reviewed by Andreas Kling.
     7
     8        RenderElement::cachedFirstLineStyle() returns pointer to local std::unique_ptr.
     9
     10        * rendering/RenderElement.cpp:
     11        (WebCore::RenderElement::uncachedFirstLineStyle):
     12        (WebCore::RenderElement::cachedFirstLineStyle):
     13        (WebCore::RenderElement::firstLineStyle):
     14        (WebCore::firstLineStyleForCachedUncachedType): Deleted.
     15
     16            Don't try to use a single function for the cached and uncached cases. Separate the cases into the calling functions.
     17
    1182016-04-25  Daniel Bates  <dabates@apple.com>
    219
  • trunk/Source/WebCore/rendering/RenderElement.cpp

    r199964 r200031  
    211211};
    212212
    213 static std::unique_ptr<RenderStyle> firstLineStyleForCachedUncachedType(StyleCacheState type, const RenderElement& renderer, RenderStyle* style)
    214 {
    215     RenderElement& rendererForFirstLineStyle = renderer.isBeforeOrAfterContent() ? *renderer.parent() : const_cast<RenderElement&>(renderer);
     213std::unique_ptr<RenderStyle> RenderElement::uncachedFirstLineStyle(RenderStyle* style) const
     214{
     215    if (!view().usesFirstLineRules())
     216        return nullptr;
     217
     218    RenderElement& rendererForFirstLineStyle = isBeforeOrAfterContent() ? *parent() : const_cast<RenderElement&>(*this);
    216219
    217220    if (rendererForFirstLineStyle.isRenderBlockFlow() || rendererForFirstLineStyle.isRenderButton()) {
    218         if (RenderBlock* firstLineBlock = rendererForFirstLineStyle.firstLineBlock()) {
    219             if (type == Cached)
    220                 return RenderStyle::clone(firstLineBlock->getCachedPseudoStyle(FIRST_LINE, style));
    221             return firstLineBlock->getUncachedPseudoStyle(PseudoStyleRequest(FIRST_LINE), style, firstLineBlock == &renderer ? style : nullptr);
    222         }
     221        if (RenderBlock* firstLineBlock = rendererForFirstLineStyle.firstLineBlock())
     222            return firstLineBlock->getUncachedPseudoStyle(PseudoStyleRequest(FIRST_LINE), style, firstLineBlock == this ? style : nullptr);
     223    } else if (!rendererForFirstLineStyle.isAnonymous() && rendererForFirstLineStyle.isRenderInline()) {
     224        RenderStyle& parentStyle = rendererForFirstLineStyle.parent()->firstLineStyle();
     225        if (&parentStyle != &rendererForFirstLineStyle.parent()->style())
     226            return rendererForFirstLineStyle.getUncachedPseudoStyle(PseudoStyleRequest(FIRST_LINE_INHERITED), &parentStyle, style);
     227    }
     228    return nullptr;
     229}
     230
     231RenderStyle* RenderElement::cachedFirstLineStyle() const
     232{
     233    ASSERT(view().usesFirstLineRules());
     234
     235    RenderElement& rendererForFirstLineStyle = isBeforeOrAfterContent() ? *parent() : const_cast<RenderElement&>(*this);
     236
     237    if (rendererForFirstLineStyle.isRenderBlockFlow() || rendererForFirstLineStyle.isRenderButton()) {
     238        if (RenderBlock* firstLineBlock = rendererForFirstLineStyle.firstLineBlock())
     239            return firstLineBlock->getCachedPseudoStyle(FIRST_LINE, &style());
    223240    } else if (!rendererForFirstLineStyle.isAnonymous() && rendererForFirstLineStyle.isRenderInline()) {
    224241        RenderStyle& parentStyle = rendererForFirstLineStyle.parent()->firstLineStyle();
    225242        if (&parentStyle != &rendererForFirstLineStyle.parent()->style()) {
    226             if (type == Cached) {
    227                 // A first-line style is in effect. Cache a first-line style for ourselves.
    228                 rendererForFirstLineStyle.style().setHasPseudoStyle(FIRST_LINE_INHERITED);
    229                 return RenderStyle::clone(rendererForFirstLineStyle.getCachedPseudoStyle(FIRST_LINE_INHERITED, &parentStyle));
    230             }
    231             return rendererForFirstLineStyle.getUncachedPseudoStyle(PseudoStyleRequest(FIRST_LINE_INHERITED), &parentStyle, style);
    232         }
    233     }
    234     return nullptr;
    235 }
    236 
    237 std::unique_ptr<RenderStyle> RenderElement::uncachedFirstLineStyle(RenderStyle* style) const
    238 {
    239     if (!view().usesFirstLineRules())
    240         return nullptr;
    241 
    242     return firstLineStyleForCachedUncachedType(Uncached, *this, style);
    243 }
    244 
    245 RenderStyle* RenderElement::cachedFirstLineStyle() const
    246 {
    247     ASSERT(view().usesFirstLineRules());
    248 
    249     RenderStyle& style = this->style();
    250     if (std::unique_ptr<RenderStyle> firstLineStyle = firstLineStyleForCachedUncachedType(Cached, *this, &style))
    251         return firstLineStyle.get();
    252 
    253     return &style;
     243            // A first-line style is in effect. Cache a first-line style for ourselves.
     244            rendererForFirstLineStyle.style().setHasPseudoStyle(FIRST_LINE_INHERITED);
     245            return rendererForFirstLineStyle.getCachedPseudoStyle(FIRST_LINE_INHERITED, &parentStyle);
     246        }
     247    }
     248
     249    return &style();
    254250}
    255251
Note: See TracChangeset for help on using the changeset viewer.