Changeset 217019 in webkit


Ignore:
Timestamp:
May 17, 2017 5:29:07 PM (7 years ago)
Author:
Alan Bujtas
Message:

Tighten TextIterator::handleTextNode run-renderer mapping logic.
https://bugs.webkit.org/show_bug.cgi?id=172174

Reviewed by Antti Koivisto.

Source/WebCore:

This patch ensure that when runs and renderers are getting out of sync
we don't run into problems like webkit.org/b/172113 (where we end up
using incorrect content start/end positions).

  • editing/TextIterator.cpp:

(WebCore::TextIterator::handleTextNode):

LayoutTests:

  • fast/shadow-dom/slot-crash-expected.txt:
Location:
trunk
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • trunk/LayoutTests/ChangeLog

    r217014 r217019  
     12017-05-17  Zalan Bujtas  <zalan@apple.com>
     2
     3        Tighten TextIterator::handleTextNode run-renderer mapping logic.
     4        https://bugs.webkit.org/show_bug.cgi?id=172174
     5
     6        Reviewed by Antti Koivisto.
     7
     8        * fast/shadow-dom/slot-crash-expected.txt:
     9
    1102017-05-17  John Wilander  <wilander@apple.com>
    211

  • trunk/Source/WebCore/ChangeLog

    r217014 r217019  
     12017-05-17  Zalan Bujtas  <zalan@apple.com>
     2
     3        Tighten TextIterator::handleTextNode run-renderer mapping logic.
     4        https://bugs.webkit.org/show_bug.cgi?id=172174
     5
     6        Reviewed by Antti Koivisto.
     7
     8        This patch ensure that when runs and renderers are getting out of sync
     9        we don't run into problems like webkit.org/b/172113 (where we end up
     10        using incorrect content start/end positions).
     11
     12        * editing/TextIterator.cpp:
     13        (WebCore::TextIterator::handleTextNode):
     14
    1152017-05-17  John Wilander  <wilander@apple.com>
    216

  • trunk/Source/WebCore/editing/TextIterator.cpp

    r216966 r217019  
    649649        auto it = range.begin();
    650650        auto end = range.end();
    651         while (it != end && (*it).end() <= (static_cast<unsigned>(m_offset) + m_accumulatedSimpleTextLengthInFlow))
     651        auto startPosition = static_cast<unsigned>(m_offset) + m_accumulatedSimpleTextLengthInFlow;
     652        while (it != end && (*it).end() <= startPosition)
    652653            ++it;
    653654        if (m_nextRunNeedsWhitespace && rendererText[m_offset - 1] == '\n') {
     
    665666            return false;
    666667        }
    667         const auto run = *it;
     668        // If the position we are looking for is to the left of the renderer's first run, it could mean that
     669        // the runs and the renderers are out of sync (e.g. we skipped a renderer in between).
     670        // Better bail out at this point.
     671        auto run = *it;
     672        if (run.start() > startPosition) {
     673            ASSERT(m_flowRunResolverCache);
     674            if (&(rendererForPosition(m_flowRunResolverCache->flowContents(), startPosition)) != &renderer) {
     675                ASSERT_NOT_REACHED();
     676                return true;
     677            }
     678        }
    668679        ASSERT(run.end() - run.start() <= rendererText.length());
    669680        // contentStart skips leading whitespace.

  • trunk/Source/WebCore/rendering/SimpleLineLayoutFlowContents.h

    r215054 r217019  
    5151    };
    5252    const Segment& segmentForRun(unsigned start, unsigned end) const;
     53    const Segment& segmentForPosition(unsigned) const;
    5354
    5455    typedef Vector<Segment, 8>::const_iterator Iterator;
     
    7172}
    7273
     74inline const FlowContents::Segment& FlowContents::segmentForPosition(unsigned position) const
     75{
     76    auto it = std::lower_bound(m_segments.begin(), m_segments.end(), position, [](const Segment& segment, unsigned position) {
     77        return segment.end <= position;
     78    });
     79    ASSERT(it != m_segments.end());
     80    return m_segments[it - m_segments.begin()];
     81}
     82
    7383}
    7484}

  • trunk/Source/WebCore/rendering/SimpleLineLayoutFunctions.cpp

    r215878 r217019  
    4141#include "RenderView.h"
    4242#include "Settings.h"
     43#include "SimpleLineLayoutFlowContents.h"
    4344#include "SimpleLineLayoutResolver.h"
    4445#include "Text.h"
     
    255256}
    256257
     258const RenderObject& rendererForPosition(const FlowContents& flowContents, unsigned position)
     259{
     260    return flowContents.segmentForPosition(position).renderer;
     261}
     262
    257263#if ENABLE(TREE_DEBUGGING)
    258264static void printPrefix(int& printedCharacters, int depth)

  • trunk/Source/WebCore/rendering/SimpleLineLayoutFunctions.h

    r213723 r217019  
    4040
    4141namespace SimpleLineLayout {
     42class FlowContents;
    4243
    4344LayoutUnit computeFlowHeight(const RenderBlockFlow&, const Layout&);
     
    6465LayoutUnit lineHeightFromFlow(const RenderBlockFlow&);
    6566LayoutUnit baselineFromFlow(const RenderBlockFlow&);
     67
     68const RenderObject& rendererForPosition(const FlowContents&, unsigned);
    6669
    6770#if ENABLE(TREE_DEBUGGING)
Note: See TracChangeset for help on using the changeset viewer.