Diff
Modified: trunk/LayoutTests/ChangeLog (96257 => 96258)
--- trunk/LayoutTests/ChangeLog 2011-09-28 20:51:10 UTC (rev 96257)
+++ trunk/LayoutTests/ChangeLog 2011-09-28 20:55:50 UTC (rev 96258)
@@ -1,3 +1,13 @@
+2011-09-28 Dimitri Glazkov <[email protected]>
+
+ REGRESSION(r95573): Crash when loading SVG documents in a flattened frame or any SVG document in Chromium/Mac.
+ https://bugs.webkit.org/show_bug.cgi?id=68938
+
+ Reviewed by David Hyatt.
+
+ * fast/frames/flattening/crash-svg-document-expected.txt: Added.
+ * fast/frames/flattening/crash-svg-document.html: Added.
+
2011-09-28 Una Sabovic <[email protected]>
Setting innerText to an empty string on editable div loses focus
Added: trunk/LayoutTests/fast/frames/flattening/crash-svg-document-expected.txt (0 => 96258)
--- trunk/LayoutTests/fast/frames/flattening/crash-svg-document-expected.txt (rev 0)
+++ trunk/LayoutTests/fast/frames/flattening/crash-svg-document-expected.txt 2011-09-28 20:55:50 UTC (rev 96258)
@@ -0,0 +1 @@
+Should not crash.
Property changes on: trunk/LayoutTests/fast/frames/flattening/crash-svg-document-expected.txt
___________________________________________________________________
Added: svn:eol-style
Added: trunk/LayoutTests/fast/frames/flattening/crash-svg-document.html (0 => 96258)
--- trunk/LayoutTests/fast/frames/flattening/crash-svg-document.html (rev 0)
+++ trunk/LayoutTests/fast/frames/flattening/crash-svg-document.html 2011-09-28 20:55:50 UTC (rev 96258)
@@ -0,0 +1,12 @@
+<body>
+<script>
+
+if (window.layoutTestController) {
+ layoutTestController.setFrameFlatteningEnabled(true);
+ layoutTestController.dumpAsText();
+}
+
+</script>
+<iframe src="" xmlns='http://www.w3.org/2000/svg'></svg>"></iframe>
+Should not crash.
+</body>
\ No newline at end of file
Property changes on: trunk/LayoutTests/fast/frames/flattening/crash-svg-document.html
___________________________________________________________________
Added: svn:eol-style
Modified: trunk/Source/WebCore/ChangeLog (96257 => 96258)
--- trunk/Source/WebCore/ChangeLog 2011-09-28 20:51:10 UTC (rev 96257)
+++ trunk/Source/WebCore/ChangeLog 2011-09-28 20:55:50 UTC (rev 96258)
@@ -1,3 +1,15 @@
+2011-09-27 Dimitri Glazkov <[email protected]>
+
+ REGRESSION(r95573): Crash when loading SVG documents in a flattened frame or any SVG document in Chromium/Mac.
+ https://bugs.webkit.org/show_bug.cgi?id=68938
+
+ Reviewed by David Hyatt.
+
+ Test: all svg tests in LayoutTests.
+
+ * rendering/RenderBlock.cpp:
+ (WebCore::RenderBlock::computeBlockPreferredLogicalWidths): Added a null-check for containingBlock.
+
2011-09-28 Una Sabovic <[email protected]>
Setting innerText to an empty string on editable div loses focus
Modified: trunk/Source/WebCore/rendering/RenderBlock.cpp (96257 => 96258)
--- trunk/Source/WebCore/rendering/RenderBlock.cpp 2011-09-28 20:51:10 UTC (rev 96257)
+++ trunk/Source/WebCore/rendering/RenderBlock.cpp 2011-09-28 20:55:50 UTC (rev 96258)
@@ -4887,7 +4887,8 @@
float inlineMax = 0;
float inlineMin = 0;
- LayoutUnit cw = containingBlock()->contentLogicalWidth();
+ RenderBlock* containingBlock = this->containingBlock();
+ LayoutUnit cw = containingBlock ? containingBlock->contentLogicalWidth() : 0;
// If we are at the start of a line, we want to ignore all white-space.
// Also strip spaces if we previously had text that ended in a trailing space.
@@ -5152,6 +5153,7 @@
bool nowrap = style()->whiteSpace() == NOWRAP;
RenderObject *child = firstChild();
+ RenderBlock* containingBlock = this->containingBlock();
LayoutUnit floatLeftWidth = 0, floatRightWidth = 0;
while (child) {
// Positioned children don't affect the min/max width
@@ -5200,7 +5202,7 @@
// Determine a left and right max value based off whether or not the floats can fit in the
// margins of the object. For negative margins, we will attempt to overlap the float if the negative margin
// is smaller than the float width.
- bool ltr = containingBlock()->style()->isLeftToRightDirection();
+ bool ltr = containingBlock ? containingBlock->style()->isLeftToRightDirection() : style()->isLeftToRightDirection();
LayoutUnit marginLogicalLeft = ltr ? marginStart : marginEnd;
LayoutUnit marginLogicalRight = ltr ? marginEnd : marginStart;
LayoutUnit maxLeft = marginLogicalLeft > 0 ? max(floatLeftWidth, marginLogicalLeft) : floatLeftWidth + marginLogicalLeft;
@@ -5234,9 +5236,9 @@
// of 100px because of the table.
// We can achieve this effect by making the maxwidth of blocks that contain tables
// with percentage widths be infinite (as long as they are not inside a table cell).
- if (document()->inQuirksMode() && child->style()->logicalWidth().isPercent() &&
- !isTableCell() && child->isTable() && m_maxPreferredLogicalWidth < BLOCK_MAX_WIDTH) {
- RenderBlock* cb = containingBlock();
+ if (containingBlock && document()->inQuirksMode() && child->style()->logicalWidth().isPercent()
+ && !isTableCell() && child->isTable() && m_maxPreferredLogicalWidth < BLOCK_MAX_WIDTH) {
+ RenderBlock* cb = containingBlock;
while (!cb->isRenderView() && !cb->isTableCell())
cb = cb->containingBlock();
if (!cb->isTableCell())
Modified: trunk/Tools/ChangeLog (96257 => 96258)
--- trunk/Tools/ChangeLog 2011-09-28 20:51:10 UTC (rev 96257)
+++ trunk/Tools/ChangeLog 2011-09-28 20:55:50 UTC (rev 96258)
@@ -1,3 +1,16 @@
+2011-09-27 Dimitri Glazkov <[email protected]>
+
+ REGRESSION(r95573): Crash when loading SVG documents in a flattened frame or any SVG document in Chromium/Mac.
+ https://bugs.webkit.org/show_bug.cgi?id=68938
+
+ Made Chromium/Mac DRT better match how Chromium/Mac queries WebKit.
+
+ Reviewed by David Hyatt.
+
+ * DumpRenderTree/chromium/WebViewHost.cpp:
+ (WebViewHost::didUpdateLayout): Added width/height queries.
+ * DumpRenderTree/chromium/WebViewHost.h: Updated defs.
+
2011-09-28 Mihai Parparita <[email protected]>
Get rebaseline server running again
Modified: trunk/Tools/DumpRenderTree/chromium/WebViewHost.cpp (96257 => 96258)
--- trunk/Tools/DumpRenderTree/chromium/WebViewHost.cpp 2011-09-28 20:51:10 UTC (rev 96257)
+++ trunk/Tools/DumpRenderTree/chromium/WebViewHost.cpp 2011-09-28 20:55:50 UTC (rev 96258)
@@ -794,6 +794,24 @@
return webkit_support::CreateApplicationCacheHost(frame, client);
}
+void WebViewHost::didUpdateLayout(WebFrame*)
+{
+#if OS(MAC_OS_X)
+ static bool queryingPreferredSize = false;
+ if (queryingPreferredSize)
+ return;
+
+ queryingPreferredSize = true;
+ // Query preferred width to emulate the same functionality in Chromium:
+ // see RenderView::CheckPreferredSize (src/content/renderer/render_view.cc)
+ // and TabContentsViewMac::RenderViewCreated (src/chrome/browser/tab_contents/tab_contents_view_mac.mm)
+ webView()->mainFrame()->contentsPreferredWidth();
+ webView()->mainFrame()->documentElementScrollHeight();
+ queryingPreferredSize = false;
+#endif
+}
+
+
void WebViewHost::loadURLExternally(WebFrame* frame, const WebURLRequest& request, WebNavigationPolicy policy)
{
loadURLExternally(frame, request, policy, WebString());
Modified: trunk/Tools/DumpRenderTree/chromium/WebViewHost.h (96257 => 96258)
--- trunk/Tools/DumpRenderTree/chromium/WebViewHost.h 2011-09-28 20:51:10 UTC (rev 96257)
+++ trunk/Tools/DumpRenderTree/chromium/WebViewHost.h 2011-09-28 20:55:50 UTC (rev 96258)
@@ -171,6 +171,7 @@
virtual WebKit::WebWorker* createWorker(WebKit::WebFrame*, WebKit::WebWorkerClient*);
virtual WebKit::WebMediaPlayer* createMediaPlayer(WebKit::WebFrame*, WebKit::WebMediaPlayerClient*);
virtual WebKit::WebApplicationCacheHost* createApplicationCacheHost(WebKit::WebFrame*, WebKit::WebApplicationCacheHostClient*);
+ virtual void didUpdateLayout(WebKit::WebFrame*);
virtual void loadURLExternally(WebKit::WebFrame*, const WebKit::WebURLRequest&, WebKit::WebNavigationPolicy);
virtual void loadURLExternally(WebKit::WebFrame*, const WebKit::WebURLRequest&, WebKit::WebNavigationPolicy, const WebKit::WebString& downloadName);
virtual WebKit::WebNavigationPolicy decidePolicyForNavigation(
