review.tizen.org Git - profile/ivi/webkit-efl.git/commit

Assert failure from capitalized RenderTextFragment
https://bugs.webkit.org/show_bug.cgi?id=82096

Patch by Ken Buchanan <kenrb@chromium.org> on 2012-03-26
Reviewed by Ryosuke Niwa.

Source/WebCore:

The cause of this bug was the call to RenderTextFragment::setTextInternal
resulting from a style change from RenderObject::addChild. The idea here
is to better separate the code path for transforming existing text from
the code path for replacing the underlying text of a node. For
RenderTextFragment this has to be clear because only in the latter case
does the first-letter get reset.

* rendering/RenderObject.cpp:
(WebCore::RenderObject::addChild): Added call to transformText
* rendering/RenderText.cpp:
(WebCore::RenderText::styleDidChange): Added call to transformText
(WebCore::RenderText::transformText): Added
* rendering/RenderText.h:
(WebCore::RenderText::setText): Changed to virtual so RenderTextFragment can override
(WebCore::RenderText::transformText): Added
* rendering/RenderTextFragment.cpp:
(WebCore::RenderTextFragment::styleDidChange): Removed references to
m_allowFragmentReset which was the previous approach to separating the
code paths
(WebCore::RenderTextFragment::setTextInternal): Deleted
(WebCore::RenderTextFragment::setText): Added with most of logic that was
previously in setTextInternal
(WebCore::RenderTextFragment::transformText): Added
* rendering/RenderTextFragment.h:
(WebCore::RenderTextFragment::setText): Added
(WebCore::RenderTextFragment::transformText): Added
(WebCore::RenderTextFragment::setTextInternal): Deleted

LayoutTests:

Test that exercises failure condition in bug 82096.

* fast/css/first-letter-capitalized-edit-select-crash-expected.txt: Added
* fast/css/first-letter-capitalized-edit-select-crash.html: Added

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@112200 268f45cc-cd09-0410-ab3c-d52691b4dbfc

author	commit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
	Tue, 27 Mar 2012 03:16:34 +0000 (03:16 +0000)
committer	commit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
	Tue, 27 Mar 2012 03:16:34 +0000 (03:16 +0000)
commit	98e5616e7e37c9ce2b75c09e1bdb14896b60834c
tree	c10f2fab360344e2fd2fd8f5164fac0d55c47b5b	tree \| snapshot
parent	f65930225ce3036b9b210d086b9febebf396987b	commit \| diff

LayoutTests/ChangeLog		diff \| blob \| history
LayoutTests/fast/css/first-letter-capitalized-edit-select-crash-expected.txt	[new file with mode: 0644]	blob
LayoutTests/fast/css/first-letter-capitalized-edit-select-crash.html	[new file with mode: 0644]	blob
Source/WebCore/ChangeLog		diff \| blob \| history
Source/WebCore/rendering/RenderObject.cpp		diff \| blob \| history
Source/WebCore/rendering/RenderText.cpp		diff \| blob \| history
Source/WebCore/rendering/RenderText.h		diff \| blob \| history
Source/WebCore/rendering/RenderTextFragment.cpp		diff \| blob \| history
Source/WebCore/rendering/RenderTextFragment.h		diff \| blob \| history