projects / profile / ivi / webkit-efl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fec43b8)
Rapidly refreshing a feMorphology[erode] with r=0 can sometimes cause display corruption
authortimothy_horton@apple.com <timothy_horton@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 27 Sep 2011 20:54:16 +0000 (20:54 +0000)
committertimothy_horton@apple.com <timothy_horton@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 27 Sep 2011 20:54:16 +0000 (20:54 +0000)
https://bugs.webkit.org/show_bug.cgi?id=68816
<rdar://problem/10186468>

Reviewed by Simon Fraser.

If a filter returns without writing into its result buffer, make sure to return an cleared buffer.

Test: svg/filters/feMorphology-zero-radius.svg

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@96151 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog patch | blob | history
LayoutTests/svg/filters/feMorphology-zero-radius-expected.png [new file with mode: 0644] patch | blob
LayoutTests/svg/filters/feMorphology-zero-radius-expected.txt [new file with mode: 0644] patch | blob
LayoutTests/svg/filters/feMorphology-zero-radius.svg [new file with mode: 0644] patch | blob
Source/JavaScriptCore/ChangeLog patch | blob | history
Source/JavaScriptCore/wtf/ByteArray.h patch | blob | history
Source/WebCore/ChangeLog patch | blob | history
Source/WebCore/platform/graphics/filters/FEMorphology.cpp patch | blob | history
Source/WebCore/platform/graphics/filters/FETurbulence.cpp patch | blob | history

diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index fb0d566..1950efe 100644 (file)
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,17 @@
+2011-09-27  Tim Horton  <timothy_horton@apple.com>
+
+        Rapidly refreshing a feMorphology[erode] with r=0 can sometimes cause display corruption
+        https://bugs.webkit.org/show_bug.cgi?id=68816
+        <rdar://problem/10186468>
+
+        Reviewed by Simon Fraser.
+
+        Add a test which ensures that a zero-radius feMorphology filter returns cleared memory.
+
+        * svg/filters/feMorphology-zero-radius-expected.png: Added.
+        * svg/filters/feMorphology-zero-radius-expected.txt: Added.
+        * svg/filters/feMorphology-zero-radius.svg: Added.
+
 2011-09-27  David Hyatt  <hyatt@apple.com>
 
         https://bugs.webkit.org/show_bug.cgi?id=68922
diff --git a/LayoutTests/svg/filters/feMorphology-zero-radius-expected.png b/LayoutTests/svg/filters/feMorphology-zero-radius-expected.png
new file mode 100644 (file)
index 0000000..172a430
Binary files /dev/null and b/LayoutTests/svg/filters/feMorphology-zero-radius-expected.png differ
diff --git a/LayoutTests/svg/filters/feMorphology-zero-radius-expected.txt b/LayoutTests/svg/filters/feMorphology-zero-radius-expected.txt
new file mode 100644 (file)
index 0000000..8b13789
--- /dev/null
+++ b/LayoutTests/svg/filters/feMorphology-zero-radius-expected.txt
@@ -0,0 +1 @@
+
diff --git a/LayoutTests/svg/filters/feMorphology-zero-radius.svg b/LayoutTests/svg/filters/feMorphology-zero-radius.svg
new file mode 100644 (file)
index 0000000..1120575
--- /dev/null
+++ b/LayoutTests/svg/filters/feMorphology-zero-radius.svg
@@ -0,0 +1,30 @@
+<svg id="svg" width="100%" height="100%" xmlns="http://www.w3.org/2000/svg">
+<title>The entire image should be white.</title>
+<defs>
+    <filter id="morph">
+        <feMorphology operator="erode" radius="0"/>
+    </filter>
+</defs>
+<script>
+    <![CDATA[
+    for(var i = 0; i < 100; i+=5)
+    {
+        for(var j = 0; j < 100; j+=5)
+        {
+            var rect = document.createElementNS("http://www.w3.org/2000/svg", "rect");
+            rect.setAttribute("x", i);
+            rect.setAttribute("y", j);
+            rect.setAttribute("width", "5");
+            rect.setAttribute("height", "5");
+            rect.setAttribute("filter", "url(#morph)");
+            
+            document.getElementById("svg").appendChild(rect);
+        }
+    }
+
+    if (window.layoutTestController)
+        window.layoutTestController.dumpAsText();
+    ]]>
+</script>
+
+</svg>
diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog
index 4a7ba48..699ad8b 100644 (file)
--- a/Source/JavaScriptCore/ChangeLog
+++ b/Source/JavaScriptCore/ChangeLog
@@ -1,3 +1,16 @@
+2011-09-27  Tim Horton  <timothy_horton@apple.com>
+
+        Rapidly refreshing a feMorphology[erode] with r=0 can sometimes cause display corruption
+        https://bugs.webkit.org/show_bug.cgi?id=68816
+        <rdar://problem/10186468>
+
+        Reviewed by Simon Fraser.
+        
+        Add ByteArray::clear, which zeros the memory in the ByteArray.
+
+        * wtf/ByteArray.h:
+        (WTF::ByteArray::clear): Added.
+
 2011-09-27  Sheriff Bot  <webkit.review.bot@gmail.com>
 
         Unreviewed, rolling out r96131.
diff --git a/Source/JavaScriptCore/wtf/ByteArray.h b/Source/JavaScriptCore/wtf/ByteArray.h
index 47b1cff..7002096 100644 (file)
--- a/Source/JavaScriptCore/wtf/ByteArray.h
+++ b/Source/JavaScriptCore/wtf/ByteArray.h
@@ -70,6 +70,8 @@ namespace WTF {
 
         unsigned char* data() { return m_data; }
 
+        void clear() { memset(m_data, 0, m_size); }
+
         void deref()
         {
             if (derefBase()) {
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
index 57c2e77..0ef0bd7 100644 (file)
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog
@@ -1,3 +1,20 @@
+2011-09-27  Tim Horton  <timothy_horton@apple.com>
+
+        Rapidly refreshing a feMorphology[erode] with r=0 can sometimes cause display corruption
+        https://bugs.webkit.org/show_bug.cgi?id=68816
+        <rdar://problem/10186468>
+
+        Reviewed by Simon Fraser.
+
+        If a filter returns without writing into its result buffer, make sure to return an cleared buffer.
+
+        Test: svg/filters/feMorphology-zero-radius.svg
+
+        * platform/graphics/filters/FEMorphology.cpp:
+        (WebCore::FEMorphology::apply):
+        * platform/graphics/filters/FETurbulence.cpp:
+        (WebCore::FETurbulence::apply):
+
 2011-09-27  Ryosuke Niwa  <rniwa@webkit.org>
 
         CompositeEditCommand::prune should remove subtree at once
diff --git a/Source/WebCore/platform/graphics/filters/FEMorphology.cpp b/Source/WebCore/platform/graphics/filters/FEMorphology.cpp
index 611af77..90ce38b 100644 (file)
--- a/Source/WebCore/platform/graphics/filters/FEMorphology.cpp
+++ b/Source/WebCore/platform/graphics/filters/FEMorphology.cpp
@@ -207,8 +207,10 @@ void FEMorphology::apply()
         return;
 
     setIsAlphaImage(in->isAlphaImage());
-    if (m_radiusX <= 0 || m_radiusY <= 0)
+    if (m_radiusX <= 0 || m_radiusY <= 0) {
+        dstPixelArray->clear();
         return;
+    }
 
     Filter* filter = this->filter();
     int radiusX = static_cast<int>(floorf(filter->applyHorizontalScale(m_radiusX)));
diff --git a/Source/WebCore/platform/graphics/filters/FETurbulence.cpp b/Source/WebCore/platform/graphics/filters/FETurbulence.cpp
index 0935dd1..230747d 100644 (file)
--- a/Source/WebCore/platform/graphics/filters/FETurbulence.cpp
+++ b/Source/WebCore/platform/graphics/filters/FETurbulence.cpp
@@ -372,8 +372,10 @@ void FETurbulence::apply()
     if (!pixelArray)
         return;
 
-    if (absolutePaintRect().isEmpty())
+    if (absolutePaintRect().isEmpty()) {
+        pixelArray->clear();
         return;
+    }
 
     PaintingData paintingData(m_seed, roundedIntSize(filterPrimitiveSubregion().size()));
     initPaint(paintingData);
Domain: Web Framework / Uncategorized;