Diff - b366607c285beb7cced4356cfaa3abe356202a07^! - WebKit

commit	b366607c285beb7cced4356cfaa3abe356202a07	[log] [tgz]
author	antti <antti@268f45cc-cd09-0410-ab3c-d52691b4dbfc>	Fri Aug 17 23:29:50 2007 +0000
committer	antti <antti@268f45cc-cd09-0410-ab3c-d52691b4dbfc>	Fri Aug 17 23:29:50 2007 +0000
tree	8d86dfc515533f871f8d36a23ab4c4b47c7768c8
parent	46292172cf6d60f856f21280f1faea6eb852f6b1 [diff] [blame]

LayoutTests: Reviewed by Hyatt. Test for <rdar://problem/5403773> CrashTracer: [USER] 88 crashes in Safari at com.apple.WebCore: WebCore::RenderTableSection::paint + 846 Changed results for fast/dynamic/containing-block-change.html are progression (even though new results don't match Firefox and old ones did!) * fast/dynamic/ancestor-to-absolute-expected.txt: Added. * fast/dynamic/ancestor-to-absolute.html: Added. * fast/dynamic/containing-block-change-expected.checksum: * fast/dynamic/containing-block-change-expected.png: * fast/dynamic/containing-block-change-expected.txt: WebCore: Reviewed by Hyatt. Fix <rdar://problem/5403773> CrashTracer: [USER] 88 crashes in Safari at com.apple.WebCore: WebCore::RenderTableSection::paint + 846 * rendering/RenderBlock.cpp: (WebCore::RenderBlock::removePositionedObjects): Fix crash in http://www.infobae.com/interior/home.html Positioned objects removed from m_positionedObjects would in some cases not get added back to any positioned objects list. Adding objects happens in block layout but since layout was not invalidated correctly in removePositionedObjects() it would not get invoked. As a result some positioned objects would stay in layout dirty state leading to crashes and other bad things. * rendering/RenderTableSection.cpp: (WebCore::RenderTableSection::paint): Add needLayout() guard to eliminate this class of crashes from release builds. Assert commented out for now since one existing layout test can't handle it. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@25132 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/WebCore/rendering/RenderTableSection.cpp b/WebCore/rendering/RenderTableSection.cpp index b00b184..46c415b 100644 --- a/WebCore/rendering/RenderTableSection.cpp +++ b/WebCore/rendering/RenderTableSection.cpp

@@ -856,6 +856,12 @@ void RenderTableSection::paint(PaintInfo& paintInfo, int tx, int ty) { + // put this back in when all layout tests can handle it + // ASSERT(!needsLayout()); + // avoid crashing on bugs that cause us to paint with dirty layout + if (needsLayout()) + return; + unsigned totalRows = m_gridRows; unsigned totalCols = table()->columns().size();