[webkit-changes] [219205] trunk/Source/WebCore

[commit-queue]

Title: [219205] trunk/Source/WebCore

Revision

219205

Author

commit-qu...@webkit.org

Date

2017-07-06 11:22:44 -0700 (Thu, 06 Jul 2017)

Log Message

REGRESSION(r208511): RenderImageResourceStyleImage should not assume image() won't return null if its m_cachedImage is valid
https://bugs.webkit.org/show_bug.cgi?id=174168

Patch by Said Abou-Hallawa <sabouhall...@apple.com> on 2017-07-06
Reviewed by Simon Fraser.

RenderImageResourceStyleImage::image() may return a null pointer even if
its m_cachedImage is not null. The revision r208511, changed the function
RenderImageResourceStyleImage::shutdown() so it calls Image::stopAnimation().
But this change assumes that if m_cachedImage is not null then image() will
return a valid pointer. This is not true because StyleCachedImage::isPending()
can return true and hence, RenderImageResourceStyleImage::image() will return
a null pointer.

* rendering/RenderImageResourceStyleImage.cpp:
(WebCore::RenderImageResourceStyleImage::image): Like what RenderImageResource
does, return Image::nullImage() if m_styleImage->isPending().

Modified Paths

• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/rendering/RenderImageResourceStyleImage.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (219204 => 219205)

--- trunk/Source/WebCore/ChangeLog	2017-07-06 18:10:21 UTC (rev 219204)
+++ trunk/Source/WebCore/ChangeLog	2017-07-06 18:22:44 UTC (rev 219205)
@@ -1,3 +1,22 @@
+2017-07-06  Said Abou-Hallawa  <sabouhall...@apple.com>
+
+        REGRESSION(r208511): RenderImageResourceStyleImage should not assume image() won't return null if its m_cachedImage is valid
+        https://bugs.webkit.org/show_bug.cgi?id=174168
+
+        Reviewed by Simon Fraser.
+
+        RenderImageResourceStyleImage::image() may return a null pointer even if
+        its m_cachedImage is not null. The revision r208511, changed the function
+        RenderImageResourceStyleImage::shutdown() so it calls Image::stopAnimation().
+        But this change assumes that if m_cachedImage is not null then image() will
+        return a valid pointer. This is not true because StyleCachedImage::isPending()
+        can return true and hence, RenderImageResourceStyleImage::image() will return
+        a null pointer.
+
+        * rendering/RenderImageResourceStyleImage.cpp:
+        (WebCore::RenderImageResourceStyleImage::image): Like what RenderImageResource
+        does, return Image::nullImage() if m_styleImage->isPending().
+
 2017-07-06  Commit Queue  <commit-qu...@webkit.org>
 
         Unreviewed, rolling out r219201.

Modified: trunk/Source/WebCore/rendering/RenderImageResourceStyleImage.cpp (219204 => 219205)

--- trunk/Source/WebCore/rendering/RenderImageResourceStyleImage.cpp	2017-07-06 18:10:21 UTC (rev 219204)
+++ trunk/Source/WebCore/rendering/RenderImageResourceStyleImage.cpp	2017-07-06 18:22:44 UTC (rev 219205)
@@ -66,9 +66,7 @@
 RefPtr<Image> RenderImageResourceStyleImage::image(const IntSize& size) const
 {
     // Generated content may trigger calls to image() while we're still pending, don't assert but gracefully exit.
-    if (m_styleImage->isPending())
-        return nullptr;
-    return m_styleImage->image(m_renderer, size);
+    return !m_styleImage->isPending() ? m_styleImage->image(m_renderer, size) : &Image::nullImage();
 }
 
 void RenderImageResourceStyleImage::setContainerSizeForRenderer(const IntSize& size)

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes