Title: [167278] trunk/Source/WebCore
- Revision
- 167278
- Author
- jhoneyc...@apple.com
- Date
- 2014-04-14 16:08:51 -0700 (Mon, 14 Apr 2014)
Log Message
Assertion failure !node || node->isElementNode() in
WebCore::RenderBlock::inlineElementContinuation
https://bugs.webkit.org/show_bug.cgi?id=108829
<rdar://problem/13666405>
I can't reproduce this assertion failure, but there seems to be an
invalid assumption in RenderBlock::inlineElementContinuation() that
anything with the "isInline()" bit set is a RenderInline.
No new test because the test case in the bug does not repro for me.
Reviewed by Brent Fulgham.
* rendering/RenderBlock.cpp:
(WebCore::RenderBlock::inlineElementContinuation):
Dave Hyatt says that this function should only return RenderInline
objects (not non-RenderInline inline objects), so update the checks
from isInline() to isRenderInline() before casting with
toRenderInline().
* rendering/RenderInline.cpp:
(WebCore::RenderInline::inlineElementContinuation):
Ditto.
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (167277 => 167278)
--- trunk/Source/WebCore/ChangeLog 2014-04-14 23:03:54 UTC (rev 167277)
+++ trunk/Source/WebCore/ChangeLog 2014-04-14 23:08:51 UTC (rev 167278)
@@ -1,3 +1,30 @@
+2014-04-14 Jon Honeycutt <jhoneyc...@apple.com>
+
+ Assertion failure !node || node->isElementNode() in
+ WebCore::RenderBlock::inlineElementContinuation
+
+ https://bugs.webkit.org/show_bug.cgi?id=108829
+ <rdar://problem/13666405>
+
+ I can't reproduce this assertion failure, but there seems to be an
+ invalid assumption in RenderBlock::inlineElementContinuation() that
+ anything with the "isInline()" bit set is a RenderInline.
+
+ No new test because the test case in the bug does not repro for me.
+
+ Reviewed by Brent Fulgham.
+
+ * rendering/RenderBlock.cpp:
+ (WebCore::RenderBlock::inlineElementContinuation):
+ Dave Hyatt says that this function should only return RenderInline
+ objects (not non-RenderInline inline objects), so update the checks
+ from isInline() to isRenderInline() before casting with
+ toRenderInline().
+
+ * rendering/RenderInline.cpp:
+ (WebCore::RenderInline::inlineElementContinuation):
+ Ditto.
+
2014-04-14 Andreas Kling <akl...@apple.com>
Do more things under memory pressure on non-iOS platforms.
Modified: trunk/Source/WebCore/rendering/RenderBlock.cpp (167277 => 167278)
--- trunk/Source/WebCore/rendering/RenderBlock.cpp 2014-04-14 23:03:54 UTC (rev 167277)
+++ trunk/Source/WebCore/rendering/RenderBlock.cpp 2014-04-14 23:08:51 UTC (rev 167278)
@@ -2195,7 +2195,7 @@
RenderInline* RenderBlock::inlineElementContinuation() const
{
RenderBoxModelObject* continuation = this->continuation();
- return continuation && continuation->isInline() ? toRenderInline(continuation) : 0;
+ return continuation && continuation->isRenderInline() ? toRenderInline(continuation) : 0;
}
RenderBlock* RenderBlock::blockElementContinuation() const
Modified: trunk/Source/WebCore/rendering/RenderInline.cpp (167277 => 167278)
--- trunk/Source/WebCore/rendering/RenderInline.cpp 2014-04-14 23:03:54 UTC (rev 167277)
+++ trunk/Source/WebCore/rendering/RenderInline.cpp 2014-04-14 23:08:51 UTC (rev 167278)
@@ -119,7 +119,7 @@
RenderInline* RenderInline::inlineElementContinuation() const
{
RenderBoxModelObject* continuation = this->continuation();
- if (!continuation || continuation->isInline())
+ if (!continuation || continuation->isRenderInline())
return toRenderInline(continuation);
return toRenderBlock(continuation)->inlineElementContinuation();
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
