Title: [167295] trunk
Revision
167295
Author
jhoneyc...@apple.com
Date
2014-04-14 22:23:07 -0700 (Mon, 14 Apr 2014)

Log Message

Assertion failure under FEImage::determineAbsolutePaintRect()

<https://bugs.webkit.org/show_bug.cgi?id=131660>
<rdar://problem/15669294>

Source/WebCore:
This patch merges Chromium r149536 (see
<https://chromiumcodereview.appspot.com/14701012>), which moves
m_absoluteTransform out of SVGFilter and into the base Filter class, so
that it isn't necessary to cast a Filter to SVGFilter to get the
absolute transform.

Reviewed by Geoffrey Garen.

Test: svg/filters/feImage-filter-assertion.html

* platform/graphics/filters/Filter.h:
(WebCore::Filter::Filter):
Changed to take the absolute transform.
(WebCore::Filter::absoluteTransform):
Moved from SVGFilter.
(WebCore::Filter::mapAbsolutePointToLocalPoint):
Ditto.

* rendering/FilterEffectRenderer.cpp:
(WebCore::FilterEffectRenderer::FilterEffectRenderer):
Pass a default AffineTransform() to the Filter base class.

* svg/graphics/filters/SVGFEImage.cpp:
(WebCore::FEImage::determineAbsolutePaintRect):
Use the Filter without casting it to SVGFilter.
(WebCore::FEImage::platformApplySoftware):
Ditto.

* svg/graphics/filters/SVGFilter.cpp:
(WebCore::SVGFilter::SVGFilter):
Pass the transform to the base class, and remove initialization of a
removed member var.

* svg/graphics/filters/SVGFilter.h:
Member var moved to Filter.h.

LayoutTests:
Reviewed by Geoffrey Garen.

* svg/filters/feImage-filter-assertion-expected.txt: Added.
* svg/filters/feImage-filter-assertion.html: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (167294 => 167295)


--- trunk/LayoutTests/ChangeLog	2014-04-15 04:31:41 UTC (rev 167294)
+++ trunk/LayoutTests/ChangeLog	2014-04-15 05:23:07 UTC (rev 167295)
@@ -1,3 +1,15 @@
+2014-04-14  Jon Honeycutt  <jhoneyc...@apple.com>
+
+        Assertion failure under FEImage::determineAbsolutePaintRect()
+
+        <https://bugs.webkit.org/show_bug.cgi?id=131660>
+        <rdar://problem/15669294>
+
+        Reviewed by Geoffrey Garen.
+
+        * svg/filters/feImage-filter-assertion-expected.txt: Added.
+        * svg/filters/feImage-filter-assertion.html: Added.
+
 2014-04-14  Oliver Hunt  <oli...@apple.com>
 
         Function.bind itself is too slow

Added: trunk/LayoutTests/svg/filters/feImage-filter-assertion-expected.txt (0 => 167295)


--- trunk/LayoutTests/svg/filters/feImage-filter-assertion-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/svg/filters/feImage-filter-assertion-expected.txt	2014-04-15 05:23:07 UTC (rev 167295)
@@ -0,0 +1,3 @@
+WebKit bug #131660: Assertion failure in FEImage::determineAbsolutePaintRect(). This test passes if it does not assert in a debug build.
+
+

Added: trunk/LayoutTests/svg/filters/feImage-filter-assertion.html (0 => 167295)


--- trunk/LayoutTests/svg/filters/feImage-filter-assertion.html	                        (rev 0)
+++ trunk/LayoutTests/svg/filters/feImage-filter-assertion.html	2014-04-15 05:23:07 UTC (rev 167295)
@@ -0,0 +1,25 @@
+<style>
+  #filtered {
+    width: 160px;
+    height: 90px;
+    -webkit-filter: url(#imagereplace);
+    filter: url(#imagereplace);
+  }
+</style>
+
+<div id="filtered"></div>
+
+<p>
+    WebKit bug #<a href="" Assertion failure in FEImage::determineAbsolutePaintRect(). This test passes if it does not assert in a debug build.
+</p>
+
+<svg xmlns="http://www.w3.org/3000/svg" width="0" height="0" xmlns:xlink="http://www.w3.org/1999/xlink">
+  <filter id="imagereplace">
+     <feimage xlink:href=""
+  </filter>
+</svg>
+
+<script>
+    if (window.testRunner)
+        window.testRunner.dumpAsText();
+</script>

Modified: trunk/Source/WebCore/ChangeLog (167294 => 167295)


--- trunk/Source/WebCore/ChangeLog	2014-04-15 04:31:41 UTC (rev 167294)
+++ trunk/Source/WebCore/ChangeLog	2014-04-15 05:23:07 UTC (rev 167295)
@@ -1,3 +1,46 @@
+2014-04-14  Jon Honeycutt  <jhoneyc...@apple.com>
+
+        Assertion failure under FEImage::determineAbsolutePaintRect()
+
+        <https://bugs.webkit.org/show_bug.cgi?id=131660>
+        <rdar://problem/15669294>
+
+        This patch merges Chromium r149536 (see
+        <https://chromiumcodereview.appspot.com/14701012>), which moves
+        m_absoluteTransform out of SVGFilter and into the base Filter class, so
+        that it isn't necessary to cast a Filter to SVGFilter to get the
+        absolute transform.
+
+        Reviewed by Geoffrey Garen.
+
+        Test: svg/filters/feImage-filter-assertion.html
+
+        * platform/graphics/filters/Filter.h:
+        (WebCore::Filter::Filter):
+        Changed to take the absolute transform.
+        (WebCore::Filter::absoluteTransform):
+        Moved from SVGFilter.
+        (WebCore::Filter::mapAbsolutePointToLocalPoint):
+        Ditto.
+
+        * rendering/FilterEffectRenderer.cpp:
+        (WebCore::FilterEffectRenderer::FilterEffectRenderer):
+        Pass a default AffineTransform() to the Filter base class.
+
+        * svg/graphics/filters/SVGFEImage.cpp:
+        (WebCore::FEImage::determineAbsolutePaintRect):
+        Use the Filter without casting it to SVGFilter.
+        (WebCore::FEImage::platformApplySoftware):
+        Ditto.
+
+        * svg/graphics/filters/SVGFilter.cpp:
+        (WebCore::SVGFilter::SVGFilter):
+        Pass the transform to the base class, and remove initialization of a
+        removed member var.
+
+        * svg/graphics/filters/SVGFilter.h:
+        Member var moved to Filter.h.
+
 2014-04-14  Darin Adler  <da...@apple.com>
 
         REGRESSION (r158617): Find on Page can get stuck in a loop when the search string occurs in an <input> in a <fieldset>

Modified: trunk/Source/WebCore/platform/graphics/filters/Filter.h (167294 => 167295)


--- trunk/Source/WebCore/platform/graphics/filters/Filter.h	2014-04-15 04:31:41 UTC (rev 167294)
+++ trunk/Source/WebCore/platform/graphics/filters/Filter.h	2014-04-15 05:23:07 UTC (rev 167295)
@@ -1,5 +1,6 @@
 /*
  * Copyright (C) 2009 Dirk Schulze <k...@webkit.org>
+ * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Library General Public
@@ -32,7 +33,10 @@
 
 class Filter : public RefCounted<Filter> {
 public:
-    Filter() : m_renderingMode(Unaccelerated) { }
+    Filter(const AffineTransform& absoluteTransform)
+        : m_absoluteTransform(absoluteTransform)
+        , m_renderingMode(Unaccelerated)
+    { }
     virtual ~Filter() { }
 
     void setSourceImage(std::unique_ptr<ImageBuffer> sourceImage) { m_sourceImage = std::move(sourceImage); }
@@ -41,6 +45,9 @@
     FloatSize filterResolution() const { return m_filterResolution; }
     void setFilterResolution(const FloatSize& filterResolution) { m_filterResolution = filterResolution; }
 
+    const AffineTransform& absoluteTransform() const { return m_absoluteTransform; }
+    FloatPoint mapAbsolutePointToLocalPoint(const FloatPoint& point) const { return m_absoluteTransform.inverse().mapPoint(point); }
+
     RenderingMode renderingMode() const { return m_renderingMode; }
     void setRenderingMode(RenderingMode renderingMode) { m_renderingMode = renderingMode; }
 
@@ -51,12 +58,11 @@
     
     virtual FloatRect sourceImageRect() const = 0;
     virtual FloatRect filterRegion() const = 0;
-    
-    virtual FloatPoint mapAbsolutePointToLocalPoint(const FloatPoint&) const { return FloatPoint(); }
 
 private:
     std::unique_ptr<ImageBuffer> m_sourceImage;
     FloatSize m_filterResolution;
+    AffineTransform m_absoluteTransform;
     RenderingMode m_renderingMode;
 };
 

Modified: trunk/Source/WebCore/rendering/FilterEffectRenderer.cpp (167294 => 167295)


--- trunk/Source/WebCore/rendering/FilterEffectRenderer.cpp	2014-04-15 04:31:41 UTC (rev 167294)
+++ trunk/Source/WebCore/rendering/FilterEffectRenderer.cpp	2014-04-15 05:23:07 UTC (rev 167295)
@@ -1,5 +1,6 @@
 /*
  * Copyright (C) 2011 Apple Inc. All rights reserved.
+ * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -68,7 +69,8 @@
 }
 
 FilterEffectRenderer::FilterEffectRenderer()
-    : m_graphicsBufferAttached(false)
+    : Filter(AffineTransform())
+    , m_graphicsBufferAttached(false)
     , m_hasFilterThatMovesPixels(false)
 {
     setFilterResolution(FloatSize(1, 1));

Modified: trunk/Source/WebCore/svg/graphics/filters/SVGFEImage.cpp (167294 => 167295)


--- trunk/Source/WebCore/svg/graphics/filters/SVGFEImage.cpp	2014-04-15 04:31:41 UTC (rev 167294)
+++ trunk/Source/WebCore/svg/graphics/filters/SVGFEImage.cpp	2014-04-15 05:23:07 UTC (rev 167295)
@@ -31,7 +31,6 @@
 #include "RenderElement.h"
 #include "RenderTreeAsText.h"
 #include "SVGElement.h"
-#include "SVGFilter.h"
 #include "SVGPreserveAspectRatio.h"
 #include "SVGRenderingContext.h"
 #include "SVGURIReference.h"
@@ -67,15 +66,13 @@
 
 void FEImage::determineAbsolutePaintRect()
 {
-    SVGFilter* svgFilter = toSVGFilter(&(filter()));
-
-    FloatRect paintRect = svgFilter->absoluteTransform().mapRect(filterPrimitiveSubregion());
+    FloatRect paintRect = filter().absoluteTransform().mapRect(filterPrimitiveSubregion());
     FloatRect srcRect;
     if (m_image) {
         srcRect.setSize(m_image->size());
         m_preserveAspectRatio.transformRect(paintRect, srcRect);
     } else if (RenderElement* renderer = referencedRenderer())
-        srcRect = svgFilter->absoluteTransform().mapRect(renderer->repaintRectInLocalCoordinates());
+        srcRect = filter().absoluteTransform().mapRect(renderer->repaintRectInLocalCoordinates());
 
     if (clipsToBounds())
         paintRect.intersect(maxEffectRect());
@@ -104,12 +101,11 @@
     if (!resultImage)
         return;
 
-    SVGFilter* svgFilter = toSVGFilter(&(filter()));
-    FloatRect destRect = svgFilter->absoluteTransform().mapRect(filterPrimitiveSubregion());
+    FloatRect destRect = filter().absoluteTransform().mapRect(filterPrimitiveSubregion());
 
     FloatRect srcRect;
     if (renderer)
-        srcRect = svgFilter->absoluteTransform().mapRect(renderer->repaintRectInLocalCoordinates());
+        srcRect = filter().absoluteTransform().mapRect(renderer->repaintRectInLocalCoordinates());
     else {
         srcRect = FloatRect(FloatPoint(), m_image->size());
         m_preserveAspectRatio.transformRect(destRect, srcRect);
@@ -122,7 +118,7 @@
     setResultColorSpace(ColorSpaceDeviceRGB);
 
     if (renderer) {
-        const AffineTransform& absoluteTransform = svgFilter->absoluteTransform();
+        const AffineTransform& absoluteTransform = filter().absoluteTransform();
         resultImage->context()->concatCTM(absoluteTransform);
 
         SVGElement* contextNode = toSVGElement(renderer->element());

Modified: trunk/Source/WebCore/svg/graphics/filters/SVGFilter.cpp (167294 => 167295)


--- trunk/Source/WebCore/svg/graphics/filters/SVGFilter.cpp	2014-04-15 04:31:41 UTC (rev 167294)
+++ trunk/Source/WebCore/svg/graphics/filters/SVGFilter.cpp	2014-04-15 05:23:07 UTC (rev 167295)
@@ -1,6 +1,7 @@
 /*
  * Copyright (C) 2009 Dirk Schulze <k...@webkit.org>
  * Copyright (C) Research In Motion Limited 2010. All rights reserved.
+ * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Library General Public
@@ -26,8 +27,7 @@
 namespace WebCore {
 
 SVGFilter::SVGFilter(const AffineTransform& absoluteTransform, const FloatRect& absoluteSourceDrawingRegion, const FloatRect& targetBoundingBox, const FloatRect& filterRegion, bool effectBBoxMode)
-    : Filter()
-    , m_absoluteTransform(absoluteTransform)
+    : Filter(absoluteTransform)
     , m_absoluteSourceDrawingRegion(absoluteSourceDrawingRegion)
     , m_targetBoundingBox(targetBoundingBox)
     , m_filterRegion(filterRegion)

Modified: trunk/Source/WebCore/svg/graphics/filters/SVGFilter.h (167294 => 167295)


--- trunk/Source/WebCore/svg/graphics/filters/SVGFilter.h	2014-04-15 04:31:41 UTC (rev 167294)
+++ trunk/Source/WebCore/svg/graphics/filters/SVGFilter.h	2014-04-15 05:23:07 UTC (rev 167295)
@@ -1,5 +1,6 @@
 /*
  * Copyright (C) 2009 Dirk Schulze <k...@webkit.org>
+ * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Library General Public
@@ -40,9 +41,6 @@
     FloatRect filterRegionInUserSpace() const { return m_filterRegion; }
     virtual FloatRect filterRegion() const override { return m_absoluteFilterRegion; }
 
-    virtual FloatPoint mapAbsolutePointToLocalPoint(const FloatPoint& point) const override { return m_absoluteTransform.inverse().mapPoint(point); }
-    const AffineTransform& absoluteTransform() const { return m_absoluteTransform; }
-
     virtual float applyHorizontalScale(float value) const override;
     virtual float applyVerticalScale(float value) const override;
 
@@ -54,7 +52,6 @@
 private:
     SVGFilter(const AffineTransform& absoluteTransform, const FloatRect& absoluteSourceDrawingRegion, const FloatRect& targetBoundingBox, const FloatRect& filterRegion, bool effectBBoxMode);
 
-    AffineTransform m_absoluteTransform;
     FloatRect m_absoluteSourceDrawingRegion;
     FloatRect m_targetBoundingBox;
     FloatRect m_absoluteFilterRegion;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to