[Safari] Crash with opacity + drop shadow filter + child element extending beyond...
authorsimon.fraser@apple.com <simon.fraser@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 21 Feb 2013 23:29:17 +0000 (23:29 +0000)
committersimon.fraser@apple.com <simon.fraser@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 21 Feb 2013 23:29:17 +0000 (23:29 +0000)
commit9833ce5f727f2f75c2aed20e8eeef6d667761d92
tree46a7ea584fc88f0441cb9071811374d8d0ee296e
parent1a2fa5704ea24fc5510a9ef7e685dc3bd4483f8c
[Safari] Crash with opacity + drop shadow filter + child element extending beyond filter outsets
https://bugs.webkit.org/show_bug.cgi?id=107467

Source/WebCore:

Reviewed by Dean Jackson.

The filter code plays games with the current GraphicsContext, replacing the current
context with one which will get filtered.

This doesn't play nicely with the RenderLayer code which lazily starts transparency
layers. If we don't start a transparency layer until painting a child of the filtered
layer, then the transparency layer is started using the wrong context.

Fix by eagerly starting transparency layers if we have both a filter and opacity.

Test: css3/filters/filter-with-opacity-and-children.html

* rendering/RenderLayer.cpp:
(WebCore::RenderLayer::paintLayerContents):

LayoutTests:

Reviewed by Dean Jackson.

Testcase with filtered element with opacity, and layer child.

* css3/filters/filter-with-opacity-and-children-expected.txt: Added.
* css3/filters/filter-with-opacity-and-children.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@143655 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/css3/filters/filter-with-opacity-and-children-expected.txt [new file with mode: 0644]
LayoutTests/css3/filters/filter-with-opacity-and-children.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/rendering/RenderLayer.cpp