Crash in updateFirstLetter() from unnecessary anonymous block
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 24 Jan 2012 23:53:27 +0000 (23:53 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 24 Jan 2012 23:53:27 +0000 (23:53 +0000)
commit2c565a5af2c83a19cb017ca082eab74aff87d40e
tree5b49af2128fb714a452b2a9cdcd9a3a4a84e3732
parentf9c9d543836739c498773a4aff02720f22c7d449
Crash in updateFirstLetter() from unnecessary anonymous block
https://bugs.webkit.org/show_bug.cgi?id=72675

Patch by Ken Buchanan <kenrb@chromium.org> on 2012-01-24
Reviewed by David Hyatt.

Source/WebCore:

There was a problem with anonymous blocks not getting removed when
their only block flow siblings are removed if they also have non-block
flow first-letter siblings (i.e. floats). This patch modifies
RenderBlock::removeChild() to look for this situation and strip out
unnecessary anonymous container blocks if it occurs.

* rendering/RenderBlock.cpp:
(WebCore::RenderBlock::removeChild):
(WebCore::RenderBlock::collapseAnonymousBoxChild): Added
* rendering/RenderBlock.h:
(WebCore::RenderBlock::collapseAnonymousBoxChild): Added

LayoutTests:

Adding a test that cause a div to be removed from between a floating
first-letter block and its remaining text. If the anonymous block is
removed as an immediate consequence of the div removal, this shouldn't
crash.

* fast/css-generated-content/float-first-letter-siblings-convert-to-inline-expected.txt: Added
* fast/css-generated-content/float-first-letter-siblings-convert-to-inline.html: Added

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@105828 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog [changed mode: 0644->0755]
LayoutTests/fast/css-generated-content/float-first-letter-siblings-convert-to-inline-expected.txt [new file with mode: 0755]
LayoutTests/fast/css-generated-content/float-first-letter-siblings-convert-to-inline.html [new file with mode: 0755]
Source/WebCore/ChangeLog [changed mode: 0644->0755]
Source/WebCore/rendering/RenderBlock.cpp
Source/WebCore/rendering/RenderBlock.h [changed mode: 0644->0755]