Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
2010-11-10 Matthew Delaney <mdelaney@apple.com>
Reviewed by Darin Adler.
Crash in documentWillBecomeInactive() when closing window with Reader showing content with SVG
https://bugs.webkit.org/show_bug.cgi?id=49084
Manual test added.
* manual-tests/svg-deep-clone-to-new-doc.html: Added manual test for reproducing bug since an automated version proved to be a bit tough to craft up.
* svg/SVGSVGElement.cpp: Added in necessary document ownership transfer calls.
* svg/SVGSVGElement.h:
Canonical link: https://commits.webkit.org/62249@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@71772 268f45cc-cd09-0410-ab3c-d52691b4dbfc- Loading branch information
Showing
with
85 additions
and 0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @@ -0,0 +1,56 @@ | ||
| <!DOCTYPE html> | ||
| <html lang="en"> | ||
| <head> | ||
| <meta charset="utf-8" /> | ||
|
|
||
| <!-- To run this test: Open this page, close the window, and (hopefully) don't crash.--> | ||
|
|
||
| <script> | ||
| function gc() | ||
| { | ||
| if (window.GCController) | ||
| GCController.collect(); | ||
| else | ||
| for (var i = 0; i < 10000; ++i) // Allocate a sufficient number of objects to force a GC. | ||
| ({}); | ||
| } | ||
| window.onload = init; | ||
|
|
||
| function init() { | ||
| var iframe = document.getElementById("iframe"); | ||
| var thesvgdiv = document.getElementById('thediv'); | ||
| var theclone = thesvgdiv.cloneNode(true); | ||
| iframe.contentDocument.body.appendChild(theclone); | ||
| setTimeout(function() { | ||
| iframe.style.display = 'none'; | ||
| iframe.parentNode.removeChild(iframe); | ||
| gc(); | ||
| window.close(); | ||
| }, 500); | ||
| } | ||
| </script> | ||
| </head> | ||
|
|
||
| <body> | ||
| <div> | ||
| <div id="thediv"> | ||
| <svg id="thesvg" width="12cm" height="3.6cm" viewBox="0 0 1000 300"> | ||
| <defs> | ||
| <lineargradient id="orange_red" x2="0" y2="1" > | ||
| <stop stop-color="yellow" /> | ||
| <stop offset="1" stop-color="red" /> | ||
| </lineargradient> | ||
| </defs> | ||
| <path id="MyPath" d="M 100 200 C 200 100 300 0 400 100 C 500 200 600 300 700 200 C 800 100 900 100 900 100" fill="none" stroke="red" /> | ||
| <text font-family="Verdana" font-size="72.5" fill="url(#orange_red)" > | ||
| <textpath xlink:href="#MyPath"> Look mom, SVG in HTML! </textpath> | ||
| </text> | ||
| (If you had an HTML5 compliant browser, the previous text would be colored and on a path.) | ||
| </svg> | ||
| </div> | ||
| <div> | ||
| <iframe id="iframe" width="50%" height="50%"></iframe> | ||
| </div> | ||
| </div> | ||
| </body> | ||
| </html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters