Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(89)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 64683006: [svg] TearOffs dynamically hold on to the current contextElement(). (Closed)

Created:
7 years, 1 month ago by kouhei (in TOK)
Modified:
7 years, 1 month ago
CC:
blink-reviews, Nils Barth (inactive), kojih, arv+blink, jsbell+bindings_chromium.org, abarth-chromium, marja+watch_chromium.org, adamk+blink_chromium.org, Nate Chapin, Inactive
Visibility:
Public.

Description

[svg] TearOffs dynamically hold on to the current contextElement(). Prior to this patch, TearOffs held on to contextElement() resolved at creation time. This was on based on an assumption that contextElement() never change. However, this assumption is wrong, as animatedProperty and its contextElement() can be dynamically assigned if an existing (detached) TearOff is made an item of SVG*ListProperty afterwards. This patch fixes the issue by dynamically holding on to the current contextElement() by using SetReference inside resolveWrapperReachability callback. BUG=317097 BUG=318577 Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=161752 Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=161895

Patch Set 1 #

Total comments: 2

Patch Set 2 : fix test #

Patch Set 3 : fix includes #

Patch Set 4 : winfix #

Patch Set 5 : gchack #

Total comments: 1
Unified diffs Side-by-side diffs Delta from patch set Stats (+52 lines, -24 lines) Patch
A LayoutTests/svg/dom/SVGTransformTearOff-contextElement-crash.html View 1 1 chunk +23 lines, -0 lines 0 comments Download
A LayoutTests/svg/dom/SVGTransformTearOff-contextElement-crash-expected.txt View 1 1 chunk +5 lines, -0 lines 0 comments Download
M Source/bindings/scripts/code_generator_v8.pm View 1 2 3 4 4 chunks +15 lines, -23 lines 0 comments Download
M Source/bindings/v8/V8GCController.cpp View 1 2 3 4 2 chunks +3 lines, -1 line 0 comments Download
M Source/core/svg/SVGElement.h View 1 2 3 4 2 chunks +4 lines, -0 lines 0 comments Download
M Source/core/svg/SVGElement.cpp View 1 2 3 4 1 chunk +1 line, -0 lines 0 comments Download
M Source/core/svg/properties/SVGAnimatedProperty.cpp View 1 2 3 4 1 chunk +1 line, -0 lines 1 comment Download

Messages

Total messages: 24 (0 generated)
kouhei (in TOK)
haraken, pdr: Would you take a look? Thanks.
7 years, 1 month ago (2013-11-11 06:48:58 UTC) #1
kouhei (in TOK)
https://codereview.chromium.org/64683006/diff/1/LayoutTests/svg/dom/SVGTransformTearOff-contextElement-crash-expected.txt File LayoutTests/svg/dom/SVGTransformTearOff-contextElement-crash-expected.txt (right): https://codereview.chromium.org/64683006/diff/1/LayoutTests/svg/dom/SVGTransformTearOff-contextElement-crash-expected.txt#newcode1 LayoutTests/svg/dom/SVGTransformTearOff-contextElement-crash-expected.txt:1: CONSOLE MESSAGE: line 15: 0 Sorry I'll remove this
7 years, 1 month ago (2013-11-11 06:49:28 UTC) #2
kouhei (in TOK)
https://codereview.chromium.org/64683006/diff/1/LayoutTests/svg/dom/SVGTransformTearOff-contextElement-crash-expected.txt File LayoutTests/svg/dom/SVGTransformTearOff-contextElement-crash-expected.txt (right): https://codereview.chromium.org/64683006/diff/1/LayoutTests/svg/dom/SVGTransformTearOff-contextElement-crash-expected.txt#newcode1 LayoutTests/svg/dom/SVGTransformTearOff-contextElement-crash-expected.txt:1: CONSOLE MESSAGE: line 15: 0 On 2013/11/11 06:49:28, kouhei ...
7 years, 1 month ago (2013-11-11 06:55:56 UTC) #3
haraken
Given this is a PO bug, let me stamp LGTM. I'd be happy if pdr ...
7 years, 1 month ago (2013-11-11 07:47:06 UTC) #4
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/kouhei@chromium.org/64683006/100001
7 years, 1 month ago (2013-11-11 07:51:24 UTC) #5
kouhei (in TOK)
On 2013/11/11 07:47:06, haraken wrote: > Given this is a PO bug, let me stamp ...
7 years, 1 month ago (2013-11-11 07:51:33 UTC) #6
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/kouhei@chromium.org/64683006/100001
7 years, 1 month ago (2013-11-11 08:57:24 UTC) #7
commit-bot: I haz the power
Sorry for I got bad news for ya. Compile failed with a clobber build on ...
7 years, 1 month ago (2013-11-11 11:00:02 UTC) #8
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/kouhei@chromium.org/64683006/100001
7 years, 1 month ago (2013-11-11 11:20:49 UTC) #9
commit-bot: I haz the power
Sorry for I got bad news for ya. Compile failed with a clobber build on ...
7 years, 1 month ago (2013-11-11 11:42:50 UTC) #10
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/kouhei@chromium.org/64683006/100001
7 years, 1 month ago (2013-11-11 13:08:10 UTC) #11
commit-bot: I haz the power
Sorry for I got bad news for ya. Compile failed with a clobber build on ...
7 years, 1 month ago (2013-11-11 13:29:20 UTC) #12
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/kouhei@chromium.org/64683006/100001
7 years, 1 month ago (2013-11-11 15:21:45 UTC) #13
commit-bot: I haz the power
Sorry for I got bad news for ya. Compile failed with a clobber build on ...
7 years, 1 month ago (2013-11-11 15:47:23 UTC) #14
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/kouhei@chromium.org/64683006/100001
7 years, 1 month ago (2013-11-11 17:45:53 UTC) #15
commit-bot: I haz the power
Sorry for I got bad news for ya. Compile failed with a clobber build on ...
7 years, 1 month ago (2013-11-11 18:08:52 UTC) #16
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/kouhei@chromium.org/64683006/430001
7 years, 1 month ago (2013-11-12 01:48:02 UTC) #17
commit-bot: I haz the power
Change committed as 161752
7 years, 1 month ago (2013-11-12 04:02:48 UTC) #18
kouhei (in TOK)
haraken: PTAL. added gc hack as we discussed in chat.
7 years, 1 month ago (2013-11-13 05:54:11 UTC) #19
haraken
https://codereview.chromium.org/64683006/diff/520001/Source/core/svg/properties/SVGAnimatedProperty.cpp File Source/core/svg/properties/SVGAnimatedProperty.cpp (right): https://codereview.chromium.org/64683006/diff/520001/Source/core/svg/properties/SVGAnimatedProperty.cpp#newcode35 Source/core/svg/properties/SVGAnimatedProperty.cpp:35: contextElement->setContextElement(); Isn't there any chance where we want to ...
7 years, 1 month ago (2013-11-13 06:08:59 UTC) #20
kouhei (in TOK)
On 2013/11/13 06:08:59, haraken wrote: > https://codereview.chromium.org/64683006/diff/520001/Source/core/svg/properties/SVGAnimatedProperty.cpp > File Source/core/svg/properties/SVGAnimatedProperty.cpp (right): > > https://codereview.chromium.org/64683006/diff/520001/Source/core/svg/properties/SVGAnimatedProperty.cpp#newcode35 > ...
7 years, 1 month ago (2013-11-13 06:11:29 UTC) #21
haraken
On 2013/11/13 06:11:29, kouhei wrote: > On 2013/11/13 06:08:59, haraken wrote: > > > https://codereview.chromium.org/64683006/diff/520001/Source/core/svg/properties/SVGAnimatedProperty.cpp ...
7 years, 1 month ago (2013-11-13 07:03:51 UTC) #22
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/kouhei@chromium.org/64683006/520001
7 years, 1 month ago (2013-11-13 07:06:24 UTC) #23
commit-bot: I haz the power
7 years, 1 month ago (2013-11-13 09:10:05 UTC) #24
Message was sent while issue was closed. 
Change committed as 161895

Powered by Google App Engine
This is Rietveld 408576698