-
jchaffraix@webkit.org authored
https://bugs.webkit.org/show_bug.cgi?id=66291 Reviewed by Darin Adler. Source/WebCore: Test: fast/canvas/crash-set-font.html This is Yet Another Missing updateFont (similar to bug 57756 and likely others). Here the issue is that applying one of the font properties could mutate the parent style's font if m_parentStyle == m_style. We would then query the newly created font when applying CSSPropertyFontSize, which has no font fallback list as Font::update was never called. The right fix would be to refactor of how we handle fonts to avoid such manual updates (see bug 62390). Until this happens, it is better not to crash. * css/CSSStyleSelector.cpp: (WebCore::CSSStyleSelector::applyProperty): Added updateFont() here as the fonts could have been mutated by the previous property change. Also added a comment explaining why it is safe to do it this way. LayoutTests: * fast/canvas/crash-set-font-expected.txt: Added. * fast/canvas/crash-set-font.html: Added. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@96122 268f45cc-cd09-0410-ab3c-d52691b4dbfc
0412fbc9