RESOLVED FIXED94842
Remove RenderTable::removeChild 
https://bugs.webkit.org/show_bug.cgi?id=94842
Summary Remove RenderTable::removeChild
Julien Chaffraix
Reported 2012-08-23 13:44:34 PDT
Table post-child-removal invalidations all go through RenderTable::removeChild. This is a blunt hammer as we have different type of children and not all have the same invalidation. Since we introduced willBeRemovedFromTree, we can remove the function and do only the needed invalidation in the children's function. This will show that some of our code is now unneeded that I intent to remove follow-up patches.
Attachments
Proposed change: Added the proper willBeRemovedFromTree and moved the removeChild code there. (6.93 KB, patch)
2012-08-23 13:59 PDT, Julien Chaffraix 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Julien Chaffraix
Comment 1 2012-08-23 13:59:02 PDT
Created attachment 160234 [details] Proposed change: Added the proper willBeRemovedFromTree and moved the removeChild code there.
WebKit Review Bot
Comment 2 2012-08-23 16:01:57 PDT
Comment on attachment 160234 [details] Proposed change: Added the proper willBeRemovedFromTree and moved the removeChild code there. Clearing flags on attachment: 160234 Committed r126495: <http://trac.webkit.org/changeset/126495>
WebKit Review Bot
Comment 3 2012-08-23 16:02:00 PDT
All reviewed patches have been landed. Closing bug.
Abhishek Arya
Comment 4 2012-08-24 12:30:25 PDT
ASSERTION FAILED: index != notFound third_party/WebKit/Source/WebCore/rendering/RenderTable.cpp(203) : void WebCore::RenderTable::removeCaption(const WebCore::RenderTableCaption *) https://cluster-fuzz.appspot.com/testcase?key=98951173 Testcase:: <style>.caption { display: table-caption </style> >><div id=tCF86>><rp>><theader id=tCF98></theader><div class=caption>><setvar id=tCF108>><script> var docElement = document.body ? document.body : document.documentElement; docElement.contentEditable = "true"; function initCF() { setTimeout("CFcrash()", 408); } document.addEventListener("DOMContentLoaded", initCF, false); function selectRangeBetween(r, sNode, eNode) { window.getSelection().removeAllRanges(); r.setEnd(eNode, eNode.childNodes.length); window.getSelection().addRange(r); } function editFuzz() { try { r = document.createRange(); selectRangeBetween(r, tCF86, tCF108); } catch(e) {} try { document.execCommand("InsertText", false, "the mesage ") } catch(e) {} } function CFcrash() { try { tCF98.style.display = "table-caption" } catch(e) {} setTimeout("editFuzz()", 1922); }</script>>
Note You need to log in before you can comment on or make changes to this bug.