[Webkit-unassigned] [Bug 52449] Crash when logging into gmail.com with frame flattening turned on.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Feb 8 11:08:05 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=52449
Yael <yael.aharon at nokia.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #79776|0 |1
is obsolete| |
Attachment #81665| |review?
Flag| |
--- Comment #30 from Yael <yael.aharon at nokia.com> 2011-02-08 11:08:04 PST ---
Created an attachment (id=81665)
--> (https://bugs.webkit.org/attachment.cgi?id=81665&action=review)
Patch.
Frame flattening algorithm requires that layout always starts from the main frame, since layout of subframes impacts the layout of their parents.
There are places in the code that call view->layout() not on the main frame. Instead of changing all the callsites, I changed FrameView::layout() to force layout from the main frame if frame flattening is enabled.
In addition, postLayoutTasks can trigger relayout, so make it use the timer even more.
Move the call to SelectionController::updateAppearance() to performPostLayoutTasks(), because calling ths from layout() leads to a crash in pages that have a selection in an iframe.
Antti, with your approach, I still see sometimes a race conditions when we render the page. It is possible to call FrameView::paintContents() when a layout is pending, and that would still crash sometimes.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list