[Webkit-unassigned] [Bug 61964] New: Microsoft IE fishtank demo causes assertion in RenderLayer::convertToLayerCoords

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Jun 2 14:34:33 PDT 2011 

https://bugs.webkit.org/show_bug.cgi?id=61964

           Summary: Microsoft IE fishtank demo causes assertion in
                    RenderLayer::convertToLayerCoords
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
               URL: http://ie.microsoft.com/testdrive/Performance/FishBowl
                    /Default.html
        OS/Version: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: enne at google.com
                CC: simon.fraser at apple.com, jamesr at chromium.org


This assert reproduces consistently in Chromium.  It doesn't happen in Safari.

Opening the page quickly hits the ASSERT(fixedPositionContainerLayer) line in RenderLayer.cpp:1139.  For what it's worth foundAncestor is true in the loop above, there was just no fixed position container layer found.

I don't know enough about this bit of WebKit to know what the implications of this assertion are or how to fix it.

Here's a callstack:

#0  0x00007ffff513998d in WebCore::RenderLayer::convertToLayerCoords (this=0x7fffe58d5b18, ancestorLayer=0x7fffe58cc178, location=...) at third_party/WebKit/Source/WebCore/rendering/RenderLayer.cpp:1139
#1  0x00007ffff515862e in WebCore::RenderLayerCompositor::layerWillBeRemoved (this=0x7ffff7ecc3c0, parent=0x7fffe58cc178, child=0x7fffe58d5b18) at third_party/WebKit/Source/WebCore/rendering/RenderLayerCompositor.cpp:531
#2  0x00007ffff5139319 in WebCore::RenderLayer::removeChild (this=0x7fffe58cc178, oldChild=0x7fffe58d5b18) at third_party/WebKit/Source/WebCore/rendering/RenderLayer.cpp:1016
#3  0x00007ffff51395ac in WebCore::RenderLayer::removeOnlyThisLayer (this=0x7fffe58cc178) at third_party/WebKit/Source/WebCore/rendering/RenderLayer.cpp:1078
#4  0x00007ffff50fff28 in WebCore::RenderBoxModelObject::styleDidChange (this=0x7fffe58e1288, diff=WebCore::StyleDifferenceLayout, oldStyle=0x7fffe5d2c460) at third_party/WebKit/Source/WebCore/rendering/RenderBoxModelObject.cpp:361
#5  0x00007ffff50edd90 in WebCore::RenderBox::styleDidChange (this=0x7fffe58e1288, diff=WebCore::StyleDifferenceLayout, oldStyle=0x7fffe5d2c460) at third_party/WebKit/Source/WebCore/rendering/RenderBox.cpp:285
#6  0x00007ffff50a1381 in WebCore::RenderBlock::styleDidChange (this=0x7fffe58e1288, diff=WebCore::StyleDifferenceLayout, oldStyle=0x7fffe5d2c460) at third_party/WebKit/Source/WebCore/rendering/RenderBlock.cpp:229
#7  0x00007ffff517caba in WebCore::RenderObject::setStyle (this=0x7fffe58e1288, style=...) at third_party/WebKit/Source/WebCore/rendering/RenderObject.cpp:1630
#8  0x00007ffff517c3db in WebCore::RenderObject::setAnimatableStyle (this=0x7fffe58e1288, style=...) at third_party/WebKit/Source/WebCore/rendering/RenderObject.cpp:1543
#9  0x00007ffff4bb384b in WebCore::Node::setRenderStyle (this=0x7ffff7f0f1b0, s=...) at third_party/WebKit/Source/WebCore/dom/Node.cpp:1479
#10 0x00007ffff4b8da25 in WebCore::Element::recalcStyle (this=0x7ffff7f0f1b0, change=WebCore::Node::NoChange) at third_party/WebKit/Source/WebCore/dom/Element.cpp:1146
#11 0x00007ffff4b8ddd6 in WebCore::Element::recalcStyle (this=0x7fffe5d30400, change=WebCore::Node::NoChange) at third_party/WebKit/Source/WebCore/dom/Element.cpp:1180
#12 0x00007ffff4b49624 in WebCore::Document::recalcStyle (this=0x7fffe5d12800, change=WebCore::Node::NoChange) at third_party/WebKit/Source/WebCore/dom/Document.cpp:1533
#13 0x00007ffff4b49997 in WebCore::Document::updateStyleIfNeeded (this=0x7fffe5d12800) at third_party/WebKit/Source/WebCore/dom/Document.cpp:1586
#14 0x00007ffff528b31c in WebCore::CanvasRenderingContext2D::accessFont (this=0x7fffbdb98000) at third_party/WebKit/Source/WebCore/html/canvas/CanvasRenderingContext2D.cpp:2023
#15 0x00007ffff528ada2 in WebCore::CanvasRenderingContext2D::drawTextInternal (this=0x7fffbdb98000, text=..., x=107.5, y=89.9199982, fill=true) at third_party/WebKit/Source/WebCore/html/canvas/CanvasRenderingContext2D.cpp:1904
#16 0x00007ffff528aae5 in WebCore::CanvasRenderingContext2D::fillText (this=0x7fffbdb98000, text=..., x=107.5, y=89.9199982) at third_party/WebKit/Source/WebCore/html/canvas/CanvasRenderingContext2D.cpp:1857
#17 0x00007ffff57d1780 in WebCore::CanvasRenderingContext2DInternal::fillTextCallback (args=...) at ninja/gen/webcore/bindings/V8CanvasRenderingContext2D.cpp:633
#18 0x00007ffff32c3ecc in v8::internal::HandleApiCallHelper<false> (args=..., isolate=0x7ffff7e56000) at v8/src/builtins.cc:1105
#19 0x00007ffff32bec5a in v8::internal::Builtin_Impl_HandleApiCall (args=..., isolate=0x7ffff7e56000) at v8/src/builtins.cc:1122
#20 0x00007ffff32bec2b in v8::internal::Builtin_HandleApiCall (args=..., isolate=0x7ffff7e56000) at v8/src/builtins.cc:1121

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list