[Webkit-unassigned] [Bug 71044] New: RenderLayer::hasVisibleContent() can be called when m_visibleContentStatusDirty is true
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 27 11:50:22 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=71044
Summary: RenderLayer::hasVisibleContent() can be called when
m_visibleContentStatusDirty is true
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Layout and Rendering
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: simon.fraser at apple.com
CC: koivisto at iki.fi
RenderBox::clippedOverflowRectForRepaint() calls enclosingLayer()->hasVisibleContent() in cases where hasVisibleContent() may return incorrect data. Here's one stack trace where this happens:
1 0x1048e712c WebCore::RenderLayer::hasVisibleContent() const
2 0x104a09aca WebCore::RenderReplaced::clippedOverflowRectForRepaint(WebCore::RenderBoxModelObject*) const
3 0x1049f3ff8 WebCore::RenderObject::repaint(bool)
4 0x1049f6fde WebCore::RenderObject::setStyle(WTF::PassRefPtr<WebCore::RenderStyle>)
5 0x1049f664b WebCore::RenderObject::setAnimatableStyle(WTF::PassRefPtr<WebCore::RenderStyle>)
6 0x1047ff7d3 WebCore::Node::setRenderStyle(WTF::PassRefPtr<WebCore::RenderStyle>)
7 0x103e57c09 WebCore::Element::recalcStyle(WebCore::Node::StyleChange)
8 0x103e5809f WebCore::Element::recalcStyle(WebCore::Node::StyleChange)
9 0x103e5809f WebCore::Element::recalcStyle(WebCore::Node::StyleChange)
10 0x103e5809f WebCore::Element::recalcStyle(WebCore::Node::StyleChange)
11 0x103c88c91 WebCore::Document::recalcStyle(WebCore::Node::StyleChange)
12 0x103c89d09 WebCore::Document::updateStyleIfNeeded()
13 0x103c89ece WebCore::Document::updateLayout()
14 0x103c8a074 WebCore::Document::updateLayoutIgnorePendingStylesheets()
15 0x103e54e19 WebCore::Element::getBoundingClientRect()
16 0x1043820bf WebCore::jsElementPrototypeFunctionGetBoundingClientRect(JSC::ExecState*)
17 0x5127366014f8
18 0x101b8ef49 JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*)
19 0x101b8b866 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)
20 0x101ae2bd1 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)
21 0x1042799e3 WebCore::JSMainThreadExecState::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)
22 0x104b36263 WebCore::ScheduledAction::executeFunctionInContext(JSC::JSGlobalObject*, JSC::JSValue, WebCore::ScriptExecutionContext*)
23 0x104b35d49 WebCore::ScheduledAction::execute(WebCore::Document*)
24 0x104b35b74 WebCore::ScheduledAction::execute(WebCore::ScriptExecutionContext*)
25 0x103def266 WebCore::DOMTimer::fired()
26 0x104d8de67 WebCore::ThreadTimers::sharedTimerFiredInternal()
27 0x104d8dc39 WebCore::ThreadTimers::sharedTimerFired()
28 0x104bb7873 _ZN7WebCoreL10timerFiredEP16__CFRunLoopTimerPv
but I also see it during style updates before event handling.
Detected with:
- bool hasVisibleContent() const { return m_hasVisibleContent; }
- bool hasVisibleDescendant() const { return m_hasVisibleDescendant; }
+ bool hasVisibleContent() const { ASSERT(!m_visibleContentStatusDirty); return m_hasVisibleContent; }
+ bool hasVisibleDescendant() const { ASSERT(!m_visibleDescendantStatusDirty); return m_hasVisibleDescendant; }
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list