[Webkit-unassigned] [Bug 78315] REGRESSION(99539): Infinite repaint loop with SVGImage and deferred repaint timers
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Feb 15 01:58:31 PST 2012
https://bugs.webkit.org/show_bug.cgi?id=78315
--- Comment #2 from Nikolas Zimmermann <zimmermann at kde.org> 2012-02-15 01:58:31 PST ---
(In reply to comment #0)
> The result is that after the deferred repaint timer fires, SVGImageChromeClient ends up invalidating the SVGImageCache, and we repaint the image, causing another deferred repaint timer to be started, and so on.
Ouch this is evil. When the SVG embedded document repaint timer fires, we should trigger a repaint of the host document. This is not the problematic part, right? It all happens in the SVG documents FrameView itself? (
> Niko, my question for you: why do we invalidate the image in this situation? Where do you think it's best to break the loop? Antti is of the belief that we should break it somewhere between SVGImageChromeClient and SVGImageCache, but neither of us are sure where to do so!
Looking at:
void SVGImageCache::imageContentChanged()
{
ImageDataMap::iterator end = m_imageDataMap.end();
for (ImageDataMap::iterator it = m_imageDataMap.begin(); it != end; ++it)
it->second.imageNeedsUpdate = true;
// Start redrawing dirty images with a timer, as imageContentChanged() may be called
// by the FrameView of the SVGImage which is currently in FrameView::layout().
if (!m_redrawTimer.isActive())
m_redrawTimer.startOneShot(0);
the redraw timer was invented, to avoid redrawing from within layout - here FrameView::layout() is not the root of the stack trace (at least it seems so, correct me if I'm wrong, but the deferred repaint timer should always fire after FrameView::layout() finished).
Hm, as quick test within an ENABLE_REPAINT_THROTTLING enabled build, could you try to just remove the m_redrawTimer, and copy the content of redrawTimerFired into imageContentChanged -- does that fix the bug?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list