[Webkit-unassigned] [Bug 78315] REGRESSION(99539): Infinite repaint loop with SVGImage and deferred repaint timers

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Mar 5 15:15:21 PST 2012 

https://bugs.webkit.org/show_bug.cgi?id=78315





--- Comment #14 from Tim Horton <timothy_horton at apple.com>  2012-03-05 15:15:20 PST ---
(In reply to comment #13)
> (In reply to comment #12)
> > Tim, this broke Chromium/Mac 10.6, according to ennes observation in bug 79707.
> > Can you revisit this?
> 
> Kinda bizarre that it would only break that platform! I'll take a look, but it's not a configuration I have readily available. Do you have any thoughts?

I can reproduce on Mac (though only inside DRT).

This isn't going to work as-is (obviously, since it got rolled out) because we end up modifying m_repaintRects while inside the loop in doDeferredRepaints, because drawSVGToImageBuffer ends up doing layout...

1   0x10936f104 WebCore::FrameView::repaintContentRectangle(WebCore::IntRect const&, bool)
2   0x109f89309 WebCore::RenderView::repaintViewRectangle(WebCore::IntRect const&, bool)
3   0x109e93ba1 WebCore::RenderObject::repaintUsingContainer(WebCore::RenderBoxModelObject*, WebCore::IntRect const&, bool)
4   0x109e93d2d WebCore::RenderObject::repaint(bool)
5   0x10936b4fd WebCore::FrameView::layout(bool)
6   0x10a19e7f6 WebCore::SVGImage::draw(WebCore::GraphicsContext*, WebCore::FloatRect const&, WebCore::FloatRect const&, WebCore::ColorSpace, WebCore::CompositeOperator)
7   0x10a19e424 WebCore::SVGImage::drawSVGToImageBuffer(WebCore::ImageBuffer*, WebCore::IntSize const&, float, WebCore::SVGImage::ShouldClearBuffer)
8   0x10a1a431a WebCore::SVGImageCache::redraw()
9   0x10a1a4191 WebCore::SVGImageCache::imageContentChanged()
10  0x108dcdc56 WebCore::CachedImage::changedInRect(WebCore::Image const*, WebCore::IntRect const&)
11  0x108dcdca7 non-virtual thunk to WebCore::CachedImage::changedInRect(WebCore::Image const*, WebCore::IntRect const&)
12  0x10a1a1aff WebCore::SVGImageChromeClient::invalidateContentsAndRootView(WebCore::IntRect const&, bool)
13  0x108e150f5 WebCore::Chrome::invalidateContentsAndRootView(WebCore::IntRect const&, bool)
14  0x10a045055 WebCore::ScrollView::repaintContentRectangle(WebCore::IntRect const&, bool)
15  0x10936f99a WebCore::FrameView::doDeferredRepaints()
16  0x109367949 WebCore::FrameView::deferredRepaintTimerFired(WebCore::Timer<WebCore::FrameView>*)

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list