79707 2012-02-27 15:17:52 -0800 REGRESSION: Numerous svg tests are flaky crashers on 10.6 Chromium 2012-02-29 15:42:24 -0800 1 1 1 Unclassified WebKit SVG 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED P2 Normal --- 78315 1 enne webkit-unassigned adamk dino enne jamesr knorton schenney thorton zimmermann oldest_to_newest 566020 0 enne 2012-02-27 15:17:52 -0800 From http://build.chromium.org/p/chromium.webkit/builders/Webkit%20Mac10.6%20(dbg)/builds/8459/steps/webkit_tests/logs/stdio: --SNIP-- ASSERTION FAILED: !needsLayout() /b/build/slave/webkit-mac-latest-dbg/build/src/third_party/WebKit/Source/WebCore/WebCore.gyp/../page/FrameView.cpp(2877) : virtual void WebCore::FrameView::paintContents(WebCore::GraphicsContext *, const WebCore::IntRect &) 1 0x603f1c8a WebCore::FrameView::paintContents(WebCore::GraphicsContext*, WebCore::IntRect const&) 2 0x5f85918e WebCore::ScrollView::paint(WebCore::GraphicsContext*, WebCore::IntRect const&) 3 0x60fed643 WebCore::SVGImage::draw(WebCore::GraphicsContext*, WebCore::FloatRect const&, WebCore::FloatRect const&, WebCore::ColorSpace, WebCore::CompositeOperator) 4 0x60fed099 WebCore::SVGImage::drawSVGToImageBuffer(WebCore::ImageBuffer*, WebCore::IntSize const&, float, WebCore::SVGImage::ShouldClearBuffer) 5 0x60fe2d8d WebCore::SVGImageCache::redraw() 6 0x60fe2b95 WebCore::SVGImageCache::imageContentChanged() 7 0x603287ab WebCore::CachedImage::changedInRect(WebCore::Image const*, WebCore::IntRect const&) 8 0x60328826 non-virtual thunk to WebCore::CachedImage::changedInRect(WebCore::Image const*, WebCore::IntRect const&) 9 0x60ff28c5 WebCore::SVGImageChromeClient::invalidateContentsAndRootView(WebCore::IntRect const&, bool) 10 0x603683de WebCore::Chrome::invalidateContentsAndRootView(WebCore::IntRect const&, bool) 11 0x5f85846e WebCore::ScrollView::repaintContentRectangle(WebCore::IntRect const&, bool) 12 0x603ee194 WebCore::FrameView::doDeferredRepaints() 13 0x603ea447 WebCore::FrameView::endDeferredRepaints() 14 0x603e9058 WebCore::FrameView::layout(bool) 15 0x603e4672 WebCore::FrameView::layoutTimerFired(WebCore::Timer<WebCore::FrameView>*) 16 0x604067b7 WebCore::Timer<WebCore::FrameView>::fired() 17 0x5f86d24e WebCore::ThreadTimers::sharedTimerFiredInternal() 18 0x5f86cfdf WebCore::ThreadTimers::sharedTimerFired() 19 0x613b90f9 webkit_glue::WebKitPlatformSupportImpl::DoTimeout() 20 0x613b9c57 base::BaseTimer<webkit_glue::WebKitPlatformSupportImpl, false>::TimerTask::Run() 21 0x5df61964 base::internal::RunnableAdapter<void (base::BaseTimer_Helper::TimerTask::*)()>::Run(base::BaseTimer_Helper::TimerTask*) 22 0x5df61863 base::internal::InvokeHelper<false, void, base::internal::RunnableAdapter<void (base::BaseTimer_Helper::TimerTask::*)()>, void ()(base::BaseTimer_Helper::TimerTask*)>::MakeItSo(base::internal::RunnableAdapter<void (base::BaseTimer_Helper::TimerTask::*)()>, base::BaseTimer_Helper::TimerTask*) 23 0x5df6179e base::internal::Invoker<1, base::internal::BindState<base::internal::RunnableAdapter<void (base::BaseTimer_Helper::TimerTask::*)()>, void ()(base::BaseTimer_Helper::TimerTask*), void ()(base::internal::OwnedWrapper<base::BaseTimer_Helper::TimerTask>)>, void ()(base::BaseTimer_Helper::TimerTask*)>::Run(base::internal::BindStateBase*) 24 0x5deb70eb base::Callback<void ()()>::Run() const 25 0x5deb480e MessageLoop::RunTask(base::PendingTask const&) 26 0x5deb4bb1 MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) 27 0x5deb4de8 MessageLoop::DoWork() 28 0x5de2847b base::MessagePumpCFRunLoopBase::RunWork() 29 0x5de27b72 base::MessagePumpCFRunLoopBase::RunWorkSource(void*) 30 0x91d8942b __CFRunLoopDoSources0 31 0x91d86eef __CFRunLoopRun --SNIP-- This is an assertion on 10.6 debug, but the 10.6 release version is also crashing. There's no stack trace there, unfortunately. It's hard to tell when this started, because it's flaky, but the earliest is r108841 from the following set of tests: http://test-results.appspot.com/dashboards/flakiness_dashboard.html#tests=svg%2Fas-background-image%2Fbackground-image-preserveaspectRatio-support.html%20svg%2Fas-background-image%2Fsame-image-two-instances-background-image.html%20svg%2Fas-border-image%2Fsvg-as-border-image.html%20svg%2Fas-image%2Fdrag-svg-as-image.html%20svg%2Fas-image%2Fsvg-as-relative-image-with-explicit-size.html%20svg%2Fas-image%2Fsvg-non-integer-scaled-image.html%20svg%2Fclip-path%2Fclip-path-nonzero-evenodd.svg%20svg%2Fcustom%2FfeDisplacementMap-01.svg%20svg%2Fcustom%2Ffont-face-name-without-name-attr.svg%20svg%2Fzoom%2Fpage%2Fzoom-replaced-intrinsic-ratio-001.htm%20svg%2Fzoom%2Fpage%2Fzoom-svg-as-background-with-relative-size-and-viewBox.html To me, that makes it seem like http://trac.webkit.org/changeset/108834/ is the most likely culprit. 566041 1 enne 2012-02-27 15:41:14 -0800 Committed r109032: <http://trac.webkit.org/changeset/109032> 566161 2 enne 2012-02-27 17:17:10 -0800 Committed r109046: <http://trac.webkit.org/changeset/109046> 566167 3 enne 2012-02-27 17:24:47 -0800 Committed r109048: <http://trac.webkit.org/changeset/109048> 567126 4 adamk 2012-02-28 14:55:17 -0800 Committed r109153: <http://trac.webkit.org/changeset/109153> 567153 5 jamesr 2012-02-28 15:16:44 -0800 This might be http://code.google.com/p/chromium/issues/detail?id=116155 567194 6 adamk 2012-02-28 16:07:24 -0800 Committed r109165: <http://trac.webkit.org/changeset/109165> 568026 7 adamk 2012-02-29 15:42:24 -0800 No crashes seen since rolling out 108834 24 hours ago, I'm going to call this fixed.