RESOLVED FIXED 56209
[chromium] Avoid updating a composited layer's contents if the layer has nonpositive dimensions 
https://bugs.webkit.org/show_bug.cgi?id=56209
Summary [chromium] Avoid updating a composited layer's contents if the layer has nonp...
James Robinson
Reported 2011-03-11 11:19:52 PST
[chromium] Avoid updating a composited layer's contents if the layer has nonpositive dimensions
Attachments
Patch (1.71 KB, patch)
2011-03-11 11:22 PST, James Robinson 		kbr: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
James Robinson
Comment 1 2011-03-11 11:22:10 PST
Created attachment 85500 [details] Patch
Kenneth Russell
Comment 2 2011-03-11 11:42:29 PST
Comment on attachment 85500 [details] Patch In the comment: "the prior to" -> "the behavior prior to".
James Robinson
Comment 3 2011-03-11 11:42:44 PST
Notes for posterity: The intent of this patch is to mitigate the crash on nytimes.com/chrome (http://code.google.com/p/chromium/issues/detail?id=75563). The issue is that a composited layer has a negative width due to bug 56153, which is still a mystery but does not seem to be recent. If updateContents() is called on a ContentLayerChromium with a negative width, it attempts to allocate a PlatformCanvas with a negative width which crashes on Mac and Windows but seems to work fine on Linux. Such a layer is never actually rendered because the draw() call is guarded by a bounds().isEmpty() check, which returns true (empty) if either width or height are non-positive. The code prior to r80482 did the update and draw calls at the same time, and so both were guarded by a bounds().isEmpty() check.
James Robinson
Comment 4 2011-03-11 11:59:29 PST
Committed r80869: <http://trac.webkit.org/changeset/80869>
Note You need to log in before you can comment on or make changes to this bug.