Bug 59109 - Extra GraphicsContext::save() in InlineTextBox::paintDecoration()
Summary: Extra GraphicsContext::save() in InlineTextBox::paintDecoration()
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Layout and Rendering (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC OS X 10.5
: P2 Normal
Assignee: Simon Fraser (smfr)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-04-21 10:07 PDT by Simon Fraser (smfr)
Modified: 2011-04-22 08:51 PDT (History)
4 users (show)

See Also:


Attachments
Patch (8.41 KB, patch)
2011-04-21 11:45 PDT, Simon Fraser (smfr)
no flags Details | Formatted Diff | Diff
Patch (8.46 KB, patch)
2011-04-21 20:47 PDT, Simon Fraser (smfr)
mitz: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Fraser (smfr) 2011-04-21 10:07:07 PDT
Looks like there might be an unbalanced context->save() in InlineTextBox::paintDecoration(). We should have assertions to check that this never happens.
Comment 1 Simon Fraser (smfr) 2011-04-21 11:45:32 PDT
Created attachment 90565 [details]
Patch
Comment 2 Eric Seidel (no email) 2011-04-21 13:41:39 PDT
Comment on attachment 90565 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=90565&action=review

> Source/WebCore/html/HTMLCanvasElement.cpp:105
> +    // Deal with mismatched save/restore calls from content.
> +    if (GraphicsContext* context = drawingContext()) {
> +        while (context->stackDepth())
> +            context->restore();
> +    }

I take it tests hit your new ASSERT w/o this?
Comment 3 Simon Fraser (smfr) 2011-04-21 13:45:11 PDT
(In reply to comment #2)
> (From update of attachment 90565 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=90565&action=review
> 
> > Source/WebCore/html/HTMLCanvasElement.cpp:105
> > +    // Deal with mismatched save/restore calls from content.
> > +    if (GraphicsContext* context = drawingContext()) {
> > +        while (context->stackDepth())
> > +            context->restore();
> > +    }
> 
> I take it tests hit your new ASSERT w/o this?

Without this, DRT crashes on fast/dom/gc-something if run after fast/canvas, because some canvas test has issues.

mitz thinks that this whole block could be #if !ASSERTS_DISABLED and I agree.
Comment 4 Simon Fraser (smfr) 2011-04-21 20:47:05 PDT
Created attachment 90663 [details]
Patch
Comment 5 mitz 2011-04-21 21:08:48 PDT
Comment on attachment 90663 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=90663&action=review

r=me but please consider my comments

> Source/WebCore/html/HTMLCanvasElement.cpp:107
> +#if !ASSERT_DISABLED
> +    // Deal with mismatched save/restore calls from content.
> +    if (GraphicsContext* context = drawingContext()) {
> +        while (context->stackDepth())
> +            context->restore();
> +    }
> +#endif

Why can’t CanvasRenderingContext2D (and other CanvasRenderingContexts if necessary) handle this by popping its internal stack?

> Source/WebCore/platform/graphics/GraphicsContext.h:283
> +        size_t stackDepth() const { return m_stack.size(); }

It’s kind of ugly that this is a public member. Please consider guarding this with #if !ASSERT_DISABLED too.
Comment 6 Simon Fraser (smfr) 2011-04-22 08:23:04 PDT
Some canvas tests are still causing this assertion to fire:

run-webkit-tests --debug --gc-between-tests LayoutTests/fast/canvas/change-context.html LayoutTests/fast/canvas/create-pattern-does-not-crash.html LayoutTests/fast/canvas/drawImage-with-globalAlpha.html
Comment 7 Simon Fraser (smfr) 2011-04-22 08:51:44 PDT
http://trac.webkit.org/changeset/84631