New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 610911 link

Starred by 2 users
Status: Assigned
Owner:
hirosh...@chromium.org
Cc:
yhirano@chromium.org
kinuko@chromium.org
sigbjo...@opera.com
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

ImageResource::allClientsAndObserversRemoved should not cause style recalc

Project Member Reported by haraken@chromium.org, May 11 2016 
There is a path to cause style recalc in ImageResource::allClientsAndObserversRemoved (which happens during a pre-finalizer of ImageLoader). It looks like this is happening a lot.

crash log for renderer (pid <unknown>):
STDOUT: This test passes if there is a green box and no security errors.
STDOUT: 
STDERR: ASSERTION FAILED: !m_ancestorIdentifierFilter
STDERR: ../../third_party/WebKit/Source/core/css/SelectorFilter.cpp(88) : void blink::SelectorFilter::pushParent(blink::Element &)
STDERR: 1   0x7f8a4f10c0a5
STDERR: 2   0x7f8a4f1b8420
STDERR: 3   0x7f8a4f1b5364
STDERR: 4   0x7f8a4f1aff44 blink::StyleResolver::styleForElement(blink::Element*, blink::ComputedStyle const*, blink::StyleSharingBehavior, blink::RuleMatchingBehavior)
STDERR: 5   0x7f8a4eb16536 blink::Document::inheritHtmlAndBodyElementStyles(blink::StyleRecalcChange)
STDERR: 6   0x7f8a4eb17695 blink::Document::updateStyle()
STDERR: 7   0x7f8a4eb13d4d blink::Document::updateLayoutTree()
STDERR: 8   0x7f8a4eb18ad8 blink::Document::updateLayoutTreeForNode(blink::Node const*)
STDERR: 9   0x7f8a4f0261e2 blink::CSSComputedStyleDeclaration::getPropertyCSSValue(blink::CSSPropertyID) const
STDERR: 10  0x7f8a4f025acb blink::CSSComputedStyleDeclaration::getPropertyValue(blink::CSSPropertyID) const
STDERR: 11  0x7f8a4f96a67f blink::SVGAnimationElement::computeCSSPropertyValue(blink::SVGElement*, blink::CSSPropertyID, WTF::String&)
STDERR: 12  0x7f8a4f95a253 blink::SVGAnimateElement::resetAnimatedType()
STDERR: 13  0x7f8a4fa05605 blink::SVGSMILElement::progress(blink::SMILTime, blink::SVGSMILElement*, bool)
STDERR: 14  0x7f8a4f9f3cb3
STDERR: 15  0x7f8a4f9f45ea
STDERR: 16  0x7f8a4f9f4587
STDERR: 17  0x7f8a4f9d3ecc
STDERR: 18  0x7f8a4fa12daa
STDERR: 19  0x7f8a4f2fbf59 blink::ImageResource::allClientsAndObserversRemoved()
STDERR: 20  0x7f8a4f317d83 blink::Resource::didRemoveClientOrObserver()
STDERR: 21  0x7f8a4f2fbb97 blink::ImageResource::removeObserver(blink::ImageResourceObserver*)
STDERR: 22  0x7f8a4f5341d0 blink::ImageLoader::dispose()
STDERR: 23  0x7f8a4f53919c
STDERR: 24  0x7f8a528e3db8 blink::ThreadState::invokePreFinalizers()
STDERR: 25  0x7f8a528e3b08 blink::ThreadState::preSweep()
STDERR: 26  0x7f8a528e44cd blink::ThreadState::leaveSafePoint(blink::SafePointAwareMutexLocker*)
STDERR: 27  0x7f8a5240382e
STDERR: 28  0x7f8a528ca03c blink::ThreadHeap::collectGarbage(blink::BlinkGC::StackState, blink::BlinkGC::GCType, blink::BlinkGC::GCReason)
STDERR: 29  0x7f8a528dfc39 blink::ThreadState::scheduleGCIfNeeded()
STDERR: 30  0x7f8a528d4e25 blink::NormalPageArena::outOfLineAllocate(unsigned long, unsigned long)
STDERR: 31  0x7f8a4e5131ad

It is wasteful to run style recalc for things that are about to get destructed. Also it unnecessarily increases the pause time of Oilpan's GC.

Would anyone in the loading team want to look at this issue?

Comment 1 by hirosh...@chromium.org, May 11 2016

Cc: -hirosh...@chromium.org
Owner: hirosh...@chromium.org
Status: Assigned (was: Untriaged)
haraken@, do you have reproducible test cases?

Issue 606651 is trying to make processing in Resource::allClientsAndObserversRemoved() async.
Probably we can/should make processing in ImageResource::allClientsAndObserversRemoved() async.

Comment 2 by hirosh...@chromium.org, May 11 2016 

Er, doing style recalc asynchronously might have a problem of doing unneccesary style recalc (it doesn't increases the pause time of Oilpan's GC though), but I don't have ideas for resolving that.

Sign in to add a comment