Iframes can fail to paint after becoming visible |
|||||||
Issue descriptionSee b/28678040 for the google-internal use case. It was broken by https://codereview.chromium.org/1616183002. The subsequent crash on that page was fixed by https://codereview.chromium.org/1660253002.
,
Jun 6 2016
Is this reproducible at ToT? Possibly fixed by http://crrev.com/2010963003.
,
Jun 6 2016
Yes it does repro at ToT.
,
Jun 10 2016
I finally found the root cause: m_rootContentLayer can be destroyed while m_compositing is still true. After that point, it's impossible to re-allocate it due to an early-out at the start of setCompositingModeEnabled, which is the only way that m_rootContentLayer can be allocated. Once m_rootContentLayer is destroyed, there is no way to insert child composited layers into the graphcs layer tree, so even though they have layers they won't ever be painted.
,
Jun 10 2016
I think the right solution is to never delete m_rootContentLayer while m_compositing is true. Currently it only does that if the layer list is empty.
,
Jun 14 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f214ea22ef9f0434500f0fa1266e8fa4741d7f7f commit f214ea22ef9f0434500f0fa1266e8fa4741d7f7f Author: chrishtr <chrishtr@chromium.org> Date: Tue Jun 14 20:22:56 2016 Never destroy the root content layer unless leaving compositing mode. BUG= 617800 Review-Url: https://codereview.chromium.org/2058213002 Cr-Commit-Position: refs/heads/master@{#399777} [modify] https://crrev.com/f214ea22ef9f0434500f0fa1266e8fa4741d7f7f/third_party/WebKit/Source/core/layout/compositing/PaintLayerCompositor.cpp
,
Jun 15 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f214ea22ef9f0434500f0fa1266e8fa4741d7f7f commit f214ea22ef9f0434500f0fa1266e8fa4741d7f7f Author: chrishtr <chrishtr@chromium.org> Date: Tue Jun 14 20:22:56 2016 Never destroy the root content layer unless leaving compositing mode. BUG= 617800 Review-Url: https://codereview.chromium.org/2058213002 Cr-Commit-Position: refs/heads/master@{#399777} [modify] https://crrev.com/f214ea22ef9f0434500f0fa1266e8fa4741d7f7f/third_party/WebKit/Source/core/layout/compositing/PaintLayerCompositor.cpp
,
Jun 15 2016
,
Jun 23 2016
,
Jun 23 2016
This bug fixed a high-priority issue with ads (see b/28678040). There does not appear to be any safe workaround. The currently implemented workaround is to detach and reattach the frame in a setTimeout, which for all we know may be slightly flaky). As a result, I think we'll have to merge f214ea22ef9f0434500f0fa1266e8fa4741d7f7f into M52. I will also make another attempt to test it.
,
Jun 23 2016
Your change meets the bar and is auto-approved for M52 (branch: 2743)
,
Jun 24 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/3bc796c38cb86b8af43edf83ae004a42a10de05e commit 3bc796c38cb86b8af43edf83ae004a42a10de05e Author: Chris Harrelson <chrishtr@chromium.org> Date: Fri Jun 24 23:13:37 2016 Never destroy the root content layer unless leaving compositing mode. BUG= 617800 Review-Url: https://codereview.chromium.org/2058213002 Cr-Commit-Position: refs/heads/master@{#399777} (cherry picked from commit f214ea22ef9f0434500f0fa1266e8fa4741d7f7f) Review URL: https://codereview.chromium.org/2092303002 . Cr-Commit-Position: refs/branch-heads/2743@{#473} Cr-Branched-From: 2b3ae3b8090361f8af5a611712fc1a5ab2de53cb-refs/heads/master@{#394939} [modify] https://crrev.com/3bc796c38cb86b8af43edf83ae004a42a10de05e/third_party/WebKit/Source/core/layout/compositing/PaintLayerCompositor.cpp
,
Jun 27 2016
|
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by chrishtr@chromium.org
, Jun 6 2016