Bug 118269

Summary: 100% repro assertion failure with testcase (m_repaintRect == renderer()->clippedOverflowRectForRepaint(renderer()->containerForRepaint()))
Product: WebKit Reporter: Tim Horton <thorton>
Component: Layout and RenderingAssignee: Nobody <webkit-unassigned>
Status: NEW    
Severity: Normal CC: allan.jensen, sabouhallawa, sam, simon.fraser, tobias.netzel
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
testcase none

Tim Horton
Reported 2013-07-01 17:46:53 PDT
The attached testcase reproduces this assertion 100% of the time in DumpRenderTree, but (not yet) in Safari or Minibrowser. Similar to https://bugs.webkit.org/show_bug.cgi?id=103432.
Attachments
testcase (1.01 KB, text/html)
2013-07-01 17:47 PDT, Tim Horton 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Tim Horton
Comment 1 2013-07-01 17:47:19 PDT
Created attachment 205847 [details] testcase
Tim Horton
Comment 2 2013-07-01 18:28:36 PDT
I’m going to land this testcase with https://bugs.webkit.org/show_bug.cgi?id=118176.
Allan Sandfeld Jensen
Comment 3 2013-07-03 06:01:40 PDT
(In reply to comment #2) > I’m going to land this testcase with https://bugs.webkit.org/show_bug.cgi?id=118176. If the test-case is landed, does that mean the bug is fixed or is the test now partially failing?
Tim Horton
Comment 4 2013-07-03 09:34:02 PDT
(In reply to comment #3) > (In reply to comment #2) > > I’m going to land this testcase with https://bugs.webkit.org/show_bug.cgi?id=118176. > > If the test-case is landed, does that mean the bug is fixed or is the test now partially failing? Partially skipped.
Tobias Netzel
Comment 5 2013-07-03 13:05:36 PDT
I can reproduce this in both Safari 5.0.6 and Minibrowser WK1 by doing the following (you'll need a google account for this): 1. go to [http://code.google.com/p/chromium/issues/detail?id=244592] 2. log in 3. scroll down and click in the box to add new comment, so that the text input cursor is blinking in that box 4. scroll up Here the crash upon scrolling is "enabled" by the fact of having clicked in the box. Clicking inside the box and then clicking outside of it doesn't "disable" it.
Alexey Proskuryakov
Comment 6 2013-07-15 12:57:31 PDT
Looks like this causes heavily broken rendering in release mode.
Alexey Proskuryakov
Comment 7 2013-07-15 14:23:30 PDT
To clarify, I know that this test renders wrong in release builds (tracked internally at Apple as <rdar://problem/14391146>), I don't know how closely that's related to the assertion failure.
Michael Catanzaro
Comment 8 2020-02-06 13:17:39 PST
*** Bug 152722 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.