Bug 199253

Summary: [Async overflow scrolling] Fix missing or misplaced content inside overflow:scroll
Product: WebKit Reporter: Simon Fraser (smfr) <simon.fraser>
Component: ScrollingAssignee: Simon Fraser (smfr) <simon.fraser>
Status: RESOLVED FIXED    
Severity: Normal CC: koivisto, repstein, simon.fraser, webkit-bug-importer, zalan
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=198086
Attachments:
Description Flags
Patch zalan: review+

Description Simon Fraser (smfr) 2019-06-26 17:52:31 PDT
[Async overflow scrolling] Fix missing or misplaced content inside overflow:scroll
Comment 1 Simon Fraser (smfr) 2019-06-26 18:03:00 PDT
Created attachment 372980 [details]
Patch
Comment 2 Simon Fraser (smfr) 2019-06-26 18:03:02 PDT
<rdar://problem/51855156>
Comment 3 Simon Fraser (smfr) 2019-06-26 18:04:08 PDT
*** Bug 198340 has been marked as a duplicate of this bug. ***
Comment 4 Simon Fraser (smfr) 2019-06-26 21:13:56 PDT
https://trac.webkit.org/r246869
Comment 5 Russell Epstein 2019-06-27 09:53:56 PDT
This patch appears to have caused the following test to crash:

fast/repaint/fixed-and-absolute-position-scrolled.html

Platform: Mac Debug WK2
Build   : r246869

Steps to Reproduce:

run-webkit-tests --iter 1000 -f fast/repaint/fixed-and-absolute-position-scrolled.html

History:

https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=fast%2Frepaint%2Ffixed-and-absolute-position-scrolled.html

Crash Log:

No crash log found for com.apple.WebKit.WebContent.Development:99727.

stdout:

stderr:
ASSERTION FAILED: !renderer().hasRepaintLayoutRects() || renderer().repaintLayoutRects().m_repaintRect == renderer().clippedOverflowRectForRepaint(renderer().containerForRepaint())
./rendering/RenderLayer.cpp(1123) : void WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap *, OptionSet<WebCore::RenderLayer::UpdateLayerPositionsAfterScrollFlag>)
1   0x3631759c9 WTFCrash
2   0x34a1803db WTFCrashWithInfo(int, char const*, char const*, int)
3   0x34dd07b94 WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap*, WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsAfterScrollFlag>)
4   0x34dd07d25 WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap*, WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsAfterScrollFlag>)
5   0x34dd07d25 WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap*, WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsAfterScrollFlag>)
6   0x34dd07d25 WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap*, WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsAfterScrollFlag>)
7   0x34dd0771e WebCore::RenderLayer::updateLayerPositionsAfterDocumentScroll()
8   0x34d456ddf WebCore::FrameView::updateLayerPositionsAfterScrolling()
9   0x34d68148c WebCore::ScrollView::completeUpdatesAfterScrollTo(WebCore::IntSize const&)
10  0x34d68181b WebCore::ScrollView::scrollTo(WebCore::IntPoint const&)
11  0x34d45b174 WebCore::FrameView::scrollTo(WebCore::IntPoint const&)
12  0x34d680fbd WebCore::ScrollView::setScrollOffset(WebCore::IntPoint const&)
13  0x34d68725e WebCore::ScrollableArea::scrollPositionChanged(WebCore::IntPoint const&)
14  0x34d6871bf WebCore::ScrollableArea::notifyScrollPositionChanged(WebCore::IntPoint const&)
15  0x34d5ffc6f WebCore::AsyncScrollingCoordinator::reconcileScrollingState(WebCore::FrameView&, WebCore::FloatPoint const&, WTF::Variant<WTF::Optional<WebCore::FloatPoint>, WTF::Optional<WebCore::FloatRect> > const&, WebCore::ScrollType, WebCore::ViewportRectStability, WebCore::ScrollingLayerPositionAction)
16  0x34d5ff130 WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll(unsigned long long, WebCore::FloatPoint const&, WTF::Optional<WebCore::FloatPoint>, WebCore::ScrollType, WebCore::ScrollingLayerPositionAction)
17  0x34d5fec31 WebCore::AsyncScrollingCoordinator::requestScrollPositionUpdate(WebCore::ScrollableArea&, WebCore::IntPoint const&)
18  0x34d457bd9 WebCore::FrameView::requestScrollPositionUpdate(WebCore::IntPoint const&)
19  0x34d681c9a WebCore::ScrollView::setScrollPosition(WebCore::IntPoint const&)
20  0x34d446c8f WebCore::FrameView::setScrollPosition(WebCore::IntPoint const&)
21  0x34d6801ac WebCore::ScrollView::setContentsScrollPosition(WebCore::IntPoint const&)
22  0x34d3df53a WebCore::DOMWindow::scrollTo(WebCore::ScrollToOptions const&, WebCore::ScrollClamping) const
23  0x34d3df5c9 WebCore::DOMWindow::scrollTo(double, double, WebCore::ScrollClamping) const
24  0x34aae574c WebCore::jsDOMWindowInstanceFunctionScrollTo2Body(JSC::ExecState*, WebCore::JSDOMWindow*, JSC::ThrowScope&)
25  0x34aae5480 WebCore::jsDOMWindowInstanceFunctionScrollToOverloadDispatcher(JSC::ExecState*, WebCore::JSDOMWindow*, JSC::ThrowScope&)
26  0x34aa87990 long long WebCore::IDLOperation<WebCore::JSDOMWindow>::call<&(WebCore::jsDOMWindowInstanceFunctionScrollToOverloadDispatcher(JSC::ExecState*, WebCore::JSDOMWindow*, JSC::ThrowScope&)), (WebCore::CastedThisErrorBehavior)0>(JSC::ExecState&, char const*)
27  0x34aa8767c WebCore::jsDOMWindowInstanceFunctionScrollTo(JSC::ExecState*)
28  0x36d431a0116b
29  0x3636a234c llint_entry
30  0x363685633 vmEntryToJavaScript
31  0x364366457 JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*)
LEAK: 1 WebPageProxy