Bug 227624

Summary:

REGRESSION (r278377): incorrect hit-testing with clip-path()

Product:

WebKit

Reporter:

Antoine Quint <graouts>

Component:

Layout and Rendering

Assignee:

zalan <zalan>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

bfulgham, changseok, christoph-wk, esprehn+autocc, ews-watchlist, fred.wang, glenn, kondapallykalyan, pdr, simon.fraser, webkit-bug-importer, zalan

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

See Also:

https://bugs.webkit.org/show_bug.cgi?id=226499

Attachments:

Description	Flags
test	none
More self-explanatory, non-flex testcase	none
Another test reduction	none
Patch	none
Patch	none

Antoine Quint

Reported 2021-07-02 07:00:01 PDT

Created attachment 432788 [details] test The attached test case regressed with r278377 in that the cursor set via CSS on an element with a clip-path and a hierarchy of element with display: flex and clip-path above it fails to show the cursor.

Attachments
test (585 bytes, text/html) 2021-07-02 07:00 PDT, Antoine Quint	no flags	Details
More self-explanatory, non-flex testcase (778 bytes, text/html) 2021-07-02 11:00 PDT, Simon Fraser (smfr)	no flags	Details
Another test reduction (697 bytes, text/html) 2021-07-02 13:41 PDT, zalan	no flags	Details
Patch (11.74 KB, patch) 2021-07-02 20:03 PDT, zalan	no flags	Details Formatted Diff Diff
Patch (11.68 KB, patch) 2021-07-03 09:30 PDT, zalan	no flags	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.

Antoine Quint

Comment 1 2021-07-02 07:00:29 PDT

<rdar://problem/79845896>

Antoine Quint

Comment 2 2021-07-02 07:12:14 PDT

The test case shows the intermediate container is the one being hit-tested since the wait cursor is shown when hovering over the black rectangle.

Antoine Quint

Comment 3 2021-07-02 08:16:39 PDT

We fail this check in Path::contains() under this call stack when consider the RenderLayer for the "leaf" element: if (!fastBoundingRect().contains(point)) return false; #0 0x000000073c986373 in WebCore::Path::contains(WebCore::FloatPoint const&, WebCore::WindRule) const at WebCore/platform/graphics/cg/PathCG.cpp:227 #1 0x000000073cdca823 in WebCore::RenderBox::hitTestClipPath(WebCore::HitTestLocation const&, WebCore::LayoutPoint const&) const at WebCore/rendering/RenderBox.cpp:1388 #2 0x000000073ceba871 in WebCore::RenderLayer::hitTestLayer(WebCore::RenderLayer*, WebCore::RenderLayer*, WebCore::HitTestRequest const&, WebCore::HitTestResult&, WebCore::LayoutRect const&, WebCore::HitTestLocation const&, bool, WebCore::HitTestingTransformState const*, double*) at WebCore/rendering/RenderLayer.cpp:4122 The provided point is indeed outside of the bounds and seems to be in page coordinates, or at least converted to the coordinates of this element.

Simon Fraser (smfr)

Comment 4 2021-07-02 11:00:30 PDT

Created attachment 432805 [details] More self-explanatory, non-flex testcase

zalan

Comment 5 2021-07-02 13:41:09 PDT

Created attachment 432818 [details] Another test reduction

zalan

Comment 6 2021-07-02 20:03:06 PDT

Created attachment 432839 [details] Patch

Simon Fraser (smfr)

Comment 7 2021-07-03 08:49:32 PDT

Comment on attachment 432839 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=432839&action=review > Source/WebCore/ChangeLog:13 > + 3. The clip-path instersecting takes coordinates relative to the containing block. "instersecting"

zalan

Comment 8 2021-07-03 09:30:07 PDT

Created attachment 432851 [details] Patch

EWS

Comment 9 2021-07-03 10:27:54 PDT

Committed r279544 (239380@main): <https://commits.webkit.org/239380@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 432851 [details].

Simon Fraser (smfr)

Comment 10 2021-07-24 22:08:24 PDT

*** Bug 228262 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.