151906 – Garbage in page tiles when document is too long.

RESOLVED FIXED 151906

Garbage in page tiles when document is too long.

https://bugs.webkit.org/show_bug.cgi?id=151906

Summary Garbage in page tiles when document is too long.

alan baradlay

Reported 2015-12-04 20:50:49 PST

When document is longer than 16777421px <body style="height: 16777421px;">foobar</body>

Attachments
Patch (9.68 KB, patch) 2015-12-04 21:16 PST, alan baradlay	no flags	Details Formatted Diff Diff
Patch (9.72 KB, patch) 2015-12-04 21:28 PST, alan baradlay	no flags	Details Formatted Diff Diff
Patch (9.75 KB, patch) 2015-12-04 21:44 PST, alan baradlay	no flags	Details Formatted Diff Diff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.

alan baradlay

Comment 1 2015-12-04 20:51:07 PST

rdar://problem/23695858

alan baradlay

Comment 2 2015-12-04 21:16:08 PST

Created attachment 266704 [details] Patch

Simon Fraser (smfr)

Comment 3 2015-12-04 21:18:38 PST

Comment on attachment 266704 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=266704&action=review > Source/WebCore/rendering/ClipRect.h:81 > + if (isInfinite()) > + m_rect = other; > + else > + m_rect.intersect(other); What if 'other' is infinite? > Source/WebCore/rendering/ClipRect.h:96 > + if (isInfinite()) > + return true; > + return m_rect.intersects(rect); > +} What if 'rect' is infinite?

alan baradlay

Comment 4 2015-12-04 21:28:46 PST

Created attachment 266705 [details] Patch

Simon Fraser (smfr)

Comment 5 2015-12-04 21:30:03 PST

Comment on attachment 266705 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=266705&action=review > Source/WebCore/rendering/ClipRect.h:79 > + if (isInfinite() || other.isInfinite()) > + m_rect = other; If this is infinite, but other is not, you're overwriting an infinite rect with a non-infinite one.

alan baradlay

Comment 6 2015-12-04 21:44:41 PST

Created attachment 266707 [details] Patch

WebKit Commit Bot

Comment 7 2015-12-04 23:11:33 PST

Comment on attachment 266707 [details] Patch Clearing flags on attachment: 266707 Committed r193511: <http://trac.webkit.org/changeset/193511>

WebKit Commit Bot

Comment 8 2015-12-04 23:11:36 PST

All reviewed patches have been landed. Closing bug.

Ryan Haddad

Comment 9 2015-12-08 16:37:53 PST

Rebaseline fast/block/float/overhanging-tall-block.html for win in <https://trac.webkit.org/r193796>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component Layout and Rendering

Assignee

alan baradlay

Reported

2015-12-04 20:50 PST

Modified

2015-12-08 16:37 PST History

CC List

6 users Show

URL

Keywords InRadar

Depends on

Blocks