RESOLVED FIXED 178621
[FrameView::layout cleanup] Make m_subtreeLayoutRoot weak. 
https://bugs.webkit.org/show_bug.cgi?id=178621
Summary [FrameView::layout cleanup] Make m_subtreeLayoutRoot weak.
zalan
Reported 2017-10-21 08:08:41 PDT
ssia.
Attachments
Patch (16.29 KB, text/plain)
2017-10-21 08:45 PDT, zalan 		no flags
Details
Archive of layout-test-results from ews114 for mac-elcapitan (493.49 KB, application/zip)
2017-10-21 14:47 PDT, Build Bot 		no flags
Details
Patch (15.95 KB, text/plain)
2017-10-21 16:08 PDT, zalan 		no flags
Details
Archive of layout-test-results from ews114 for mac-elcapitan (2.36 MB, application/zip)
2017-10-21 17:40 PDT, Build Bot 		no flags
Details
Patch (16.44 KB, patch)
2017-10-21 23:36 PDT, zalan 		no flags
DetailsFormatted DiffDiff
Archive of layout-test-results from ews103 for mac-elcapitan (1.03 MB, application/zip)
2017-10-22 00:41 PDT, Build Bot 		no flags
Details
Archive of layout-test-results from ews112 for mac-elcapitan (1.85 MB, application/zip)
2017-10-22 00:59 PDT, Build Bot 		no flags
Details
Patch (17.32 KB, patch)
2017-10-22 15:04 PDT, zalan 		no flags
DetailsFormatted DiffDiff
Patch (17.00 KB, patch)
2017-10-22 20:42 PDT, zalan 		no flags
DetailsFormatted DiffDiff
Patch (16.17 KB, patch)
2017-10-22 21:34 PDT, zalan 		no flags
DetailsFormatted DiffDiff
Patch (13.29 KB, patch)
2017-10-23 12:59 PDT, zalan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (10) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2017-10-21 08:09:06 PDT
<rdar://problem/35110321>
Radar WebKit Bug Importer
Comment 2 2017-10-21 08:14:44 PDT
<rdar://problem/35110347>
zalan
Comment 3 2017-10-21 08:45:16 PDT
Created attachment 324501 [details] Patch
Build Bot
Comment 4 2017-10-21 14:47:22 PDT
Comment on attachment 324501 [details] Patch Attachment 324501 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/4946487 Number of test failures exceeded the failure limit.
Build Bot
Comment 5 2017-10-21 14:47:23 PDT
Created attachment 324505 [details] Archive of layout-test-results from ews114 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews114 Port: mac-elcapitan Platform: Mac OS X 10.11.6
zalan
Comment 6 2017-10-21 16:08:27 PDT
Created attachment 324507 [details] Patch
Daniel Bates
Comment 7 2017-10-21 16:38:50 PDT
Comment on attachment 324507 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=324507&action=review > Source/WebCore/ChangeLog:9 > + This patch turn m_subtreeLayoutRoot into a optional weak pointer. Optional, because It seems weird that we need an optional weak ptr. Is it necessary to differentiate between having a null pointer and not having a pointer at all (std::nullopt)?
Build Bot
Comment 8 2017-10-21 17:40:16 PDT
Comment on attachment 324507 [details] Patch Attachment 324507 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/4947417 New failing tests: svg/custom/delete-text-innerText-crash.html fast/forms/textarea-paste-newline.html svg/custom/bug79798.html editing/pasteboard/smart-paste-in-text-control.html svg/custom/delete-text-crash.html editing/execCommand/insert-list-xml.xhtml editing/pasteboard/copy-paste-pre-line-content.html editing/pasteboard/copy-paste-first-line-in-textarea.html
Build Bot
Comment 9 2017-10-21 17:40:17 PDT
Created attachment 324514 [details] Archive of layout-test-results from ews114 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews114 Port: mac-elcapitan Platform: Mac OS X 10.11.6
zalan
Comment 10 2017-10-21 18:37:41 PDT
(In reply to Daniel Bates from comment #7) > Comment on attachment 324507 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=324507&action=review > > > Source/WebCore/ChangeLog:9 > > + This patch turn m_subtreeLayoutRoot into a optional weak pointer. Optional, because > > It seems weird that we need an optional weak ptr. Is it necessary to > differentiate between having a null pointer and not having a pointer at all > (std::nullopt)? Yes. Not having a pointer at all means we are not planning to run a subtree layout, while having a null pointer means that we are planning to run a subtree layout but due to some tree mutation we have destroyed the renderer that initiated this layout.
Daniel Bates
Comment 11 2017-10-21 20:15:49 PDT
(In reply to zalan from comment #10) > (In reply to Daniel Bates from comment #7) > > Comment on attachment 324507 [details] > > Patch > > > > View in context: > > https://bugs.webkit.org/attachment.cgi?id=324507&action=review > > > > > Source/WebCore/ChangeLog:9 > > > + This patch turn m_subtreeLayoutRoot into a optional weak pointer. Optional, because > > > > It seems weird that we need an optional weak ptr. Is it necessary to > > differentiate between having a null pointer and not having a pointer at all > > (std::nullopt)? > Yes. Not having a pointer at all means we are not planning to run a subtree > layout, while having a null pointer means that we are planning to run a > subtree layout but due to some tree mutation we have destroyed the renderer > that initiated this layout. Do we do something different for these cases when FrameView::layout() is called? From briefly looking at the now obsolete attachment #324507 [details] it seems that we always perform a full layout (unless we do not have a RenderView).
zalan
Comment 12 2017-10-21 23:03:12 PDT
(In reply to Build Bot from comment #9) > Created attachment 324514 [details] > Archive of layout-test-results from ews114 for mac-elcapitan > > The attached test failures were seen while running run-webkit-tests on the > mac-debug-ews. > Bot: ews114 Port: mac-elcapitan Platform: Mac OS X 10.11.6 These failures actually are not regressions. The patch reveals a bug where we mark the RenderView dirty soon after we schedule a subtree layout.
zalan
Comment 13 2017-10-21 23:09:59 PDT
(In reply to Daniel Bates from comment #11) > (In reply to zalan from comment #10) > > (In reply to Daniel Bates from comment #7) > > > Comment on attachment 324507 [details] > > > Patch > > > > > > View in context: > > > https://bugs.webkit.org/attachment.cgi?id=324507&action=review > > > > > > > Source/WebCore/ChangeLog:9 > > > > + This patch turn m_subtreeLayoutRoot into a optional weak pointer. Optional, because > > > > > > It seems weird that we need an optional weak ptr. Is it necessary to > > > differentiate between having a null pointer and not having a pointer at all > > > (std::nullopt)? > > Yes. Not having a pointer at all means we are not planning to run a subtree > > layout, while having a null pointer means that we are planning to run a > > subtree layout but due to some tree mutation we have destroyed the renderer > > that initiated this layout. > > Do we do something different for these cases when FrameView::layout() is > called? From briefly looking at the now obsolete attachment #324507 [details] > [details] it seems that we always perform a full layout (unless we do not > have a RenderView). ASSERT on the second case and skip the layout. (clearly missing from this patch)
zalan
Comment 14 2017-10-21 23:36:58 PDT
Created attachment 324518 [details] Patch
Build Bot
Comment 15 2017-10-21 23:39:24 PDT
Attachment 324518 [details] did not pass style-queue: ERROR: Source/WebCore/page/FrameView.cpp:1399: Please replace ASSERT_WITH_SECURITY_IMPLICATION() with RELEASE_ASSERT_WITH_SECURITY_IMPLICATION(). [security/assertion] [5] Total errors found: 1 in 3 files If any of these errors are false positives, please file a bug against check-webkit-style.
zalan
Comment 16 2017-10-21 23:39:32 PDT
(In reply to zalan from comment #14) > Created attachment 324518 [details] > Patch This is just for EWSing -needs to be split up into 2 separate patches.
Build Bot
Comment 17 2017-10-22 00:41:47 PDT
Comment on attachment 324518 [details] Patch Attachment 324518 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/4949265 New failing tests: fast/dynamic/remove-invisible-node-inside-selection.html
Build Bot
Comment 18 2017-10-22 00:41:48 PDT
Created attachment 324520 [details] Archive of layout-test-results from ews103 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-elcapitan Platform: Mac OS X 10.11.6
Build Bot
Comment 19 2017-10-22 00:59:36 PDT
Comment on attachment 324518 [details] Patch Attachment 324518 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/4949270 New failing tests: fast/dynamic/remove-invisible-node-inside-selection.html
Build Bot
Comment 20 2017-10-22 00:59:38 PDT
Created attachment 324521 [details] Archive of layout-test-results from ews112 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews112 Port: mac-elcapitan Platform: Mac OS X 10.11.6
zalan
Comment 21 2017-10-22 15:04:12 PDT
Created attachment 324533 [details] Patch
zalan
Comment 22 2017-10-22 20:24:34 PDT
(In reply to zalan from comment #12) > (In reply to Build Bot from comment #9) > > Created attachment 324514 [details] > > Archive of layout-test-results from ews114 for mac-elcapitan > > > > The attached test failures were seen while running run-webkit-tests on the > > mac-debug-ews. > > Bot: ews114 Port: mac-elcapitan Platform: Mac OS X 10.11.6 > > These failures actually are not regressions. The patch reveals a bug where > we mark the RenderView dirty soon after we schedule a subtree layout. See bug 178651
zalan
Comment 23 2017-10-22 20:42:25 PDT
Created attachment 324540 [details] Patch
zalan
Comment 24 2017-10-22 21:34:28 PDT
Created attachment 324541 [details] Patch
zalan
Comment 25 2017-10-23 12:59:03 PDT
Created attachment 324579 [details] Patch
WebKit Commit Bot
Comment 26 2017-10-23 13:42:54 PDT
Comment on attachment 324579 [details] Patch Clearing flags on attachment: 324579 Committed r223853: <https://trac.webkit.org/changeset/223853>
WebKit Commit Bot
Comment 27 2017-10-23 13:42:56 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.