WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
NEW
180785
ASSERT in RenderLayer::updateLayerPositionsAfterScroll using icloud.com - cached rects incorrect
https://bugs.webkit.org/show_bug.cgi?id=180785
Summary
ASSERT in RenderLayer::updateLayerPositionsAfterScroll using icloud.com - cac...
Joseph Pecoraro
Reported
2017-12-13 16:44:43 PST
ASSERT in RenderLayer::updateLayerPositionsAfterScroll using icloud.com - cached rects incorrect Seen on WebKit
r225753
. Logged into icloud.com, resized the page, clicked an icon => ASSERT. ASSERTION FAILED: !renderer().hasRepaintLayoutRects() || renderer().repaintLayoutRects().m_repaintRect == renderer().clippedOverflowRectForRepaint(renderer().containerForRepaint()) Source/WebCore/rendering/RenderLayer.cpp(940) : void WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap *, UpdateLayerPositionsAfterScrollFlags) 1 0x3d78a382d WTFCrash 2 0x3cacf0ca6 WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap*, unsigned int) 3 0x3cacf0df6 WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap*, unsigned int) 4 0x3cacf0df6 WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap*, unsigned int) 5 0x3cacf0df6 WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap*, unsigned int) 6 0x3cacf0df6 WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap*, unsigned int) 7 0x3cacf0df6 WebCore::RenderLayer::updateLayerPositionsAfterScroll(WebCore::RenderGeometryMap*, unsigned int) 8 0x3cacf08fa WebCore::RenderLayer::updateLayerPositionsAfterDocumentScroll() 9 0x3ca565dc0 WebCore::FrameView::updateLayerPositionsAfterScrolling() 10 0x3ca6fdf0c WebCore::ScrollView::completeUpdatesAfterScrollTo(WebCore::IntSize const&) 11 0x3ca6fe1c4 WebCore::ScrollView::scrollTo(WebCore::IntPoint const&) 12 0x3ca56a6c4 WebCore::FrameView::scrollTo(WebCore::IntPoint const&) 13 0x3ca6fda13 WebCore::ScrollView::setScrollOffset(WebCore::IntPoint const&) 14 0x3ca6fdb0c non-virtual thunk to WebCore::ScrollView::setScrollOffset(WebCore::IntPoint const&) 15 0x3ca703e8f WebCore::ScrollableArea::scrollPositionChanged(WebCore::IntPoint const&) 16 0x3ca703ddf WebCore::ScrollableArea::notifyScrollPositionChanged(WebCore::IntPoint const&) 17 0x3ca6ca3a8 WebCore::AsyncScrollingCoordinator::reconcileScrollingState(WebCore::FrameView&, WebCore::FloatPoint const&, WTF::Variant<std::optional<WebCore::FloatPoint>, std::optional<WebCore::FloatRect> > const&, bool, WebCore::ViewportRectStability, WebCore::ScrollingLayerPositionAction) 18 0x3ca6c97a4 WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll(unsigned long long, WebCore::FloatPoint const&, std::optional<WebCore::FloatPoint>, bool, WebCore::ScrollingLayerPositionAction) 19 0x3ca6c8163 WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScrollTimerFired() 20 0x3ca6d2591 WTF::Function<void ()>::CallableWrapper<std::__1::__bind<void (WebCore::AsyncScrollingCoordinator::*&)(), WebCore::AsyncScrollingCoordinator*> >::call() 21 0x3c800f48b WTF::Function<void ()>::operator()() const 22 0x3c80893c9 WebCore::Timer::fired() 23 0x3ca71b864 WebCore::ThreadTimers::sharedTimerFiredInternal() 24 0x3ca730141 WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0::operator()() const 25 0x3ca7300f9 WTF::Function<void ()>::CallableWrapper<WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0>::call() 26 0x3c800f48b WTF::Function<void ()>::operator()() const 27 0x3ca6f2fd5 WebCore::MainThreadSharedTimer::fired() 28 0x3ca792f59 WebCore::timerFired(__CFRunLoopTimer*, void*) ... LLDB session:
> (lldb) bt 10 > * thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xbbadbeef) > frame #0: 0x00000003d78a3834 JavaScriptCore`::WTFCrash() at Assertions.cpp:272 > * frame #1: 0x00000003cacf0ca6 WebCore`WebCore::RenderLayer::updateLayerPositionsAfterScroll(this=0x00000003e1ed1000, geometryMap=0x00007ffeea1809c0, flags=4) at RenderLayer.cpp:940 > frame #2: 0x00000003cacf0df6 WebCore`WebCore::RenderLayer::updateLayerPositionsAfterScroll(this=0x00000003e72f15f0, geometryMap=0x00007ffeea1809c0, flags=4) at RenderLayer.cpp:945 > frame #3: 0x00000003cacf0df6 WebCore`WebCore::RenderLayer::updateLayerPositionsAfterScroll(this=0x00000003e251a720, geometryMap=0x00007ffeea1809c0, flags=4) at RenderLayer.cpp:945 > frame #4: 0x00000003cacf0df6 WebCore`WebCore::RenderLayer::updateLayerPositionsAfterScroll(this=0x00000003ebade850, geometryMap=0x00007ffeea1809c0, flags=0) at RenderLayer.cpp:945 > frame #5: 0x00000003cacf0df6 WebCore`WebCore::RenderLayer::updateLayerPositionsAfterScroll(this=0x00000003ebadfd10, geometryMap=0x00007ffeea1809c0, flags=0) at RenderLayer.cpp:945 > frame #6: 0x00000003cacf0df6 WebCore`WebCore::RenderLayer::updateLayerPositionsAfterScroll(this=0x00000003ebadfbe0, geometryMap=0x00007ffeea1809c0, flags=0) at RenderLayer.cpp:945 > frame #7: 0x00000003cacf08fa WebCore`WebCore::RenderLayer::updateLayerPositionsAfterDocumentScroll(this=0x00000003ebadfbe0) at RenderLayer.cpp:887 > frame #8: 0x00000003ca565dc0 WebCore`WebCore::FrameView::updateLayerPositionsAfterScrolling(this=0x00000003e66f5a00) at FrameView.cpp:2389 > frame #9: 0x00000003ca6fdf0c WebCore`WebCore::ScrollView::completeUpdatesAfterScrollTo(this=0x00000003e66f5a00, scrollDelta=0x00007ffeea180ea0) at ScrollView.cpp:472
>
> (lldb) f > frame #1: 0x00000003cacf0ca6 WebCore`WebCore::RenderLayer::updateLayerPositionsAfterScroll(this=0x00000003e1ed1000, geometryMap=0x00007ffeea1809c0, flags=4) at RenderLayer.cpp:940 > 937 computeRepaintRects(renderer().containerForRepaint(), geometryMap); > 938 } else { > 939 // Check that our cached rects are correct. > -> 940 ASSERT(!renderer().hasRepaintLayoutRects() || renderer().repaintLayoutRects().m_repaintRect == renderer().clippedOverflowRectForRepaint(renderer().containerForRepaint())); > 941 ASSERT(!renderer().hasRepaintLayoutRects() || renderer().repaintLayoutRects().m_outlineBox == renderer().outlineBoundsForRepaint(renderer().containerForRepaint())); > 942 } > 943 > > (lldb) p renderer().hasRepaintLayoutRects() > (bool) $0 = true > > (lldb) p renderer().repaintLayoutRects() > (WebCore::RepaintLayoutRects) $1 = { > m_repaintRect = (m_location = { x = 1168px (74752), y = 356px (22784) }, m_size = { width = 141px (9024), height = 141px (9024) }) > m_outlineBox = (m_location = { x = 1169px (74816), y = 357px (22848) }, m_size = { width = 140px (8960), height = 139px (8896) }) > } > > (lldb) p renderer().clippedOverflowRectForRepaint(renderer().containerForRepaint()) > (WebCore::LayoutRect) $2 = (m_location = { x = 0.015625px (1), y = 0px (0) }, m_size = { width = -5.74259e+06px (-367525888), height = 511.969px (32766) })
Attachments
Add attachment
proposed patch, testcase, etc.
Joseph Pecoraro
Comment 1
2017-12-13 16:47:48 PST
I had Web Inspector open and docked to the bottom, I'm not sure if that impacts this.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug