217240 – REGRESSION (r257839): Broken focus when 'display' changes in an attribute selector

Bug 217240 - REGRESSION (r257839): Broken focus when 'display' changes in an attribute selector

Summary: REGRESSION (r257839): Broken focus when 'display' changes in an attribute sel...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Layout and Rendering (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Duplicates (1):	220580 (view as bug list)
Depends on:
Blocks:

Reported:	2020-10-02 11:14 PDT by Ali Juma
Modified:	2021-01-13 11:20 PST (History)
CC List:	17 users (show)

See Also:	29241

Attachments
Test case (936 bytes, text/html) 2020-10-02 11:14 PDT, Ali Juma	no flags	Details
patch (4.83 KB, patch) 2021-01-12 03:45 PST, Antti Koivisto	no flags	Details \| Formatted Diff \| Diff
patch (5.53 KB, patch) 2021-01-13 04:26 PST, Antti Koivisto	no flags	Details \| Formatted Diff \| Diff
alternative (6.26 KB, patch) 2021-01-13 06:07 PST, Antti Koivisto	ews-feeder: commit-queue-	Details \| Formatted Diff \| Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ali Juma 2020-10-02 11:14:01 PDT

Created attachment 410344 [details]
Test case

This is similar to bug 216754 and bug 216257 but still broken after those fixes.

The conditions needed for this bug are:
1) An element E is display:none because of an attribute selector
2) Script asks for E's computed style's display property
3) The attribute from the attribute selector changes so that E is now display:block
4) Some descendant D of E is focused using D.focus()

After r257839, we end up using the stale computed style stored at step (2) when checking for hidden ancestors in Element::isVisibleWithoutResolvingFullStyle(), so incorrectly conclude that D is not visible.

I've attached a test case. 

In practice, this is happening on m.youtube.com in Chrome for iOS, where tapping on the search button will fail to focus the search field. In that case, the code asking for the computed style is actually in Chrome's injected logic for autofill and translation. However, the attached test case reproduces the bug more generally (in MiniBrowser and Safari).

Comment 1 Radar WebKit Bug Importer 2020-10-02 12:15:12 PDT

<rdar://problem/69891684>

Comment 2 Antti Koivisto 2021-01-12 03:05:32 PST

Attribute change invalidation fails to invalidate the computed style.

Comment 3 Antti Koivisto 2021-01-12 03:45:44 PST

Created attachment 417442 [details]
patch

Comment 4 Antti Koivisto 2021-01-13 04:26:29 PST

Created attachment 417524 [details]
patch

Comment 5 Antti Koivisto 2021-01-13 05:30:44 PST

*** Bug 220580 has been marked as a duplicate of this bug. ***

Comment 6 Antti Koivisto 2021-01-13 06:07:54 PST

Created attachment 417527 [details]
alternative

Comment 7 Antti Koivisto 2021-01-13 11:08:27 PST

Speedometer A/B looks good.

Comment 8 EWS 2021-01-13 11:20:48 PST

Committed r271446: <https://trac.webkit.org/changeset/271446>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 417524 [details].