Skip to site navigation (Press enter)

[webkit-changes] [119834] trunk

commit-queue Fri, 08 Jun 2012 08:23:19 -0700

Title: [119834] trunk

Revision: 119834
Author: [email protected]
Date: 2012-06-08 08:23:12 -0700 (Fri, 08 Jun 2012)

Log Message

Some overlay scrollbar API calls in ScrollAnimatorMac can lead to an assertion in RenderBox::mapAbsoluteToLocalPoint
https://bugs.webkit.org/show_bug.cgi?id=74111


Patch by Ion Rosca <[email protected]> on 2012-06-08
Reviewed by Simon Fraser.

.:

* ManualTests/scrollbar-crash-on-hide-scrolled-area.html: Added.

Source/WebCore:

Added zero-delay timer for AppKit scroll notification that can be called during layout.
Manual test: ManualTests/scrollbar-crash-on-hide-scrolled-area.html
This assertion does not fire when running layout tests. It can be easly reproduced using a debug build by loading the manual test page.

* platform/mac/ScrollAnimatorMac.h:
(ScrollAnimatorMac):
* platform/mac/ScrollAnimatorMac.mm:
(WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
(WebCore::ScrollAnimatorMac::notifyContentAreaScrolled):
(WebCore::ScrollAnimatorMac::sendContentAreaScrolledSoon):
(WebCore):
(WebCore::ScrollAnimatorMac::sendContentAreaScrolledTimerFired):

Modified Paths

trunk/ChangeLog
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/platform/mac/ScrollAnimatorMac.h
trunk/Source/WebCore/platform/mac/ScrollAnimatorMac.mm

Added Paths

trunk/ManualTests/scrollbar-crash-on-hide-scrolled-area.html

Diff

Modified: trunk/ChangeLog (119833 => 119834)


--- trunk/ChangeLog	2012-06-08 15:20:09 UTC (rev 119833)
+++ trunk/ChangeLog	2012-06-08 15:23:12 UTC (rev 119834)
@@ -1,3 +1,12 @@
+2012-06-08  Ion Rosca  <[email protected]>
+
+        Some overlay scrollbar API calls in ScrollAnimatorMac can lead to an assertion in RenderBox::mapAbsoluteToLocalPoint
+        https://bugs.webkit.org/show_bug.cgi?id=74111
+
+        Reviewed by Simon Fraser.
+
+        * ManualTests/scrollbar-crash-on-hide-scrolled-area.html: Added.
+
 2012-06-07  Kentaro Hara  <[email protected]>
 
         Reduce Node object size from 72 byte to 64 byte

Added: trunk/ManualTests/scrollbar-crash-on-hide-scrolled-area.html (0 => 119834)


--- trunk/ManualTests/scrollbar-crash-on-hide-scrolled-area.html	                        (rev 0)
+++ trunk/ManualTests/scrollbar-crash-on-hide-scrolled-area.html	2012-06-08 15:23:12 UTC (rev 119834)
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8"/>
+    <title>QuickStart</title>
+    <style>
+    .lessonChapters {
+        position:absolute;
+        top:26px;
+        bottom:22px;
+        overflow:auto;
+    }
+    #hint {
+        height:9000px;
+    }
+</style>
+<script>
+    function runTest()
+    {
+        document.getElementById('lessons').scrollTop = 10000;
+        document.getElementById('toHide').style.display='none';
+    }
+</script>
+</head>
+
+<body _onload_="runTest();">
+
+<div class="lessonChapters" id="lessons">
+<div class="lessonChapter" id="toHide">
+    <br />
+    Manual repro: scroll down and click on <b>Next step</b>
+    <div id="hint">&nbsp;</div>
+    <a href="" class="nextStepButton" _onclick_="document.getElementById('toHide').style.display='none'">Next step</a>
+</div>
+<p>Bug #74111: This test is to make sure that a scrolled element does not crash the browser when it goes hidden. The test passes if it does not crash.</p>
+PASSED
+</div>
+    
+</body>
+</html>

Modified: trunk/Source/WebCore/ChangeLog (119833 => 119834)


--- trunk/Source/WebCore/ChangeLog	2012-06-08 15:20:09 UTC (rev 119833)
+++ trunk/Source/WebCore/ChangeLog	2012-06-08 15:23:12 UTC (rev 119834)
@@ -1,3 +1,23 @@
+2012-06-08  Ion Rosca  <[email protected]>
+
+        Some overlay scrollbar API calls in ScrollAnimatorMac can lead to an assertion in RenderBox::mapAbsoluteToLocalPoint
+        https://bugs.webkit.org/show_bug.cgi?id=74111
+
+        Reviewed by Simon Fraser.
+
+        Added zero-delay timer for AppKit scroll notification that can be called during layout.
+        Manual test: ManualTests/scrollbar-crash-on-hide-scrolled-area.html
+        This assertion does not fire when running layout tests. It can be easly reproduced using a debug build by loading the manual test page.
+
+        * platform/mac/ScrollAnimatorMac.h:
+        (ScrollAnimatorMac):
+        * platform/mac/ScrollAnimatorMac.mm:
+        (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
+        (WebCore::ScrollAnimatorMac::notifyContentAreaScrolled):
+        (WebCore::ScrollAnimatorMac::sendContentAreaScrolledSoon):
+        (WebCore):
+        (WebCore::ScrollAnimatorMac::sendContentAreaScrolledTimerFired):
+
 2012-06-08  Renata Hodovan  <[email protected]>
 
         Adding few already supported features to the FeatureSet in DOMImplementation

Modified: trunk/Source/WebCore/platform/mac/ScrollAnimatorMac.h (119833 => 119834)


--- trunk/Source/WebCore/platform/mac/ScrollAnimatorMac.h	2012-06-08 15:20:09 UTC (rev 119833)
+++ trunk/Source/WebCore/platform/mac/ScrollAnimatorMac.h	2012-06-08 15:23:12 UTC (rev 119834)
@@ -65,6 +65,8 @@
     void startScrollbarPaintTimer();
     void stopScrollbarPaintTimer();
 
+    void sendContentAreaScrolledSoon();
+
     void setVisibleScrollerThumbRect(const IntRect&);
 
 private:
@@ -79,6 +81,9 @@
     void initialScrollbarPaintTimerFired(Timer<ScrollAnimatorMac>*);
     Timer<ScrollAnimatorMac> m_initialScrollbarPaintTimer;
 
+    void sendContentAreaScrolledTimerFired(Timer<ScrollAnimatorMac>*);
+    Timer<ScrollAnimatorMac> m_sendContentAreaScrolledTimer;
+
     virtual bool scroll(ScrollbarOrientation, ScrollGranularity, float step, float multiplier);
     virtual void scrollToOffsetWithoutAnimation(const FloatPoint&);

Modified: trunk/Source/WebCore/platform/mac/ScrollAnimatorMac.mm (119833 => 119834)


--- trunk/Source/WebCore/platform/mac/ScrollAnimatorMac.mm	2012-06-08 15:20:09 UTC (rev 119833)
+++ trunk/Source/WebCore/platform/mac/ScrollAnimatorMac.mm	2012-06-08 15:23:12 UTC (rev 119834)
@@ -601,6 +601,7 @@
 ScrollAnimatorMac::ScrollAnimatorMac(ScrollableArea* scrollableArea)
     : ScrollAnimator(scrollableArea)
     , m_initialScrollbarPaintTimer(this, &ScrollAnimatorMac::initialScrollbarPaintTimerFired)
+    , m_sendContentAreaScrolledTimer(this, &ScrollAnimatorMac::sendContentAreaScrolledTimerFired)
 #if ENABLE(RUBBER_BANDING)
     , m_scrollElasticityController(this)
     , m_snapRubberBandTimer(this, &ScrollAnimatorMac::snapRubberBandTimerFired)
@@ -946,7 +947,7 @@
     // isn't really scrolling in that case. We should only pass the message on to the
     // ScrollbarPainterController when we're really scrolling on an active page.
     if (scrollableArea()->isOnActivePage())
-        [m_scrollbarPainterController.get() contentAreaScrolled];
+        sendContentAreaScrolledSoon();
 }
 
 void ScrollAnimatorMac::cancelAnimations()
@@ -1232,6 +1233,17 @@
     }
 }
 
+void ScrollAnimatorMac::sendContentAreaScrolledSoon()
+{
+    if (!m_sendContentAreaScrolledTimer.isActive())
+        m_sendContentAreaScrolledTimer.startOneShot(0);
+}
+
+void ScrollAnimatorMac::sendContentAreaScrolledTimerFired(Timer<ScrollAnimatorMac>*)
+{
+    [m_scrollbarPainterController.get() contentAreaScrolled];
+}
+
 void ScrollAnimatorMac::setVisibleScrollerThumbRect(const IntRect& scrollerThumb)
 {
     IntRect rectInViewCoordinates = scrollerThumb;

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes