REGRESSION(r240553): [iOS] Crash in ScrollingTree::updateTreeFromStateNode when attem...
authorsimon.fraser@apple.com <simon.fraser@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 29 Jan 2019 21:29:27 +0000 (21:29 +0000)
committersimon.fraser@apple.com <simon.fraser@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 29 Jan 2019 21:29:27 +0000 (21:29 +0000)
commit99c8ec0ad21290b67af267e60560b84ccec223bc
tree9185d4f9b5537da1bcd7182172b069ec8d3996e8
parent1372d5a578453d46e2732a29041866490ecbdb32
REGRESSION(r240553): [iOS] Crash in ScrollingTree::updateTreeFromStateNode when attempting to log in to icloud.com
https://bugs.webkit.org/show_bug.cgi?id=193907
Source/WebCore:

rdar://problem/47604080

Reviewed by Frédéric Wang.

Recent scrolling tree changes can trigger unparenting and reparenting of subtrees in the
state tree. If a subframe's state tree nodes are unparented, a scrolling tree commit would
show these as nodes being destroyed, which destroyed the tree nodes. When re-parented, the
commit would re-create the tree node, but the state node would only have a subset of the
change flags set, so the new tree node would fail to get all of the state (for example, it
would be missing layers and scrolling geometry).

Fix by ensuring that when we reparent state node subtrees, we set all the change flags
so that the full set of data is sent to the scrolling tree (the UI process, in the case of iOS WK2).
Annoyingly, virtual setAllPropertiesChanged() functions are needed so each state node subclass can
set the right change flags.

This patch also gets rid of m_nodesRemovedSinceLastCommit in the state tree. We can gain the same
information by using copying all of the nodeIDs in m_nodeMap into a HashSet, and removing nodes
as we encounter them in the tree walk.

Rename m_latchedNode to m_latchedNodeID in ScrollingTree, since it's a nodeID, not a node pointer.

Test: compositing/geometry/composited-frame-contents.html

* page/scrolling/ScrollingStateFixedNode.cpp:
(WebCore::ScrollingStateFixedNode::setAllPropertiesChanged):
* page/scrolling/ScrollingStateFixedNode.h:
* page/scrolling/ScrollingStateFrameScrollingNode.cpp:
(WebCore::ScrollingStateFrameScrollingNode::setAllPropertiesChanged):
* page/scrolling/ScrollingStateFrameScrollingNode.h:
* page/scrolling/ScrollingStateNode.cpp:
(WebCore::ScrollingStateNode::setPropertyChanged):
(WebCore::ScrollingStateNode::setAllPropertiesChanged):
* page/scrolling/ScrollingStateNode.h:
(WebCore::ScrollingStateNode::setPropertyChangedBit):
* page/scrolling/ScrollingStateScrollingNode.cpp:
(WebCore::ScrollingStateScrollingNode::setAllPropertiesChanged):
* page/scrolling/ScrollingStateScrollingNode.h:
* page/scrolling/ScrollingStateStickyNode.cpp:
(WebCore::ScrollingStateStickyNode::setAllPropertiesChanged):
* page/scrolling/ScrollingStateStickyNode.h:
* page/scrolling/ScrollingStateTree.cpp:
(WebCore::ScrollingStateTree::insertNode): Add a RELEASE_ASSERT on the type of the node created
if parentID == 0, since mistakes here can associate a ScrollingNodeType::MainFrame node with some
other nodeID which can result in type confusion later.
(WebCore::ScrollingStateTree::nodeWasReattachedRecursive):
(WebCore::ScrollingStateTree::commit):
(WebCore::ScrollingStateTree::willRemoveNode):
(WebCore::ScrollingStateTree::setRemovedNodes): Deleted.
* page/scrolling/ScrollingStateTree.h:
(WebCore::ScrollingStateTree::removedNodes const): Deleted.
* page/scrolling/ScrollingTree.cpp:
(WebCore::ScrollingTree::shouldHandleWheelEventSynchronously):
(WebCore::ScrollingTree::commitTreeState):
(WebCore::ScrollingTree::updateTreeFromStateNode):
(WebCore::ScrollingTree::latchedNode):
(WebCore::ScrollingTree::setLatchedNode):
(WebCore::ScrollingTree::clearLatchedNode):
(WebCore::ScrollingTree::scrollingTreeAsText):
(WebCore::ScrollingTree::removeDestroyedNodes): Deleted.
* page/scrolling/ScrollingTree.h:
(WebCore::ScrollingTree::hasLatchedNode const):
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::ensureRootLayer): The scroll layer needs a 0,0,0 anchor point so that
setting its position doesn't offset it relative to the center.

Source/WebKit:

Reviewed by Frédéric Wang.

Remove encode/decode of removedNodes.

* Shared/RemoteLayerTree/RemoteScrollingCoordinatorTransaction.cpp:
(WebKit::RemoteScrollingCoordinatorTransaction::encode const):
(WebKit::RemoteScrollingCoordinatorTransaction::decode):
(WebKit::dump):

LayoutTests:

rdar://problem/47604080

Reviewed by Frédéric Wang.

New ref test for layer positions in composited frames.

New baselines with anchor point on the scroll layer.

* compositing/geometry/composited-frame-contents-expected.html: Added.
* compositing/geometry/composited-frame-contents.html: Added.
* compositing/iframes/become-composited-nested-iframes-expected.txt:
* compositing/iframes/become-overlapped-iframe-expected.txt:
* compositing/iframes/composited-parent-iframe-expected.txt:
* compositing/iframes/connect-compositing-iframe-delayed-expected.txt:
* compositing/iframes/connect-compositing-iframe-expected.txt:
* compositing/iframes/connect-compositing-iframe2-expected.txt:
* compositing/iframes/connect-compositing-iframe3-expected.txt:
* compositing/iframes/enter-compositing-iframe-expected.txt:
* compositing/iframes/iframe-resize-expected.txt:
* compositing/iframes/iframe-size-from-zero-expected.txt:
* compositing/iframes/overlapped-iframe-expected.txt:
* compositing/iframes/overlapped-iframe-iframe-expected.txt:
* compositing/iframes/overlapped-nested-iframes-expected.txt:
* compositing/iframes/page-cache-layer-tree-expected.txt:
* compositing/iframes/remove-reinsert-webview-with-iframe-expected.txt:
* compositing/iframes/resize-from-zero-size-expected.txt:
* compositing/iframes/scrolling-iframe-expected.txt:
* compositing/repaint/iframes/compositing-iframe-scroll-repaint-expected.txt:
* compositing/repaint/iframes/compositing-iframe-with-fixed-background-doc-repaint-expected.txt:
* compositing/visible-rect/iframe-with-layers-outside-viewport-expected.txt:
* platform/ios-wk2/compositing/iframes/composited-parent-iframe-expected.txt:
* platform/ios-wk2/compositing/iframes/connect-compositing-iframe-delayed-expected.txt:
* platform/ios-wk2/compositing/iframes/connect-compositing-iframe-expected.txt:
* platform/ios-wk2/compositing/iframes/connect-compositing-iframe2-expected.txt:
* platform/ios-wk2/compositing/iframes/connect-compositing-iframe3-expected.txt:
* platform/ios-wk2/compositing/iframes/enter-compositing-iframe-expected.txt:
* platform/ios-wk2/compositing/iframes/iframe-resize-expected.txt:
* platform/ios-wk2/compositing/iframes/leave-compositing-iframe-expected.txt:
* platform/ios-wk2/compositing/iframes/overlapped-iframe-expected.txt:
* platform/ios-wk2/compositing/iframes/page-cache-layer-tree-expected.txt:
* platform/ios-wk2/compositing/iframes/scrolling-iframe-expected.txt:
* platform/ios-wk2/compositing/rtl/rtl-iframe-absolute-expected.txt:
* platform/ios-wk2/compositing/rtl/rtl-iframe-absolute-overflow-expected.txt:
* platform/ios-wk2/compositing/rtl/rtl-iframe-fixed-expected.txt:
* platform/ios-wk2/compositing/rtl/rtl-iframe-relative-expected.txt:
* platform/ios-wk2/compositing/tiling/tiled-drawing-async-frame-scrolling-expected.txt:
* platform/ios-wk2/compositing/visible-rect/iframe-and-layers-expected.txt:
* platform/ios-wk2/scrollingcoordinator/scrolling-tree/fixed-inside-frame-expected.txt:
* platform/ios/compositing/iframes/become-composited-nested-iframes-expected.txt:
* platform/ios/compositing/iframes/become-overlapped-iframe-expected.txt:
* platform/ios/compositing/iframes/invisible-nested-iframe-show-expected.txt:
* platform/ios/compositing/iframes/overlapped-nested-iframes-expected.txt:
* platform/ios/compositing/iframes/remove-reinsert-webview-with-iframe-expected.txt:
* platform/ios/compositing/iframes/resizer-expected.txt:
* platform/ios/compositing/visible-rect/iframe-with-layers-outside-viewport-expected.txt:
* platform/mac-wk1/compositing/iframes/remove-reinsert-webview-with-iframe-expected.txt:
* platform/mac-wk1/compositing/repaint/iframes/compositing-iframe-scroll-repaint-expected.txt:
* platform/mac-wk1/compositing/repaint/iframes/compositing-iframe-with-fixed-background-doc-repaint-expected.txt:
* platform/mac-wk2/compositing/tiling/tiled-drawing-async-frame-scrolling-expected.txt:
* platform/mac/compositing/iframes/invisible-nested-iframe-show-expected.txt:
* platform/mac/compositing/iframes/resizer-expected.txt:
* platform/mac/compositing/visible-rect/iframe-and-layers-expected.txt:
* scrollingcoordinator/scrolling-tree/fixed-inside-frame-expected.txt:
* tiled-drawing/tile-coverage-iframe-to-zero-coverage-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240677 268f45cc-cd09-0410-ab3c-d52691b4dbfc
75 files changed:
LayoutTests/ChangeLog
LayoutTests/compositing/geometry/composited-frame-contents-expected.html [new file with mode: 0644]
LayoutTests/compositing/geometry/composited-frame-contents.html [new file with mode: 0644]
LayoutTests/compositing/iframes/become-composited-nested-iframes-expected.txt
LayoutTests/compositing/iframes/become-overlapped-iframe-expected.txt
LayoutTests/compositing/iframes/composited-parent-iframe-expected.txt
LayoutTests/compositing/iframes/connect-compositing-iframe-delayed-expected.txt
LayoutTests/compositing/iframes/connect-compositing-iframe-expected.txt
LayoutTests/compositing/iframes/connect-compositing-iframe2-expected.txt
LayoutTests/compositing/iframes/connect-compositing-iframe3-expected.txt
LayoutTests/compositing/iframes/enter-compositing-iframe-expected.txt
LayoutTests/compositing/iframes/iframe-resize-expected.txt
LayoutTests/compositing/iframes/iframe-size-from-zero-expected.txt
LayoutTests/compositing/iframes/overlapped-iframe-expected.txt
LayoutTests/compositing/iframes/overlapped-iframe-iframe-expected.txt
LayoutTests/compositing/iframes/overlapped-nested-iframes-expected.txt
LayoutTests/compositing/iframes/page-cache-layer-tree-expected.txt
LayoutTests/compositing/iframes/remove-reinsert-webview-with-iframe-expected.txt
LayoutTests/compositing/iframes/resize-from-zero-size-expected.txt
LayoutTests/compositing/iframes/scrolling-iframe-expected.txt
LayoutTests/compositing/repaint/iframes/compositing-iframe-scroll-repaint-expected.txt
LayoutTests/compositing/repaint/iframes/compositing-iframe-with-fixed-background-doc-repaint-expected.txt
LayoutTests/compositing/visible-rect/iframe-with-layers-outside-viewport-expected.txt
LayoutTests/platform/ios-wk2/compositing/iframes/composited-parent-iframe-expected.txt
LayoutTests/platform/ios-wk2/compositing/iframes/connect-compositing-iframe-delayed-expected.txt
LayoutTests/platform/ios-wk2/compositing/iframes/connect-compositing-iframe-expected.txt
LayoutTests/platform/ios-wk2/compositing/iframes/connect-compositing-iframe2-expected.txt
LayoutTests/platform/ios-wk2/compositing/iframes/connect-compositing-iframe3-expected.txt
LayoutTests/platform/ios-wk2/compositing/iframes/enter-compositing-iframe-expected.txt
LayoutTests/platform/ios-wk2/compositing/iframes/iframe-resize-expected.txt
LayoutTests/platform/ios-wk2/compositing/iframes/leave-compositing-iframe-expected.txt
LayoutTests/platform/ios-wk2/compositing/iframes/overlapped-iframe-expected.txt
LayoutTests/platform/ios-wk2/compositing/iframes/page-cache-layer-tree-expected.txt
LayoutTests/platform/ios-wk2/compositing/iframes/scrolling-iframe-expected.txt
LayoutTests/platform/ios-wk2/compositing/rtl/rtl-iframe-absolute-expected.txt
LayoutTests/platform/ios-wk2/compositing/rtl/rtl-iframe-absolute-overflow-expected.txt
LayoutTests/platform/ios-wk2/compositing/rtl/rtl-iframe-fixed-expected.txt
LayoutTests/platform/ios-wk2/compositing/rtl/rtl-iframe-relative-expected.txt
LayoutTests/platform/ios-wk2/compositing/tiling/tiled-drawing-async-frame-scrolling-expected.txt
LayoutTests/platform/ios-wk2/compositing/visible-rect/iframe-and-layers-expected.txt
LayoutTests/platform/ios-wk2/scrollingcoordinator/scrolling-tree/fixed-inside-frame-expected.txt
LayoutTests/platform/ios/compositing/iframes/become-composited-nested-iframes-expected.txt
LayoutTests/platform/ios/compositing/iframes/become-overlapped-iframe-expected.txt
LayoutTests/platform/ios/compositing/iframes/invisible-nested-iframe-show-expected.txt
LayoutTests/platform/ios/compositing/iframes/overlapped-nested-iframes-expected.txt
LayoutTests/platform/ios/compositing/iframes/remove-reinsert-webview-with-iframe-expected.txt
LayoutTests/platform/ios/compositing/iframes/resizer-expected.txt
LayoutTests/platform/ios/compositing/visible-rect/iframe-with-layers-outside-viewport-expected.txt
LayoutTests/platform/mac-wk1/compositing/iframes/remove-reinsert-webview-with-iframe-expected.txt
LayoutTests/platform/mac-wk1/compositing/repaint/iframes/compositing-iframe-scroll-repaint-expected.txt
LayoutTests/platform/mac-wk1/compositing/repaint/iframes/compositing-iframe-with-fixed-background-doc-repaint-expected.txt
LayoutTests/platform/mac-wk2/compositing/tiling/tiled-drawing-async-frame-scrolling-expected.txt
LayoutTests/platform/mac/compositing/iframes/invisible-nested-iframe-show-expected.txt
LayoutTests/platform/mac/compositing/iframes/resizer-expected.txt
LayoutTests/platform/mac/compositing/visible-rect/iframe-and-layers-expected.txt
LayoutTests/scrollingcoordinator/scrolling-tree/fixed-inside-frame-expected.txt
LayoutTests/tiled-drawing/tile-coverage-iframe-to-zero-coverage-expected.txt
Source/WebCore/ChangeLog
Source/WebCore/page/scrolling/ScrollingStateFixedNode.cpp
Source/WebCore/page/scrolling/ScrollingStateFixedNode.h
Source/WebCore/page/scrolling/ScrollingStateFrameScrollingNode.cpp
Source/WebCore/page/scrolling/ScrollingStateFrameScrollingNode.h
Source/WebCore/page/scrolling/ScrollingStateNode.cpp
Source/WebCore/page/scrolling/ScrollingStateNode.h
Source/WebCore/page/scrolling/ScrollingStateScrollingNode.cpp
Source/WebCore/page/scrolling/ScrollingStateScrollingNode.h
Source/WebCore/page/scrolling/ScrollingStateStickyNode.cpp
Source/WebCore/page/scrolling/ScrollingStateStickyNode.h
Source/WebCore/page/scrolling/ScrollingStateTree.cpp
Source/WebCore/page/scrolling/ScrollingStateTree.h
Source/WebCore/page/scrolling/ScrollingTree.cpp
Source/WebCore/page/scrolling/ScrollingTree.h
Source/WebCore/rendering/RenderLayerCompositor.cpp
Source/WebKit/ChangeLog
Source/WebKit/Shared/RemoteLayerTree/RemoteScrollingCoordinatorTransaction.cpp