Skip to site navigation (Press enter)

[webkit-changes] [247195] trunk

simon . fraser Sat, 06 Jul 2019 17:20:54 -0700

Title: [247195] trunk

Revision: 247195
Author: simon.fra...@apple.com
Date: 2019-07-06 17:20:03 -0700 (Sat, 06 Jul 2019)

Log Message

Long hang when loading a cnn.com page on iOS
https://bugs.webkit.org/show_bug.cgi?id=199556


Reviewed by Zalan Bujtas.
Source/WebCore:

Loading https://edition.cnn.com/travel/article/brussels-airlines-flight-to-nowhere/index.html in the iOS 13 sim
results in a long hang under OverlapMapContainer::append(). We were creating pathological clipping scopes with
thousands of entries, because OverlapMapContainer::mergeClippingScopesRecursive() had a logic error where
it added 'sourceScope' to the child instead of 'sourceChildScope'. Add a new assertion to detect that case.

I wasn't able to create a testcase that caused a hang, but a number of existing tests would have
hit the assertion.

* rendering/LayerOverlapMap.cpp:
(WebCore::OverlapMapContainer::ClippingScope::addChild):
(WebCore::OverlapMapContainer::mergeClippingScopesRecursive):
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::flushPendingLayerChanges): Drive-by fix: m_overflowControlsHostLayer is null on iOS, so use rootGraphicsLayer().

Tools:

Add code to load a page by default in MobileMiniBrowser so it's easy to hack it
to load a test page of your choice.

* MobileMiniBrowser/MobileMiniBrowserFramework/WebViewController.m:
(-[WebViewController viewDidLoad]):

Modified Paths

trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/rendering/LayerOverlapMap.cpp
trunk/Source/WebCore/rendering/RenderLayerCompositor.cpp
trunk/Tools/ChangeLog
trunk/Tools/MobileMiniBrowser/MobileMiniBrowserFramework/WebViewController.m

Diff

Modified: trunk/Source/WebCore/ChangeLog (247194 => 247195)


--- trunk/Source/WebCore/ChangeLog	2019-07-06 13:34:51 UTC (rev 247194)
+++ trunk/Source/WebCore/ChangeLog	2019-07-07 00:20:03 UTC (rev 247195)
@@ -1,3 +1,24 @@
+2019-07-06  Simon Fraser  <simon.fra...@apple.com>
+
+        Long hang when loading a cnn.com page on iOS
+        https://bugs.webkit.org/show_bug.cgi?id=199556
+
+        Reviewed by Zalan Bujtas.
+        
+        Loading https://edition.cnn.com/travel/article/brussels-airlines-flight-to-nowhere/index.html in the iOS 13 sim
+        results in a long hang under OverlapMapContainer::append(). We were creating pathological clipping scopes with
+        thousands of entries, because OverlapMapContainer::mergeClippingScopesRecursive() had a logic error where
+        it added 'sourceScope' to the child instead of 'sourceChildScope'. Add a new assertion to detect that case.
+        
+        I wasn't able to create a testcase that caused a hang, but a number of existing tests would have
+        hit the assertion.
+
+        * rendering/LayerOverlapMap.cpp:
+        (WebCore::OverlapMapContainer::ClippingScope::addChild):
+        (WebCore::OverlapMapContainer::mergeClippingScopesRecursive):
+        * rendering/RenderLayerCompositor.cpp:
+        (WebCore::RenderLayerCompositor::flushPendingLayerChanges): Drive-by fix: m_overflowControlsHostLayer is null on iOS, so use rootGraphicsLayer().
+
 2019-07-05  Youenn Fablet  <you...@apple.com>
 
         Carvana.com needs the fetch AbortSignal quirk

Modified: trunk/Source/WebCore/rendering/LayerOverlapMap.cpp (247194 => 247195)


--- trunk/Source/WebCore/rendering/LayerOverlapMap.cpp	2019-07-06 13:34:51 UTC (rev 247194)
+++ trunk/Source/WebCore/rendering/LayerOverlapMap.cpp	2019-07-07 00:20:03 UTC (rev 247195)
@@ -114,6 +114,7 @@
 
         ClippingScope* addChild(const ClippingScope& child)
         {
+            ASSERT(&layer != &child.layer);
             children.append(child);
             return &children.last();
         }
@@ -198,7 +199,7 @@
             mergeClippingScopesRecursive(sourceChildScope, *destChild);
         } else {
             // New child, just copy the whole subtree.
-            destScope.addChild(sourceScope);
+            destScope.addChild(sourceChildScope);
         }
     }
 }

Modified: trunk/Source/WebCore/rendering/RenderLayerCompositor.cpp (247194 => 247195)


--- trunk/Source/WebCore/rendering/RenderLayerCompositor.cpp	2019-07-06 13:34:51 UTC (rev 247194)
+++ trunk/Source/WebCore/rendering/RenderLayerCompositor.cpp	2019-07-07 00:20:03 UTC (rev 247195)
@@ -523,7 +523,7 @@
 #if ENABLE(TREE_DEBUGGING)
         if (layersLogEnabled()) {
             LOG(Layers, "RenderLayerCompositor::flushPendingLayerChanges");
-            showGraphicsLayerTree(m_overflowControlsHostLayer.get());
+            showGraphicsLayerTree(rootGraphicsLayer());
         }
 #endif
     }

Modified: trunk/Tools/ChangeLog (247194 => 247195)


--- trunk/Tools/ChangeLog	2019-07-06 13:34:51 UTC (rev 247194)
+++ trunk/Tools/ChangeLog	2019-07-07 00:20:03 UTC (rev 247195)
@@ -1,3 +1,16 @@
+2019-07-06  Simon Fraser  <simon.fra...@apple.com>
+
+        Long hang when loading a cnn.com page on iOS
+        https://bugs.webkit.org/show_bug.cgi?id=199556
+
+        Reviewed by Zalan Bujtas.
+
+        Add code to load a page by default in MobileMiniBrowser so it's easy to hack it
+        to load a test page of your choice.
+
+        * MobileMiniBrowser/MobileMiniBrowserFramework/WebViewController.m:
+        (-[WebViewController viewDidLoad]):
+
 2019-07-05  Ryosuke Niwa  <rn...@webkit.org>
 
         [iOS] Crash in WebKit::WebPage::positionInformation via Range::startPosition

Modified: trunk/Tools/MobileMiniBrowser/MobileMiniBrowserFramework/WebViewController.m (247194 => 247195)


--- trunk/Tools/MobileMiniBrowser/MobileMiniBrowserFramework/WebViewController.m	2019-07-06 13:34:51 UTC (rev 247194)
+++ trunk/Tools/MobileMiniBrowser/MobileMiniBrowserFramework/WebViewController.m	2019-07-07 00:20:03 UTC (rev 247195)
@@ -75,7 +75,9 @@
     self.tabViewController.parent = self;
     self.tabViewController.modalPresentationStyle = UIModalPresentationPopover;
 
-    [self setCurrentWebView:[self createWebView]];
+    WKWebView *webView = [self createWebView];
+    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://webkit.org"]]];
+    [self setCurrentWebView:webView];
 }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes