Bug 238648

Summary: intersectsWithAncestor doesn't take fragmented boxes into account
Product: WebKit Reporter: Matt Woodrow <mattwoodrow>
Component: Layout and RenderingAssignee: Matt Woodrow <mattwoodrow>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, changseok, dino, esprehn+autocc, ews-watchlist, fred.wang, glenn, kondapallykalyan, pdr, simon.fraser, webkit-bug-importer, zalan
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Matt Woodrow 2022-03-31 19:49:40 PDT 
intersectsWithAncestor uses overlapBounds(), which doesn't take into account the boxes of other fragments, and can incorrectly determine that we don't intersect if only the first fragment intersects.

<rdar://90589355>
Comment 1 Matt Woodrow 2022-03-31 19:53:14 PDT 
Created attachment 456311 [details]
Patch
Comment 2 Simon Fraser (smfr) 2022-03-31 20:07:06 PDT 
Comment on attachment 456311 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=456311&action=review

> Source/WebCore/rendering/RenderLayerBacking.cpp:2813
> -    auto overlap = child.overlapBounds();
> -    overlap.moveBy(offset);
> +    auto overlap = child.boundingBox(&ancestor, child.offsetFromAncestor(&ancestor), RenderLayer::UseFragmentBoxesExcludingCompositing);

Is child.overlapBounds() just wrong in this case? That implies there are other cases where overlap is broken?
Comment 3 Matt Woodrow 2022-04-03 13:26:17 PDT 
Comment on attachment 456311 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=456311&action=review

>> Source/WebCore/rendering/RenderLayerBacking.cpp:2813
>> +    auto overlap = child.boundingBox(&ancestor, child.offsetFromAncestor(&ancestor), RenderLayer::UseFragmentBoxesExcludingCompositing);
> 
> Is child.overlapBounds() just wrong in this case? That implies there are other cases where overlap is broken?

It looks like the only other caller overlapBounds is within RenderLayerCompositor, and RenderLayerCompositor::canBeComposited returns false for RenderFragmentedFlow, so I think it shouldn't ever be called for this case.
Comment 4 EWS 2022-04-04 15:05:37 PDT 
Committed r292350 (249215@main): <https://commits.webkit.org/249215@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 456311 [details].