133272 2014-05-25 20:59:20 -0700 Subpixel layout: Legacy Element.offset* client* return values are invalid in certain cases. 2014-05-26 09:24:33 -0700 1 1 1 Unclassified WebKit Layout and Rendering 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED P2 Normal --- 1 zalan zalan cmarcelo commit-queue esprehn+autocc kangil.han simon.fraser oldest_to_newest 1011628 0 zalan 2014-05-25 20:59:20 -0700 In some cases legacy values need to be floored, in other cases they need rounding. 1011636 1 232055 zalan 2014-05-25 21:20:03 -0700 Created attachment 232055 Patch 1011767 2 232055 commit-queue 2014-05-26 09:08:46 -0700 Comment on attachment 232055 Patch Clearing flags on attachment: 232055 Committed r169346: <http://trac.webkit.org/changeset/169346> 1011768 3 commit-queue 2014-05-26 09:08:51 -0700 All reviewed patches have been landed. Closing bug. 1011775 4 232055 darin 2014-05-26 09:24:33 -0700 Comment on attachment 232055 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=232055&action=review > Source/WebCore/dom/Element.cpp:674 > + return convertToNonSubpixelValueIfNeeded(adjustForLocalZoom(renderer->offsetLeft(), *renderer, zoomFactor), renderer->document(), zoomFactor == 1 ? Floor : Round); This relies on undefined behavior and can be a real problem in practice. There is no guarantee on the order of evaluation of arguments when calling a function. Setting zoomFactor as a side effect in one argument and looking at zoomFactor as part of the expression for another argument can give different results on different compilers. Please split the call to adjustForLocalZoom out into a separate expression. > Source/WebCore/dom/Element.cpp:684 > + return convertToNonSubpixelValueIfNeeded(adjustForLocalZoom(renderer->offsetTop(), *renderer, zoomFactor), renderer->document(), zoomFactor == 1 ? Floor : Round); Same problem here. 232055 2014-05-25 21:20:03 -0700 2014-05-26 09:24:33 -0700 Patch bug-133272-20140525211939.patch text/plain 3970 zalan U3VidmVyc2lvbiBSZXZpc2lvbjogMTY5MzIzCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggY2M3NzhiNWVhZTEzNTQw MzdkN2YxYmJlMjE4MmFjODA4MWNkNGQ1Ni4uOWM5NWJlMjIxYTExMDQzNmFmOGJkYTA1YjgyYzU1 OTg5NzVkZTZlMCAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDIzIEBACisyMDE0LTA1LTI1ICBaYWxh biBCdWp0YXMgIDx6YWxhbkBhcHBsZS5jb20+CisKKyAgICAgICAgU3VicGl4ZWwgbGF5b3V0OiBM ZWdhY3kgRWxlbWVudC5vZmZzZXQqIGNsaWVudCogcmV0dXJuIHZhbHVlcyBhcmUgaW52YWxpZCBp biBjZXJ0YWluIGNhc2VzLgorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1 Zy5jZ2k/aWQ9MTMzMjcyCisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisK KyAgICAgICAgRWxlbWVudC5vZmZzZXQqIGNsaWVudCogZnVuY3Rpb25zIGFwcGxpZWQgdmFyaW91 cyByb3VuZGluZyBzdHJhdGVnaWVzIG9uIHRoZSByZXR1cm4gdmFsdWVzIGJlZm9yZSByMTY4ODY4 LgorICAgICAgICAoZm9yIGV4YW1wbGUsIG9mZnNldExlZnQvVG9wIGVpdGhlciBmbG9vcmVkIHRo cm91Z2ggaW1wbGljaXQgaW50ZWdlciBhcml0aG1ldGljcyBvciByb3VuZGVkIGV4cGxpY2l0bHkg ZGVwZW5kaW5nCisgICAgICAgIHdoZXRoZXIgdGhlIHpvb20gc2NhbGUgd2FzIDEuIHNlZSBodHRw Oi8vdHJhYy53ZWJraXQub3JnL2NoYW5nZXNldC8xNjg4NjgvdHJ1bmsvU291cmNlL1dlYkNvcmUv ZG9tL0VsZW1lbnQuY3BwIGZvciBkZXRhaWxzKQorICAgICAgICBUaGlzIHBhdGNoIG1pbWljcyB0 aGUgbGVnYWN5IGJlaGF2aW9yIGJ5IGVpdGhlciByb3VuZGluZyBvciBmbG9vcmluZyB0aGUgcmV0 dXJuIHZhbHVlLgorCisgICAgICAgIE5vdCB0ZXN0YWJsZSAobGVnYWN5IHN3aXRjaCBpcyBub3Qg ZXhwb3NlZCkKKworICAgICAgICAqIGRvbS9FbGVtZW50LmNwcDoKKyAgICAgICAgKFdlYkNvcmU6 OmFkanVzdEZvckxvY2FsWm9vbSk6CisgICAgICAgIChXZWJDb3JlOjpjb252ZXJ0VG9Ob25TdWJw aXhlbFZhbHVlSWZOZWVkZWQpOgorICAgICAgICAoV2ViQ29yZTo6RWxlbWVudDo6b2Zmc2V0TGVm dCk6CisgICAgICAgIChXZWJDb3JlOjpFbGVtZW50OjpvZmZzZXRUb3ApOgorCiAyMDE0LTA1LTI1 ICBEYXZpZCBLaWx6ZXIgIDxkZGtpbHplckBhcHBsZS5jb20+CiAKICAgICAgICAgQWRkIHR5cGUt Y2hlY2tlZCBjYXN0cyBmb3IgVHJhbnNmb3JtT3BlcmF0aW9ucwpkaWZmIC0tZ2l0IGEvU291cmNl L1dlYkNvcmUvZG9tL0VsZW1lbnQuY3BwIGIvU291cmNlL1dlYkNvcmUvZG9tL0VsZW1lbnQuY3Bw CmluZGV4IDUxYzM2YTVmNjA2NDIwZWI4NjNhZTU3Yzk2ZWYyMjJkYzIzMzc3YmQuLjM0OGMxODRj ZTI1YmZjNTRkM2NiOTQxYjE5ODg0NjExZTdlMzNkZWIgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJD b3JlL2RvbS9FbGVtZW50LmNwcAorKysgYi9Tb3VyY2UvV2ViQ29yZS9kb20vRWxlbWVudC5jcHAK QEAgLTY0NCw5ICs2NDQsOSBAQCBzdGF0aWMgZG91YmxlIGxvY2FsWm9vbUZvclJlbmRlcmVyKGNv bnN0IFJlbmRlckVsZW1lbnQmIHJlbmRlcmVyKQogICAgIHJldHVybiB6b29tRmFjdG9yOwogfQog Ci1zdGF0aWMgZG91YmxlIGFkanVzdEZvckxvY2FsWm9vbShMYXlvdXRVbml0IHZhbHVlLCBjb25z dCBSZW5kZXJFbGVtZW50JiByZW5kZXJlcikKK3N0YXRpYyBkb3VibGUgYWRqdXN0Rm9yTG9jYWxa b29tKExheW91dFVuaXQgdmFsdWUsIGNvbnN0IFJlbmRlckVsZW1lbnQmIHJlbmRlcmVyLCBkb3Vi bGUmIHpvb21GYWN0b3IpCiB7Ci0gICAgZG91YmxlIHpvb21GYWN0b3IgPSBsb2NhbFpvb21Gb3JS ZW5kZXJlcihyZW5kZXJlcik7CisgICAgem9vbUZhY3RvciA9IGxvY2FsWm9vbUZvclJlbmRlcmVy KHJlbmRlcmVyKTsKICAgICBpZiAoem9vbUZhY3RvciA9PSAxKQogICAgICAgICByZXR1cm4gdmFs dWUudG9Eb3VibGUoKTsKICNpZiBFTkFCTEUoU1VCUElYRUxfTEFZT1VUKQpAQCAtNjU5LDI0ICs2 NTksMzAgQEAgc3RhdGljIGRvdWJsZSBhZGp1c3RGb3JMb2NhbFpvb20oTGF5b3V0VW5pdCB2YWx1 ZSwgY29uc3QgUmVuZGVyRWxlbWVudCYgcmVuZGVyZXIKICNlbmRpZgogfQogCi1zdGF0aWMgZG91 YmxlIGNvbnZlcnRUb05vblN1YnBpeGVsVmFsdWVJZk5lZWRlZChkb3VibGUgdmFsdWUsIGNvbnN0 IERvY3VtZW50JiBkb2N1bWVudCkKK2VudW0gTGVnYWN5Q1NTT01FbGVtZW50TWV0cmljc1JvdW5k aW5nU3RyYXRlZ3kgeyBSb3VuZCwgRmxvb3IgfTsKKworc3RhdGljIGRvdWJsZSBjb252ZXJ0VG9O b25TdWJwaXhlbFZhbHVlSWZOZWVkZWQoZG91YmxlIHZhbHVlLCBjb25zdCBEb2N1bWVudCYgZG9j dW1lbnQsIExlZ2FjeUNTU09NRWxlbWVudE1ldHJpY3NSb3VuZGluZ1N0cmF0ZWd5IHJvdW5kU3Ry YXRlZ3kgPSBSb3VuZCkKIHsKLSAgICByZXR1cm4gZG9jdW1lbnQuc2V0dGluZ3MoKSAmJiAhZG9j dW1lbnQuc2V0dGluZ3MoKS0+c3VicGl4ZWxDU1NPTUVsZW1lbnRNZXRyaWNzRW5hYmxlZCgpID8g Zmxvb3IodmFsdWUpIDogdmFsdWU7CisgICAgcmV0dXJuIGRvY3VtZW50LnNldHRpbmdzKCkgJiYg IWRvY3VtZW50LnNldHRpbmdzKCktPnN1YnBpeGVsQ1NTT01FbGVtZW50TWV0cmljc0VuYWJsZWQo KSA/IHJvdW5kU3RyYXRlZ3kgPT0gUm91bmQgPyByb3VuZCh2YWx1ZSkgOiBmbG9vcih2YWx1ZSkg OiB2YWx1ZTsKIH0KIAogZG91YmxlIEVsZW1lbnQ6Om9mZnNldExlZnQoKQogewogICAgIGRvY3Vt ZW50KCkudXBkYXRlTGF5b3V0SWdub3JlUGVuZGluZ1N0eWxlc2hlZXRzKCk7Ci0gICAgaWYgKFJl bmRlckJveE1vZGVsT2JqZWN0KiByZW5kZXJlciA9IHJlbmRlckJveE1vZGVsT2JqZWN0KCkpCi0g ICAgICAgIHJldHVybiBjb252ZXJ0VG9Ob25TdWJwaXhlbFZhbHVlSWZOZWVkZWQoYWRqdXN0Rm9y TG9jYWxab29tKHJlbmRlcmVyLT5vZmZzZXRMZWZ0KCksICpyZW5kZXJlciksIHJlbmRlcmVyLT5k b2N1bWVudCgpKTsKKyAgICBpZiAoUmVuZGVyQm94TW9kZWxPYmplY3QqIHJlbmRlcmVyID0gcmVu ZGVyQm94TW9kZWxPYmplY3QoKSkgeworICAgICAgICBkb3VibGUgem9vbUZhY3RvciA9IDE7Cisg ICAgICAgIHJldHVybiBjb252ZXJ0VG9Ob25TdWJwaXhlbFZhbHVlSWZOZWVkZWQoYWRqdXN0Rm9y TG9jYWxab29tKHJlbmRlcmVyLT5vZmZzZXRMZWZ0KCksICpyZW5kZXJlciwgem9vbUZhY3Rvciks IHJlbmRlcmVyLT5kb2N1bWVudCgpLCB6b29tRmFjdG9yID09IDEgPyBGbG9vciA6IFJvdW5kKTsK KyAgICB9CiAgICAgcmV0dXJuIDA7CiB9CiAKIGRvdWJsZSBFbGVtZW50OjpvZmZzZXRUb3AoKQog ewogICAgIGRvY3VtZW50KCkudXBkYXRlTGF5b3V0SWdub3JlUGVuZGluZ1N0eWxlc2hlZXRzKCk7 Ci0gICAgaWYgKFJlbmRlckJveE1vZGVsT2JqZWN0KiByZW5kZXJlciA9IHJlbmRlckJveE1vZGVs T2JqZWN0KCkpCi0gICAgICAgIHJldHVybiBjb252ZXJ0VG9Ob25TdWJwaXhlbFZhbHVlSWZOZWVk ZWQoYWRqdXN0Rm9yTG9jYWxab29tKHJlbmRlcmVyLT5vZmZzZXRUb3AoKSwgKnJlbmRlcmVyKSwg cmVuZGVyZXItPmRvY3VtZW50KCkpOworICAgIGlmIChSZW5kZXJCb3hNb2RlbE9iamVjdCogcmVu ZGVyZXIgPSByZW5kZXJCb3hNb2RlbE9iamVjdCgpKSB7CisgICAgICAgIGRvdWJsZSB6b29tRmFj dG9yID0gMTsKKyAgICAgICAgcmV0dXJuIGNvbnZlcnRUb05vblN1YnBpeGVsVmFsdWVJZk5lZWRl ZChhZGp1c3RGb3JMb2NhbFpvb20ocmVuZGVyZXItPm9mZnNldFRvcCgpLCAqcmVuZGVyZXIsIHpv b21GYWN0b3IpLCByZW5kZXJlci0+ZG9jdW1lbnQoKSwgem9vbUZhY3RvciA9PSAxID8gRmxvb3Ig OiBSb3VuZCk7CisgICAgfQogICAgIHJldHVybiAwOwogfQogCg==