95776 2012-09-04 13:24:58 -0700 REGRESSION(r120832): RenderLayer::clampScrollOffset doesn't properly clamp 2012-09-04 16:38:40 -0700 1 1 1 Unclassified WebKit Layout and Rendering 528+ (Nightly build) All All RESOLVED FIXED Regression P2 Normal --- 1 jchaffraix jchaffraix eric simon.fraser webkit.review.bot oldest_to_newest 711393 0 162092 jchaffraix 2012-09-04 13:24:58 -0700 Created attachment 162092 Manual test case When refactoring the clamping logic into clampScrollOffset as part of r120832, the different clipping logics were consolidated into the new function. Unfortunately the old code would wrongly clamp the values: int x = min(max(scrollOffset.width(), 0), maxX); int y = min(max(scrollOffset.height(), 0), maxY); Note that because we apply the min last, we cannot guarantee that x and y are positive as nothing prevents maxX / maxY from being negative. r120832 exposed the bug to RenderLayer::scrollRectToVisible which was doing the proper clamping. 711419 1 162097 jchaffraix 2012-09-04 13:47:44 -0700 Created attachment 162097 Proposed fix: Apply the max last to ensure positive offsets. 711563 2 162097 webkit.review.bot 2012-09-04 16:38:37 -0700 Comment on attachment 162097 Proposed fix: Apply the max last to ensure positive offsets. Clearing flags on attachment: 162097 Committed r127520: <http://trac.webkit.org/changeset/127520> 711564 3 webkit.review.bot 2012-09-04 16:38:40 -0700 All reviewed patches have been landed. Closing bug. 162092 2012-09-04 13:24:58 -0700 2012-09-04 13:24:58 -0700 Manual test case overflow-input-wrong.html text/html 1126 jchaffraix PCFET0NUWVBFIGh0bWw+DQo8aHRtbD4NCiAgPGhlYWQ+DQogICAgPHRpdGxlPk92ZXJmbG93IHRh YmxlIC0tIEhpZGRlbiBkaXNwbGF5PC90aXRsZT4NCiAgICA8c3R5bGUgdHlwZT0idGV4dC9jc3Mi Pg0KICAgIHRhYmxlIHsNCiAgICAgIG92ZXJmbG93OiBoaWRkZW47DQogICAgfQ0KICAgIDwvc3R5 bGU+DQogICAgPHNjcmlwdD4NCiAgICAgICAgZnVuY3Rpb24gb25TZWxlY3Rpb25DaGFuZ2Uoc2Vs ZWN0KQ0KICAgICAgICB7DQogICAgICAgICAgICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnaGlk ZGVuUm93Jykuc3R5bGUuZGlzcGxheSA9ICcnOw0KICAgICAgICB9DQogICAgPC9zY3JpcHQ+DQog IDwvaGVhZD4NCiAgPGJvZHk+DQogICAgPGRpdj5NYW51YWwgdGVzdDogY2xpY2sgb24gdGhlIG1l bnUgYmVsb3cgYW5kIHNlbGVjdCB0aGUgJ3Nob3duJyBvcHRpb24uIENsaWNrIHNvbWV3aGVyZSBv biB0aGUgcGFnZSBzbyB0aGF0IHRoZSBzZWxlY3QgbG9zZXMgZm9jdXMgYW5kIGNsaWNrIGFnYWlu IG9uIHRoZSBzZWxlY3QuPC9kaXY+DQogICAgPGRpdj5UbyBwYXNzIHRoZSBtZW51IHNob3VsZCBi ZSBwcm9wZXJseSBwbGFjZWQgYmVsb3cgdGhlICZsdDtzZWxlY3QmZ3Q7LjwvZGl2Pg0KICAgIDxm b3JtIG5hbWU9InRlc3RlIj4NCiAgICAgIDx0YWJsZT4NCiAgICAgICAgPHRyPg0KICAgICAgICAg IDx0aD5UZXN0IHNlbGVjdDo8L3RoPg0KICAgICAgICAgIDx0ZD4NCiAgICAgICAgICAgIDxzZWxl Y3QgbmFtZT0ib3B0IiBvbmNoYW5nZT1vblNlbGVjdGlvbkNoYW5nZSh0aGlzKT4NCiAgICAgICAg ICAgICAgPG9wdGlvbiB2YWx1ZT0iMCI+aGlkZGVuPC9vcHRpb24+DQogICAgICAgICAgICAgIDxv cHRpb24gdmFsdWU9IjEiPnNob3duPC9vcHRpb24+DQogICAgICAgICAgICA8L3NlbGVjdD4NCiAg ICAgICAgICA8L3RkPg0KICAgICAgICA8L3RyPg0KICAgICAgICA8dHIgaWQ9ImhpZGRlblJvdyIg c3R5bGU9ImRpc3BsYXk6IG5vbmU7Ij4NCiAgICAgICAgICA8dGg+TG9yZW0gaXBzdW08L3RoPg0K ICAgICAgICAgIDx0ZD5kb2xvciBzaWMgYW1ldC48L3RkPg0KICAgICAgICA8L3RyPg0KICAgICAg PC90YWJsZT4NCiAgICA8L2Zvcm0+DQogIDwvYm9keT4NCjwvaHRtbD4NCg== 162097 2012-09-04 13:47:44 -0700 2012-09-04 16:38:37 -0700 Proposed fix: Apply the max last to ensure positive offsets. bug-95776-20120904134727.patch text/plain 4140 jchaffraix U3VidmVyc2lvbiBSZXZpc2lvbjogMTI3NDcxCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggMTE1NzcxNzJjMDQ3YjQ1 NTUxOWFiOGY2YjczZTRlODU4MjAyY2Y2NC4uYWY0MWUyMDdlNDNkMmI3NDg0Yzg4ODczMjk4N2I0 ODBmMGFhN2UwNiAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDE5IEBACisyMDEyLTA5LTA0ICBKdWxp ZW4gQ2hhZmZyYWl4ICA8amNoYWZmcmFpeEB3ZWJraXQub3JnPgorCisgICAgICAgIFJFR1JFU1NJ T04ocjEyMDgzMik6IFJlbmRlckxheWVyOjpjbGFtcFNjcm9sbE9mZnNldCBkb2Vzbid0IHByb3Bl cmx5IGNsYW1wCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9p ZD05NTc3NgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAg IHIxMjA4MzIgY29uc29saWRhdGVkIHRoZSBjbGFtcGluZyBsb2dpYyBpbnRvIFJlbmRlckxheWVy OjpjbGFtcFNjcm9sbE9mZnNldC4gVGhlIGV4aXN0aW5nIGNvZGUgd291bGRuJ3QgcHJvcGVybHkg ZW5zdXJlIHRoYXQKKyAgICAgICAgdGhlIG9mZnNldCB3ZXJlIHBvc2l0aXZlIHdoaWNoIGdvdCBl eHBvc2VkIHRvIG90aGVyIGNvZGUgcGF0aHMsIGxlYWRpbmcgdG8gdGhlIHJlZ3Jlc3Npb24uCisK KyAgICAgICAgVGVzdGVkIGJ5IE1hbnVhbFRlc3RzL3NlbGVjdC1tZW51LWxpc3Qtd3JvbmdseS1w b3NpdGlvbmVkLmh0bWwgYXMgSSBkaWRuJ3QgZmluZCBhIHdheSB0byBjcmVhdGUgYSByZWxpYWJs ZSBsYXlvdXQgdGVzdC4KKworICAgICAgICAqIHJlbmRlcmluZy9SZW5kZXJMYXllci5jcHA6Cisg ICAgICAgIChXZWJDb3JlOjpSZW5kZXJMYXllcjo6Y2xhbXBTY3JvbGxPZmZzZXQpOgorICAgICAg ICBGaXhlZCB0aGUgY2xhbXBpbmcgbG9naWMgdG8gZW5zdXJlIHRoYXQgdGhlIHNjcm9sbCBvZmZz ZXQncyBkaW1lbnNpb25zIGFyZSBwb3NpdGl2ZS4KKwogMjAxMi0wOS0wNCAgS29qaSBJc2hpaSAg PGtvamlpc2hpQGdtYWlsLmNvbT4KIAogICAgICAgICBbY2hyb21pdW1dIE9wZW5UeXBlVmVydGlj YWxEYXRhLmNwcCBpbiBib3RoIHdlYmNvcmVfcmVtYWluaW5nIGFuZCB3ZWJjb3JlX3BsYXRmb3Jt IHNlZW1zIHRvIGJyZWFrIGluY3JlbWVudGFsIGxpbmtpbmcgb24gV2luZG93cyBDaHJvbWl1bQpk aWZmIC0tZ2l0IGEvU291cmNlL1dlYkNvcmUvcmVuZGVyaW5nL1JlbmRlckxheWVyLmNwcCBiL1Nv dXJjZS9XZWJDb3JlL3JlbmRlcmluZy9SZW5kZXJMYXllci5jcHAKaW5kZXggYmRiYzNmNTkxZTgw OGY4MDg0NTIzN2Q3YTBhYjAwNzljN2RmYmU1OS4uN2ZlNGI3NzZhN2NhYWU1NTQyMTdlMmVjMWE4 ZDEyODIzZDI0NDE3ZiAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvcmVuZGVyaW5nL1JlbmRl ckxheWVyLmNwcAorKysgYi9Tb3VyY2UvV2ViQ29yZS9yZW5kZXJpbmcvUmVuZGVyTGF5ZXIuY3Bw CkBAIC0xNjY3LDggKzE2NjcsOCBAQCBJbnRTaXplIFJlbmRlckxheWVyOjpjbGFtcFNjcm9sbE9m ZnNldChjb25zdCBJbnRTaXplJiBzY3JvbGxPZmZzZXQpIGNvbnN0CiAgICAgaW50IG1heFggPSBz Y3JvbGxXaWR0aCgpIC0gYm94LT5waXhlbFNuYXBwZWRDbGllbnRXaWR0aCgpOwogICAgIGludCBt YXhZID0gc2Nyb2xsSGVpZ2h0KCkgLSBib3gtPnBpeGVsU25hcHBlZENsaWVudEhlaWdodCgpOwog Ci0gICAgaW50IHggPSBtaW4obWF4KHNjcm9sbE9mZnNldC53aWR0aCgpLCAwKSwgbWF4WCk7Ci0g ICAgaW50IHkgPSBtaW4obWF4KHNjcm9sbE9mZnNldC5oZWlnaHQoKSwgMCksIG1heFkpOworICAg IGludCB4ID0gbWF4KG1pbihzY3JvbGxPZmZzZXQud2lkdGgoKSwgbWF4WCksIDApOworICAgIGlu dCB5ID0gbWF4KG1pbihzY3JvbGxPZmZzZXQuaGVpZ2h0KCksIG1heFkpLCAwKTsKICAgICByZXR1 cm4gSW50U2l6ZSh4LCB5KTsKIH0KIApkaWZmIC0tZ2l0IGEvQ2hhbmdlTG9nIGIvQ2hhbmdlTG9n CmluZGV4IDExNzFjMzkxYjBjMGNkNzQ2YmZjMDJlNGVkMThiNDliNzgyMDMwZWQuLjQxODRkYjdk NWMxNzI2YjE0MjExZTA2NmExN2YyNTIxZTg0N2VjNGIgMTAwNjQ0Ci0tLSBhL0NoYW5nZUxvZwor KysgYi9DaGFuZ2VMb2cKQEAgLTEsMyArMSwxMiBAQAorMjAxMi0wOS0wNCAgSnVsaWVuIENoYWZm cmFpeCAgPGpjaGFmZnJhaXhAd2Via2l0Lm9yZz4KKworICAgICAgICBSRUdSRVNTSU9OKHIxMjA4 MzIpOiBSZW5kZXJMYXllcjo6Y2xhbXBTY3JvbGxPZmZzZXQgZG9lc24ndCBwcm9wZXJseSBjbGFt cAorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9OTU3NzYK KworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICAqIE1hbnVh bFRlc3RzL3NlbGVjdC1tZW51LWxpc3Qtd3JvbmdseS1wb3NpdGlvbmVkLmh0bWw6IEFkZGVkLgor CiAyMDEyLTA5LTA0ICBNaWNoYcWCIFBha3XFgmEgdmVsIFJ1dGthICA8bS5wYWt1bGFAc2Ftc3Vu Zy5jb20+CiAKICAgICAgICAgW0VGTF0gQ29udGV4dCBtZW51IHJlc3RvcmUuCmRpZmYgLS1naXQg YS9NYW51YWxUZXN0cy9zZWxlY3QtbWVudS1saXN0LXdyb25nbHktcG9zaXRpb25lZC5odG1sIGIv TWFudWFsVGVzdHMvc2VsZWN0LW1lbnUtbGlzdC13cm9uZ2x5LXBvc2l0aW9uZWQuaHRtbApuZXcg ZmlsZSBtb2RlIDEwMDc1NQppbmRleCAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw MDAwMDAwLi45ZjEzOTJhMDYzMGIzNmQ4ZmNlNjA3NDQwOWQ2NjJkYzg0OTc3YzIwCi0tLSAvZGV2 L251bGwKKysrIGIvTWFudWFsVGVzdHMvc2VsZWN0LW1lbnUtbGlzdC13cm9uZ2x5LXBvc2l0aW9u ZWQuaHRtbApAQCAtMCwwICsxLDM4IEBACis8IURPQ1RZUEUgaHRtbD4KKzxodG1sPgorPGhlYWQ+ Cis8c3R5bGU+CisgICAgdGFibGUgeworICAgICAgICBvdmVyZmxvdzogaGlkZGVuOworICAgIH0K Kzwvc3R5bGU+Cis8c2NyaXB0PgorICAgIGZ1bmN0aW9uIG9uU2VsZWN0aW9uQ2hhbmdlKHNlbGVj dCkKKyAgICB7CisgICAgICAgIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdoaWRkZW5Sb3cnKS5z dHlsZS5kaXNwbGF5ID0gJyc7CisgICAgfQorPC9zY3JpcHQ+Cis8L2hlYWQ+Cis8Ym9keT4KKyAg ICA8ZGl2PjxhIGhyZWY9Imh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD05 NTc3NiI+OTU3NzY8L2E+OiBSRUdSRVNTSU9OKHIxMjA4MzIpOiBSZW5kZXJMYXllcjo6Y2xhbXBT Y3JvbGxPZmZzZXQgZG9lc24ndCBwcm9wZXJseSBjbGFtcDwvZGl2PgorICAgIDxkaXY+TWFudWFs IHRlc3Q6IGNsaWNrIG9uIHRoZSBtZW51IGJlbG93IGFuZCAmbHQ7c2VsZWN0Jmd0OyB0aGUgJ3No b3duJyBvcHRpb24uIENsaWNrIHNvbWV3aGVyZSBvbiB0aGUgcGFnZSBzbyB0aGF0IHRoZSAmbHQ7 c2VsZWN0Jmd0OyBsb3NlcyBmb2N1cyBhbmQgY2xpY2sgYWdhaW4gb24gdGhlICZsdDtzZWxlY3Qm Z3Q7LjwvZGl2PgorICAgIDxkaXY+VG8gcGFzcyB0aGUgbWVudSBzaG91bGQgYmUgcHJvcGVybHkg cGxhY2VkIGJlbG93IHRoZSAmbHQ7c2VsZWN0Jmd0Oy48L2Rpdj4KKyAgICA8Zm9ybSBuYW1lPSJ0 ZXN0ZSI+CisgICAgICAgIDx0YWJsZT4KKyAgICAgICAgPHRyPgorICAgICAgICAgICAgPHRoPlRl c3Qgc2VsZWN0OjwvdGg+CisgICAgICAgICAgICA8dGQ+CisgICAgICAgICAgICA8c2VsZWN0IG9u Y2hhbmdlPW9uU2VsZWN0aW9uQ2hhbmdlKHRoaXMpPgorICAgICAgICAgICAgICAgIDxvcHRpb24g dmFsdWU9IjAiPmhpZGRlbjwvb3B0aW9uPgorICAgICAgICAgICAgICAgIDxvcHRpb24gdmFsdWU9 IjEiPnNob3duPC9vcHRpb24+CisgICAgICAgICAgICA8L3NlbGVjdD4KKyAgICAgICAgICAgIDwv dGQ+CisgICAgICAgIDwvdHI+CisgICAgICAgIDx0ciBpZD0iaGlkZGVuUm93IiBzdHlsZT0iZGlz cGxheTogbm9uZTsiPgorICAgICAgICAgICAgPHRoPkxvcmVtIGlwc3VtPC90aD4KKyAgICAgICAg ICAgIDx0ZD5kb2xvciBzaWMgYW1ldC48L3RkPgorICAgICAgICA8L3RyPgorICAgICAgICA8L3Rh YmxlPgorICAgIDwvZm9ybT4KKzwvYm9keT4KKzwvaHRtbD4K