Bug 144644 - [iOS] Scroll snap points trigger reentrant layout
Summary: [iOS] Scroll snap points trigger reentrant layout
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Layout and Rendering (show other bugs)
Version: 528+ (Nightly build)
Hardware: iPhone / iPad All
: P2 Normal
Assignee: Brent Fulgham
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2015-05-05 16:07 PDT by Brent Fulgham
Modified: 2015-05-05 16:36 PDT (History)
8 users (show)

See Also:

Attachments
Simple test case that crashes on Debug iOS builds (2.50 KB, text/html)
2015-05-05 16:07 PDT, Brent Fulgham 		no flags Details
Patch (2.48 KB, patch)
2015-05-05 16:10 PDT, Brent Fulgham 		simon.fraser: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Fulgham 2015-05-05 16:07:06 PDT 
Created attachment 252417 [details]
Simple test case that crashes on Debug iOS builds

The attached test case triggers a crash in the WebProcess in debug builds, because it is attempting to trigger layout while in the middle of performing the initial layout.

This bad behavior was caused by the improper use of 'offsetLeft' and 'offsetTop' in the iOS code path for handling scroll snap-points. Instead, it should have just used the same code path as OS X. Apparently, the original author of that code had the misapprehension that the RenderBox::localToContainerPoint method did not work properly under iOS, which is certainly not true (at least today).

The fix here is to delete the bad iOS-only code path and use the standard drawing code.
Comment 1 Brent Fulgham 2015-05-05 16:07:33 PDT 
<rdar://problem/20366547>
Comment 2 Brent Fulgham 2015-05-05 16:10:39 PDT 
Created attachment 252418 [details]
Patch
Comment 3 Brent Fulgham 2015-05-05 16:36:58 PDT 
Committed r183840: <http://trac.webkit.org/changeset/183840>