RESOLVED FIXED Bug 95776
REGRESSION(r120832): RenderLayer::clampScrollOffset doesn't properly clamp 
https://bugs.webkit.org/show_bug.cgi?id=95776
Summary REGRESSION(r120832): RenderLayer::clampScrollOffset doesn't properly clamp
Julien Chaffraix
Reported 2012-09-04 13:24:58 PDT
Created attachment 162092 [details] Manual test case When refactoring the clamping logic into clampScrollOffset as part of r120832, the different clipping logics were consolidated into the new function. Unfortunately the old code would wrongly clamp the values: int x = min(max(scrollOffset.width(), 0), maxX); int y = min(max(scrollOffset.height(), 0), maxY); Note that because we apply the min last, we cannot guarantee that x and y are positive as nothing prevents maxX / maxY from being negative. r120832 exposed the bug to RenderLayer::scrollRectToVisible which was doing the proper clamping.
Attachments
Manual test case (1.10 KB, text/html)
2012-09-04 13:24 PDT, Julien Chaffraix 		no flags
Details
Proposed fix: Apply the max last to ensure positive offsets. (4.04 KB, patch)
2012-09-04 13:47 PDT, Julien Chaffraix 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Julien Chaffraix
Comment 1 2012-09-04 13:47:44 PDT
Created attachment 162097 [details] Proposed fix: Apply the max last to ensure positive offsets.
WebKit Review Bot
Comment 2 2012-09-04 16:38:37 PDT
Comment on attachment 162097 [details] Proposed fix: Apply the max last to ensure positive offsets. Clearing flags on attachment: 162097 Committed r127520: <http://trac.webkit.org/changeset/127520>
WebKit Review Bot
Comment 3 2012-09-04 16:38:40 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.