<rdar://problem/8119781> Crash zooming into Word document at office.live.com
authormitz@apple.com <mitz@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 8 Nov 2010 22:48:57 +0000 (22:48 +0000)
committermitz@apple.com <mitz@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 8 Nov 2010 22:48:57 +0000 (22:48 +0000)
https://bugs.webkit.org/show_bug.cgi?id=49203

Reviewed by Darin Adler.

WebCore:

Test: fast/css/zoom-change-triggering-layout.html

RenderBox::styleDidChange() was calling scrollLeft() and scrollTop(), whose RenderTextControlSingleLine
overrides can trigger layout.

* rendering/RenderBox.cpp:
(WebCore::RenderBox::styleDidChange): Use the layer directly for updating the scroll offsets when
the zoom factor changes.

LayoutTests:

* fast/css/zoom-change-triggering-layout-expected.txt: Added.
* fast/css/zoom-change-triggering-layout.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@71576 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/fast/css/zoom-change-triggering-layout-expected.txt [new file with mode: 0644]
LayoutTests/fast/css/zoom-change-triggering-layout.html [new file with mode: 0644]
WebCore/ChangeLog
WebCore/rendering/RenderBox.cpp

index 3ddd871..582abc7 100644 (file)
@@ -1,3 +1,13 @@
+2010-11-08  Dan Bernstein  <mitz@apple.com>
+
+        Reviewed by Darin Adler.
+
+        <rdar://problem/8119781> Crash zooming into Word document at office.live.com
+        https://bugs.webkit.org/show_bug.cgi?id=49203
+
+        * fast/css/zoom-change-triggering-layout-expected.txt: Added.
+        * fast/css/zoom-change-triggering-layout.html: Added.
+
 2010-11-08  Csaba Osztrogon√°c  <ossy@webkit.org>
 
         Unreviewed rolling out r71567.
diff --git a/LayoutTests/fast/css/zoom-change-triggering-layout-expected.txt b/LayoutTests/fast/css/zoom-change-triggering-layout-expected.txt
new file mode 100644 (file)
index 0000000..df4d991
--- /dev/null
@@ -0,0 +1,5 @@
+Test for rdar://problem/8119781 Crash zooming into Word document at office.live.com.
+
+The test passes if it does not crash. To test in Safari, make sure View > Zoom Text Only is not selected, then choose View > Zoom In.
+
+
diff --git a/LayoutTests/fast/css/zoom-change-triggering-layout.html b/LayoutTests/fast/css/zoom-change-triggering-layout.html
new file mode 100644 (file)
index 0000000..474bf4d
--- /dev/null
@@ -0,0 +1,25 @@
+<p>
+    Test for <i><a href="rdar://problem/8119781">rdar://problem/8119781</a>
+    Crash zooming into Word document at office.live.com</i>.
+</p>
+<p>
+    The test passes if it does not crash. To test in Safari, make sure View > Zoom Text Only is <i>not</i> selected,
+    then choose View > Zoom In.
+</p>
+<iframe id="iframe"></iframe>
+<script>
+    var iframe = document.getElementById("iframe");
+    var target = iframe.contentDocument.body.appendChild(iframe.contentDocument.createElement("input"));
+    target.style.overflow = "hidden";
+    iframe.contentWindow.addEventListener("resize", function(event) {
+        if (target.parentNode)
+            target.parentNode.removeChild(target);
+    }, false);
+
+    document.body.offsetTop;
+
+    if (window.layoutTestController) {
+        layoutTestController.dumpAsText();
+        eventSender.zoomPageIn();
+    }
+</script>
index 09c9fd9..52fd765 100644 (file)
@@ -1,3 +1,19 @@
+2010-11-08  Dan Bernstein  <mitz@apple.com>
+
+        Reviewed by Darin Adler.
+
+        <rdar://problem/8119781> Crash zooming into Word document at office.live.com
+        https://bugs.webkit.org/show_bug.cgi?id=49203
+
+        Test: fast/css/zoom-change-triggering-layout.html
+
+        RenderBox::styleDidChange() was calling scrollLeft() and scrollTop(), whose RenderTextControlSingleLine
+        overrides can trigger layout.
+
+        * rendering/RenderBox.cpp:
+        (WebCore::RenderBox::styleDidChange): Use the layer directly for updating the scroll offsets when
+        the zoom factor changes.
+
 2010-11-08  David Hyatt  <hyatt@apple.com>
 
         Reviewed by Simon Fraser.
index dd2a7be..561cbc6 100644 (file)
@@ -290,15 +290,13 @@ void RenderBox::styleDidChange(StyleDifference diff, const RenderStyle* oldStyle
     // If our zoom factor changes and we have a defined scrollLeft/Top, we need to adjust that value into the
     // new zoomed coordinate space.
     if (hasOverflowClip() && oldStyle && style() && oldStyle->effectiveZoom() != style()->effectiveZoom()) {
-        int left = scrollLeft();
-        if (left) {
+        if (int left = layer()->scrollXOffset()) {
             left = (left / oldStyle->effectiveZoom()) * style()->effectiveZoom();
-            setScrollLeft(left);
+            layer()->scrollToXOffset(left);
         }
-        int top = scrollTop();
-        if (top) {
+        if (int top = layer()->scrollYOffset()) {
             top = (top / oldStyle->effectiveZoom()) * style()->effectiveZoom();
-            setScrollTop(top);
+            layer()->scrollToYOffset(top);
         }
     }