Bug 237249

Created attachment 453336 [details]
the html to open

build a debug webkit and open the html

ASSERTION FAILED: !(newRadii.bottomLeft().width() && newRadii.bottomRight().width())
../../Source/WebCore/rendering/RenderBoxModelObject.cpp(1616) : WebCore::RoundedRect WebCore::calculateAdjustedInnerBorder(const WebCore::RoundedRect&, WebCore::BoxSide)
1   0x7f97ec336964 WTFReportBacktrace
2   0x7f97ec336c01 WTFCrash
3   0x7f9805e2dba1 WTF::CrashOnOverflow::overflowed()
4   0x7f980f6d74c0 /home/lxc/fuzz/webkit/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0x1df0c4c0) [0x7f980f6d74c0]
5   0x7f980f6d8d4a WebCore::RenderBoxModelObject::paintOneBorderSide(WebCore::GraphicsContext&, WebCore::RenderStyle const&, WebCore::RoundedRect const&, WebCore::RoundedRect const&, WebCore::LayoutRect const&, WebCore::BoxSide, WebCore::BoxSide, WebCore::BoxSide, WebCore::RectEdges<WebCore::BorderEdge> const&, WebCore::Path const*, WebCore::BackgroundBleedAvoidance, bool, bool, bool, WebCore::Color const*)
6   0x7f980f6da9cf /home/lxc/fuzz/webkit/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0x1df0f9cf) [0x7f980f6da9cf]
7   0x7f980f6dafe5 WebCore::RenderBoxModelObject::paintBorderSides(WebCore::GraphicsContext&, WebCore::RenderStyle const&, WebCore::RoundedRect const&, WebCore::RoundedRect const&, WebCore::IntPoint const&, WebCore::RectEdges<WebCore::BorderEdge> const&, WTF::OptionSet<WebCore::BoxSideFlag>, WebCore::BackgroundBleedAvoidance, bool, bool, bool, WebCore::Color const*)
8   0x7f980f6de973 WebCore::RenderBoxModelObject::paintBorder(WebCore::PaintInfo const&, WebCore::LayoutRect const&, WebCore::RenderStyle const&, WebCore::BackgroundBleedAvoidance, bool, bool)
9   0x7f980f681042 WebCore::RenderBox::paintBoxDecorations(WebCore::PaintInfo&, WebCore::LayoutPoint const&)
10  0x7f980f56f21d WebCore::RenderBlock::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&)
11  0x7f980f56d563 WebCore::RenderBlock::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&)
12  0x7f980f89699c WebCore::RenderLayer::paintBackgroundForFragments(WTF::Vector<WebCore::LayerFragment, 1ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WebCore::GraphicsContext&, WebCore::GraphicsContext&, WebCore::LayoutRect const&, bool, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::PaintBehavior>, WebCore::RenderObject*)
13  0x7f980f891541 WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)
14  0x7f980f88cb08 WebCore::RenderLayer::paintLayerContentsAndReflection(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)
15  0x7f980f8933ea WebCore::RenderLayer::paintLayerByApplyingTransform(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>, WebCore::LayoutSize const&)
16  0x7f980f88c495 WebCore::RenderLayer::paintLayerWithEffects(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)
17  0x7f980f88b6f0 WebCore::RenderLayer::paintLayer(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)
18  0x7f980f8937a4 WebCore::RenderLayer::paintList(WebCore::RenderLayer::LayerList, WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)
19  0x7f980f891915 WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)
20  0x7f980f88cb08 WebCore::RenderLayer::paintLayerContentsAndReflection(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)
21  0x7f980f88c517 WebCore::RenderLayer::paintLayerWithEffects(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)
22  0x7f980f88b6f0 WebCore::RenderLayer::paintLayer(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)
23  0x7f980f8937a4 WebCore::RenderLayer::paintList(WebCore::RenderLayer::LayerList, WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)
24  0x7f980f891915 WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)
25  0x7f980f8deb0f /home/lxc/fuzz/webkit/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0x1e113b0f) [0x7f980f8deb0f]
26  0x7f980f8df539 WebCore::RenderLayerBacking::paintIntoLayer(WebCore::GraphicsLayer const*, WebCore::GraphicsContext&, WebCore::IntRect const&, WTF::OptionSet<WebCore::PaintBehavior>, WebCore::EventRegionContext*)
27  0x7f980f8e14d0 WebCore::RenderLayerBacking::paintContents(WebCore::GraphicsLayer const*, WebCore::GraphicsContext&, WebCore::FloatRect const&, unsigned int)
28  0x7f980edbaf37 WebCore::GraphicsLayer::paintGraphicsLayerContents(WebCore::GraphicsContext&, WebCore::FloatRect const&, unsigned int)
29  0x7f98091e084a /home/lxc/fuzz/webkit/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0x17a1584a) [0x7f98091e084a]
30  0x7f98091e0f58 /home/lxc/fuzz/webkit/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0x17a15f58) [0x7f98091e0f58]
31  0x7f98091e0d6e Nicosia::PaintingEngineBasic::paint(WebCore::GraphicsLayer&, WTF::Ref<Nicosia::Buffer, WTF::RawPtrTraits<Nicosia::Buffer> >&&, WebCore::IntRect const&, WebCore::IntRect const&, WebCore::IntRect const&, float)