235575 – ASSERTION FAILED: initialLogicalWidth >= 0 ../../Source/WebCore/layout/formattingContexts/inline/InlineLineBoxBuilder.cpp(304)

Bug 235575 - ASSERTION FAILED: initialLogicalWidth >= 0 ../../Source/WebCore/layout/formattingContexts/inline/InlineLineBoxBuilder.cpp(304)

Summary: ASSERTION FAILED: initialLogicalWidth >= 0 ../../Source/WebCore/layout/format...

Status:	RESOLVED CONFIGURATION CHANGED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-01-25 04:27 PST by A
Modified:	2022-01-25 10:54 PST (History)
CC List:	2 users (show)

See Also:

Attachments
the html trigger crash (312 bytes, text/html) 2022-01-25 04:27 PST, A	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description A 2022-01-25 04:27:13 PST

Created attachment 449916 [details]
the html trigger crash

1. build a debug webkit
2. open html
3. crash

ASSERTION FAILED: initialLogicalWidth >= 0
../../Source/WebCore/layout/formattingContexts/inline/InlineLineBoxBuilder.cpp(304) : WebCore::Layout::InlineLayoutUnit WebCore::Layout::LineBoxBuilder::constructAndAlignInlineLevelBoxes(WebCore::Layout::LineBox&, const RunList&)
1   0x7fb3ead29964 WTFReportBacktrace
2   0x7fb3ead29c01 WTFCrash
3   0x7fb404820ba1 WTF::CrashOnOverflow::overflowed()
4   0x7fb4102565eb WebCore::Layout::LineBoxBuilder::constructAndAlignInlineLevelBoxes(WebCore::Layout::LineBox&, WTF::Vector<WebCore::Layout::Line::Run, 10ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&)
5   0x7fb4102534af WebCore::Layout::LineBoxBuilder::build(WebCore::Layout::LineBuilder::LineContent const&)
6   0x7fb410234265 WebCore::Layout::InlineFormattingContext::computeGeometryForLineContent(WebCore::Layout::LineBuilder::LineContent const&)
7   0x7fb41022cae7 WebCore::Layout::InlineFormattingContext::lineLayout(WTF::Vector<WebCore::Layout::InlineItem, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, WebCore::Layout::LineBuilder::InlineItemRange, WebCore::Layout::ConstraintsForInFlowContent const&)
8   0x7fb41022b622 WebCore::Layout::InlineFormattingContext::lineLayoutForIntergration(WebCore::Layout::ConstraintsForInFlowContent const&)
9   0x7fb40cae89f0 WebCore::LayoutIntegration::LineLayout::layout()
10  0x7fb40e05bfd9 WebCore::RenderBlockFlow::layoutModernLines(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
11  0x7fb40e032f58 WebCore::RenderBlockFlow::layoutInlineChildren(bool, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
12  0x7fb40e030f80 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
13  0x7fb40df5a8ab WebCore::RenderBlock::layout()
14  0x7fb40e3af7be WebCore::RenderListItem::layout()
15  0x7fb40e033a40 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
16  0x7fb40e032c96 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
17  0x7fb40e030fa4 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
18  0x7fb40df5a8ab WebCore::RenderBlock::layout()
19  0x7fb40e033a40 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
20  0x7fb40e032c96 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
21  0x7fb40e030fa4 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
22  0x7fb40df5a8ab WebCore::RenderBlock::layout()
23  0x7fb40e033a40 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
24  0x7fb40e032c96 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
25  0x7fb40e030fa4 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
26  0x7fb40df5a8ab WebCore::RenderBlock::layout()
27  0x7fb40e033a40 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)
28  0x7fb40e032c96 WebCore::RenderBlockFlow::layoutBlockChildren(bool, WebCore::LayoutUnit&)
29  0x7fb40e030fa4 WebCore::RenderBlockFlow::layoutBlock(bool, WebCore::LayoutUnit)
30  0x7fb40df5a8ab WebCore::RenderBlock::layout()
31  0x7fb40e033a40 WebCore::RenderBlockFlow::layoutBlockChild(WebCore::RenderBox&, WebCore::RenderBlockFlow::MarginInfo&, WebCore::LayoutUnit&, WebCore::LayoutUnit&)

** (MiniBrowser:917450): WARNING **: 15:34:09.707: WebProcess CRASHED

Comment 1 zalan 2022-01-25 10:53:59 PST

I cannot reproduce this on ToT (r288550)