Bug 258664

Summary: Nullptr crash in Layout::InlineItemsBuilder::collectInlineItems
Product: WebKit Reporter: Antti Koivisto <koivisto>
Component: Layout and RenderingAssignee: Antti Koivisto <koivisto>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, simon.fraser, webkit-bug-importer, zalan
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Description Antti Koivisto 2023-06-29 02:26:09 PDT 
34 WebCore::RenderStyle::display() const <==
        34 WebCore::Layout::Box::isInlineBox() const
          34 WebCore::Layout::InlineItemsBuilder::collectInlineItems(WTF::Vector<WebCore::Layout::InlineItem, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, WebCore::Layout::InlineItemPosition)
            34 WebCore::Layout::InlineItemsBuilder::build(WebCore::Layout::InlineItemPosition)
              34 WebCore::Layout::InlineFormattingContext::layoutFloatContentOnly(WebCore::Layout::ConstraintsForInlineContent const&, WebCore::Layout::FloatingState&)
                34 WebCore::Layout::InlineFormattingContext::layoutInFlowAndFloatContentForIntegration(WebCore::Layout::ConstraintsForInlineContent const&, WebCore::Layout::InlineLayoutState&)
                  34 WebCore::LayoutIntegration::LineLayout::layout()
Comment 1 Antti Koivisto 2023-06-29 02:26:23 PDT 
rdar://111272076
Comment 2 Antti Koivisto 2023-06-29 02:31:19 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/15397
Comment 3 EWS 2023-06-29 07:15:13 PDT 
Committed 265618@main (42bd7f4d0079): <https://commits.webkit.org/265618@main>

Reviewed commits have been landed. Closing PR #15397 and removing active labels.