Bug 258664 - Nullptr crash in Layout::InlineItemsBuilder::collectInlineItems
Summary: Nullptr crash in Layout::InlineItemsBuilder::collectInlineItems
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Layout and Rendering (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Antti Koivisto
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2023-06-29 02:26 PDT by Antti Koivisto
Modified: 2023-06-29 07:15 PDT (History)
4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Antti Koivisto 2023-06-29 02:26:09 PDT 
34 WebCore::RenderStyle::display() const <==
        34 WebCore::Layout::Box::isInlineBox() const
          34 WebCore::Layout::InlineItemsBuilder::collectInlineItems(WTF::Vector<WebCore::Layout::InlineItem, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, WebCore::Layout::InlineItemPosition)
            34 WebCore::Layout::InlineItemsBuilder::build(WebCore::Layout::InlineItemPosition)
              34 WebCore::Layout::InlineFormattingContext::layoutFloatContentOnly(WebCore::Layout::ConstraintsForInlineContent const&, WebCore::Layout::FloatingState&)
                34 WebCore::Layout::InlineFormattingContext::layoutInFlowAndFloatContentForIntegration(WebCore::Layout::ConstraintsForInlineContent const&, WebCore::Layout::InlineLayoutState&)
                  34 WebCore::LayoutIntegration::LineLayout::layout()
Comment 1 Antti Koivisto 2023-06-29 02:26:23 PDT 
rdar://111272076
Comment 2 Antti Koivisto 2023-06-29 02:31:19 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/15397
Comment 3 EWS 2023-06-29 07:15:13 PDT 
Committed 265618@main (42bd7f4d0079): <https://commits.webkit.org/265618@main>

Reviewed commits have been landed. Closing PR #15397 and removing active labels.