[Webkit-unassigned] [Bug 234018] nullptr deref in ComputeFloatOffsetForLineLayoutAdapter<FloatingObject::FloatLeft>::updateOffsetIfNeeded
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Dec 8 10:47:11 PST 2021
https://bugs.webkit.org/show_bug.cgi?id=234018
--- Comment #1 from Gabriel Nava Marino <gnavamarino at apple.com> ---
RenderTree structure from attached test case with proposed patch. Notice the two floating objects:
Content-Type: text/plain
layer at (0,0) size 816x585
RenderView at (0,0) size 800x585
layer at (0,0) size 816x16
RenderBlock (floating) {HTML} at (0,0) size 816x16
RenderBlock (anonymous) at (0,0) size 816x0
RenderInline {SPAN} at (0,0) size 0x0
RenderBody {BODY} at (8,8) size 800x0
RenderBlock {DIV} at (0,0) size 800x0
RenderBlock (anonymous) at (0,0) size 800x0
RenderInline {SPAN} at (0,0) size 0x0
RenderBlock (floating) {HTML} at (0,0) size 800x0
RenderInline {Q} at (0,0) size 14x18
RenderInline (generated) at (0,0) size 8x18
RenderQuote at (0,0) size 8x18
RenderText at (150,0) size 8x18
text run at (150,0) width 8: "\""
RenderInline (generated) at (0,0) size 7x18
RenderQuote at (0,0) size 7x18
RenderText at (157,0) size 7x18
text run at (157,0) width 7: "\""
RenderTextControl {INPUT} at (2,2) size 147x19 [bgcolor=#FFFFFF] [border: (2px inset #000000)]
RenderBlock {DIV} at (0,0) size 816x0
layer at (13,13) size 141x13
RenderBlock {DIV} at (3,3) size 141x13
layer at (8,31) size 800x400
RenderVideo {VIDEO} at (0,23) size 800x400
#EOF
#EOF
#EOF
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20211208/369c22e9/attachment-0001.htm>
More information about the webkit-unassigned
mailing list