237251 – areEssentiallyEqual(rendererMappedResult, result) in WebCore::FloatPoint WebCore::RenderGeometryMap::mapToContainer

Bug 237251 - areEssentiallyEqual(rendererMappedResult, result) in WebCore::FloatPoint WebCore::RenderGeometryMap::mapToContainer

Summary: areEssentiallyEqual(rendererMappedResult, result) in WebCore::FloatPoint WebC...

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	WebKit Local Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:	244898
	Show dependency tree / graph

Reported:	2022-02-27 06:14 PST by zzzsss
Modified:	2022-09-07 09:18 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
the html to open (693.98 KB, text/html) 2022-02-27 06:14 PST, zzzsss	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description zzzsss 2022-02-27 06:14:27 PST

Created attachment 453338 [details]
the html to open

build a debug webkit and open the html

ASSERTION FAILED: areEssentiallyEqual(rendererMappedResult, result)
../../Source/WebCore/rendering/RenderGeometryMap.cpp(113) : WebCore::FloatPoint WebCore::RenderGeometryMap::mapToContainer(const WebCore::FloatPoint&, const WebCore::RenderLayerModelObject*) const
1   0x7f1b0b404964 WTFReportBacktrace
2   0x7f1b0b404c01 WTFCrash
3   0x7f1b24efbba1 WTF::CrashOnOverflow::overflowed()
4   0x7f1b2e8cf078 WebCore::RenderGeometryMap::mapToContainer(WebCore::FloatPoint const&, WebCore::RenderLayerModelObject const*) const
5   0x7f1b2e9f7778 WebCore::RenderGeometryMap::absolutePoint(WebCore::FloatPoint const&) const
6   0x7f1b2e940dc1 WebCore::RenderLayer::updateLayerPositions(WebCore::RenderGeometryMap*, WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsFlag>)
7   0x7f1b2e941f90 WebCore::RenderLayer::updateLayerPositions(WebCore::RenderGeometryMap*, WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsFlag>)
8   0x7f1b2e941f90 WebCore::RenderLayer::updateLayerPositions(WebCore::RenderGeometryMap*, WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsFlag>)
9   0x7f1b2e941f90 WebCore::RenderLayer::updateLayerPositions(WebCore::RenderGeometryMap*, WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsFlag>)
10  0x7f1b2e941f90 WebCore::RenderLayer::updateLayerPositions(WebCore::RenderGeometryMap*, WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsFlag>)
11  0x7f1b2e941f90 WebCore::RenderLayer::updateLayerPositions(WebCore::RenderGeometryMap*, WTF::OptionSet<WebCore::RenderLayer::UpdateLayerPositionsFlag>)
12  0x7f1b2e940a6d WebCore::RenderLayer::updateLayerPositionsAfterLayout(bool, bool)
13  0x7f1b2d6d01b7 WebCore::FrameView::didLayout(WTF::WeakPtr<WebCore::RenderElement, WTF::EmptyCounter>)
14  0x7f1b2d704e21 WebCore::FrameViewLayoutContext::layout()
15  0x7f1b2d706458 WebCore::FrameViewLayoutContext::layoutTimerFired()
16  0x7f1b2d7667d8 void std::__invoke_impl<void, void (WebCore::FrameViewLayoutContext::*&)(), WebCore::FrameViewLayoutContext*&>(std::__invoke_memfun_deref, void (WebCore::FrameViewLayoutContext::*&)(), WebCore::FrameViewLayoutContext*&)
17  0x7f1b2d7664ab std::__invoke_result<void (WebCore::FrameViewLayoutContext::*&)(), WebCore::FrameViewLayoutContext*&>::type std::__invoke<void (WebCore::FrameViewLayoutContext::*&)(), WebCore::FrameViewLayoutContext*&>(void (WebCore::FrameViewLayoutContext::*&)(), WebCore::FrameViewLayoutContext*&)
18  0x7f1b2d764d0d void std::_Bind<void (WebCore::FrameViewLayoutContext::*(WebCore::FrameViewLayoutContext*))()>::__call<void, , 0ul>(std::tuple<>&&, std::_Index_tuple<0ul>)
19  0x7f1b2d763944 void std::_Bind<void (WebCore::FrameViewLayoutContext::*(WebCore::FrameViewLayoutContext*))()>::operator()<, void>()
20  0x7f1b2d76250c WTF::Detail::CallableWrapper<std::_Bind<void (WebCore::FrameViewLayoutContext::*(WebCore::FrameViewLayoutContext*))()>, void>::call()
21  0x7f1b24ff4e95 WTF::Function<void ()>::operator()() const
22  0x7f1b25f9a01e WebCore::Timer::fired()
23  0x7f1b2db980d4 WebCore::ThreadTimers::sharedTimerFiredInternal()
24  0x7f1b2db96fdd /home/lxc/fuzz/webkit/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0x1d2fdfdd) [0x7f1b2db96fdd]
25  0x7f1b2db9d800 /home/lxc/fuzz/webkit/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0x1d304800) [0x7f1b2db9d800]
26  0x7f1b24ff4e95 WTF::Function<void ()>::operator()() const
27  0x7f1b2db01457 WebCore::MainThreadSharedTimer::fired()
28  0x7f1b2db1bef6 void std::__invoke_impl<void, void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&>(std::__invoke_memfun_deref, void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&)
29  0x7f1b2db1bd73 std::__invoke_result<void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&>::type std::__invoke<void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&>(void (WebCore::MainThreadSharedTimer::*&)(), WebCore::MainThreadSharedTimer*&)
30  0x7f1b2db1bc9f void std::_Bind<void (WebCore::MainThreadSharedTimer::*(WebCore::MainThreadSharedTimer*))()>::__call<void, , 0ul>(std::tuple<>&&, std::_Index_tuple<0ul>)
31  0x7f1b2db1bb72 void std::_Bind<void (WebCore::MainThreadSharedTimer::*(WebCore::MainThreadSharedTimer*))()>::operator()<, void>()

** (MiniBrowser:635242): WARNING **: 14:33:01.854: WebProcess CRASHED
Terminated

Comment 1 Radar WebKit Bug Importer 2022-03-06 06:15:15 PST

<rdar://problem/89873428>