Closed Bug 1367413 Opened 4 years ago Closed 4 years ago
Assertion failure: kid
Overflow BEnd >= kid BEnd, at /mozilla/builds/nightly/mozilla/layout/generic/ns Absolute Containing Block .cpp:154
1. https://www.tumblr.com/search/jody%20comer 2. Assertion failure: kidOverflowBEnd >= kidBEnd, at /home/worker/workspace/build/src/layout/generic/nsAbsoluteContainingBlock.cpp:154 This reproduces on Fedora 25 x86_64. We've seen this on about 133 urls since this assertion landed in bug 1365449 though Windows is the most common occurrence. Urls on https://ok.ru/ are fairly common. Reproduced locally with a build from https://hg.mozilla.org/mzilla-central/rev/96e18bec9fc8a5ce623c16167c12756bbe190d73 Thread 0 (crashed) 0 libxul.so!nsAbsoluteContainingBlock::Reflow [nsAbsoluteContainingBlock.cpp:6dfa56094f0c : 154 + 0x18]
|kidOverflowBEnd| comes from GetScrollableOverflowRectRelativeToParent(): http://searchfox.org/mozilla-central/rev/2933592c4a01b634ab53315ce2d0e43fccb82181/layout/generic/nsAbsoluteContainingBlock.cpp#152 which is just GetScrollableOverflowRect() translated to the parent's coordinates. So I think the invariant doesn't hold, as explained in: http://searchfox.org/mozilla-central/rev/2933592c4a01b634ab53315ce2d0e43fccb82181/layout/generic/nsIFrame.h#3019-3022
OS: Unspecified → All
Hardware: Unspecified → All
Version: 53 Branch → 55 Branch
OK, I guess we need to use the version that ignores transforms, and then manually convert to the parent's coordinate space.
Mats's testcase also doesn't hit the assertion for me until I resize the window, so I'll need to modify it a drop to make it a crashtest.
I confirmed that the test crashes in the crashtest harness without the patch (although the harness doesn't exit!), whereas it passes with the patch. MozReview-Commit-ID: 37S6i1kvw37
Attachment #8870974 - Flags: review?(mats)
https://hg.mozilla.org/integration/mozilla-inbound/rev/e6bf2e19464cd774d46d243c82a64fa1b05056c8 Bug 1367413 - Fix assertion that can occur when paginating abs-pos elements with a transform. r=mats
You need to log in before you can comment on or make changes to this bug.