Open
Bug 682647
Opened 13 years ago
Updated 2 years ago
"ASSERTION: unexpected max block size" with -moz-element background and -moz-column
Categories
(Core :: Layout, defect)
Tracking
()
NEW
People
(Reporter: jruderman, Unassigned)
References
Details
(Keywords: assertion, testcase)
Attachments
(3 files)
###!!! ABORT: image ratio with nonsense width: 'aIntrinsicRatio.width >= 0', file layout/base/nsCSSRendering.cpp, line 3931
The abort was added in bug 609714, but I don't know if there was also a more recent regression.
Reporter | ||
Comment 1•13 years ago
|
||
Comment 2•13 years ago
|
||
Confirmed in my Linux x86_64 debug build.
I get this series of warning messages in my terminal, leading up to the abort:
{
WARNING: Overflowed nscoord_MAX in conversion to nscoord: 'aValue <= nscoord_MAX', file ../../dist/include/nsCoord.h, line 114
WARNING: Overflowed nscoord_MAX in conversion to nscoord: 'aValue <= nscoord_MAX', file ../../dist/include/nsCoord.h, line 114
WARNING: Overflowed nscoord_MAX in conversion to nscoord: 'aValue <= nscoord_MAX', file ../../dist/include/nsCoord.h, line 114
WARNING: Overflowed nscoord_MAX in conversion to nscoord: 'aValue <= nscoord_MAX', file ../../dist/include/nsCoord.h, line 114
nsBlockReflowContext: ColumnSet(div)(0)@0x7faae07d2670 metrics=-2147483648,-2147483648!
###!!! ASSERTION: illegal width for combined area: 'aOverflowAreas.Overflow(otype).width >= 0', file ../../../mozilla/layout/generic/nsLineBox.cpp, line 498
###!!! ASSERTION: illegal height for combined area: 'aOverflowAreas.Overflow(otype).height >= 0', file ../../../mozilla/layout/generic/nsLineBox.cpp, line 500
###!!! ASSERTION: illegal width for combined area: 'aOverflowAreas.Overflow(otype).width >= 0', file ../../../mozilla/layout/generic/nsLineBox.cpp, line 498
###!!! ASSERTION: illegal height for combined area: 'aOverflowAreas.Overflow(otype).height >= 0', file ../../../mozilla/layout/generic/nsLineBox.cpp, line 500
nsBlockReflowContext: ColumnSet(div)(0)@0x7faae07d2670 metrics=-2147483648,-2147483648!
###!!! ASSERTION: illegal width for combined area: 'aOverflowAreas.Overflow(otype).width >= 0', file ../../../mozilla/layout/generic/nsLineBox.cpp, line 498
###!!! ASSERTION: illegal height for combined area: 'aOverflowAreas.Overflow(otype).height >= 0', file ../../../mozilla/layout/generic/nsLineBox.cpp, line 500
###!!! ASSERTION: illegal width for combined area: 'aOverflowAreas.Overflow(otype).width >= 0', file ../../../mozilla/layout/generic/nsLineBox.cpp, line 498
###!!! ASSERTION: illegal height for combined area: 'aOverflowAreas.Overflow(otype).height >= 0', file ../../../mozilla/layout/generic/nsLineBox.cpp, line 500
###!!! ABORT: image ratio with nonsense width: 'aIntrinsicRatio.width >= 0', file ../../../mozilla/layout/base/nsCSSRendering.cpp, line 3931
}
OS: Mac OS X → All
Reporter | ||
Comment 3•13 years ago
|
||
Bug 690619 might be related.
Comment 4•12 years ago
|
||
Clamp negative layout width/height values to zero image width/height.
(this is in the eStyleImageType_Element case)
http://hg.mozilla.org/mozilla-central/annotate/c232bec6974d/layout/base/nsCSSRendering.cpp#l4375
This is effectively what we do for eStyleImageType_Image too -
nsLayoutUtils::ComputeSizeForDrawing() calls imgIContainer::GetWidth()
which returns mSize, which rejects negative values, e.g.:
http://hg.mozilla.org/mozilla-central/annotate/c232bec6974d/image/src/RasterImage.cpp#l1409
I'll file a follow-up bug for the remaining non-fatal assertions in this test.
("ASSERTION: illegal width/height for combined area")
https://tbpl.mozilla.org/?tree=Try&rev=f39faf2370c6
Assignee: nobody → matspal
Attachment #733686 -
Flags: review?(roc)
Attachment #733686 -
Flags: review?(roc) → review+
Comment 5•9 years ago
|
||
Still asserts on trunk:
ASSERTION: unexpected max block size: 'aBSize >= 0', file /builds/slave/m-cen-l64-d-000000000000000000/build/src/layout/generic/nsFloatManager.cpp, line 128
Mats, is the attached patch still relevant?
Flags: needinfo?(mats)
Summary: "ABORT: image ratio with nonsense width" with -moz-element background and -moz-column → "ASSERTION: unexpected max block size" with -moz-element background and -moz-column
Comment 6•9 years ago
|
||
No, I don't think so. I probably realized at some point that it's just
wallpaper and it would be better to do something a bit more general.
The root of the problem is of course the "padding: 8589934593in;" in
the test. This is capped to NS_MAXSIZE so we have:
(gdb) p borderPadding
$7 = {
mWritingMode = {
mWritingMode = 0 '\000'
},
mMargin = {
<mozilla::gfx::BaseMargin<int, nsMargin>> = {
top = 1073741824,
right = 1073741824,
bottom = 1073741824,
left = 1073741824
}, <No data fields>}
}
(gdb) p borderPadding.IStartEnd(wm)
$8 = -2147483648
which leads to a frame having negative width/height.
I've proposed in the past that we should cap these values much more
aggressively in the style system so that situations like this
would rarely occur...
We could also make nsIFrame::SetRect and nsHTMLReflowMetrics::SetSize
clamp negative width/height. FWIW, doing the latter makes
the nsFloatManager assert go away.
Assignee: mats → nobody
Severity: critical → normal
Flags: needinfo?(mats)
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•