Branch: refs/heads/webkitglib/2.50
Home: https://github.com/WebKit/WebKit
Commit: 869df65fd569c96a629733268e9aede6dcb9258c
https://github.com/WebKit/WebKit/commit/869df65fd569c96a629733268e9aede6dcb9258c
Author: Vitor Roriz <[email protected]>
Date: 2025-12-09 (Tue, 09 Dec 2025)
Changed paths:
A
LayoutTests/fast/css/letter-spacing-with-compounded-zoom-factor-crash-expected.txt
A LayoutTests/fast/css/letter-spacing-with-compounded-zoom-factor-crash.html
M Source/WebCore/rendering/style/RenderStyleSetters.h
Log Message:
-----------
Cherry-pick 303808@main (e718add89ed6).
https://bugs.webkit.org/show_bug.cgi?id=302954
ASAN_ILL | WebCore::RenderText::computePreferredLogicalWidths;
WebCore::RenderText::trimmedPreferredWidths;
WebCore::RenderBlockFlow::computeInlinePreferredLogicalWidths
https://bugs.webkit.org/show_bug.cgi?id=302954
rdar://164952578
Reviewed by Brent Fulgham, Simon Fraser, and Alan Baradlay.
Clamp effective zoom to prevent arithmetic overflow in layout computations.
When zoom compounds through nested elements, the effective zoom can overflow
to infinity, causing failures in width calculations.
Clamp usedZoom to [1e-6, 1e6] to prevent overflow while maintaining
compatibility with other engines.
Test: fast/css/letter-spacing-with-compounded-zoom-factor-crash.html
*
LayoutTests/fast/css/letter-spacing-with-compounded-zoom-factor-crash-expected.txt:
Added.
*
LayoutTests/fast/css/letter-spacing-with-compounded-zoom-factor-crash.html:
Added.
* Source/WebCore/rendering/style/RenderStyleSetters.h:
(WebCore::RenderStyle::setZoom):
Canonical link: https://commits.webkit.org/303808@main
Canonical link: https://commits.webkit.org/298234.316@webkitglib/2.50
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
