12090 – Assertion failure in WebCore::WidthIterator::advance

NEW 12090

Assertion failure in WebCore::WidthIterator::advance

https://bugs.webkit.org/show_bug.cgi?id=12090

Summary Assertion failure in WebCore::WidthIterator::advance

Mark Rowe (bdash)

Reported 2007-01-02 22:03:25 PST

<html> <head> <title>Test HTML Page</title> <style type="text/css"> p { font-family: "Zapf Dingbats"; font-variant: small-caps; } </style> </head> <body> <p>p</p> </body> </html> Leads to the following assertion being failed at Font.cpp:203: assert(substituteFontData == localGlyphBuffer.fontDataAt(0)); Program received signal SIGABRT, Aborted. 0x9003d1dc in kill () (gdb) bt #0 0x9003d1dc in kill () #1 0x9010f2af in raise () #2 0x9010de02 in abort () #3 0x013e7df0 in __eprintf () at FastMalloc.h:53 #4 0x012158b1 in WebCore::WidthIterator::advance (this=0xbfffdc7c, offset=2, glyphBuffer=0x0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/platform/Font.cpp:203 #5 0x01216436 in WebCore::Font::floatWidthForSimpleText (this=0x18a1e298, run=@0xbfffde20, style=@0xbfffde0c, substituteFont=0x0, startPosition=0x0, glyphBuffer=0x0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/platform/Font.cpp:550 #6 0x0121678d in WebCore::Font::floatWidth (this=0x18a1e298, run=@0xbfffde20, style=@0xbfffde0c) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/platform/Font.cpp:540 #7 0x012167d3 in WebCore::Font::width (this=0x18a1e298, run=@0xbfffde20, style=@0xbfffde0c) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/platform/Font.cpp:394 #8 0x0119ca77 in WebCore::RenderText::calcMinMaxWidth (this=0x18a1e32c, leadWidth=0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderText.cpp:455 #9 0x0119cf63 in WebCore::RenderText::calcMinMaxWidth (this=0x18a1e32c) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderText.cpp:540 #10 0x011872fd in WebCore::RenderObject::recalcMinMaxWidths (this=0x18a1e32c) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderObject.cpp:2724 #11 0x011871d6 in WebCore::RenderObject::recalcMinMaxWidths (this=0x18603d7c) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderObject.cpp:2709 #12 0x011871d6 in WebCore::RenderObject::recalcMinMaxWidths (this=0x184b41bc) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderObject.cpp:2709 #13 0x011871d6 in WebCore::RenderObject::recalcMinMaxWidths (this=0x1846260c) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderObject.cpp:2709 #14 0x011871d6 in WebCore::RenderObject::recalcMinMaxWidths (this=0x29c658c) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderObject.cpp:2709 #15 0x01163270 in WebCore::RenderView::layout (this=0x29c658c) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderView.cpp:109 #16 0x010e7863 in WebCore::FrameView::layout (this=0x2936550, allowSubtree=true) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/page/FrameView.cpp:424 #17 0x010e8eae in WebCore::Document::updateLayout (this=0x2154600) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/dom/Document.cpp:1020 #18 0x010f5806 in WebCore::Document::updateLayoutIgnorePendingStylesheets (this=0x2154600) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/dom/Document.cpp:1046 #19 0x0123e281 in WebCore::Element::offsetHeight (this=0x1703f600) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/dom/Element.cpp:214 #20 0x012311c8 in WebCore::JSElement::getValueProperty (this=0x1830f3d0, exec=0xbfffe4c0, token=5) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebKitBuild/Debug/DerivedSources/WebCore/JSElement.cpp:205 #21 0x0153a9f6 in KJS::staticValueGetter<WebCore::JSElement> (exec=0xbfffe4c0, slot=@0xbfffe204) at lookup.h:149 #22 0x00546835 in KJS::PropertySlot::getValue (this=0xbfffe204, exec=0xbfffe4c0, originalObject=0x1830f3d0, propertyName=@0x1868eccc) at property_slot.h:47 #23 0x004e5270 in KJS::JSObject::get (this=0x1830f3d0, exec=0xbfffe4c0, propertyName=@0x1868eccc) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/JavaScriptCore/kjs/object.cpp:151 #24 0x004dca59 in KJS::DotAccessorNode::evaluate (this=0x1868ecc0, exec=0xbfffe4c0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/JavaScriptCore/kjs/nodes.cpp:548 #25 0x004d52dd in KJS::AssignExprNode::evaluate (this=0x18682380, exec=0xbfffe4c0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/JavaScriptCore/kjs/nodes.cpp:1527 #26 0x004d92fc in KJS::VarDeclNode::evaluate (this=0x1868f0f0, exec=0xbfffe4c0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/JavaScriptCore/kjs/nodes.cpp:1545 #27 0x004d921a in KJS::VarDeclListNode::evaluate (this=0x1868f110, exec=0xbfffe4c0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/JavaScriptCore/kjs/nodes.cpp:1592 #28 0x004d90f2 in KJS::VarStatementNode::execute (this=0x1868f7e0, exec=0xbfffe4c0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/JavaScriptCore/kjs/nodes.cpp:1616 #29 0x004d6b60 in KJS::SourceElementsNode::execute (this=0x1868f930, exec=0xbfffe4c0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/JavaScriptCore/kjs/nodes.cpp:2449 #30 0x004d5498 in KJS::BlockNode::execute (this=0x186913b0, exec=0xbfffe4c0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/JavaScriptCore/kjs/nodes.cpp:1648 #31 0x004c736a in KJS::DeclaredFunctionImp::execute (this=0x1830e0b0, exec=0xbfffe4c0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/JavaScriptCore/kjs/function.cpp:359 #32 0x004c964d in KJS::FunctionImp::callAsFunction (this=0x1830e0b0, exec=0x18491e5c, thisObj=0x17091b90, args=@0xbfffe57c) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/JavaScriptCore/kjs/function.cpp:108 #33 0x004e5ec4 in KJS::JSObject::call (this=0x1830e0b0, exec=0x18491e5c, thisObj=0x17091b90, args=@0xbfffe57c) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/JavaScriptCore/kjs/object.cpp:96 #34 0x01254dce in KJS::JSAbstractEventListener::handleEvent (this=0x1821da60, ele=0x186872c0, isWindowEvent=true) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/bindings/js/kjs_events.cpp:121 #35 0x010ec904 in WebCore::Document::handleWindowEvent (this=0x2154600, evt=0x186872c0, useCapture=false) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/dom/Document.cpp:2238 #36 0x012227b5 in WebCore::EventTargetNode::dispatchWindowEvent (this=0x2154600, eventType=@0x1652508, canBubbleArg=false, cancelableArg=false) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/dom/EventTargetNode.cpp:325 #37 0x010eeb8f in WebCore::Document::implicitClose (this=0x2154600) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/dom/Document.cpp:1326 #38 0x01390ca9 in WebCore::FrameLoader::checkEmitLoadEvent (this=0x204a600) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/loader/FrameLoader.cpp:1108 #39 0x0139733d in WebCore::FrameLoader::checkCompleted (this=0x204a600) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/loader/FrameLoader.cpp:1076 #40 0x013980d9 in WebCore::FrameLoader::loadDone (this=0x204a600) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/loader/FrameLoader.cpp:1050 #41 0x01107202 in WebCore::DocLoader::setLoadInProgress (this=0x182cd3c0, load=false) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/loader/DocLoader.cpp:176 #42 0x01108a91 in WebCore::Loader::receivedAllData (this=0x1650e58, loader=0x1844b7d0, allData=0x18684780) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/loader/loader.cpp:110 #43 0x01378980 in WebCore::SubresourceLoader::didFinishLoading (this=0x1844b7d0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/loader/mac/SubresourceLoaderMac.mm:195 #44 0x013748c0 in WebCore::ResourceLoader::didFinishLoading (this=0x1844b7d0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/loader/mac/ResourceLoaderMac.mm:446 #45 0x01383d43 in -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] (self=0x186844f0, _cmd=0x90a9d160, con=0x18684650) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/platform/network/mac/ResourceHandleMac.mm:308 #46 0x9265be00 in -[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] () #47 0x92659ea5 in -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] () #48 0x92659b41 in _sendCallbacks () #49 0x90829379 in CFRunLoopRunSpecific () #50 0x90828eb5 in CFRunLoopRunInMode () #51 0x92dcdb90 in RunCurrentEventLoopInMode () #52 0x92dcd297 in ReceiveNextEventCommon () #53 0x92dcd0ee in BlockUntilNextEventMatchingListInMode () #54 0x9326f465 in _DPSNextEvent () #55 0x9326f056 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] () #56 0x00006f96 in ?? () #57 0x93268ddb in -[NSApplication run] () #58 0x9325cd2f in NSApplicationMain () #59 0x0005f7de in ?? () #60 0x0005f6f9 in ?? () (gdb)

Attachments
Add attachment proposed patch, testcase, etc.

Frances Cornwall

Comment 1 2024-04-25 20:29:55 PDT

The assert(substituteFontData == localGlyphBuffer.fontDataAt(0)) is not in Font.cpp.

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Major

Classification Unclassified

Version 420+

Hardware Mac

OS OS X 10.4

Product WebKit

Component New Bugs

Assignee

Nobody

Reported

2007-01-02 22:03 PST

Modified

2024-04-25 20:29 PDT History

CC List

1 user Show

URL

Keywords HasReduction

Depends on

Blocks