Bug 14221 - Repro crash (ASSERTION FAILED: oldText in RenderBlock::updateFirstLetter() during relayout of :before content with first-letter style)
Summary: Repro crash (ASSERTION FAILED: oldText in RenderBlock::updateFirstLetter() du...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Layout and Rendering (show other bugs)
Version: 523.x (Safari 3)
Hardware: Mac OS X 10.4
: P1 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-06-18 14:10 PDT by mitz
Modified: 2007-07-08 02:56 PDT (History)
0 users

See Also:


Attachments
Test case (312 bytes, text/html)
2007-06-18 14:10 PDT, mitz
no flags Details
Avoid updating the style of first-letter containers when updating 'before' content (36.21 KB, patch)
2007-07-07 07:08 PDT, mitz
darin: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description mitz 2007-06-18 14:10:04 PDT
ASSERTION FAILED: oldText
(/WebKit/WebCore/rendering/RenderBlock.cpp:4123 virtual void WebCore::RenderBlock::updateFirstLetter())

To reproduce the bug, open the test case with a debug build and click the Test button.
Comment 1 mitz 2007-06-18 14:10:35 PDT
Created attachment 15108 [details]
Test case
Comment 2 mitz 2007-06-18 14:14:14 PDT
Changing to P1 since release builds eventually crash when destroying the page.
Comment 3 mitz 2007-06-18 15:37:55 PDT
The actual bug is that RenderContainer::updateBeforeAfterContentForContainer() doesn't know how to update the old content's style if it also has a first-letter pseudo-element style. The update loops assumes that the children of the before/after generated content container are either text renderers or images, and that they all have the BEFORE or AFTER style type.
Comment 4 mitz 2007-07-07 07:08:49 PDT
Created attachment 15431 [details]
Avoid updating the style of first-letter containers when updating 'before' content

Includes change log and layout test.

This patch does not address the fact that 'before' content is always nested so with non-layout style changes you still get bug 14550, but no crash.
Comment 5 Darin Adler 2007-07-07 12:50:45 PDT
Comment on attachment 15431 [details]
Avoid updating the style of first-letter containers when updating 'before' content

r=me
Comment 6 Mark Rowe (bdash) 2007-07-08 02:56:37 PDT
Landed in r24094.