42136 2010-07-12 21:19:55 -0700 Windows: crash with text-rendering: optimizeLegibility; and margin specified in 'ex'. 2010-07-13 18:34:53 -0700 1 1 1 Unclassified WebKit CSS 528+ (Nightly build) PC All RESOLVED DUPLICATE 41585 P2 Critical --- 0 phiw2 webkit-unassigned mitz oldest_to_newest 250280 0 61319 phiw2 2010-07-12 21:19:55 -0700 Created attachment 61319 test case that crashes Specifying 'text-rendering: optimizeLegibility;' on a block-level element (<p>) causes Safari 5 to crash when the block element has margins specified with the 'ex' unit. Like this: p, dt, dd, li {text-rendering: optimizeLegibility;} p {margin: .5ex 0 0;} If 'text-rendering: optimizeLegibility;' is specified on the root element or the parent block, the crash doesn't happen. This has been repro'd on XP and Vista. 250282 1 phiw2 2010-07-12 21:24:03 -0700 Hmm, while attaching the test case (using OS X 10.6.4), QuickLook crashed while trying to preview the testcase (in the file selector dialog). 0 com.apple.WebCore 0x00007fff83397248 WebCore::CSSPrimitiveValue::computeLengthDouble(WebCore::RenderStyle*, WebCore::RenderStyle*, double, bool) + 376 1 com.apple.WebCore 0x00007fff8339707b WebCore::CSSPrimitiveValue::computeLengthIntForLength(WebCore::RenderStyle*, WebCore::RenderStyle*, double) + 11 2 com.apple.WebCore 0x00007fff8331d4ab WebCore::CSSStyleSelector::applyProperty(int, WebCore::CSSValue*) + 34811 3 com.apple.WebCore 0x00007fff8333118b void WebCore::CSSStyleSelector::applyDeclarations<false>(bool, int, int) + 171 4 com.apple.WebCore 0x00007fff83313634 WebCore::CSSStyleSelector::styleForElement(WebCore::Element*, WebCore::RenderStyle*, bool, bool, bool) + 2644 5 com.apple.WebCore 0x00007fff832ff902 WebCore::Node::styleForRenderer() + 82 6 com.apple.WebCore 0x00007fff832ff77f WebCore::Node::createRendererIfNeeded() + 143 7 com.apple.WebCore 0x00007fff832ff600 WebCore::Element::attach() + 32 250844 2 phiw2 2010-07-13 17:20:14 -0700 1. I reported comment 1 as rdar://8183959 2. various people have commented to me that this also crashes Safari 5 on OS X and Chrome5 on Linux. 3. latest webkit builds appear imune to this crash (OS X 10.6.4 & Win 7) 250898 3 mitz 2010-07-13 18:34:53 -0700 *** This bug has been marked as a duplicate of bug 41585 *** 61319 2010-07-12 21:19:55 -0700 2010-07-12 21:19:55 -0700 test case that crashes c.html text/html 551 phiw2 PCFkb2N0eXBlIGh0bWw+CjxodG1sIGxhbmc9ImVuIj4KPGhlYWQ+CjxtZXRhIGNoYXJzZXQ9InV0 Zi04Ij4KPHRpdGxlPnRlc3Q6IGNyYXNoIHdpdGggb3B0aW1pemVMZWdpYmlsaXR5PC90aXRsZT4K CjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+Cmh0bWwgewoJY29sb3I6IHJnYigxMCwxMCwxMCk7Cglt YXJnaW46IDA7CgliYWNrZ3JvdW5kOiByZ2IoMjMwLDIzMCwyMzApOwoJfQoKcCwgZHQsIGRkLCBs aSB7dGV4dC1yZW5kZXJpbmc6IG9wdGltaXplTGVnaWJpbGl0eTt9CgpwIHttYXJnaW46IC41ZXgg MCAwO30KCjwvc3R5bGU+Cgo8L2hlYWQ+Cgo8Ym9keT4KPHA+TG9yZW0gaXBzdW0gZG9sb3Igc2l0 IGFtZXQsIGNvbnNlY3RldHVlciBhZGlwaXNjaW5nIGVsaXQuIE51bGxhIGVnZXN0YXMuIEludGVn ZXIgdWxsYW1jb3JwZXIuPC9wPgoKPGhyPgoKPHVsPjxsaT5bIDxzcGFuPmFib3V0IHNvbWV0aGlu Zzwvc3Bhbj4gXTwvbGk+PGxpPlsgZGVzaWducG9ydGZvbGlvIOKAlCDjg5vjg7zjg6Djg5rjg7zj grjliLbkvZwgXTwvbGk+PC91bD4KCgo8L2JvZHk+CjwvaHRtbD4=