Bug 125687

The crashing test: <style> @font-face {} em { font-size:20480rem; } </style> <em>A</em> Backtrace: Program received signal SIGSEGV, Segmentation fault. 0x00007ffff11d43c5 in WebCore::FontGlyphs::determinePitch (this=0x9c9be0, description=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/platform/graphics/FontGlyphs.cpp:82 82 if (!fontData->isSegmented()) (gdb) bt #0 0x00007ffff11d43c5 in WebCore::FontGlyphs::determinePitch (this=0x9c9be0, description=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/platform/graphics/FontGlyphs.cpp:82 #1 0x00007ffff13936af in WebCore::FontGlyphs::isFixedPitch (this=0x9c9be0, description=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/platform/graphics/FontGlyphs.h:115 #2 0x00007ffff1393788 in WebCore::Font::isFixedPitch (this=0x9ce718) at /home/reni2/data/REPOS/webkit/Source/WebCore/platform/graphics/Font.h:333 #3 0x00007ffff139860c in WebCore::BreakingContext::handleText (this=0x7fffffff9b60, wordMeasurements=..., hyphenated=@0x7fffffff9fa8: false, consecutiveHyphenatedLines=@0x7fffffff9cb0: 0) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/line/BreakingContextInlineHeaders.h:667 #4 0x00007ffff139167c in WebCore::LineBreaker::nextSegmentBreak (this=0x7fffffff9fa0, resolver=..., lineInfo=..., renderTextInfo=..., lastFloatFromPreviousLine=0x0, consecutiveHyphenatedLines=0, wordMeasurements=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:2083 #5 0x00007ffff1390f22 in WebCore::LineBreaker::nextLineBreak (this=0x7fffffff9fa0, resolver=..., lineInfo=..., renderTextInfo=..., lastFloatFromPreviousLine=0x0, consecutiveHyphenatedLines=0, wordMeasurements=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:2007 #6 0x00007ffff138d028 in WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange (this=0x96b2a0, layoutState=..., resolver=..., cleanLineStart=..., cleanLineBidiStatus=..., consecutiveHyphenatedLines=0) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1333 #7 0x00007ffff138bafb in WebCore::RenderBlockFlow::layoutRunsAndFloats (this=0x96b2a0, layoutState=..., hasInlineChild=true) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1094 #8 0x00007ffff138f29e in WebCore::RenderBlockFlow::layoutLineBoxes (this=0x96b2a0, relayoutChildren=true, repaintLogicalTop=..., repaintLogicalBottom=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1686 #9 0x00007ffff1372df4 in WebCore::RenderBlockFlow::layoutInlineChildren (this=0x96b2a0, relayoutChildren=true, repaintLogicalTop=..., repaintLogicalBottom=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockFlow.cpp:536 #10 0x00007ffff1372165 in WebCore::RenderBlockFlow::layoutBlock (this=0x96b2a0, relayoutChildren=true, pageLogicalHeight=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockFlow.cpp:361 #11 0x00007ffff1341739 in WebCore::RenderBlock::layout (this=0x96b2a0) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlock.cpp:1323 #12 0x00007ffff13731e0 in WebCore::RenderBlockFlow::layoutBlockChild (this=0x96ac20, child=..., marginInfo=..., previousFloatLogicalBottom=..., maxFloatLogicalBottom=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockFlow.cpp:597 #13 0x00007ffff1372cf9 in WebCore::RenderBlockFlow::layoutBlockChildren (this=0x96ac20, relayoutChildren=true, maxFloatLogicalBottom=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockFlow.cpp:516 #14 0x00007ffff1372189 in WebCore::RenderBlockFlow::layoutBlock (this=0x96ac20, relayoutChildren=true, pageLogicalHeight=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockFlow.cpp:363 #15 0x00007ffff1341739 in WebCore::RenderBlock::layout (this=0x96ac20) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlock.cpp:1323 #16 0x00007ffff13731e0 in WebCore::RenderBlockFlow::layoutBlockChild (this=0x852960, child=..., marginInfo=..., previousFloatLogicalBottom=..., maxFloatLogicalBottom=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockFlow.cpp:597 #17 0x00007ffff1372cf9 in WebCore::RenderBlockFlow::layoutBlockChildren (this=0x852960, relayoutChildren=true, maxFloatLogicalBottom=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockFlow.cpp:516 #18 0x00007ffff1372189 in WebCore::RenderBlockFlow::layoutBlock (this=0x852960, relayoutChildren=true, pageLogicalHeight=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlockFlow.cpp:363 #19 0x00007ffff1341739 in WebCore::RenderBlock::layout (this=0x852960) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderBlock.cpp:1323 #20 0x00007ffff150f0ff in WebCore::RenderView::layoutContent (this=0x852960, state=...) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderView.cpp:158 #21 0x00007ffff150fda3 in WebCore::RenderView::layout (this=0x852960) at /home/reni2/data/REPOS/webkit/Source/WebCore/rendering/RenderView.cpp:344 #22 0x00007ffff10ba9be in WebCore::FrameView::layout (this=0x84f170, allowSubtree=true) at /home/reni2/data/REPOS/webkit/Source/WebCore/page/FrameView.cpp:1261 #23 0x00007ffff0b3b5a5 in WebCore::Document::implicitClose (this=0x987ec0) at /home/reni2/data/REPOS/webkit/Source/WebCore/dom/Document.cpp:2390 #24 0x00007ffff0fa5a8d in WebCore::FrameLoader::checkCallImplicitClose (this=0x820bd8) at /home/reni2/data/REPOS/webkit/Source/WebCore/loader/FrameLoader.cpp:849 #25 0x00007ffff0fa57fe in WebCore::FrameLoader::checkCompleted (this=0x820bd8) at /home/reni2/data/REPOS/webkit/Source/WebCore/loader/FrameLoader.cpp:792 #26 0x00007ffff0fa5533 in WebCore::FrameLoader::finishedParsing (this=0x820bd8) at /home/reni2/data/REPOS/webkit/Source/WebCore/loader/FrameLoader.cpp:725 #27 0x00007ffff0b42c33 in WebCore::Document::finishedParsing (this=0x987ec0) at /home/reni2/data/REPOS/webkit/Source/WebCore/dom/Document.cpp:4377 #28 0x00007ffff0e23ac3 in WebCore::HTMLConstructionSite::finishedParsing (this=0x848398) at /home/reni2/data/REPOS/webkit/Source/WebCore/html/parser/HTMLConstructionSite.cpp:347 #29 0x00007ffff0e5af5a in WebCore::HTMLTreeBuilder::finished (this=0x848380) at /home/reni2/data/REPOS/webkit/Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2933 #30 0x00007ffff0e2ada2 in WebCore::HTMLDocumentParser::end (this=0x91c960) ---Type <return> to continue, or q <return> to quit--- at /home/reni2/data/REPOS/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:749 #31 0x00007ffff0e2ae8d in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd (this=0x91c960) at /home/reni2/data/REPOS/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:760 #32 0x00007ffff0e29a7a in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0x91c960) at /home/reni2/data/REPOS/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:203 #33 0x00007ffff0e2aed2 in WebCore::HTMLDocumentParser::attemptToEnd (this=0x91c960) at /home/reni2/data/REPOS/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:772 #34 0x00007ffff0e2af8b in WebCore::HTMLDocumentParser::finish (this=0x91c960) at /home/reni2/data/REPOS/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:821 #35 0x00007ffff0f976ff in WebCore::DocumentWriter::end (this=0x8fb280) at /home/reni2/data/REPOS/webkit/Source/WebCore/loader/DocumentWriter.cpp:245 #36 0x00007ffff0f8474b in WebCore::DocumentLoader::finishedLoading (this=0x8fb1e0, finishTime=0) at /home/reni2/data/REPOS/webkit/Source/WebCore/loader/DocumentLoader.cpp:408 #37 0x00007ffff0f844b4 in WebCore::DocumentLoader::notifyFinished (this=0x8fb1e0, resource=0x911380) at /home/reni2/data/REPOS/webkit/Source/WebCore/loader/DocumentLoader.cpp:345 #38 0x00007ffff101e780 in WebCore::CachedResource::checkNotify (this=0x911380) at /home/reni2/data/REPOS/webkit/Source/WebCore/loader/cache/CachedResource.cpp:369 #39 0x00007ffff101e856 in WebCore::CachedResource::finishLoading (this=0x911380) at /home/reni2/data/REPOS/webkit/Source/WebCore/loader/cache/CachedResource.cpp:385 #40 0x00007ffff101b2d2 in WebCore::CachedRawResource::finishLoading (this=0x911380, data=0x8db4f0) at /home/reni2/data/REPOS/webkit/Source/WebCore/loader/cache/CachedRawResource.cpp:94 #41 0x00007ffff0fd9325 in WebCore::SubresourceLoader::didFinishLoading (this=0x9118f0, finishTime=0) at /home/reni2/data/REPOS/webkit/Source/WebCore/loader/SubresourceLoader.cpp:279 #42 0x00007ffff0fd561b in WebCore::ResourceLoader::didFinishLoading (this=0x9118f0, finishTime=0) at /home/reni2/data/REPOS/webkit/Source/WebCore/loader/ResourceLoader.cpp:487 #43 0x00007ffff1cfdd6f in WebCore::readCallback (asyncResult=0x9169b0, data=0x909d10) at /home/reni2/data/REPOS/webkit/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1345 #44 0x00007fffe7de8b49 in async_ready_callback_wrapper (source_object=0x69a980, res=0x9169b0, user_data=0x909d10) at ginputstream.c:530 #45 0x00007fffe7e0ac9b in g_task_return_now (task=0x9169b0) at gtask.c:1105 #46 0x00007fffe7e0acb9 in complete_in_idle_cb (task=0x9169b0) at gtask.c:1114 #47 0x00007fffed5c5f15 in g_main_dispatch (context=0x916480) at gmain.c:3054 #48 g_main_context_dispatch (context=context@entry=0x916480) at gmain.c:3630 #49 0x00007ffff7549d0b in _ecore_glib_select__locked (ecore_timeout=0x7fff00000001, efds=<optimized out>, wfds=0x7fffffffc8a0, rfds=0x7fffffffc820, ecore_fds=10, ctx=<optimized out>) at ecore_glib.c:171 #50 _ecore_glib_select (ecore_fds=10, rfds=0x7fffffffc820, wfds=0x7fffffffc8a0, efds=<optimized out>, ecore_timeout=0x7fff00000001) at ecore_glib.c:205 #51 0x00007ffff7543e97 in _ecore_main_select (timeout=timeout@entry=0) at ecore_main.c:1466 #52 0x00007ffff7544991 in _ecore_main_loop_iterate_internal (once_only=once_only@entry=0) at ecore_main.c:1860 #53 0x00007ffff7544d57 in ecore_main_loop_begin () at ecore_main.c:956 #54 0x0000000000406d72 in main (argc=2, argv=0x7fffffffdd28) at /home/reni2/data/REPOS/webkit/Tools/EWebLauncher/main.c:1044