Bug 260220

Summary:	parent-style-relative-units.html crashes due to unhandled CSS_LHS
Product:	WebKit	Reporter:	Matt Woodrow <mattwoodrow>
Component:	Text	Assignee:	Nobody <webkit-unassigned>
Status:	NEW
Severity:	Normal	CC:	ben_schwartz, mmaxfield, webkit-bot-watchers-bugzilla, webkit-bug-importer
Priority:	P2	Keywords:	InRadar
Version:	WebKit Nightly Build
Hardware:	Unspecified
OS:	Unspecified

Matt Woodrow

Reported 2023-08-15 14:10:38 PDT

This test is setting the font size using a multiple of 'lh', and CSSPrimitiveValue::computeUnzoomedNonCalcLengthDouble doesn't handle CSS_LHS sizes.

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2023-08-15 14:13:24 PDT

<rdar://problem/113927760>

Ben Schwartz

Comment 2 2023-08-15 14:15:02 PDT

Here's the bot-watcher check-in that I created, for reference. ____ imported/w3c/web-platform-tests/html/canvas/element/text/parent-style-relative-units.html This test is a constant crash on debug builds, all platforms. HISTORY: https://results.webkit.org/?suite=layout-tests&test=imported%2Fw3c%2Fweb-platform-tests%2Fhtml%2Fcanvas%2Felement%2Ftext%2Fparent-style-relative-units.html CRASH LOG / STDERR TEXT (sample): SHOULD NEVER BE REACHED /Volumes/Data/worker/Apple-Ventura-Debug-Build/build/Source/WebCore/css/CSSPrimitiveValue.cpp(712) : static double WebCore::CSSPrimitiveValue::computeUnzoomedNonCalcLengthDouble(WebCore::CSSUnitType, double, WebCore::CSSPropertyID, const WebCore::FontMetrics *, const WebCore::FontCascadeDescription *, const WebCore::FontCascadeDescription *, const WebCore::RenderView *) 1 0x1188e51d8 WTFCrash 2 0x1259ea380 WebCore::NetworkResourcesData::ResourceData::hasContent() const 3 0x124c86980 WebCore::CSSPrimitiveValue::computeUnzoomedNonCalcLengthDouble(WebCore::CSSUnitType, double, WebCore::CSSPropertyID, WebCore::FontMetrics const*, WebCore::FontCascadeDescription const*, WebCore::FontCascadeDescription const*, WebCore::RenderView const*) ... CRASH LOG URL: https://build.webkit.org/results/Apple-Ventura-Debug-AppleSilicon-WK1-Tests/266915@main%20(3181)/imported/w3c/web-platform-tests/html/canvas/element/text/parent-style-relative-units-crash-log.txt REPRODUCIBILITY: I was able to reproduce this bug on macOS Ventura wk2 debug ToT running the test as follows: run-webkit-tests --debug --iterations 5 --verbose imported/w3c/web-platform-tests/html/canvas/element/text/parent-style-relative-units.html REGRESSION: This bug started with a WPT test import batch at 266711@main.

EWS

Comment 3 2023-08-15 14:46:11 PDT

Test gardening commit 266926@main (1705f9ac717a): <https://commits.webkit.org/266926@main> Reviewed commits have been landed. Closing PR #16720 and removing active labels.

Ben Schwartz

Comment 4 2023-08-15 16:54:19 PDT

I have skipped this test while the issue is being investigated. (PR link: https://github.com/WebKit/WebKit/pull/16720)

Note You need to log in before you can comment on or make changes to this bug.