124002 – Simple line layout crashes with SVG fonts

Bug 124002 - Simple line layout crashes with SVG fonts

Summary: Simple line layout crashes with SVG fonts

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Layout and Rendering (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2013-11-07 11:14 PST by Antti Koivisto
Modified:	2013-11-07 11:43 PST (History)
CC List:	9 users (show)

See Also:

Attachments
patch (8.90 KB, patch) 2013-11-07 11:21 PST, Antti Koivisto	simon.fraser: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Antti Koivisto 2013-11-07 11:14:11 PST

1 com.apple.WebCore              0x109b9c0e0 WebCore::applyFontTransforms(WebCore::GlyphBuffer*, bool, int&, WebCore::SimpleFontData const*, WebCore::WidthIterator&, unsigned int, WTF::Vector<std::__1::pair<int, WebCore::OriginalAdvancesForCharacterTreatedAsSpace>, 64ul, WTF::CrashOnOverflow>&) + 0xe0
   2 com.apple.WebCore              0x109079539 unsigned int WebCore::WidthIterator::advanceInternal<WebCore::Latin1TextIterator>(WebCore::Latin1TextIterator&, WebCore::GlyphBuffer*) + 0xe79
   3 com.apple.WebCore              0x108f6b042 WebCore::WidthIterator::advance(int, WebCore::GlyphBuffer*) + 0x52
   4 com.apple.WebCore              0x108f6abb5 WebCore::Font::floatWidthForSimpleText(WebCore::TextRun const&, WTF::HashSet<WebCore::SimpleFontData const*, WTF::PtrHash<WebCore::SimpleFontData const*>, WTF::HashTraits<WebCore::SimpleFontData const*> >*, WebCore::GlyphOverflow*) const + 0xe5
   5 com.apple.WebCore              0x108f6a815 WebCore::Font::width(WebCore::TextRun const&, WTF::HashSet<WebCore::SimpleFontData const*, WTF::PtrHash<WebCore::SimpleFontData const*>, WTF::HashTraits<WebCore::SimpleFontData const*> >*, WebCore::GlyphOverflow*) const + 0x195
   6 com.apple.WebCore              0x10993f57e WebCore::SimpleLineLayout::textWidth(WebCore::RenderText const&, unsigned int, unsigned int, float, WebCore::RenderStyle const&) + 0x18e
   7 com.apple.WebCore              0x10993ee9c WebCore::SimpleLineLayout::create(WebCore::RenderBlockFlow&) + 0x46c
   8 com.apple.WebCore              0x109bd50a8 WebCore::RenderBlockFlow::layoutSimpleLines(WebCore::LayoutUnit&, WebCore::LayoutUnit&) + 0x28

Comment 1 Antti Koivisto 2013-11-07 11:15:06 PST

<rdar://problem/15359245>

Comment 2 Antti Koivisto 2013-11-07 11:21:16 PST

Created attachment 216318 [details]
patch

Comment 3 Simon Fraser (smfr) 2013-11-07 11:38:42 PST

Comment on attachment 216318 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=216318&action=review

> LayoutTests/fast/text/svg-font-simple-line-crash.html:5
> +        testRunner.waitUntilDone();
> +        setTimeout(function () { testRunner.notifyDone(); }, 100);

Boo.

Comment 4 Antti Koivisto 2013-11-07 11:43:33 PST

http://trac.webkit.org/changeset/158860