NEW 136941
ASSERTION FAILED: !visualMetricsValues.isEmpty() in WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath 
https://bugs.webkit.org/show_bug.cgi?id=136941
Summary ASSERTION FAILED: !visualMetricsValues.isEmpty() in WebCore::SVGTextLayoutEng...
Renata Hodovan
Reported 2014-09-19 01:33:40 PDT
Created attachment 238357 [details] Test case The failing test case: <svg> <text> <tspan style="white-space:pre-wrap;"> <font></font> </tspan> </text> </svg> The backtrace: ASSERTION FAILED: !visualMetricsValues.isEmpty() ../../Source/WebCore/rendering/svg/SVGTextLayoutEngine.cpp(437) : void WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath(WebCore::SVGInlineTextBox*, WebCore::RenderSVGInlineText*, const WebCore::RenderStyle*) 0x00007fffedbf3127 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:329 329 *(int *)(uintptr_t)0xbbadbeef = 0; #0 0x00007fffedbf3127 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:329 #1 0x00007ffff3bf9563 in WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath (this=0x7fffffffa410, textBox=0x7c5870, text=0x890ef0, style=0x986990) at ../../Source/WebCore/rendering/svg/SVGTextLayoutEngine.cpp:437 #2 0x00007ffff3bf8cf2 in WebCore::SVGTextLayoutEngine::layoutInlineTextBox (this=0x7fffffffa410, textBox=0x7c5870) at ../../Source/WebCore/rendering/svg/SVGTextLayoutEngine.cpp:244 #3 0x00007ffff3beedd6 in WebCore::SVGRootInlineBox::layoutCharactersInTextBoxes (this=0xb01540, start=0x995850, characterLayout=...) at ../../Source/WebCore/rendering/svg/SVGRootInlineBox.cpp:110 #4 0x00007ffff3beef2c in WebCore::SVGRootInlineBox::layoutCharactersInTextBoxes (this=0xb01540, start=0xb01540, characterLayout=...) at ../../Source/WebCore/rendering/svg/SVGRootInlineBox.cpp:130 #5 0x00007ffff3beec68 in WebCore::SVGRootInlineBox::computePerCharacterLayoutInformation (this=0xb01540) at ../../Source/WebCore/rendering/svg/SVGRootInlineBox.cpp:91 #6 0x00007ffff396a756 in WebCore::RenderBlockFlow::createLineBoxesFromBidiRuns (this=0x946290, bidiLevel=0x0, bidiRuns=..., end=..., lineInfo=..., verticalPositionCache=..., trailingSpaceRun=0x8b0460, wordMeasurements=...) at ../../Source/WebCore/rendering/RenderBlockLineLayout.cpp:951 #7 0x00007ffff396b632 in WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange (this=0x946290, layoutState=..., resolver=..., cleanLineStart=..., cleanLineBidiStatus=..., consecutiveHyphenatedLines=0x0) at ../../Source/WebCore/rendering/RenderBlockLineLayout.cpp:1131 #8 0x00007ffff396aca3 in WebCore::RenderBlockFlow::layoutRunsAndFloats (this=0x946290, layoutState=..., hasInlineChild=0x1) at ../../Source/WebCore/rendering/RenderBlockLineLayout.cpp:1031 #9 0x00007ffff396d520 in WebCore::RenderBlockFlow::layoutLineBoxes (this=0x946290, relayoutChildren=0x1, repaintLogicalTop=..., repaintLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockLineLayout.cpp:1448 #10 0x00007ffff394e2d4 in WebCore::RenderBlockFlow::layoutInlineChildren (this=0x946290, relayoutChildren=0x1, repaintLogicalTop=..., repaintLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:653 #11 0x00007ffff3bcfa92 in WebCore::RenderSVGText::layout (this=0x946290) at ../../Source/WebCore/rendering/svg/RenderSVGText.cpp:415 #12 0x00007ffff3bdcd98 in WebCore::SVGRenderSupport::layoutChildren (start=..., selfNeedsLayout=0x1) at ../../Source/WebCore/rendering/svg/SVGRenderSupport.cpp:274 #13 0x00007ffff3bc752a in WebCore::RenderSVGRoot::layout (this=0xb028b0) at ../../Source/WebCore/rendering/svg/RenderSVGRoot.cpp:179 #14 0x00007ffff38ed18f in WebCore::RenderElement::layoutIfNeeded (this=0xb028b0) at ../../Source/WebCore/rendering/RenderElement.h:102 #15 0x00007ffff396d4de in WebCore::RenderBlockFlow::layoutLineBoxes (this=0xabc9e0, relayoutChildren=0x1, repaintLogicalTop=..., repaintLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockLineLayout.cpp:1446 #16 0x00007ffff394e2d4 in WebCore::RenderBlockFlow::layoutInlineChildren (this=0xabc9e0, relayoutChildren=0x1, repaintLogicalTop=..., repaintLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:653 #17 0x00007ffff394d5ca in WebCore::RenderBlockFlow::layoutBlock (this=0xabc9e0, relayoutChildren=0x1, pageLogicalHeight=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:484 #18 0x00007ffff392285f in WebCore::RenderBlock::layout (this=0xabc9e0) at ../../Source/WebCore/rendering/RenderBlock.cpp:1019 #19 0x00007ffff394e6b0 in WebCore::RenderBlockFlow::layoutBlockChild (this=0x8af240, child=..., marginInfo=..., previousFloatLogicalBottom=..., maxFloatLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:712 #20 0x00007ffff394e1d1 in WebCore::RenderBlockFlow::layoutBlockChildren (this=0x8af240, relayoutChildren=0x1, maxFloatLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:633 #21 0x00007ffff394d5ee in WebCore::RenderBlockFlow::layoutBlock (this=0x8af240, relayoutChildren=0x1, pageLogicalHeight=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:486 #22 0x00007ffff392285f in WebCore::RenderBlock::layout (this=0x8af240) at ../../Source/WebCore/rendering/RenderBlock.cpp:1019 #23 0x00007ffff394e6b0 in WebCore::RenderBlockFlow::layoutBlockChild (this=0x8ab010, child=..., marginInfo=..., previousFloatLogicalBottom=..., maxFloatLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:712 #24 0x00007ffff394e1d1 in WebCore::RenderBlockFlow::layoutBlockChildren (this=0x8ab010, relayoutChildren=0x1, maxFloatLogicalBottom=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:633 #25 0x00007ffff394d5ee in WebCore::RenderBlockFlow::layoutBlock (this=0x8ab010, relayoutChildren=0x1, pageLogicalHeight=...) at ../../Source/WebCore/rendering/RenderBlockFlow.cpp:486 #26 0x00007ffff392285f in WebCore::RenderBlock::layout (this=0x8ab010) at ../../Source/WebCore/rendering/RenderBlock.cpp:1019 #27 0x00007ffff3b1aaa9 in WebCore::RenderView::layoutContent (this=0x8ab010, state=...) at ../../Source/WebCore/rendering/RenderView.cpp:230 #28 0x00007ffff3b1b179 in WebCore::RenderView::layout (this=0x8ab010) at ../../Source/WebCore/rendering/RenderView.cpp:355 #29 0x00007ffff369240f in WebCore::FrameView::layout (this=0x85a9d0, allowSubtree=0x1) at ../../Source/WebCore/page/FrameView.cpp:1301 #30 0x00007ffff30613d5 in WebCore::Document::implicitClose (this=0x80a080) at ../../Source/WebCore/dom/Document.cpp:2441 #31 0x00007ffff3540b63 in WebCore::FrameLoader::checkCallImplicitClose (this=0x88c668) at ../../Source/WebCore/loader/FrameLoader.cpp:898 #32 0x00007ffff35408cb in WebCore::FrameLoader::checkCompleted (this=0x88c668) at ../../Source/WebCore/loader/FrameLoader.cpp:844 #33 0x00007ffff3540634 in WebCore::FrameLoader::finishedParsing (this=0x88c668) at ../../Source/WebCore/loader/FrameLoader.cpp:764 #34 0x00007ffff3069e57 in WebCore::Document::finishedParsing (this=0x80a080) at ../../Source/WebCore/dom/Document.cpp:4524 #35 0x00007ffff33bd667 in WebCore::HTMLConstructionSite::finishedParsing (this=0x85bc08) at ../../Source/WebCore/html/parser/HTMLConstructionSite.cpp:395 #36 0x00007ffff33fb1dd in WebCore::HTMLTreeBuilder::finished (this=0x85bbf0) at ../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2997 #37 0x00007ffff33c60d0 in WebCore::HTMLDocumentParser::end (this=0xa44ac0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:439 #38 0x00007ffff33c61bb in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd (this=0xa44ac0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:450 #39 0x00007ffff33c4c69 in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0xa44ac0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:165 #40 0x00007ffff33c61fe in WebCore::HTMLDocumentParser::attemptToEnd (this=0xa44ac0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:462 #41 0x00007ffff33c62b5 in WebCore::HTMLDocumentParser::finish (this=0xa44ac0) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:490 #42 0x00007ffff35322d1 in WebCore::DocumentWriter::end (this=0x949a10) at ../../Source/WebCore/loader/DocumentWriter.cpp:246 #43 0x00007ffff351d9ad in WebCore::DocumentLoader::finishedLoading (this=0x949970, finishTime=0) at ../../Source/WebCore/loader/DocumentLoader.cpp:441 #44 0x00007ffff351d716 in WebCore::DocumentLoader::notifyFinished (this=0x949970, resource=0x8a7910) at ../../Source/WebCore/loader/DocumentLoader.cpp:375 #45 0x00007ffff35d47c4 in WebCore::CachedResource::checkNotify (this=0x8a7910) at ../../Source/WebCore/loader/cache/CachedResource.cpp:347 #46 0x00007ffff35d48ce in WebCore::CachedResource::finishLoading (this=0x8a7910) at ../../Source/WebCore/loader/cache/CachedResource.cpp:363 #47 0x00007ffff35d11f4 in WebCore::CachedRawResource::finishLoading (this=0x8a7910, data=0xac14f0) at ../../Source/WebCore/loader/cache/CachedRawResource.cpp:101 #48 0x00007ffff3580a50 in WebCore::SubresourceLoader::didFinishLoading (this=0x8a7e80, finishTime=0) at ../../Source/WebCore/loader/SubresourceLoader.cpp:309 #49 0x00007ffff357c73b in WebCore::ResourceLoader::didFinishLoading (this=0x8a7e80, finishTime=0) at ../../Source/WebCore/loader/ResourceLoader.cpp:512 #50 0x00007ffff3eecb0f in WebCore::readCallback (asyncResult=0x81d1a0, data=0x8a4e10) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1302 #51 0x00007fffebac72ea in async_ready_callback_wrapper (source_object=0xa3bb30, res=0x81d1a0, user_data=0x8a4e10) at ginputstream.c:519 #52 0x00007fffebae6ceb in g_task_return_now (task=0x81d1a0) at gtask.c:1108 #53 0x00007fffebae6d09 in complete_in_idle_cb (task=0x81d1a0) at gtask.c:1117 #54 0x00007fffead3d2e6 in g_main_dispatch (context=0x677bb0) at gmain.c:3065 #55 g_main_context_dispatch (context=context@entry=0x677bb0) at gmain.c:3641 #56 0x00007fffead3d638 in g_main_context_iterate (context=0x677bb0, block=block@entry=0x1, dispatch=dispatch@entry=0x1, self=<optimized out>) at gmain.c:3712 #57 0x00007fffead3da3a in g_main_loop_run (loop=0xafe450) at gmain.c:3906 #58 0x00007ffff45e062e in WTF::RunLoop::run () at ../../Source/WTF/wtf/gtk/RunLoopGtk.cpp:59 #59 0x00007ffff2b1c1e2 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=0x2, argv=0x7fffffffd938) at ../../Source/WebKit2/Shared/unix/ChildProcessMain.h:61 #60 0x00007ffff2b1c047 in WebKit::WebProcessMainUnix (argc=0x2, argv=0x7fffffffd938) at ../../Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp:73 #61 0x000000000040080d in main (argc=0x2, argv=0x7fffffffd938) at ../../Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:32
Attachments
Test case (124 bytes, text/html)
2014-09-19 01:33 PDT, Renata Hodovan 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2016-08-03 17:03:24 PDT
Reproduces in r204037.
Radar WebKit Bug Importer
Comment 2 2016-08-03 17:03:49 PDT
<rdar://problem/27689544>
Ahmad Saleem
Comment 4 2022-11-09 17:23:37 PST
*** Bug 202915 has been marked as a duplicate of this bug. ***
Ahmad Saleem
Comment 5 2022-11-09 17:24:04 PST
https://github.com/WebKit/WebKit/pull/6324
Ahmad Saleem
Comment 6 2022-11-26 01:53:22 PST
I tried to fix this in following pull request: https://github.com/WebKit/WebKit/pull/6324 and Chrome / Blink patch 1-1 is not possible because isSVG() is not in RenderElement and I had to use isSVGRoot() or isSVGElement() to make it compile. I think it has pre-requisite so I think it might be not possible to merge right now. We are still hitting this assertion with this testcase in mac-AS-debug-wk2. Just wanted to update. I might come back later in future once I think I have landed any pre-requisite. Thanks!
Darin Adler
Comment 7 2022-12-01 04:56:50 PST
Why did you close the change request?
Darin Adler
Comment 8 2022-12-01 04:57:22 PST
Sorry, I meant: Why did you close the pull request? There’s no comment there that explains why.
Ahmad Saleem
Comment 9 2022-12-01 07:57:29 PST
(In reply to Darin Adler from comment #8) > Sorry, I meant: Why did you close the pull request? There’s no comment there > that explains why. Hi Darin, I added comment 06 and the problem is that: isSVG() is giving build error and when I try to do isSVGRoot() and isSVGElement(), it compiles and builds but fails with same assertion / crash on mac-AS-debug-wk2. So it seems that there is a pre-requisite, which we need and we can't just add 1-1 this patch, which is trying to fix this.
Ahmad Saleem
Comment 10 2023-02-22 11:23:15 PST
(In reply to Ahmad Saleem from comment #9) > (In reply to Darin Adler from comment #8) > > Sorry, I meant: Why did you close the pull request? There’s no comment there > > that explains why. > > Hi Darin, I added comment 06 and the problem is that: > > isSVG() is giving build error and when I try to do isSVGRoot() and > isSVGElement(), it compiles and builds but fails with same assertion / crash > on mac-AS-debug-wk2. So it seems that there is a pre-requisite, which we > need and we can't just add 1-1 this patch, which is trying to fix this. I just tested my PR change in Debug build based of 260676@main in WebKit 2 window and I don’t get assert using attached testcase and also on test case from Chromium / Blink patch, which I got in ‘mac-AS-debug-wk2’, should I do this PR again?
Darin Adler
Comment 11 2023-02-22 22:11:34 PST
Yes, why not? I didn’t study it well enough to be sure, but it seems like it’s likely valuable.
Note You need to log in before you can comment on or make changes to this bug.