Browser simply just chokes and crashes while evaluating the total length of a specific path. I've tried to remove certain points from the path to try and break down the issue. It works on every other browser I've tested so far. Refactored my code to avoid using getTotalLength(). My guess is an infinite loop. Stack overflow example here: https://stackoverflow.com/questions/44055554/svgpath-gettotallength-crashes-safari-on-particular-path Example code: var myPath = document.getElementById("word"); var length = myPath.getTotalLength(); alert(length); <svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 5000 5000" xml:space="preserve"> <path id="word" stroke="#000000" fill="none" stroke-width="20" d="M3045.44,2522.588c-0.73,0.432-1.927,0.575-2.438,0.568 c-1.12-0.01-4.15-0.989-5.847-0.917c-0.543,0.021,0.176-0.286,0.355-0.343c1.537-0.473,5.494-1.193,7.539-0.701 C3046.408,2521.523,3046.107,2522.196,3045.44,2522.588z"/> </svg>
<rdar://problem/32866731>
I cannot reproduce a crash, looks like a permanent freeze.
Created attachment 313413 [details] Testcase (this will cause a hang)
Stuck under: 1699 WebCore::SVGPathParser::parseCurveToCubicSegment() (in WebCore) + 222 [0x109c2c80e] 1699 WebCore::SVGPathTraversalStateBuilder::curveToCubic(WebCore::FloatPoint const&, WebCore::FloatPoint const&, WebCore::FloatPoint const&, WebCore::PathCoordinateMode) (in WebCore) + 62 [0x10ac65ede] 1699 WebCore::PathTraversalState::processPathElement(WebCore::PathElementType, WebCore::FloatPoint const*) (in WebCore) + 101 [0x10a8cd2c5] 1699 WebCore::PathTraversalState::appendPathElement(WebCore::PathElementType, WebCore::FloatPoint const*) (in WebCore) + 151 [0x10a8cd1f7] 1699 WebCore::PathTraversalState::cubicBezierTo(WebCore::FloatPoint const&, WebCore::FloatPoint const&, WebCore::FloatPoint const&) (in WebCore) + 390,383,... [0x10a8cce16,0x10a8cce0f,...]
(In reply to Alexey Proskuryakov from comment #2) > I cannot reproduce a crash, looks like a permanent freeze. Yes, sorry poor choice of working there. There is no crash- it's just completely stalled.
In curveLength(), length = curve.approximateDistance(); is 0, so we never make progress.
Actually length is just small value, but after the split, leftCurve is empty, and rightCurve is the same as the original curve, so we make no progress.
(lldb) p curve (WebCore::CubicBezier) $6 = { start = (m_x = 3036.95605, m_y = 2522.19727) control1 = (m_x = 3036.95605, m_y = 2522.19727) control2 = (m_x = 3036.95581, m_y = 2522.19727) end = (m_x = 3036.95581, m_y = 2522.19702) } (lldb) p leftCurve (WebCore::CubicBezier) $7 = { start = (m_x = 3036.95605, m_y = 2522.19727) control1 = (m_x = 3036.95605, m_y = 2522.19727) control2 = (m_x = 3036.95605, m_y = 2522.19727) end = (m_x = 3036.95605, m_y = 2522.19727) } (lldb) p rightCurve (WebCore::CubicBezier) $8 = { start = (m_x = 3036.95605, m_y = 2522.19727) control1 = (m_x = 3036.95605, m_y = 2522.19727) control2 = (m_x = 3036.95581, m_y = 2522.19727) end = (m_x = 3036.95581, m_y = 2522.19702) } In floats, (3036.95605 + 3036.95581) / 2.0f == 3036.95605 so split() returns a curve that matches the original.
Created attachment 313467 [details] Possible patch, needs test case.
Attachment 313467 [details] did not pass style-queue: ERROR: Source/WebCore/ChangeLog:8: You should remove the 'No new tests' and either add and list tests, or explain why no new tests were possible. [changelog/nonewtests] [5] Total errors found: 1 in 2 files If any of these errors are false positives, please file a bug against check-webkit-style.
Created attachment 313545 [details] Patch
Comment on attachment 313545 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=313545&action=review > Source/WebCore/platform/graphics/PathTraversalState.cpp:52 > + bool operator ==(const QuadraticBezier& rhs) Nit: operator==
https://trac.webkit.org/r218648