Bug 35080 - fast/css/font-face-opentype.html crashing on GTK bots
Summary: fast/css/font-face-opentype.html crashing on GTK bots
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKitGTK (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC OS X 10.5
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-02-18 01:45 PST by Philippe Normand
Modified: 2010-10-04 10:53 PDT (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Philippe Normand 2010-02-18 01:45:44 PST
(gdb) bt
#0  0x00007ffff1955093 in FcPatternObjectPosition (p=0x0, object=34) at fcpat.c:333
#1  FcPatternObjectFindElt (p=0x0, object=34) at fcpat.c:334
#2  0x00007ffff1955130 in FcPatternObjectGet (p=0x0, object=34, id=0, v=0x7fffffffad60) at fcpat.c:728
#3  0x00007ffff1952cd1 in IA__FcFontSetSort (config=<value optimized out>, sets=0x7fffffffadf0, 
    nsets=<value optimized out>, p=0x0, trim=1, csp=0x0, result=0x7fffffffae7c) at fcmatch.c:692
#4  0x00007ffff19532bf in IA__FcFontSort (config=0x0, p=<value optimized out>, trim=<value optimized out>, 
    csp=0x0, result=<value optimized out>) at fcmatch.c:836
#5  0x00007ffff670a16e in WebCore::FontCache::getFontDataForCharacters (this=0x6ee630, font=..., 
    characters=0x7fffffffafe0, length=1) at ../../WebCore/platform/graphics/gtk/FontCacheGtk.cpp:43
#6  0x00007ffff636a11d in WebCore::Font::glyphDataForCharacter (this=0xd17e90, c=39, mirror=false, 
    forceSmallCaps=false) at ../../WebCore/platform/graphics/FontFastPath.cpp:145
#7  0x00007ffff6386ef7 in WebCore::WidthIterator::advance (this=0x7fffffffb190, offset=1, glyphBuffer=0x0)
    at ../../WebCore/platform/graphics/WidthIterator.cpp:116
#8  0x00007ffff636a8e4 in WebCore::Font::floatWidthForSimpleText (this=0xd17e90, run=..., glyphBuffer=0x0, 
    fallbackFonts=0x0) at ../../WebCore/platform/graphics/FontFastPath.cpp:320
#9  0x00007ffff635afba in WebCore::Font::floatWidth (this=0xd17e90, run=..., fallbackFonts=0x7fffffffb410)
    at ../../WebCore/platform/graphics/Font.cpp:197
#10 0x00007ffff6163d63 in WebCore::Font::width (this=0xd17e90, run=..., fallbackFonts=0x7fffffffb410)
    at ../../WebCore/platform/graphics/Font.h:84
#11 0x00007ffff64c9bac in WebCore::RenderText::widthFromCache (this=0xd19278, f=..., start=0, len=1, xPos=0, 
    fallbackFonts=0x7fffffffb410) at ../../WebCore/rendering/RenderText.cpp:467
#12 0x00007ffff64c72c0 in WebCore::RenderText::calcPrefWidths (this=0xd19278, leadWidth=0, fallbackFonts=...)
    at ../../WebCore/rendering/RenderText.cpp:683
#13 0x00007ffff64c6cbb in WebCore::RenderText::calcPrefWidths (this=0xd19278, leadWidth=0)
    at ../../WebCore/rendering/RenderText.cpp:581
#14 0x00007ffff64c6c72 in WebCore::RenderText::maxPrefWidth (this=0xd19278)
    at ../../WebCore/rendering/RenderText.cpp:573
#15 0x00007ffff64c8d88 in WebCore::RenderText::width (this=0xd19278, from=0, len=1, f=..., xPos=0, 
    fallbackFonts=0x0) at ../../WebCore/rendering/RenderText.cpp:1117
#16 0x00007ffff642f92d in textWidth (text=0xd19278, from=0, len=1, font=..., xPos=0, isFixedPitch=false, 
    collapseWhiteSpace=true) at ../../WebCore/rendering/RenderBlockLineLayout.cpp:1295
#17 0x00007ffff643167a in WebCore::RenderBlock::findNextLineBreak (this=0xd19488, resolver=..., 
    firstLine=true, isLineEmpty=@0x7fffffffbd25, previousLineBrokeCleanly=@0x7fffffffbd29, 
    clear=0x7fffffffbcb4) at ../../WebCore/rendering/RenderBlockLineLayout.cpp:1758
#18 0x00007ffff642c818 in WebCore::RenderBlock::layoutInlineChildren (this=0xd19488, relayoutChildren=false, 
    repaintTop=@0x7fffffffbe6c, repaintBottom=@0x7fffffffbe68)
    at ../../WebCore/rendering/RenderBlockLineLayout.cpp:663
#19 0x00007ffff64018cb in WebCore::RenderBlock::layoutBlock (this=0xd19488, relayoutChildren=false)
    at ../../WebCore/rendering/RenderBlock.cpp:738
#20 0x00007ffff64013a9 in WebCore::RenderBlock::layout (this=0xd19488)
    at ../../WebCore/rendering/RenderBlock.cpp:664
#21 0x00007ffff64044f2 in WebCore::RenderBlock::layoutBlockChild (this=0xd006a8, child=0xd19488, 
    marginInfo=..., previousFloatBottom=@0x7fffffffc0d4, maxFloatBottom=@0x7fffffffc1f4)
    at ../../WebCore/rendering/RenderBlock.cpp:1359
#22 0x00007ffff64040f2 in WebCore::RenderBlock::layoutBlockChildren (this=0xd006a8, relayoutChildren=false, 
    maxFloatBottom=@0x7fffffffc1f4) at ../../WebCore/rendering/RenderBlock.cpp:1302
#23 0x00007ffff64018e9 in WebCore::RenderBlock::layoutBlock (this=0xd006a8, relayoutChildren=false)
    at ../../WebCore/rendering/RenderBlock.cpp:740
#24 0x00007ffff64013a9 in WebCore::RenderBlock::layout (this=0xd006a8)
    at ../../WebCore/rendering/RenderBlock.cpp:664
#25 0x00007ffff64044f2 in WebCore::RenderBlock::layoutBlockChild (this=0xcf6ae8, child=0xd006a8, 
    marginInfo=..., previousFloatBottom=@0x7fffffffc464, maxFloatBottom=@0x7fffffffc584)
    at ../../WebCore/rendering/RenderBlock.cpp:1359
#26 0x00007ffff64040f2 in WebCore::RenderBlock::layoutBlockChildren (this=0xcf6ae8, relayoutChildren=false, 
    maxFloatBottom=@0x7fffffffc584) at ../../WebCore/rendering/RenderBlock.cpp:1302
#27 0x00007ffff64018e9 in WebCore::RenderBlock::layoutBlock (this=0xcf6ae8, relayoutChildren=false)
    at ../../WebCore/rendering/RenderBlock.cpp:740
#28 0x00007ffff64013a9 in WebCore::RenderBlock::layout (this=0xcf6ae8)
    at ../../WebCore/rendering/RenderBlock.cpp:664
#29 0x00007ffff64044f2 in WebCore::RenderBlock::layoutBlockChild (this=0x70e688, child=0xcf6ae8, 
    marginInfo=..., previousFloatBottom=@0x7fffffffc7f4, maxFloatBottom=@0x7fffffffc914)
    at ../../WebCore/rendering/RenderBlock.cpp:1359
#30 0x00007ffff64040f2 in WebCore::RenderBlock::layoutBlockChildren (this=0x70e688, relayoutChildren=false, 
    maxFloatBottom=@0x7fffffffc914) at ../../WebCore/rendering/RenderBlock.cpp:1302
---Type <return> to continue, or q <return> to quit---
#31 0x00007ffff64018e9 in WebCore::RenderBlock::layoutBlock (this=0x70e688, relayoutChildren=false)
    at ../../WebCore/rendering/RenderBlock.cpp:740
#32 0x00007ffff64013a9 in WebCore::RenderBlock::layout (this=0x70e688)
    at ../../WebCore/rendering/RenderBlock.cpp:664
#33 0x00007ffff64da058 in WebCore::RenderView::layout (this=0x70e688)
    at ../../WebCore/rendering/RenderView.cpp:122
#34 0x00007ffff62d9e4b in WebCore::FrameView::layout (this=0x71f5f0, allowSubtree=true)
    at ../../WebCore/page/FrameView.cpp:682
#35 0x00007ffff602982c in WebCore::Document::implicitClose (this=0xcf7230)
    at ../../WebCore/dom/Document.cpp:1852
#36 0x00007ffff62623d4 in WebCore::FrameLoader::checkCallImplicitClose (this=0x7238b0)
    at ../../WebCore/loader/FrameLoader.cpp:1184
#37 0x00007ffff62621c5 in WebCore::FrameLoader::checkCompleted (this=0x7238b0)
    at ../../WebCore/loader/FrameLoader.cpp:1132
#38 0x00007ffff6262002 in WebCore::FrameLoader::loadDone (this=0x7238b0)
    at ../../WebCore/loader/FrameLoader.cpp:1084
#39 0x00007ffff62425e7 in WebCore::DocLoader::setLoadInProgress (this=0x71c7c0, load=false)
    at ../../WebCore/loader/DocLoader.cpp:335
#40 0x00007ffff629c59f in WebCore::Loader::Host::didFinishLoading (this=0x69ff10, loader=0xd77050)
    at ../../WebCore/loader/loader.cpp:403
#41 0x00007ffff628a9e3 in WebCore::SubresourceLoader::didFinishLoading (this=0xd77050)
    at ../../WebCore/loader/SubresourceLoader.cpp:184
#42 0x00007ffff6288de9 in WebCore::ResourceLoader::didFinishLoading (this=0xd77050)
    at ../../WebCore/loader/ResourceLoader.cpp:403
#43 0x00007ffff673c8eb in closeCallback (source=0xceb700, res=0xd9f000)
    at ../../WebCore/platform/network/soup/ResourceHandleSoup.cpp:727
#44 0x00007ffff29ad13d in async_ready_close_callback_wrapper (source_object=0xceb700, res=0xd9f000, 
    user_data=0x0) at ginputstream.c:485
#45 0x00007ffff29bc448 in complete_in_idle_cb_for_thread (_data=<value optimized out>)
    at gsimpleasyncresult.c:653
#46 0x00007ffff1e5cee0 in g_main_dispatch (context=0x683860) at gmain.c:1960
#47 IA__g_main_context_dispatch (context=0x683860) at gmain.c:2513
#48 0x00007ffff1e60d18 in g_main_context_iterate (context=0x683860, block=<value optimized out>, 
    dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:2591
#49 0x00007ffff1e6125d in IA__g_main_loop_run (loop=0xcec030) at gmain.c:2799
#50 0x00007ffff3d3b287 in IA__gtk_main () at gtkmain.c:1219
#51 0x0000000000412d30 in runTest (testPathOrURL=...)
    at ../../WebKitTools/DumpRenderTree/gtk/DumpRenderTree.cpp:503
#52 0x0000000000414023 in main (argc=2, argv=0x7fffffffdb08)
    at ../../WebKitTools/DumpRenderTree/gtk/DumpRenderTree.cpp:869
Comment 1 Martin Robinson 2010-09-30 17:26:33 PDT
This no longer seems to be crashing.
Comment 2 Andrei Bucur 2010-10-01 00:44:03 PDT
The issue was that there is no m_pattern for custom fonts in FontPlatformData. This caused a crash when accessing m_pattern in FontCache::getFontDataForCharacters. The GTK fix is to make this check:
    // FIXME: This should not happen, apparently. We are null-checking
    // for now just to avoid crashing.
    if (!prim || !prim->m_pattern)
        return 0;

The real fix would be generating m_patter from a FreeType font using http://fontconfig.org/fontconfig-devel/fcfreetypequeryface.html
Comment 3 Martin Robinson 2010-10-01 00:55:41 PDT
(In reply to comment #2)
> The issue was that there is no m_pattern for custom fonts in FontPlatformData. This caused a crash when accessing m_pattern in FontCache::getFontDataForCharacters. The GTK fix is to make this check:
>     // FIXME: This should not happen, apparently. We are null-checking
>     // for now just to avoid crashing.
>     if (!prim || !prim->m_pattern)
>         return 0;
> 
> The real fix would be generating m_patter from a FreeType font using http://fontconfig.org/fontconfig-devel/fcfreetypequeryface.html

Having the pattern only makes sense if FontConfig can return a proper list of fallbacks for custom fonts. My guess is that this is not the case with most custom fonts (or any?). I have reworked this method to deal with custom fonts here: https://bugs.webkit.org/show_bug.cgi?id=42052
Comment 4 Andrei Bucur 2010-10-01 01:44:20 PDT
Nice patch :). Are you sure that there is no sense in creating the fallback pattern using the FcFreeTypeQueryFace function and then adding the char set attribute as a stronger constraint? FcFontSort should try to match as close to the custom font attributes, not just return the first font that contains the missing characters.
Comment 5 Andrei Bucur 2010-10-01 01:47:15 PDT
(Sorry for double post) To be more precise, I'm talking about the function createFontConfigPatternForCharacters in your patch where you use FcPatternCreate() but you could also use FcFreeTypeQueryFace().
Comment 6 Martin Robinson 2010-10-04 10:53:04 PDT
I suppose if the FcFontSetSort could return fonts with similar metrics this makes sense. One thing to keep in mind is that this method is mostly commonly called as a result of fonts missing glyphs for another character set. I'm curious if we could devise a test case which would demonstrate a preference for this method.