RESOLVED FIXED 41467
SVG Text assertion on SVGInlineTextBox 
https://bugs.webkit.org/show_bug.cgi?id=41467
Summary SVG Text assertion on SVGInlineTextBox
Dirk Schulze
Reported 2010-07-01 09:25:44 PDT
The above Map asserts. Got following backtrace: ASSERTION FAILED: m_currentChunkPart.isValid() (../../WebCore/rendering/SVGInlineTextBox.cpp:599 void WebCore::SVGInlineTextBox::paintText(WebCore::GraphicsContext*, const WebCore::FloatPoint&, WebCore::RenderStyle*, WebCore::RenderStyle*, bool, bool)) Program received signal SIGSEGV, Segmentation fault. 0x00a8a481 in WebCore::SVGInlineTextBox::paintText (this=0x89e669c, context=0xbfffeac8, textOrigin=..., style=0x88f4758, selectionStyle=0x88f4758, hasSelection=false, paintSelectedTextOnly=false) at ../../WebCore/rendering/SVGInlineTextBox.cpp:599 599 ASSERT(m_currentChunkPart.isValid()); (gdb) bt #0 0x00a8a481 in WebCore::SVGInlineTextBox::paintText (this=0x89e669c, context=0xbfffeac8, textOrigin=..., style=0x88f4758, selectionStyle=0x88f4758, hasSelection=false, paintSelectedTextOnly=false) at ../../WebCore/rendering/SVGInlineTextBox.cpp:599 #1 0x00a88f86 in WebCore::SVGInlineTextBox::paint (this=0x89e669c, paintInfo=...) at ../../WebCore/rendering/SVGInlineTextBox.cpp:277 #2 0x00a87c85 in WebCore::SVGInlineFlowBox::paint (this=0x89e6744, paintInfo=...) at ../../WebCore/rendering/SVGInlineFlowBox.cpp:46 #3 0x00a92e49 in WebCore::SVGRootInlineBox::paint (this=0x8923c84, paintInfo=...) at ../../WebCore/rendering/SVGRootInlineBox.cpp:54 #4 0x008fa76e in WebCore::RenderLineBoxList::paint (this=0x88fae30, renderer=0x88fadc4, paintInfo=..., tx=304, ty=1572) at ../../WebCore/rendering/RenderLineBoxList.cpp:219 #5 0x0087c5f7 in WebCore::RenderBlock::paintContents (this=0x88fadc4, paintInfo=..., tx=304, ty=1572) at ../../WebCore/rendering/RenderBlock.cpp:2089 #6 0x0087cea3 in WebCore::RenderBlock::paintObject (this=0x88fadc4, paintInfo=..., tx=304, ty=1572) at ../../WebCore/rendering/RenderBlock.cpp:2194 #7 0x0087bea3 in WebCore::RenderBlock::paint (this=0x88fadc4, paintInfo=..., tx=304, ty=1572) at ../../WebCore/rendering/RenderBlock.cpp:1980 #8 0x00a83bbc in WebCore::RenderSVGText::paint (this=0x88fadc4, paintInfo=...) at ../../WebCore/rendering/RenderSVGText.cpp:161 #9 0x00a65e46 in WebCore::RenderSVGContainer::paint (this=0x88f0d44, paintInfo=...) at ../../WebCore/rendering/RenderSVGContainer.cpp:104 #10 0x008ae9d1 in WebCore::RenderBox::paint (this=0x86fa02c, paintInfo=..., tx=0, ty=0) at ../../WebCore/rendering/RenderBox.cpp:574 #11 0x00a81a6f in WebCore::RenderSVGRoot::paint (this=0x86fa02c, paintInfo=..., parentX=0, parentY=0) at ../../WebCore/rendering/RenderSVGRoot.cpp:179 #12 0x008ee8b6 in WebCore::RenderLayer::paintLayer (this=0x86f9044, rootLayer=0x8150dbc, p=0xbfffeac8, paintDirtyRect=..., paintBehavior=0, paintingRoot=0x0, overlapTestRequests=0xbfffe90c, paintFlags=0) at ../../WebCore/rendering/RenderLayer.cpp:2445 #13 0x008eec65 in WebCore::RenderLayer::paintList (this=0x8150dbc, list=0x86ead70, rootLayer=0x8150dbc, p=0xbfffeac8, paintDirtyRect=..., paintBehavior=0, paintingRoot=0x0, overlapTestRequests=0xbfffe90c, paintFlags=0) at ../../WebCore/rendering/RenderLayer.cpp:2498 #14 0x008eea76 in WebCore::RenderLayer::paintLayer (this=0x8150dbc, rootLayer=0x8150dbc, p=0xbfffeac8, paintDirtyRect=..., paintBehavior=0, paintingRoot=0x0, overlapTestRequests=0xbfffe90c, paintFlags=0) at ../../WebCore/rendering/RenderLayer.cpp:2466 #15 0x008eddaa in WebCore::RenderLayer::paint (this=0x8150dbc, p=0xbfffeac8, damageRect=..., paintBehavior=0, paintingRoot=0x0) at ../../WebCore/rendering/RenderLayer.cpp:2251 #16 0x00769209 in WebCore::FrameView::paintContents (this=0x81583a8, p=0xbfffeac8, rect=...) at ../../WebCore/page/FrameView.cpp:1941 #17 0x007d2de4 in WebCore::ScrollView::paint (this=0x81583a8, context=0xbfffeac8, rect=...) at ../../WebCore/platform/ScrollView.cpp:797
Attachments
Funny reduction (533 bytes, image/svg+xml)
2010-07-02 00:47 PDT, Nikolas Zimmermann 		no flags
Details
Adding layout test for checking SVG Text assertion (1.84 KB, patch)
2010-10-07 09:27 PDT, Renata Hodovan 		zimmermann: review-
DetailsFormatted DiffDiff
Adding layout test for checking SVG Text assertion (2.20 KB, patch)
2010-10-08 09:33 PDT, Renata Hodovan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Nikolas Zimmermann
Comment 1 2010-07-02 00:47:07 PDT
Created attachment 60345 [details] Funny reduction
Nikolas Zimmermann
Comment 2 2010-10-06 05:44:49 PDT
Fixed in trunk, someone needs to land the reduction as new test, to make sure we'll never see the assertion again.
Renata Hodovan
Comment 3 2010-10-07 09:27:52 PDT
Created attachment 70095 [details] Adding layout test for checking SVG Text assertion
Dirk Schulze
Comment 4 2010-10-07 10:56:24 PDT
The ChangeLog should mention why he assert was thrown. IIRC it was about the missing glyph tag on chunk borders in combination with a space char. I let the review to Niko, but the ChangeLog should really mention the reason for the assert, even if we don't hit the assert anymore.
Nikolas Zimmermann
Comment 5 2010-10-08 00:26:17 PDT
Comment on attachment 70095 [details] Adding layout test for checking SVG Text assertion View in context: https://bugs.webkit.org/attachment.cgi?id=70095&action=review > LayoutTests/ChangeLog:8 > + Adding layout test for checking SVG Text assertion. Example: <text><tspan>S</tspan><tspan>O</tspan></text> The old SVG text engine fired an assertion, when the glyph 'O' isn't present in the <font>, but only if a <missing-glyph> element is included in the SVG <font>. <tspan>SO</tspan> didn't trigger that assertion. Adding a new layout test, to make sure we never see the assertion again. > LayoutTests/svg/text/text-assert.svg:8 > + <font> > + <font-face font-family="Arial"/> > + <missing-glyph/> > + <glyph horiz-adv-x="667" unicode="S" d="M40 230z"/> > + </font> Can you reindent here, with 4 spaces? > LayoutTests/svg/text/text-assert.svg:11 > +<!-- Assertion triggers only if <missing-glyph> element above is included and only if a nonexistant glyph is referenced in a _second_ tspan. Moving the 'o' next to the 'S' just works. Weird.--> I'd change the comment, as it no longer applies: <!-- The old SVG text engine fired an assertion, if the <missing-glyph> element is included in the <font> and if a nonexistant glyph is referenced in a different tspan. Moving the 'o' next to the 'S' doesn't trigger it. --> > LayoutTests/svg/text/text-assert.svg:12 > +<text style="font-family: Helvetica" y="158" x="311.00006"><tspan>S</tspan><tspan>o</tspan></text> Just use x="10" y="20". > LayoutTests/svg/text/text-assert.svg:14 > +<text y="30">If you see "So" the test passed.</text> y="50" here. Hopefully you can commit soon, for now you need to upload a new version, sorry :(
Renata Hodovan
Comment 6 2010-10-08 09:33:49 PDT
Created attachment 70261 [details] Adding layout test for checking SVG Text assertion
Nikolas Zimmermann
Comment 7 2010-10-08 09:49:20 PDT
Comment on attachment 70261 [details] Adding layout test for checking SVG Text assertion Great, thanks!
WebKit Commit Bot
Comment 8 2010-10-08 10:08:36 PDT
Comment on attachment 70261 [details] Adding layout test for checking SVG Text assertion Clearing flags on attachment: 70261 Committed r69410: <http://trac.webkit.org/changeset/69410>
WebKit Commit Bot
Comment 9 2010-10-08 10:08:41 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.