RESOLVED FIXED 64839
ASSERT (and crash) with dynamically moved <font-face> 
https://bugs.webkit.org/show_bug.cgi?id=64839
Summary ASSERT (and crash) with dynamically moved <font-face>
Tim Horton
Reported 2011-07-19 17:25:08 PDT
Created attachment 101411 [details] repro Steps to Reproduce: Open attached document in a WebKit browser. Expected result: Not sure, but not a crash. Actual result: Crash in release build, assertion failure in debug build. rdar://problem/9516492
Attachments
repro (421 bytes, text/html)
2011-07-19 17:25 PDT, Tim Horton 		no flags
Details
Backtrace (10.90 KB, text/plain)
2011-07-20 13:34 PDT, Tim Horton 		no flags
Details
Patch (3.14 KB, patch)
2011-07-21 15:03 PDT, Rob Buis 		no flags
DetailsFormatted DiffDiff
Patch (3.11 KB, patch)
2012-02-16 15:08 PST, Rob Buis 		no flags
DetailsFormatted DiffDiff
Patch (3.12 KB, patch)
2012-02-17 07:55 PST, Rob Buis 		koivisto: review+
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Tim Horton
Comment 1 2011-07-20 13:34:54 PDT
Created attachment 101503 [details] Backtrace
Rob Buis
Comment 2 2011-07-21 15:03:04 PDT
Created attachment 101647 [details] Patch
Nikolas Zimmermann
Comment 3 2011-07-21 23:46:28 PDT
Comment on attachment 101647 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=101647&action=review > Source/WebCore/ChangeLog:8 > + Reset the style declaration when rmeoving the font-face element from the document. typo: removing. > Source/WebCore/svg/SVGFontFaceElement.cpp:332 > + m_styleDeclaration->parseDeclaration(emptyString()); Hm, I'm not sure whether this is the best way to fix it. I'll CC Antti who may judge better.
Nikolas Zimmermann
Comment 4 2011-07-21 23:46:51 PDT
Antti, could you have a look?
Rob Buis
Comment 5 2011-07-22 04:08:07 PDT
Hi Niko, (In reply to comment #3) > (From update of attachment 101647 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=101647&action=review > > > Source/WebCore/ChangeLog:8 > > + Reset the style declaration when rmeoving the font-face element from the document. > > typo: removing. Will fix. > > Source/WebCore/svg/SVGFontFaceElement.cpp:332 > > + m_styleDeclaration->parseDeclaration(emptyString()); > > Hm, I'm not sure whether this is the best way to fix it. > I'll CC Antti who may judge better. For background, the m_styleDeclaration in it contains bad font data after the SVGFontFaceElement is removed from the doc. So since this font data is useless anyway as soon as SVGFontFaceElement is removed, this was the quickest way I found to clear it without actually destroying the m_styleDeclaration. Cheers, Rob.
Eric Seidel (no email)
Comment 6 2012-02-16 14:24:31 PST
Comment on attachment 101647 [details] Patch Seems OK. I also don't see a cleaner way to clear it.
Rob Buis
Comment 7 2012-02-16 15:08:09 PST
Created attachment 127451 [details] Patch
Rob Buis
Comment 8 2012-02-16 15:09:29 PST
Uploading to see if it regresses anything.
Philippe Normand
Comment 9 2012-02-16 16:13:08 PST
Comment on attachment 127451 [details] Patch Attachment 127451 [details] did not pass gtk-ews (gtk): Output: http://queues.webkit.org/results/11542145
WebKit Review Bot
Comment 10 2012-02-16 18:28:05 PST
Comment on attachment 127451 [details] Patch Attachment 127451 [details] did not pass chromium-ews (chromium-xvfb): Output: http://queues.webkit.org/results/11542188
Gyuyoung Kim
Comment 11 2012-02-17 06:11:54 PST
Comment on attachment 127451 [details] Patch Attachment 127451 [details] did not pass efl-ews (efl): Output: http://queues.webkit.org/results/11539473
Rob Buis
Comment 12 2012-02-17 07:55:06 PST
Created attachment 127589 [details] Patch
Rob Buis
Comment 13 2012-05-27 08:45:56 PDT
Committed r108097: <http://trac.webkit.org/changeset/108097>
Note You need to log in before you can comment on or make changes to this bug.