Created attachment 119853 [details] Repro Chromium: http://code.google.com/p/chromium/issues/detail?id=108056 <svg xmlns="http://www.w3.org/2000/svg"> <font> <font-face id="font-face" font-family="x"/> </font> <text style="font-family:x;">x</text> <script> document.documentElement.appendChild(document.getElementById("font-face")); </script> </svg> stack: chrome.dll!WebCore::SVGFontElement::ensureGlyphCache chrome.dll!WebCore::SVGFontElement::missingGlyph chrome.dll!WebCore::SVGFontData::initializeFontData chrome.dll!WebCore::SimpleFontData::SimpleFontData chrome.dll!WebCore::CSSFontFaceSource::getFontData chrome.dll!WebCore::CSSFontFace::getFontData chrome.dll!WebCore::CSSSegmentedFontFace::getFontData chrome.dll!WebCore::CSSFontSelector::getFontData chrome.dll!WebCore::FontCache::getFontData chrome.dll!WebCore::FontFallbackList::fontDataAt chrome.dll!WebCore::constructTextRun chrome.dll!WebCore::SVGTextMetrics::measureCharacterRange chrome.dll!WebCore::SVGTextLayoutAttributesBuilder::propagateLayoutAttributes chrome.dll!WebCore::SVGTextLayoutAttributesBuilder::buildLayoutAttributesForTextSubtree chrome.dll!WebCore::RenderSVGText::layout chrome.dll!WebCore::SVGRenderSupport::layoutChildren chrome.dll!WebCore::RenderSVGRoot::layout chrome.dll!WebCore::RenderBlock::layoutBlockChild chrome.dll!WebCore::RenderBlock::layoutBlockChildren chrome.dll!WebCore::RenderBlock::layoutBlock chrome.dll!WebCore::RenderBlock::layout chrome.dll!WebCore::RenderView::layout chrome.dll!WebCore::FrameView::layout chrome.dll!WebCore::Document::implicitClose chrome.dll!WebCore::FrameLoader::checkCompleted chrome.dll!WebCore::FrameLoader::finishedParsing chrome.dll!WebCore::Document::finishedParsing chrome.dll!WebCore::DocumentWriter::endIfNotLoadingMainResource chrome.dll!WebCore::FrameLoader::finishedLoading chrome.dll!WebCore::MainResourceLoader::didFinishLoading chrome.dll!WebCore::ResourceLoader::didFinishLoading ...