[Webkit-unassigned] [Bug 17672] Reproducible SVG Crash when acid3-test-77.html timing dependency is fixed
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Jun 22 12:41:52 PDT 2008
https://bugs.webkit.org/show_bug.cgi?id=17672
ddkilzer at webkit.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ddkilzer at webkit.org
------- Comment #10 from ddkilzer at webkit.org 2008-06-22 12:41 PDT -------
Running svg/custom/acid3-test-77.html with a debug build of WebKit r34722
causes an assertion failure as well:
ASSERTION FAILED: !HashTranslator::equal(KeyTraits::emptyValue(), key)
(/path/to/WebKit/WebKitBuild/Debug/JavaScriptCore.framework/PrivateHeaders/HashTable.h:444
void WTF::HashTable<Key, Value, Extractor, HashFunctions, Traits,
KeyTraits>::checkKey(const T&) [with T = UChar, HashTranslator =
WTF::IdentityHashTranslator<UChar, std::pair<UChar,
WTF::RefPtr<WebCore::GlyphMapNode> >, WTF::IntHash<unsigned int> >, Key =
UChar, Value = std::pair<UChar, WTF::RefPtr<WebCore::GlyphMapNode> >, Extractor
= WTF::PairFirstExtractor<std::pair<UChar, WTF::RefPtr<WebCore::GlyphMapNode> >
>, HashFunctions = WTF::IntHash<unsigned int>, Traits =
WTF::PairHashTraits<WTF::HashTraits<UChar>,
WTF::HashTraits<WTF::RefPtr<WebCore::GlyphMapNode> > >, KeyTraits =
WTF::HashTraits<UChar>])
Back trace:
Exception: EXC_BAD_ACCESS (0x0001)
Codes: KERN_INVALID_ADDRESS (0x0001) at 0xbbadbeef
Thread 0 Crashed:
0 com.apple.WebCore 0x01fd2490 void WTF::HashTable<unsigned
short, std::pair<unsigned short, WTF::RefPtr<WebCore::GlyphMapNode> >,
WTF::PairFirstExtractor<std::pair<unsigned short,
WTF::RefPtr<WebCore::GlyphMapNode> > >, WTF::IntHash<unsigned>,
WTF::PairHashTraits<WTF::HashTraits<unsigned short>,
WTF::HashTraits<WTF::RefPtr<WebCore::GlyphMapNode> > >,
WTF::HashTraits<unsigned short> >::checkKey<unsigned short,
WTF::IdentityHashTranslator<unsigned short, std::pair<unsigned short,
WTF::RefPtr<WebCore::GlyphMapNode> >, WTF::IntHash<unsigned> > >(unsigned short
const&) + 116 (HashTable.h:444)
1 com.apple.WebCore 0x01fd2584 std::pair<unsigned short,
WTF::RefPtr<WebCore::GlyphMapNode> >* WTF::HashTable<unsigned short,
std::pair<unsigned short, WTF::RefPtr<WebCore::GlyphMapNode> >,
WTF::PairFirstExtractor<std::pair<unsigned short,
WTF::RefPtr<WebCore::GlyphMapNode> > >, WTF::IntHash<unsigned>,
WTF::PairHashTraits<WTF::HashTraits<unsigned short>,
WTF::HashTraits<WTF::RefPtr<WebCore::GlyphMapNode> > >,
WTF::HashTraits<unsigned short> >::lookup<unsigned short,
WTF::IdentityHashTranslator<unsigned short, std::pair<unsigned short,
WTF::RefPtr<WebCore::GlyphMapNode> >, WTF::IntHash<unsigned> > >(unsigned short
const&) + 40 (HashTable.h:460)
2 com.apple.WebCore 0x01fd26c4 WTF::HashTable<unsigned
short, std::pair<unsigned short, WTF::RefPtr<WebCore::GlyphMapNode> >,
WTF::PairFirstExtractor<std::pair<unsigned short,
WTF::RefPtr<WebCore::GlyphMapNode> > >, WTF::IntHash<unsigned>,
WTF::PairHashTraits<WTF::HashTraits<unsigned short>,
WTF::HashTraits<WTF::RefPtr<WebCore::GlyphMapNode> > >,
WTF::HashTraits<unsigned short> >::lookup(unsigned short const&) + 40
(HashTable.h:331)
3 com.apple.WebCore 0x01fd2710 WTF::HashMap<unsigned short,
WTF::RefPtr<WebCore::GlyphMapNode>, WTF::IntHash<unsigned>,
WTF::HashTraits<unsigned short>,
WTF::HashTraits<WTF::RefPtr<WebCore::GlyphMapNode> > >::get(unsigned short
const&) const + 48 (HashMap.h:208)
4 com.apple.WebCore 0x01fd27cc
WebCore::SVGGlyphMap::get(WebCore::String const&,
WTF::Vector<WebCore::SVGGlyphIdentifier, (unsigned long)0>&) + 104
(SVGGlyphMap.h:85)
5 com.apple.WebCore 0x0183df4c
WebCore::SVGFontElement::getGlyphIdentifiersForString(WebCore::String const&,
WTF::Vector<WebCore::SVGGlyphIdentifier, (unsigned long)0>&) const + 64
(SVGFontElement.cpp:238)
6 com.apple.WebCore 0x01fd605c
WebCore::SVGTextRunWalker<WebCore::SVGTextRunWalkerMeasuredLengthData>::walk(WebCore::TextRun
const&, bool, WebCore::String const&, int, int) + 716 (SVGFont.cpp:280)
7 com.apple.WebCore 0x018400b4
WebCore::floatWidthOfSubStringUsingSVGFont(WebCore::Font const*,
WebCore::TextRun const&, int, int, int, int&, WebCore::String&) + 680
(SVGFont.cpp:416)
8 com.apple.WebCore 0x01840340
WebCore::Font::floatWidthUsingSVGFont(WebCore::TextRun const&, int, int&,
WebCore::String&) const + 84 (SVGFont.cpp:433)
9 com.apple.WebCore 0x013f5f48
WebCore::Font::floatWidth(WebCore::TextRun const&, int, int&, WebCore::String&)
const + 104 (Font.cpp:718)
10 com.apple.WebCore 0x01728af4
WebCore::SVGInlineTextBox::calculateGlyphWidth(WebCore::RenderStyle*, int, int,
int&, WebCore::String&) const + 268 (SVGInlineTextBox.cpp:80)
11 com.apple.WebCore 0x01f4ed1c
WebCore::SVGInlineTextBoxQueryWalker::chunkPortionCallback(WebCore::SVGInlineTextBox*,
int, WebCore::AffineTransform const&, WebCore::SVGChar* const&,
WebCore::SVGChar* const&) + 1288 (SVGTextContentElement.cpp:202)
12 com.apple.WebCore 0x01f4e168
WebCore::SVGTextChunkWalker<WebCore::SVGInlineTextBoxQueryWalker>::operator()(WebCore::SVGInlineTextBox*,
int, WebCore::AffineTransform const&, WebCore::SVGChar* const&,
WebCore::SVGChar* const&) + 188 (SVGCharacterLayoutInfo.h:342)
13 com.apple.WebCore 0x0177755c
WebCore::SVGRootInlineBox::walkTextChunks(WebCore::SVGTextChunkWalkerBase*,
WebCore::SVGInlineTextBox const*) + 900 (SVGRootInlineBox.cpp:1686)
14 com.apple.WebCore 0x0178b2e4
WebCore::executeTextQuery(WebCore::SVGTextContentElement const*,
WebCore::SVGInlineTextBoxQueryWalker::QueryMode, long, long,
WebCore::FloatPoint) + 468 (SVGTextContentElement.cpp:363)
15 com.apple.WebCore 0x0178bb58
WebCore::SVGTextContentElement::getEndPositionOfChar(long, int&) const + 196
(SVGTextContentElement.cpp:429)
16 com.apple.WebCore 0x0159e4f4
WebCore::jsSVGTextContentElementPrototypeFunctionGetEndPositionOfChar(KJS::ExecState*,
KJS::JSObject*, KJS::ArgList const&) + 200 (JSSVGTextContentElement.cpp:315)
17 com.apple.JavaScriptCore 0x0100c3f0
KJS::PrototypeFunction::callAsFunction(KJS::ExecState*, KJS::JSObject*,
KJS::ArgList const&) + 68 (JSFunction.cpp:731)
18 com.apple.JavaScriptCore 0x01078ae4
KJS::Machine::privateExecute(KJS::Machine::ExecutionFlag, KJS::ExecState*,
KJS::RegisterFile*, KJS::Register*, KJS::ScopeChainNode*, KJS::CodeBlock*,
KJS::JSValue**) + 23892 (Machine.cpp:2122)
19 com.apple.JavaScriptCore 0x0107a3a4
KJS::Machine::execute(KJS::EvalNode*, KJS::ExecState*, KJS::JSObject*,
KJS::RegisterFile*, int, KJS::ScopeChainNode*, KJS::JSValue**) + 1108
(Machine.cpp:799)
20 com.apple.JavaScriptCore 0x0107a750
KJS::callEval(KJS::ExecState*, KJS::JSObject*, KJS::ScopeChainNode*,
KJS::RegisterFile*, KJS::Register*, int, int, KJS::JSValue*&) + 740
(Machine.cpp:461)
21 com.apple.JavaScriptCore 0x010785ec
KJS::Machine::privateExecute(KJS::Machine::ExecutionFlag, KJS::ExecState*,
KJS::RegisterFile*, KJS::Register*, KJS::ScopeChainNode*, KJS::CodeBlock*,
KJS::JSValue**) + 22620 (Machine.cpp:2004)
22 com.apple.JavaScriptCore 0x0107ae90
KJS::Machine::execute(KJS::ProgramNode*, KJS::ExecState*, KJS::ScopeChainNode*,
KJS::JSObject*, KJS::RegisterFileStack*, KJS::JSValue**) + 580
(Machine.cpp:669)
23 com.apple.JavaScriptCore 0x01064de8
KJS::Interpreter::evaluate(KJS::ExecState*, KJS::ScopeChain&, KJS::UString
const&, int, WTF::PassRefPtr<KJS::SourceProvider>, KJS::JSValue*) + 476
(interpreter.cpp:82)
24 com.apple.WebCore 0x0182cd08
WebCore::ScriptController::evaluate(WebCore::String const&, int,
WebCore::String const&) + 340 (ScriptController.cpp:90)
25 com.apple.WebCore 0x01421fa8
WebCore::FrameLoader::executeScript(WebCore::String const&, int,
WebCore::String const&) + 228 (FrameLoader.cpp:783)
26 com.apple.WebCore 0x01422068
WebCore::FrameLoader::executeScript(WebCore::String const&, bool) + 108
(FrameLoader.cpp:772)
27 com.apple.WebCore 0x017a2cb8
WebCore::ScheduledAction::execute(WebCore::JSDOMWindowShell*) + 1036
(ScheduledAction.cpp:92)
28 com.apple.WebCore 0x0186acbc
WebCore::JSDOMWindowBase::timerFired(WebCore::DOMWindowTimer*) + 528
(JSDOMWindowBase.cpp:1280)
29 com.apple.WebCore 0x0186ad60
WebCore::DOMWindowTimer::fired() + 72 (JSDOMWindowBase.cpp:1313)
30 com.apple.WebCore 0x017e0780
WebCore::TimerBase::fireTimers(double, WTF::Vector<WebCore::TimerBase*,
(unsigned long)0> const&) + 240 (Timer.cpp:350)
31 com.apple.WebCore 0x017e0860
WebCore::TimerBase::sharedTimerFired() + 132 (Timer.cpp:370)
32 com.apple.WebCore 0x017b82f0
WebCore::timerFired(__CFRunLoopTimer*, void*) + 140 (SharedTimerMac.mm:85)
33 com.apple.CoreFoundation 0x907f2370 __CFRunLoopDoTimer + 184
34 com.apple.CoreFoundation 0x907dece8 __CFRunLoopRun + 1680
35 com.apple.CoreFoundation 0x907de29c CFRunLoopRunSpecific + 268
36 com.apple.HIToolbox 0x9329fb20 RunCurrentEventLoopInMode +
264
37 com.apple.HIToolbox 0x9329f1b4 ReceiveNextEventCommon + 380
38 com.apple.HIToolbox 0x9329f020
BlockUntilNextEventMatchingListInMode + 96
39 com.apple.AppKit 0x937a5874 _DPSNextEvent + 384
40 com.apple.AppKit 0x937a5538 -[NSApplication
nextEventMatchingMask:untilDate:inMode:dequeue:] + 116
41 com.apple.Safari 0x000095e0 0x1000 + 34272
42 com.apple.AppKit 0x937a1a7c -[NSApplication run] + 472
43 com.apple.AppKit 0x93892598 NSApplicationMain + 452
44 com.apple.Safari 0x0009bad4 0x1000 + 633556
45 com.apple.Safari 0x000022fc 0x1000 + 4860
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list