[Webkit-unassigned] [Bug 21953] New: Small Caps font crashes webkit

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Oct 29 13:26:28 PDT 2008 

https://bugs.webkit.org/show_bug.cgi?id=21953

           Summary: Small Caps font crashes webkit
           Product: WebKit
           Version: 525.x (Safari 3.1)
          Platform: PC
               URL: http://wtf.microsiervos.com/mundoreal/cuidadin-
                    conmigo.html
        OS/Version: Mac OS X 10.5
            Status: NEW
          Keywords: GoogleBug
          Severity: Normal
          Priority: P2
         Component: Layout and Rendering
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: jon at chromium.org


This bug originated in the Chromium bug tracker see
http://code.google.com/p/chromium/issues/detail?id=1491

The bug does not impact IE7 or FF3.  It crashes Safari 3.1 for Windows and
Chromium.  The stack trace attached.

Stack trace :
(142c.10e4): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=e8a0e17f ebx=00cbce2c ecx=00cbce2c edx=00000003 esi=00000000 edi=00000000
eip=0131eed2 esp=00b7f2e8 ebp=00b7f370 iopl=0         nv up ei pl zr na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00010246
chrome_1000000!WebCore::SimpleFontData::smallCapsFontData+0x17:
0131eed2 39b754040000    cmp     dword ptr [edi+454h],esi
ds:0023:00000454=????????
2:027> g
(142c.10e4): Access violation - code c0000005 (!!! second chance !!!)
eax=e8a0e17f ebx=00cbce2c ecx=00cbce2c edx=00000003 esi=00000000 edi=00000000
eip=0131eed2 esp=00b7f2e8 ebp=00b7f370 iopl=0         nv up ei pl zr na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246
chrome_1000000!WebCore::SimpleFontData::smallCapsFontData+0x17:
0131eed2 39b754040000    cmp     dword ptr [edi+454h],esi
ds:0023:00000454=????????
2:027> k
ChildEBP RetAddr  
00b7f370 010a970b
chrome_1000000!WebCore::SimpleFontData::smallCapsFontData+0x17
[c:\b\slave\chrome-official-2\build\src\webkit\port\platform\graphics\simplefontdatawin.cpp
@ 135]
00b7f3a0 010a8f3f chrome_1000000!WebCore::Font::glyphDataForCharacter+0x24b
[c:\b\slave\chrome-official-2\build\src\webkit\pending\font.cpp @ 460]
00b7f3f0 010a9c88 chrome_1000000!WebCore::WidthIterator::advance+0xf2
[c:\b\slave\chrome-official-2\build\src\webkit\pending\font.cpp @ 162]
00b7f428 010a9c58 chrome_1000000!WebCore::Font::floatWidthForSimpleText+0x1e
[c:\b\slave\chrome-official-2\build\src\webkit\pending\font.cpp @ 718]
00b7f438 010a980b chrome_1000000!WebCore::Font::floatWidth+0x41
[c:\b\slave\chrome-official-2\build\src\webkit\pending\font.cpp @ 710]
00b7f440 010ffbf2 chrome_1000000!WebCore::Font::width+0x9
[c:\b\slave\chrome-official-2\build\src\webkit\pending\font.cpp @ 515]
00b7f4dc 010ff393 chrome_1000000!WebCore::RenderText::calcPrefWidths+0x4e9
[c:\b\slave\chrome-official-2\build\src\webkit\pending\rendertext.cpp @ 649]
00b7f520 010d4a5f chrome_1000000!WebCore::RenderText::trimmedPrefWidths+0x38
[c:\b\slave\chrome-official-2\build\src\webkit\pending\rendertext.cpp @ 463]
00b7f5ac 010d438a
chrome_1000000!WebCore::RenderBlock::calcInlinePrefWidths+0x300
[c:\b\slave\chrome-official-2\build\src\webkit\pending\renderblock.cpp @ 3754]
00b7f5cc 010e34e6 chrome_1000000!WebCore::RenderBlock::calcPrefWidths+0x92
[c:\b\slave\chrome-official-2\build\src\webkit\pending\renderblock.cpp @ 3432]
00b7f5d4 010e580b chrome_1000000!WebCore::RenderBox::minPrefWidth+0x11
[c:\b\slave\chrome-official-2\build\src\third_party\webkit\webcore\rendering\renderbox.cpp
@ 179]
00b7f5f4 010e5679 chrome_1000000!WebCore::RenderBox::calcWidthUsing+0x86
[c:\b\slave\chrome-official-2\build\src\third_party\webkit\webcore\rendering\renderbox.cpp
@ 1177]
00b7f628 010ce457 chrome_1000000!WebCore::RenderBox::calcWidth+0x25e
[c:\b\slave\chrome-official-2\build\src\third_party\webkit\webcore\rendering\renderbox.cpp
@ 1116]
00b7f6a4 010ce31f chrome_1000000!WebCore::RenderBlock::layoutBlock+0x108
[c:\b\slave\chrome-official-2\build\src\webkit\pending\renderblock.cpp @ 532]
00b7f6b0 011350f9 chrome_1000000!WebCore::RenderBlock::layout+0x17
[c:\b\slave\chrome-official-2\build\src\webkit\pending\renderblock.cpp @ 495]
00b7f79c 010ce5ae
chrome_1000000!WebCore::RenderBlock::layoutInlineChildren+0x220
[c:\b\slave\chrome-official-2\build\src\webkit\pending\bidi.cpp @ 884]
00b7f824 010ce31f chrome_1000000!WebCore::RenderBlock::layoutBlock+0x25f
[c:\b\slave\chrome-official-2\build\src\webkit\pending\renderblock.cpp @ 583]
00b7f830 010cf872 chrome_1000000!WebCore::RenderBlock::layout+0x17
[c:\b\slave\chrome-official-2\build\src\webkit\pending\renderblock.cpp @ 495]
00b7f89c 010ce5be
chrome_1000000!WebCore::RenderBlock::layoutBlockChildren+0x32a
[c:\b\slave\chrome-official-2\build\src\webkit\pending\renderblock.cpp @ 1233]
00b7f924 010ce31f chrome_1000000!WebCore::RenderBlock::layoutBlock+0x26f
[c:\b\slave\chrome-official-2\build\src\webkit\pending\renderblock.cpp @ 587]


-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list