[Webkit-unassigned] [Bug 57897] New: Crash in WebCore::RenderMathMLSubSup::baselinePosition()

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Apr 5 15:53:19 PDT 2011


https://bugs.webkit.org/show_bug.cgi?id=57897

           Summary: Crash in
                    WebCore::RenderMathMLSubSup::baselinePosition()
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Mac OS X 10.5
            Status: NEW
          Keywords: InRadar
          Severity: Normal
          Priority: P2
         Component: MathML
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: bdakin at apple.com


<rdar://problem/8908364>

Crashing test case attached. 

  1 com.apple.WebCore              0x7fff8c671c54 WebCore::RenderMathMLSubSup::baselinePosition(WebCore::FontBaseline, bool, WebCore::LineDirectionMode, WebCore::LinePositionMode) const + 0x8c
   2 com.apple.WebCore              0x7fff8c3c00cf WebCore::InlineFlowBox::computeLogicalBoxHeights(int&, int&, int&, int&, bool&, bool&, bool, WTF::HashMap<WebCore::InlineTextBox const*, std::pair<WTF::Vector<WebCore::SimpleFontData const*, 0ul>, WebCore::GlyphOverflow>, WTF::PtrHash<WebCore::InlineTextBox const*>, WTF::HashTraits<WebCore::InlineTextBox const*>, WTF::HashTraits<std::pair<WTF::Vector<WebCore::SimpleFontData const*, 0ul>, WebCore::GlyphOverflow> > >&, WebCore::FontBaseline, WebCore::VerticalPositionCache&) + 0x71
   3 com.apple.WebCore              0x7fff8c6a52f0 WebCore::RootInlineBox::alignBoxesInBlockDirection(int, WTF::HashMap<WebCore::InlineTextBox const*, std::pair<WTF::Vector<WebCore::SimpleFontData const*, 0ul>, WebCore::GlyphOverflow>, WTF::PtrHash<WebCore::InlineTextBox const*>, WTF::HashTraits<WebCore::InlineTextBox const*>, WTF::HashTraits<std::pair<WTF::Vector<WebCore::SimpleFontData const*, 0ul>, WebCore::GlyphOverflow> > >&, WebCore::VerticalPositionCache&) + 0xc0
   4 com.apple.WebCore              0x7fff8c64ef20 WebCore::RenderBlock::computeBlockDirectionPositionsForLine(WebCore::RootInlineBox*, WebCore::BidiRun*, WTF::HashMap<WebCore::InlineTextBox const*, std::pair<WTF::Vector<WebCore::SimpleFontData const*, 0ul>, WebCore::GlyphOverflow>, WTF::PtrHash<WebCore::InlineTextBox const*>, WTF::HashTraits<WebCore::InlineTextBox const*>, WTF::HashTraits<std::pair<WTF::Vector<WebCore::SimpleFontData const*, 0ul>, WebCore::GlyphOverflow> > >&, WebCore::VerticalPositionCache&) + 0x50
   5 com.apple.WebCore              0x7fff8be927de WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) + 0x1184
   6 com.apple.WebCore              0x7fff8c645eee WebCore::RenderBlock::layoutBlock(bool, int) + 0x4dc
   7 com.apple.WebCore              0x7fff8be8eeaa WebCore::RenderBlock::layout() + 0x28
   8 com.apple.WebCore              0x7fff8c67210e WebCore::RenderMathMLSubSup::layout() + 0xaa
   9 com.apple.WebCore              0x7fff8be91a7d WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) + 0x423
  10 com.apple.WebCore              0x7fff8c645eee WebCore::RenderBlock::layoutBlock(bool, int) + 0x4dc
  11 com.apple.WebCore              0x7fff8be8eeaa WebCore::RenderBlock::layout() + 0x28
  12 com.apple.WebCore              0x7fff8c671230 WebCore::RenderMathMLRow::layout() + 0x20
  13 com.apple.WebCore              0x7fff8be91a7d WebCore::RenderBlock::layoutInlineChildren(bool, int&, int&) + 0x423
  14 com.apple.WebCore              0x7fff8c645eee WebCore::RenderBlock::layoutBlock(bool, int) + 0x4dc
  15 com.apple.WebCore              0x7fff8be8eeaa WebCore::RenderBlock::layout() + 0x28
  16 com.apple.WebCore              0x7fff8be90c67 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) + 0x2db
  17 com.apple.WebCore              0x7fff8be9026b WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 0x2b3
  18 com.apple.WebCore              0x7fff8c645f09 WebCore::RenderBlock::layoutBlock(bool, int) + 0x4f7
  19 com.apple.WebCore              0x7fff8be8eeaa WebCore::RenderBlock::layout() + 0x28
  20 com.apple.WebCore              0x7fff8be90c67 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) + 0x2db
  21 com.apple.WebCore              0x7fff8be9026b WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 0x2b3
  22 com.apple.WebCore              0x7fff8c645f09 WebCore::RenderBlock::layoutBlock(bool, int) + 0x4f7
  23 com.apple.WebCore              0x7fff8be8eeaa WebCore::RenderBlock::layout() + 0x28
  24 com.apple.WebCore              0x7fff8be90c67 WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox*, WebCore::RenderBlock::MarginInfo&, int&, int&) + 0x2db
  25 com.apple.WebCore              0x7fff8be9026b WebCore::RenderBlock::layoutBlockChildren(bool, int&) + 0x2b3
  26 com.apple.WebCore              0x7fff8c645f09 WebCore::RenderBlock::layoutBlock(bool, int) + 0x4f7
  27 com.apple.WebCore              0x7fff8be8eeaa WebCore::RenderBlock::layout() + 0x28
  28 com.apple.WebCore              0x7fff8be8edc5 WebCore::RenderView::layout() + 0x21f
  29 com.apple.WebCore              0x7fff8be8dfc8 WebCore::FrameView::layout(bool) + 0x6c6
  30 com.apple.WebCore              0x7fff8be846ac WebCore::Document::implicitClose() + 0x306
  31 com.apple.WebCore              0x7fff8be8424f WebCore::FrameLoader::checkCompleted() + 0x121
  32 com.apple.WebCore              0x7fff8be83fca WebCore::FrameLoader::finishedParsing() + 0x56
  33 com.apple.WebCore              0x7fff8be81ff7 WebCore::Document::finishedParsing() + 0x10b
  34 com.apple.WebCore              0x7fff8c371795 WebCore::HTMLDocumentParser::prepareToStopParsing() + 0xa1
  35 com.apple.WebCore              0x7fff8be464c1 WebCore::DocumentWriter::endIfNotLoadingMainResource() + 0x6b
  36 com.apple.WebCore              0x7fff8bebac82 WebCore::FrameLoader::finishedLoading() + 0x48
  37 com.apple.WebCore              0x7fff8c60053d WebCore::MainResourceLoader::didFinishLoading(double) + 0x6f
  38 com.apple.Foundation           0x7fff9651a0e6 ___NSURLConnectionDidFinishLoading_block_invoke_1 + 0x7a
  39 com.apple.Foundation           0x7fff9643ce7d _NSURLConnectionDidFinishLoading + 0x51
  40 com.apple.CFNetwork            0x7fff928f8748 URLConnectionClient::_clientDidFinishLoading(URLConnectionClient::ClientConnectionEventQueue*) + 0x148
  41 com.apple.CFNetwork            0x7fff929acc37 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 0x171
  42 com.apple.CFNetwork            0x7fff929ace44 URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 0x37e
  43 com.apple.CFNetwork            0x7fff928e936b URLConnectionClient::processEvents() + 0xc1
  44 com.apple.CFNetwork            0x7fff928e9230 MultiplexerSource::perform() + 0xd4
  45 com.apple.CoreFoundation       0x10ca32bdc __CFRunLoopDoSources0 + 0x1bc
  46 com.apple.CoreFoundation       0x10ca324e9 __CFRunLoopRun + 0x389
  47 com.apple.CoreFoundation       0x10ca31f26 CFRunLoopRunSpecific + 0xe6
  48 com.apple.HIToolbox            0x7fff9032b067 RunCurrentEventLoopInMode + 0x115
  49 com.apple.HIToolbox            0x7fff9032adb3 ReceiveNextEventCommon + 0xb5
  50 com.apple.HIToolbox            0x7fff9032acee BlockUntilNextEventMatchingListInMode + 0x3e
  51 com.apple.AppKit               0x7fff8e9fa3e5 _DPSNextEvent + 0x293
  52 com.apple.AppKit               0x7fff8e9f9cea -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 0x87
  53 com.apple.Safari.framework     0x7fff8d65e5a4 -[BrowserApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 0xab
  54 com.apple.AppKit               0x7fff8e9bebad -[NSApplication run] + 0x1c8
  55 com.apple.AppKit               0x7fff8e9b7988 NSApplicationMain + 0x35c
  56 com.apple.Safari.framework     0x7fff8d7bf8ea SafariMain + 0xc5
  57 com.apple.Safari               0x10c9def24 start + 0x0

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list