[Webkit-unassigned] [Bug 61556] REGRESSION(87152): Crash on page with svg fonts
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jun 10 09:50:27 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=61556
--- Comment #11 from Tim Horton <timothy_horton at apple.com> 2011-06-10 09:50:26 PST ---
(From update of attachment 96692)
View in context: https://bugs.webkit.org/attachment.cgi?id=96692&action=review
I'll fix the one comment here, add a test, and resubmit.
>> Source/WebCore/ChangeLog:9
>> + No new tests. (OOPS!)
>
> The style is wrong:
>
> bugtitle
> bugURL
>
> text
Ok, Will Fix.
>> Source/WebCore/rendering/svg/SVGTextRunRenderingContext.cpp:-80
>> - ASSERT(newRenderer->node()->isElementNode());
>
> Why did you remove these asserts?
These asserts assume that the parent of a text node is never anonymous, which is incorrect. These were added in r87152, and are the root cause of this bug.
>> Source/WebCore/rendering/svg/SVGTextRunRenderingContext.cpp:270
>> + String language;
>
> What happens if language is empty? Seems that we assumed that we have lang set.
The only function outside of this file that language is passed to is isCompatibleGlyph, which correctly handles the empty language case.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list