Title: [223365] releases/WebKitGTK/webkit-2.18
- Revision
- 223365
- Author
- [email protected]
- Date
- 2017-10-16 03:15:46 -0700 (Mon, 16 Oct 2017)
Log Message
Merge r221948 - ASSERTION FAILED: !m_valueOrException under FontFaceSet::completedLoading loading a Serious Eats page
https://bugs.webkit.org/show_bug.cgi?id=175899
Reviewed by Tim Horton.
Source/WebCore:
Slight style update to r221835. Also adds a test.
Test: fast/text/document-fonts-while-loading-crash.html
* css/CSSFontFaceSet.h:
* css/FontFaceSet.cpp:
(WebCore::FontFaceSet::FontFaceSet):
LayoutTests:
* fast/text/document-fonts-while-loading-crash-expected.txt: Added.
* fast/text/document-fonts-while-loading-crash.html: Added.
Modified Paths
Added Paths
Diff
Modified: releases/WebKitGTK/webkit-2.18/LayoutTests/ChangeLog (223364 => 223365)
--- releases/WebKitGTK/webkit-2.18/LayoutTests/ChangeLog 2017-10-16 10:13:07 UTC (rev 223364)
+++ releases/WebKitGTK/webkit-2.18/LayoutTests/ChangeLog 2017-10-16 10:15:46 UTC (rev 223365)
@@ -1,3 +1,13 @@
+2017-09-12 Myles C. Maxfield <[email protected]>
+
+ ASSERTION FAILED: !m_valueOrException under FontFaceSet::completedLoading loading a Serious Eats page
+ https://bugs.webkit.org/show_bug.cgi?id=175899
+
+ Reviewed by Tim Horton.
+
+ * fast/text/document-fonts-while-loading-crash-expected.txt: Added.
+ * fast/text/document-fonts-while-loading-crash.html: Added.
+
2017-09-12 Chris Fleizach <[email protected]>
AX: On generic container elements, WebKit should distinguish between tooltip (e.g. @title) and label (e.g. @aria-label) attributes
Added: releases/WebKitGTK/webkit-2.18/LayoutTests/fast/text/document-fonts-while-loading-crash-expected.txt (0 => 223365)
--- releases/WebKitGTK/webkit-2.18/LayoutTests/fast/text/document-fonts-while-loading-crash-expected.txt (rev 0)
+++ releases/WebKitGTK/webkit-2.18/LayoutTests/fast/text/document-fonts-while-loading-crash-expected.txt 2017-10-16 10:15:46 UTC (rev 223365)
@@ -0,0 +1,7 @@
+This test passes if there is no ASSERT in debug mode. This happens when:
+No one uses the CSS Font Loading API
+A font starts loading
+Someone uses the CSS Font Loading API, causing us to create _javascript_ wrappers for our internal objects
+The font finishes loading
+The bug occurs when the wrappers do not correctly understand that there are in-flight loads already happening.
+Hello
Added: releases/WebKitGTK/webkit-2.18/LayoutTests/fast/text/document-fonts-while-loading-crash.html (0 => 223365)
--- releases/WebKitGTK/webkit-2.18/LayoutTests/fast/text/document-fonts-while-loading-crash.html (rev 0)
+++ releases/WebKitGTK/webkit-2.18/LayoutTests/fast/text/document-fonts-while-loading-crash.html 2017-10-16 10:15:46 UTC (rev 223365)
@@ -0,0 +1,39 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script>
+if (window.internals) {
+ internals.invalidateFontCache();
+ internals.clearMemoryCache();
+}
+if (window.testRunner) {
+ testRunner.waitUntilDone();
+ testRunner.dumpAsText();
+}
+</script>
+<style>
+@font-face {
+ font-family: "WebFont";
+ src: url("../../resources/Ahem.otf") format("opentype");
+}
+</style>
+</head>
+<body>
+This test passes if there is no ASSERT in debug mode. This happens when:
+<ol>
+<li>No one uses the CSS Font Loading API</li>
+<li>A font starts loading</li>
+<li>Someone uses the CSS Font Loading API, causing us to create _javascript_ wrappers for our internal objects</li>
+<li>The font finishes loading</li>
+</ol>
+The bug occurs when the wrappers do not correctly understand that there are in-flight loads already happening.
+<div style="font-family: 'WebFont';">Hello</div>
+<script>
+document.body.offsetTop; // Force layout, which starts fonts loading
+document.fonts.ready.then(function() {
+ if (window.testRunner)
+ testRunner.notifyDone();
+});
+</script>
+</body>
+</html>
Modified: releases/WebKitGTK/webkit-2.18/Source/WebCore/ChangeLog (223364 => 223365)
--- releases/WebKitGTK/webkit-2.18/Source/WebCore/ChangeLog 2017-10-16 10:13:07 UTC (rev 223364)
+++ releases/WebKitGTK/webkit-2.18/Source/WebCore/ChangeLog 2017-10-16 10:15:46 UTC (rev 223365)
@@ -1,3 +1,18 @@
+2017-09-12 Myles C. Maxfield <[email protected]>
+
+ ASSERTION FAILED: !m_valueOrException under FontFaceSet::completedLoading loading a Serious Eats page
+ https://bugs.webkit.org/show_bug.cgi?id=175899
+
+ Reviewed by Tim Horton.
+
+ Slight style update to r221835. Also adds a test.
+
+ Test: fast/text/document-fonts-while-loading-crash.html
+
+ * css/CSSFontFaceSet.h:
+ * css/FontFaceSet.cpp:
+ (WebCore::FontFaceSet::FontFaceSet):
+
2017-09-12 Manuel Rego Casasnovas <[email protected]>
[css-grid] Stretching auto tracks should be done as part of the track sizing algorithm
Modified: releases/WebKitGTK/webkit-2.18/Source/WebCore/css/CSSFontFaceSet.h (223364 => 223365)
--- releases/WebKitGTK/webkit-2.18/Source/WebCore/css/CSSFontFaceSet.h 2017-10-16 10:13:07 UTC (rev 223364)
+++ releases/WebKitGTK/webkit-2.18/Source/WebCore/css/CSSFontFaceSet.h 2017-10-16 10:15:46 UTC (rev 223365)
@@ -73,6 +73,8 @@
enum class Status { Loading, Loaded };
Status status() const { return m_status; }
+ bool hasActiveFontFaces() { return status() == Status::Loading; }
+
ExceptionOr<Vector<std::reference_wrapper<CSSFontFace>>> matchingFaces(const String& font, const String& text);
// CSSFontFace::Client needs to be able to be held in a RefPtr.
Modified: releases/WebKitGTK/webkit-2.18/Source/WebCore/css/FontFaceSet.cpp (223364 => 223365)
--- releases/WebKitGTK/webkit-2.18/Source/WebCore/css/FontFaceSet.cpp 2017-10-16 10:13:07 UTC (rev 223364)
+++ releases/WebKitGTK/webkit-2.18/Source/WebCore/css/FontFaceSet.cpp 2017-10-16 10:15:46 UTC (rev 223365)
@@ -63,9 +63,9 @@
, m_backing(backing)
, m_readyPromise(*this, &FontFaceSet::readyPromiseResolve)
{
+ if (!backing.hasActiveFontFaces())
+ m_readyPromise.resolve(*this);
m_backing->addClient(*this);
- if (m_backing->status() == CSSFontFaceSet::Status::Loaded)
- m_readyPromise.resolve(*this);
}
FontFaceSet::~FontFaceSet()
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
