Bug 258171

Summary:

REGRESSION(264618@main): Infinite mutual recursion in SVGRenderSupport::layoutDifferentRootIfNeeded

Product:

WebKit

Reporter:

Ryosuke Niwa <rniwa>

Component:

SVG

Assignee:

Ryosuke Niwa <rniwa>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

sabouhallawa, zimmermann

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

See Also:

https://bugs.webkit.org/show_bug.cgi?id=130127
https://bugs.webkit.org/show_bug.cgi?id=149613

Attachments:

Description	Flags
Test	none

Description Ryosuke Niwa 2023-06-15 15:55:09 PDT

Created attachment 466710 [details]
Test

e.g.
#12	0x0000000285809e2c in WebCore::RenderSVGResourceContainer::layout() at Source/WebCore/rendering/svg/RenderSVGResourceContainer.cpp:58
#13	0x0000000284616d6c in WebCore::RenderElement::layoutIfNeeded() at Source/WebCore/rendering/RenderElement.h:160
#14	0x000000028584cbd4 in WebCore::SVGResources::layoutDifferentRootIfNeeded(WebCore::LegacyRenderSVGRoot const*) at Source/WebCore/rendering/svg/SVGResources.cpp:317
#15	0x000000028584cb30 in WebCore::SVGRenderSupport::layoutDifferentRootIfNeeded(WebCore::RenderElement const&) at Source/WebCore/rendering/svg/SVGRenderSupport.cpp:238
#16	0x000000028584cf68 in WebCore::SVGRenderSupport::layoutChildren(WebCore::RenderElement&, bool) at Source/WebCore/rendering/svg/SVGRenderSupport.cpp:280
#17	0x00000002857e1f38 in WebCore::LegacyRenderSVGContainer::layout() at Source/WebCore/rendering/svg/LegacyRenderSVGContainer.cpp:71
#18	0x000000028581f778 in WebCore::RenderSVGResourceMarker::layout() at Source/WebCore/rendering/svg/RenderSVGResourceMarker.cpp:54
#19	0x0000000284616d6c in WebCore::RenderElement::layoutIfNeeded() at Source/WebCore/rendering/RenderElement.h:160
#20	0x000000028584cca0 in WebCore::SVGResources::layoutDifferentRootIfNeeded(WebCore::LegacyRenderSVGRoot const*) at Source/WebCore/rendering/svg/SVGResources.cpp:326
#21	0x000000028584cb30 in WebCore::SVGRenderSupport::layoutDifferentRootIfNeeded(WebCore::RenderElement const&) at Source/WebCore/rendering/svg/SVGRenderSupport.cpp:238
#22	0x000000028584cf68 in WebCore::SVGRenderSupport::layoutChildren(WebCore::RenderElement&, bool) at Source/WebCore/rendering/svg/SVGRenderSupport.cpp:280
#23	0x00000002857e4930 in WebCore::LegacyRenderSVGHiddenContainer::layout() at Source/WebCore/rendering/svg/LegacyRenderSVGHiddenContainer.cpp:39
#24	0x0000000285809e2c in WebCore::RenderSVGResourceContainer::layout() at Source/WebCore/rendering/svg/RenderSVGResourceContainer.cpp:58
#25	0x0000000284616d6c in WebCore::RenderElement::layoutIfNeeded() at Source/WebCore/rendering/RenderElement.h:160
#26	0x000000028584cbd4 in WebCore::SVGResources::layoutDifferentRootIfNeeded(WebCore::LegacyRenderSVGRoot const*) at Source/WebCore/rendering/svg/SVGResources.cpp:317
#27	0x000000028584cb30 in WebCore::SVGRenderSupport::layoutDifferentRootIfNeeded(WebCore::RenderElement const&) at Source/WebCore/rendering/svg/SVGRenderSupport.cpp:238
#28	0x000000028584cf68 in WebCore::SVGRenderSupport::layoutChildren(WebCore::RenderElement&, bool) at Source/WebCore/rendering/svg/SVGRenderSupport.cpp:280
#29	0x00000002857e1f38 in WebCore::LegacyRenderSVGContainer::layout() at Source/WebCore/rendering/svg/LegacyRenderSVGContainer.cpp:71
#30	0x000000028581f778 in WebCore::RenderSVGResourceMarker::layout() at Source/WebCore/rendering/svg/RenderSVGResourceMarker.cpp:54
#31	0x0000000284616d6c in WebCore::RenderElement::layoutIfNeeded() at Source/WebCore/rendering/RenderElement.h:160
#32	0x000000028584cca0 in WebCore::SVGResources::layoutDifferentRootIfNeeded(WebCore::LegacyRenderSVGRoot const*) at Source/WebCore/rendering/svg/SVGResources.cpp:326
#33	0x000000028584cb30 in WebCore::SVGRenderSupport::layoutDifferentRootIfNeeded(WebCore::RenderElement const&) at Source/WebCore/rendering/svg/SVGRenderSupport.cpp:238
#34	0x000000028584cf68 in WebCore::SVGRenderSupport::layoutChildren(WebCore::RenderElement&, bool) at Source/WebCore/rendering/svg/SVGRenderSupport.cpp:280
#35	0x00000002857e4930 in WebCore::LegacyRenderSVGHiddenContainer::layout() at Source/WebCore/rendering/svg/LegacyRenderSVGHiddenContainer.cpp:39
#36	0x0000000285809e2c in WebCore::RenderSVGResourceContainer::layout() at Source/WebCore/rendering/svg/RenderSVGResourceContainer.cpp:58
#37	0x0000000284616d6c in WebCore::RenderElement::layoutIfNeeded() at Source/WebCore/rendering/RenderElement.h:160
#38	0x000000028584cbd4 in WebCore::SVGResources::layoutDifferentRootIfNeeded(WebCore::LegacyRenderSVGRoot const*) at Source/WebCore/rendering/svg/SVGResources.cpp:317
#39	0x000000028584cb30 in WebCore::SVGRenderSupport::layoutDifferentRootIfNeeded(WebCore::RenderElement const&) at Source/WebCore/rendering/svg/SVGRenderSupport.cpp:238
#40	0x000000028584cf68 in WebCore::SVGRenderSupport::layoutChildren(WebCore::RenderElement&, bool) at Source/WebCore/rendering/svg/SVGRenderSupport.cpp:280
#41	0x00000002857e1f38 in WebCore::LegacyRenderSVGContainer::layout() at Source/WebCore/rendering/svg/LegacyRenderSVGContainer.cpp:71
#42	0x000000028581f778 in WebCore::RenderSVGResourceMarker::layout() at Source/WebCore/rendering/svg/RenderSVGResourceMarker.cpp:54

<rdar://110440389>

Comment 1 Ryosuke Niwa 2023-06-15 17:13:02 PDT

Pull request: https://github.com/WebKit/WebKit/pull/15030

Comment 2 EWS 2023-06-16 10:08:36 PDT

Committed 265249@main (0d62c4b9488c): <https://commits.webkit.org/265249@main>

Reviewed commits have been landed. Closing PR #15030 and removing active labels.