Assertion failure in BidiResolver::commitExplicitEmbedding() (!inIsolate() || m_curre...
authoreric@webkit.org <eric@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 18 May 2012 23:47:08 +0000 (23:47 +0000)
committereric@webkit.org <eric@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 18 May 2012 23:47:08 +0000 (23:47 +0000)
commit5d57b5c6b625a62f5a248e72fe6a44fa81d897f1
tree4ab46ceac333aa9ce436a9c177f2092471f83348
parent2ec8f88887c8536326f9540f6b395ae47323eff6
Assertion failure in BidiResolver::commitExplicitEmbedding() (!inIsolate() || m_currentExplicitEmbeddingSequence.isEmpty()) at wikipedia.org
https://bugs.webkit.org/show_bug.cgi?id=76574

Reviewed by Levi Weintraub.

Source/WebCore:

Consider this example:
<span style="unicode-bidi: embed"><span style="unicode-bidi: isolate">a</span></span>
Before this patch, we would ASSERT when computing the text runs, as we would have encountered
the "embed LTR" directive from the outer span, but not try to "commit" this embedding until
we encountered the first charater (an optimization to avoid creating unnecessary bidi embedding contexts).
The ASSERT we were hitting was to ensure that embedding directives inside an isolated span
did not bleed out and effect the surrounding text.

bidi "isolate" support uses a multi-pass Unicode Bidi Algorithm (UBA), which when encountering
"isolated" sections of text ignores them in the first pass, and then goes back and runs
a separate instance of the UBA on those isolated sections.

Once we scan into an "isolate" section (during an outer UBA application) we should not respect
any embedding directives inside that "isolate" section.

However, in the above example, our "don't commit embeddings until we need them" and
"assert we don't respect embeddings inside isolated spans" were conflicting.
The fix is to make sure we always commit any pending embedding directives *before*
we enter an isolate section.

Luckly there was no functional bug here as we were still respecting
the embedding directives we were belatedly committing. After this change we're commiting
those directives at a more appropriate time, thus avoiding the ASSERT.

Test: fast/text/bidi-isolate-embedding-crash.html

* platform/text/BidiResolver.h:
(WebCore::::commitExplicitEmbedding):
* rendering/InlineIterator.h:
(WebCore::notifyObserverEnteredObject):
(WebCore::IsolateTracker::commitExplicitEmbedding):

LayoutTests:

* fast/text/bidi-isolate-embedding-crash-expected.txt: Added.
* fast/text/bidi-isolate-embedding-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@117658 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/fast/text/bidi-isolate-embedding-crash-expected.txt [new file with mode: 0644]
LayoutTests/fast/text/bidi-isolate-embedding-crash.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/platform/text/BidiResolver.h
Source/WebCore/rendering/InlineIterator.h