Closed Bug 220165 Opened 21 years ago Closed 21 years ago

Mozilla crashes after clicking HTML button embedded in SVG document

Categories

(Core :: SVG, defect)

Product:
Core
Component:
SVG
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: marcoos, Assigned: bzbarsky)

References

(
URL
)

Details

(Keywords: crash, testcase)

Attachments

(2 files, 1 obsolete file)

A simple testcase
767 bytes, text/xml
Details
Updated to new CreateViewForFrame arg list
3.91 KB, patch
Details | Diff | Splinter Review
The win32 SVG enabled build of Mozilla (from ftp.mozilla.org/pub/mozilla/nightly/2003-09-23-12-trunk/) crashes after clicking an <html:button> element. (Tested on Windows XP). Steps to reproduce: 1. Go to http://www.croczilla.com/svg/foreign1.xml and click the button called "This is a wide button" Expected results: 1. A JS-alert with a "boo!" message should appear. Actual results: 1. Mozilla crashes A testcase follows.
Attached file A simple testcase
Slightly minimized version of the file from croczilla.com.
Keywords: crash, testcase
Severity: normal → critical
Attached patch Patch (obsolete) — Splinter Review
This is a bit of a hack, especially with the pushing of "null" as the floater containing block. I wonder why there is a floater containing block on the stack that does not have the SPACE_MGR bit set.... It may be less hackish to just set the SPACE_MGR bit directly on the frame here instead of messing with the floater containing block. In any case, we do want to be calling ConstructBlock here so that floated and positioned kids of the foreignObject will act correctly.
Attachment #132076 - Flags: superreview?(dbaron)
Attachment #132076 - Flags: review?(alex.fritze)
Comment on attachment 132076 [details] [diff] [review] Patch Patch looks good, but do you think it would make sense to simplify things and treat all SVG frames as blocks?
What do you mean by that, exactly?
Comment on attachment 132076 [details] [diff] [review] Patch I meant calling ConstructBlock() for all SVG frames and not just special case for foreignObject - but just ignore it cause it doesn't make sense :-) You technically don't need SR to check this in because it's not part of the default build. That's not to say that I don't think it would be a good idea if dbaron has a look at this, but it would be nice to get this in soon.
Attachment #132076 - Flags: review?(alex.fritze) → review+
It works just fine with firebird 0.6.1 maybe it should be changed to fixed?
Nick: This became broken *after* Firebird 0.6.1 was released.
Attachment #132076 - Flags: superreview?(dbaron) → superreview?(roc)
Attachment #132076 - Flags: superreview?(roc) → superreview+
Taking.
Assignee: alex → bzbarsky
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows XP → All
Hardware: PC → All
Attachment #132076 - Attachment is obsolete: true
Fixed.
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Checked in a test for this.
Flags: in-testsuite+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: