Closed
Bug 454465
Opened 16 years ago
Closed 13 years ago
Infinite recursion crash [@ nsRuleNode::GetSVGData] again with nested marquees
Categories
(Core :: CSS Parsing and Computation, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: martijn.martijn, Unassigned)
References
()
Details
(Keywords: crash, regression, testcase, Whiteboard: [sg:dos] stack overflow)
Crash Data
This is a follow-up from bug 454434. I thought this was fixed by bug 425253 and that the crashtest that was attached to that bug made it sure new crashers would be noticed. But it seems like the crashtest is the wrong one, afaict: http://mxr.mozilla.org/mozilla-central/source/layout/generic/crashtests/425253-1.html So now nested marquees are crashing again. I can look for a regression range, if wanted. http://crash-stats.mozilla.com/report/index/c5a96c4f-7ead-11dd-8817-0013211cbf8a 0 xul.dll nsRuleNode::GetSVGData 1 xul.dll nsRuleNode::GetStyleData 2 xul.dll nsRuleNode::WalkRuleTree 3 xul.dll nsRuleNode::GetSVGData 4 xul.dll nsRuleNode::GetStyleData 5 xul.dll nsRuleNode::WalkRuleTree 6 xul.dll nsRuleNode::GetSVGData 7 xul.dll nsRuleNode::GetStyleData 8 xul.dll nsRuleNode::WalkRuleTree 9 xul.dll nsRuleNode::GetSVGData 10 xul.dll nsRuleNode::GetStyleData 11 xul.dll nsRuleNode::WalkRuleTree etc...
|
Reporter | |
Comment 1•16 years ago
|
||
Ok, I guess the crash test as checked in also showed the crash. The nested marquee one was still suffering from bug 239840, I guess.
|
|
Reporter | |
Updated•16 years ago
|
Flags: blocking1.9.1?
Component: Layout → Style System (CSS)
QA Contact: layout → style-system
I don't see a crash; I just see a hang in deeply nested ReResolveStyleContext.
Flags: blocking1.9.1? → wanted1.9.1+
|
||
Comment 3•15 years ago
|
||
I got a slightly different stack clicking attachment details of bug 454434 bp-e7422a0d-d465-4cbf-80f6-82d952090131 nsRuleNode::GetTextData layout/style/nsRuleNode.cpp:1326 nsRuleNode::GetStyleText layout/style/nsStyleStructList.h:89 nsRuleNode::ComputeTextData layout/style/nsRuleNode.cpp:2926 @0x9bc69c7 nsRuleNode::GetStyleData layout/style/nsStyleStructList.h:89 nsRuleNode::WalkRuleTree layout/style/nsRuleNode.cpp:1764 nsRuleNode::GetStyleData layout/style/nsStyleStructList.h:89 nsRuleNode::WalkRuleTree layout/style/nsRuleNode.cpp:1764 nsRuleNode::GetStyleData layout/style/nsStyleStructList.h:89 nsRuleNode::WalkRuleTree layout/style/nsRuleNode.cpp:1764 nsRuleNode::GetTextData layout/style/nsRuleNode.cpp:1331 nsRuleNode::GetStyleText layout/style/nsStyleStructList.h:89
Should this be a dupe of bug 363722 ?
|
||
Comment 5•13 years ago
|
||
http://www.kossolax.be/scripts/je_veux_crasher_mon_navigateur.php appears to be this same bug which crashes Firefox 4 on Windows XP and 7 with a variety of stacks that either begin with or contain: nsRuleNode::GetSVGData(nsStyleContext*) nsRuleNode::GetStyleData(nsStyleStructID, nsStyleContext*, int) nsStyleContext::GetStyleData(nsStyleStructID) nsRuleNode::WalkRuleTree(nsStyleStructID, nsStyleContext*, nsRuleData*, nsCSSStruct*) nsRuleNode::GetSVGData(nsStyleContext*)
|
Assignee | |
Updated•13 years ago
|
Crash Signature: [@ nsRuleNode::GetSVGData]
|
||
Comment 6•13 years ago
|
||
Nothing in a version beyond 3.0 and 3.6. Even then there is a single instance in the past 4 weeks. Resolving as Works For Me.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•