Closed
Bug 105928
Opened 23 years ago
Closed 17 years ago
Crash on startup if userContent.css has "* { overflow: auto }" or "* { overflow: scroll }"
Categories
(Core :: Layout, defect, P1)
Tracking
()
RESOLVED
DUPLICATE
of bug 164617
Future
People
(Reporter: bzbarsky, Assigned: attinasi)
References
Details
(Keywords: crash)
Attachments
(1 file)
|
668 bytes,
application/vnd.mozilla.xul+xml
|
Details |
Linux build 2001-10-19 from cvs.
Steps to reproduce:
1) edit chrome/userContent.css in your profile directory
2) add "* { overflow: auto }"
3) Save and exit
4) Start the browser ('mozilla about:blank' will do, but it does not seem to
matter what the start page is)
Expected results:
Browser starts fine
Actual results:
Browser opens profile manager, lets you choose a profile, then goes into
infinite loop, blows the stack, and crashes.
The same results happen if "overflow: scroll" is used.
The sidebar is closed, so what's being rendered here? about:blank?
The loop is being spawned by StyleSetImpl::ConstructRootFrame (that's the last
non-loop function on the stack).
Adding the same style rule to a page's style sheet, btw, does not lead to
behavior like this.
end of trace (showing loop):
#14 0x41c1943a in nsCSSFrameConstructor::ConstructFrameInternal (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bdc668, aParentFrame=0x8bd4898, aTag=0x81ee4d8, aNameSpaceID=7,
aStyleContext=0x8bdb6dc, aFrameItems=@0xbfe03104, aXBLBaseTag=0)
at nsCSSFrameConstructor.cpp:6979
#15 0x41c192e8 in nsCSSFrameConstructor::ConstructFrame (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bdc668, aParentFrame=0x8bd4898, aFrameItems=@0xbfe03104)
at nsCSSFrameConstructor.cpp:6942
#16 0x41c1485c in nsCSSFrameConstructor::CreateAnonymousFrames (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aParent=0x8bdb3b8,
aDocument=0x8884570, aParentFrame=0x8bd4898, aChildItems=@0xbfe03104)
at nsCSSFrameConstructor.cpp:5004
#17 0x41c16719 in nsCSSFrameConstructor::BuildGfxScrollFrame (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bdb3b8, aDocument=0x8884570, aParentFrame=0x8bd4718,
aStyleContext=0x8bd47d0, aIsRoot=0, aNewFrame=@0xbfe0310c,
aAnonymousFrames=@0xbfe03104, aScrollPortFrame=0x8bdb620)
at nsCSSFrameConstructor.cpp:5924
#18 0x41c162fd in nsCSSFrameConstructor::BeginBuildingScrollFrame
(this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bdb3b8, aContentStyle=0x8bd47d0, aParentFrame=0x8bd4718,
aScrolledPseudo=0x81eb370, aDocument=0x8884570, aIsRoot=0,
aNewFrame=@0xbfe033d0,
aScrolledChildStyle=@0xbfe03170, aScrollableFrame=@0xbfe03174,
aScrollPortFrame=0x0)
at nsCSSFrameConstructor.cpp:5721
#19 0x41c1659d in nsCSSFrameConstructor::BuildScrollFrame (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bdb3b8, aContentStyle=0x8bd47d0, aScrolledFrame=0x8bd4804,
aParentFrame=0x8bd4718, aNewFrame=@0xbfe033d0,
aScrolledContentStyle=@0xbfe03424,
aScrollPortFrame=0x0) at nsCSSFrameConstructor.cpp:5869
#20 0x41c15528 in nsCSSFrameConstructor::ConstructXULFrame (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bdb3b8, aParentFrame=0x8bd4718, aTag=0x81ef938, aNameSpaceID=7,
aStyleContext=0x8bd47d0, aFrameItems=@0xbfe03734, aXBLBaseTag=0,
aHaltProcessing=@0xbfe034d0) at nsCSSFrameConstructor.cpp:5336
#21 0x41c19838 in nsCSSFrameConstructor::ConstructFrameInternal (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bdb3b8, aParentFrame=0x8bd4718, aTag=0x81ef938, aNameSpaceID=7,
aStyleContext=0x8bd47d0, aFrameItems=@0xbfe03734, aXBLBaseTag=0)
at nsCSSFrameConstructor.cpp:7037
#22 0x41c192e8 in nsCSSFrameConstructor::ConstructFrame (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bdb3b8, aParentFrame=0x8bd4718, aFrameItems=@0xbfe03734)
at nsCSSFrameConstructor.cpp:6942
#23 0x41c28acf in nsCSSFrameConstructor::ProcessChildren (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bda898, aFrame=0x8bd4718, aCanHaveGeneratedContent=0,
aFrameItems=@0xbfe03734, aParentIsBlock=0, aTableCreator=0x0)
at nsCSSFrameConstructor.cpp:11480
#24 0x41c15ec8 in nsCSSFrameConstructor::ConstructXULFrame (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bda898, aParentFrame=0x8bd4650, aTag=0x81efec8, aNameSpaceID=7,
aStyleContext=0x8bd461c, aFrameItems=@0xbfe03be8, aXBLBaseTag=0,
aHaltProcessing=@0xbfe03984) at nsCSSFrameConstructor.cpp:5623
#25 0x41c19838 in nsCSSFrameConstructor::ConstructFrameInternal (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bda898, aParentFrame=0x8bd4650, aTag=0x81efec8, aNameSpaceID=7,
aStyleContext=0x8bd461c, aFrameItems=@0xbfe03be8, aXBLBaseTag=0)
at nsCSSFrameConstructor.cpp:7037
#26 0x41c192e8 in nsCSSFrameConstructor::ConstructFrame (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bda898, aParentFrame=0x8bd4650, aFrameItems=@0xbfe03be8)
at nsCSSFrameConstructor.cpp:6942
#27 0x41c28acf in nsCSSFrameConstructor::ProcessChildren (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bda628, aFrame=0x8bd4650, aCanHaveGeneratedContent=0,
aFrameItems=@0xbfe03be8, aParentIsBlock=0, aTableCreator=0x0)
at nsCSSFrameConstructor.cpp:11480
#28 0x41c15ec8 in nsCSSFrameConstructor::ConstructXULFrame (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bda628, aParentFrame=0x8bd4460, aTag=0x81ee4d8, aNameSpaceID=7,
aStyleContext=0x8bd45e8, aFrameItems=@0xbfe04038, aXBLBaseTag=0,
aHaltProcessing=@0xbfe03e38) at nsCSSFrameConstructor.cpp:5623
#29 0x41c19838 in nsCSSFrameConstructor::ConstructFrameInternal (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bda628, aParentFrame=0x8bd4460, aTag=0x81ee4d8, aNameSpaceID=7,
aStyleContext=0x8bd45e8, aFrameItems=@0xbfe04038, aXBLBaseTag=0)
at nsCSSFrameConstructor.cpp:7037
#30 0x41c192e8 in nsCSSFrameConstructor::ConstructFrame (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bda628, aParentFrame=0x8bd4460, aFrameItems=@0xbfe04038)
at nsCSSFrameConstructor.cpp:6942
#31 0x41c1485c in nsCSSFrameConstructor::CreateAnonymousFrames (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aParent=0x8bda390,
aDocument=0x8884570, aParentFrame=0x8bd4460, aChildItems=@0xbfe04038)
at nsCSSFrameConstructor.cpp:5004
#32 0x41c16719 in nsCSSFrameConstructor::BuildGfxScrollFrame (this=0x889f5a8,
aPresShell=0x889f660, aPresContext=0x889ee30, aState=@0xbfffe900,
aContent=0x8bda390, aDocument=0x8884570, aParentFrame=0x8bd42e0,
aStyleContext=0x8bd4398, aIsRoot=0, aNewFrame=@0xbfe04040,
aAnonymousFrames=@0xbfe04038, aScrollPortFrame=0x8bd452c)
at nsCSSFrameConstructor.cpp:5924
|
Assignee | |
Comment 1•23 years ago
|
||
Ech. So we want a scrollframe around everything? I don't think the GfxScrollFrame can handle that... cc'ing evaughan for his scrolling insights. Clearly, we need to at least be robust enough to handle this perfectly legitimate and superficially harmless CSS.
|
Reporter | |
Comment 2•23 years ago
|
||
Again, the interesting thing is that the same rule in an author sheet does not lead to a crash. It's just the user sheet that's a problem.
|
||
Updated•23 years ago
|
Target Milestone: --- → mozilla1.0.1
|
|
Assignee | |
Comment 3•23 years ago
|
||
Moving Mozilla 1.01 bugs to 'future' milestone with priority P1 I will be pulling bugs from 'future' milestones when scheduling later work.
Priority: -- → P1
Target Milestone: mozilla1.0.1 → Future
|
||
Comment 4•22 years ago
|
||
I can prevent the crash by adding
scrollbar * {
overflow: hidden !important;
}
in xul.css, so I guess the first question is, why is the rule in userContent.css
being applied to scrollbars?|
|
Reporter | |
Comment 5•22 years ago
|
||
That's bug 164617
|
|
||
Comment 6•22 years ago
|
||
So is this a dupe of bug 164617? If universal selectors apply to scrollbars then * { overflow: auto } will inevitably cause an infinite regress.
|
||
Comment 8•22 years ago
|
||
By the definitions on <http://bugzilla.mozilla.org/bug_status.html#severity> and <http://bugzilla.mozilla.org/enter_bug.cgi?format=guided>, crashing and dataloss bugs are of critical or possibly higher severity. Only changing open bugs to minimize unnecessary spam. Keywords to trigger this would be crash, topcrash, topcrash+, zt4newcrash, dataloss.
Severity: normal → critical
bug 164617 says userContent.css but this bug's summary says userChrome.css.
|
|
||
Comment 10•21 years ago
|
||
The summary says userChrome.css, but comment 0 says chrome/userContent.css. Can the reporter clarify?
|
|
Reporter | |
Comment 11•21 years ago
|
||
Yeah, this was userContent.css. If userChrome.css blows things up, I don't think we care that much....
Summary: Crash on startup if userChrome.css has "* { overflow: auto }" or "* { overflow: scroll }" → Crash on startup if userContent.css has "* { overflow: auto }" or "* { overflow: scroll }"
|
||
Comment 12•19 years ago
|
||
I extracted the minimum code from my application that crashes my browser Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6 Reproducible always.
|
|
Reporter | |
Updated•17 years ago
|
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•