Closed Bug 1395661 Opened 3 years ago Closed 3 years ago

stylo: Jump to nullptr from list-style animation

Categories

(Core :: CSS Parsing and Computation, defect, P1, critical)

defect

Tracking

()

RESOLVED WORKSFORME

People

(Reporter: truber, Assigned: hiro)

References

(Blocks 2 open bugs)

Details

(Keywords: crash, csectype-nullptr, testcase)

Attachments

(1 file)

Attached file testcase.html
The attached testcase causes a segv with pc=0 in m-c rev 20170831-04b6be50a252 with stylo enabled by pref.


==9273==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000000000 bp 0x7ffcb23c0aa0 sp 0x7ffcb23c0a98 T0)
==9273==Hint: pc points to the zero page.
==9273==The signal is caused by a READ memory access.
==9273==Hint: address points to the zero page.

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (<unknown module>)
==9273==ABORTING
Flags: in-testsuite?
Flags: needinfo?(hikezoe)
Priority: -- → P2
Assignee: nobody → hikezoe
Priority: P2 → P1
I can't repro on autoland, and I bet this has been fixed by bug 1393189.
NI Jesse to confirm.
Flags: needinfo?(hikezoe) → needinfo?(jschwartzentruber)
Confirmed, I can't reproduce anymore with m-c rev 20170831-4984da222428.
Status: NEW → RESOLVED
Closed: 3 years ago
Flags: needinfo?(jschwartzentruber)
Resolution: --- → WORKSFORME
Group: dom-core-security
You need to log in before you can comment on or make changes to this bug.