Closed
Bug 1516920
Opened 5 years ago
Closed 5 years ago
heap-buffer-overflow in [@ mozilla::ReflowInput::InitAbsoluteConstraints]
Categories
(Core :: Layout: Columns, defect, P3)
Core
Layout: Columns
Tracking
()
RESOLVED
DUPLICATE
of bug 1520722
| Tracking | Status | |
|---|---|---|
| firefox-esr60 | --- | unaffected |
| firefox64 | --- | unaffected |
| firefox65 | --- | disabled |
| firefox66 | --- | affected |
People
(Reporter: tsmith, Unassigned)
References
(Blocks 1 open bug)
Details
(4 keywords)
Attachments
(1 file)
|
388 bytes,
text/html
|
Details |
==10153==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60c0001f9f88 at pc 0x7f7f04ee3dfa bp 0x7ffee86108d0 sp 0x7ffee86108c8
READ of size 8 at 0x60c0001f9f88 thread T0 (file:// Content)
#0 0x7f7f04ee3df9 in Equals src/layout/base/FrameProperties.h:361:16
#1 0x7f7f04ee3df9 in Equals<const mozilla::FrameProperties::PropertyValue, const mozilla::FramePropertyDescriptorUntyped *const> src/obj-firefox/dist/include/nsTArray.h:815
#2 0x7f7f04ee3df9 in ApplyIf<const mozilla::FramePropertyDescriptorUntyped *, mozilla::FrameProperties::PropertyComparator, (lambda at /builds/worker/workspace/build/src/layout/base/FrameProperties.h:374:7), (lambda at /builds/worker/workspace/build/src/layout/base/FrameProperties.h:380:7)> src/obj-firefox/dist/include/nsTArray.h:1934
#3 0x7f7f04ee3df9 in GetInternal src/layout/base/FrameProperties.h:372
#4 0x7f7f04ee3df9 in Get<nsPlaceholderFrame> src/layout/base/FrameProperties.h:213
#5 0x7f7f04ee3df9 in GetProperty<nsPlaceholderFrame> src/layout/generic/nsIFrame.h:3491
#6 0x7f7f04ee3df9 in GetPlaceholderFrame src/layout/generic/nsIFrame.h:842
#7 0x7f7f04ee3df9 in mozilla::ReflowInput::InitAbsoluteConstraints(nsPresContext*, mozilla::ReflowInput const*, mozilla::LogicalSize const&, mozilla::LayoutFrameType) src/layout/generic/ReflowInput.cpp:1645
#8 0x7f7f04ed32b7 in mozilla::ReflowInput::InitConstraints(nsPresContext*, mozilla::LogicalSize const&, nsMargin const*, nsMargin const*, mozilla::LayoutFrameType) src/layout/generic/ReflowInput.cpp:2406:7
#9 0x7f7f04ec8586 in mozilla::ReflowInput::Init(nsPresContext*, mozilla::LogicalSize const*, nsMargin const*, nsMargin const*) src/layout/generic/ReflowInput.cpp:403:3
#10 0x7f7f04f2c56b in nsAbsoluteContainingBlock::ReflowAbsoluteFrame(nsIFrame*, nsPresContext*, mozilla::ReflowInput const&, nsRect const&, nsAbsoluteContainingBlock::AbsPosReflowFlags, nsIFrame*, nsReflowStatus&, nsOverflowAreas*) src/layout/generic/nsAbsoluteContainingBlock.cpp:663:15
#11 0x7f7f04f2625e in nsAbsoluteContainingBlock::Reflow(nsContainerFrame*, nsPresContext*, mozilla::ReflowInput const&, nsReflowStatus&, nsRect const&, nsAbsoluteContainingBlock::AbsPosReflowFlags, nsOverflowAreas*) src/layout/generic/nsAbsoluteContainingBlock.cpp:158:7
#12 0x7f7f04f4dc40 in nsBlockFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/nsBlockFrame.cpp:1422:26
#13 0x7f7f04f77dae in nsBlockReflowContext::ReflowBlock(mozilla::LogicalRect const&, bool, nsCollapsingMargin&, int, bool, nsLineBox*, mozilla::ReflowInput&, nsReflowStatus&, mozilla::BlockReflowInput&) src/layout/generic/nsBlockReflowContext.cpp:297:11
#14 0x7f7f04f6957b in nsBlockFrame::ReflowBlockFrame(mozilla::BlockReflowInput&, nsLineList_iterator, bool*) src/layout/generic/nsBlockFrame.cpp:3408:11
#15 0x7f7f04f663f5 in nsBlockFrame::ReflowLine(mozilla::BlockReflowInput&, nsLineList_iterator, bool*) src/layout/generic/nsBlockFrame.cpp:2788:5
#16 0x7f7f04f57713 in nsBlockFrame::ReflowDirtyLines(mozilla::BlockReflowInput&) src/layout/generic/nsBlockFrame.cpp:2334:7
#17 0x7f7f04f4b026 in nsBlockFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/nsBlockFrame.cpp:1207:3
#18 0x7f7f04f77dae in nsBlockReflowContext::ReflowBlock(mozilla::LogicalRect const&, bool, nsCollapsingMargin&, int, bool, nsLineBox*, mozilla::ReflowInput&, nsReflowStatus&, mozilla::BlockReflowInput&) src/layout/generic/nsBlockReflowContext.cpp:297:11
#19 0x7f7f04f6957b in nsBlockFrame::ReflowBlockFrame(mozilla::BlockReflowInput&, nsLineList_iterator, bool*) src/layout/generic/nsBlockFrame.cpp:3408:11
#20 0x7f7f04f663f5 in nsBlockFrame::ReflowLine(mozilla::BlockReflowInput&, nsLineList_iterator, bool*) src/layout/generic/nsBlockFrame.cpp:2788:5
#21 0x7f7f04f57713 in nsBlockFrame::ReflowDirtyLines(mozilla::BlockReflowInput&) src/layout/generic/nsBlockFrame.cpp:2334:7
#22 0x7f7f04f4b026 in nsBlockFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/nsBlockFrame.cpp:1207:3
#23 0x7f7f04fcc9e0 in nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, mozilla::WritingMode const&, mozilla::LogicalPoint const&, nsSize const&, unsigned int, nsReflowStatus&, nsOverflowContinuationTracker*) src/layout/generic/nsContainerFrame.cpp:883:14
#24 0x7f7f04fd3fcb in nsColumnSetFrame::ReflowChildren(mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&, nsColumnSetFrame::ReflowConfig const&, bool, nsColumnSetFrame::ColumnBalanceData&) src/layout/generic/nsColumnSetFrame.cpp:754:7
#25 0x7f7f04fdb56e in ReflowColumns src/layout/generic/nsColumnSetFrame.cpp:452:19
#26 0x7f7f04fdb56e in nsColumnSetFrame::FindBestBalanceBSize(mozilla::ReflowInput const&, nsPresContext*, nsColumnSetFrame::ReflowConfig&, nsColumnSetFrame::ColumnBalanceData&, mozilla::ReflowOutput&, bool&, bool&, nsReflowStatus&) src/layout/generic/nsColumnSetFrame.cpp:1097
#27 0x7f7f04fdccbd in nsColumnSetFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/nsColumnSetFrame.cpp:1198:5
#28 0x7f7f04f77dae in nsBlockReflowContext::ReflowBlock(mozilla::LogicalRect const&, bool, nsCollapsingMargin&, int, bool, nsLineBox*, mozilla::ReflowInput&, nsReflowStatus&, mozilla::BlockReflowInput&) src/layout/generic/nsBlockReflowContext.cpp:297:11
#29 0x7f7f04f6957b in nsBlockFrame::ReflowBlockFrame(mozilla::BlockReflowInput&, nsLineList_iterator, bool*) src/layout/generic/nsBlockFrame.cpp:3408:11
#30 0x7f7f04f663f5 in nsBlockFrame::ReflowLine(mozilla::BlockReflowInput&, nsLineList_iterator, bool*) src/layout/generic/nsBlockFrame.cpp:2788:5
#31 0x7f7f04f57713 in nsBlockFrame::ReflowDirtyLines(mozilla::BlockReflowInput&) src/layout/generic/nsBlockFrame.cpp:2334:7
#32 0x7f7f04f4b026 in nsBlockFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/nsBlockFrame.cpp:1207:3
#33 0x7f7f04fcc9e0 in nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, mozilla::WritingMode const&, mozilla::LogicalPoint const&, nsSize const&, unsigned int, nsReflowStatus&, nsOverflowContinuationTracker*) src/layout/generic/nsContainerFrame.cpp:883:14
#34 0x7f7f04fca16f in nsCanvasFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/nsCanvasFrame.cpp:731:5
#35 0x7f7f04fcc9e0 in nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, mozilla::WritingMode const&, mozilla::LogicalPoint const&, nsSize const&, unsigned int, nsReflowStatus&, nsOverflowContinuationTracker*) src/layout/generic/nsContainerFrame.cpp:883:14
#36 0x7f7f0510f359 in nsHTMLScrollFrame::ReflowScrolledFrame(mozilla::ScrollReflowInput*, bool, bool, mozilla::ReflowOutput*) src/layout/generic/nsGfxScrollFrame.cpp:571:3
#37 0x7f7f05110ef1 in nsHTMLScrollFrame::ReflowContents(mozilla::ScrollReflowInput*, mozilla::ReflowOutput const&) src/layout/generic/nsGfxScrollFrame.cpp:684:3
#38 0x7f7f05116969 in nsHTMLScrollFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/nsGfxScrollFrame.cpp:1050:3
#39 0x7f7f04f24d86 in nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, int, int, unsigned int, nsReflowStatus&, nsOverflowContinuationTracker*) src/layout/generic/nsContainerFrame.cpp:922:14
#40 0x7f7f04f23646 in mozilla::ViewportFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/ViewportFrame.cpp:314:7
#41 0x7f7f04c4c86a in mozilla::PresShell::DoReflow(nsIFrame*, bool, mozilla::OverflowChangedTracker*) src/layout/base/PresShell.cpp:8548:11
#42 0x7f7f04c6c59c in mozilla::PresShell::ProcessReflowCommands(bool) src/layout/base/PresShell.cpp:8714:24
#43 0x7f7f04c69a30 in mozilla::PresShell::DoFlushPendingNotifications(mozilla::ChangesToFlush) src/layout/base/PresShell.cpp:4149:11
#44 0x7f7f01e87f51 in FlushPendingNotifications src/obj-firefox/dist/include/nsIPresShell.h:567:5
#45 0x7f7f01e87f51 in FlushPendingEvents src/dom/events/EventStateManager.cpp:5349
#46 0x7f7f01e87f51 in mozilla::EventStateManager::PreHandleEvent(nsPresContext*, mozilla::WidgetEvent*, nsIFrame*, nsIContent*, nsEventStatus*, nsIContent*) src/dom/events/EventStateManager.cpp:633
#47 0x7f7f04c9e3b3 in mozilla::PresShell::HandleEventInternal(mozilla::WidgetEvent*, nsEventStatus*, bool, nsIContent*) src/layout/base/PresShell.cpp:7294:19
#48 0x7f7f04c9920a in mozilla::PresShell::HandleEvent(nsIFrame*, mozilla::WidgetGUIEvent*, bool, nsEventStatus*) src/layout/base/PresShell.cpp:6937:17
#49 0x7f7f043fca2d in nsViewManager::DispatchEvent(mozilla::WidgetGUIEvent*, nsView*, nsEventStatus*) src/view/nsViewManager.cpp:763:14
#50 0x7f7f043fc214 in nsView::HandleEvent(mozilla::WidgetGUIEvent*, bool) src/view/nsView.cpp:1059:9
#51 0x7f7f044a4ded in mozilla::widget::PuppetWidget::DispatchEvent(mozilla::WidgetGUIEvent*, nsEventStatus&) src/widget/PuppetWidget.cpp:379:37
#52 0x7f7efd6286ba in mozilla::layers::APZCCallbackHelper::DispatchWidgetEvent(mozilla::WidgetGUIEvent&) src/gfx/layers/apz/util/APZCCallbackHelper.cpp:529:21
#53 0x7f7f03ad6b96 in DispatchWidgetEventViaAPZ src/dom/ipc/TabChild.cpp:1583:10
#54 0x7f7f03ad6b96 in mozilla::dom::TabChild::HandleRealMouseButtonEvent(mozilla::WidgetMouseEvent const&, mozilla::layers::ScrollableLayerGuid const&, unsigned long const&) src/dom/ipc/TabChild.cpp:1522
#55 0x7f7f03ad7dbf in mozilla::dom::TabChild::RecvRealMouseButtonEvent(mozilla::WidgetMouseEvent const&, mozilla::layers::ScrollableLayerGuid const&, unsigned long const&) src/dom/ipc/TabChild.cpp:1495:3
#56 0x7f7f03ad80b0 in RecvSynthMouseMoveEvent src/dom/ipc/TabChild.cpp:1460:8
#57 0x7f7f03ad80b0 in non-virtual thunk to mozilla::dom::TabChild::RecvSynthMouseMoveEvent(mozilla::WidgetMouseEvent const&, mozilla::layers::ScrollableLayerGuid const&, unsigned long const&) src/dom/ipc/TabChild.cpp
#58 0x7f7efc1c22d7 in mozilla::dom::PBrowserChild::OnMessageReceived(IPC::Message const&) src/obj-firefox/ipc/ipdl/PBrowserChild.cpp:3658:20
#59 0x7f7efb6f0fc5 in mozilla::dom::PContentChild::OnMessageReceived(IPC::Message const&) src/obj-firefox/ipc/ipdl/PContentChild.cpp:5445:28
#60 0x7f7efb3b12d9 in mozilla::ipc::MessageChannel::DispatchAsyncMessage(IPC::Message const&) src/ipc/glue/MessageChannel.cpp:2159:21
#61 0x7f7efb3acc5a in mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) src/ipc/glue/MessageChannel.cpp:2086:9
#62 0x7f7efb3aee61 in mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::MessageChannel::MessageTask&) src/ipc/glue/MessageChannel.cpp:1935:3
#63 0x7f7efb3afd27 in mozilla::ipc::MessageChannel::MessageTask::Run() src/ipc/glue/MessageChannel.cpp:1966:13
#64 0x7f7efa0dc935 in mozilla::SchedulerGroup::Runnable::Run() src/xpcom/threads/SchedulerGroup.cpp:299:32
#65 0x7f7efa11a1f8 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1157:14
#66 0x7f7efa122fad in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:468:10
#67 0x7f7efb3ba71f in mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) src/ipc/glue/MessagePump.cpp:88:21
#68 0x7f7efb2ac37e in RunInternal src/ipc/chromium/src/base/message_loop.cc:314:10
#69 0x7f7efb2ac37e in RunHandler src/ipc/chromium/src/base/message_loop.cc:307
#70 0x7f7efb2ac37e in MessageLoop::Run() src/ipc/chromium/src/base/message_loop.cc:289
#71 0x7f7f044f5e13 in nsBaseAppShell::Run() src/widget/nsBaseAppShell.cpp:137:27
#72 0x7f7f08facc5e in XRE_RunAppShell() src/toolkit/xre/nsEmbedFunctions.cpp:915:20
#73 0x7f7efb2ac37e in RunInternal src/ipc/chromium/src/base/message_loop.cc:314:10
#74 0x7f7efb2ac37e in RunHandler src/ipc/chromium/src/base/message_loop.cc:307
#75 0x7f7efb2ac37e in MessageLoop::Run() src/ipc/chromium/src/base/message_loop.cc:289
#76 0x7f7f08fabcae in XRE_InitChildProcess(int, char**, XREChildData const*) src/toolkit/xre/nsEmbedFunctions.cpp:753:34
#77 0x56427db0a864 in content_process_main src/browser/app/../../ipc/contentproc/plugin-container.cpp:49:28
#78 0x56427db0a864 in main src/browser/app/nsBrowserApp.cpp:265
#79 0x7f7f1db52b96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
#80 0x56427da2feec in _start (/home/worker/firefox-asan/firefox+0x2deec)
0x60c0001f9f88 is located 8 bytes to the right of 128-byte region [0x60c0001f9f00,0x60c0001f9f80)
allocated by thread T0 (file:// Content) here:
#0 0x56427dad81b2 in realloc /builds/worker/workspace/moz-toolchain/src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:165:3
#1 0x56427db0c82d in moz_xrealloc src/memory/mozalloc/mozalloc.cpp:88:18
#2 0x7f7ef9ead93c in Realloc src/obj-firefox/dist/include/nsTArray.h:201:12
#3 0x7f7ef9ead93c in nsTArrayInfallibleAllocator::ResultTypeProxy nsTArray_base<nsTArrayInfallibleAllocator, nsTArray_CopyWithMemutils>::EnsureCapacity<nsTArrayInfallibleAllocator>(unsigned long, unsigned long) src/obj-firefox/dist/include/nsTArray-inl.h:191
#4 0x7f7f0508fe35 in AppendElement<mozilla::FrameProperties::PropertyValue, nsTArrayInfallibleAllocator> src/obj-firefox/dist/include/nsTArray.h:2388:47
#5 0x7f7f0508fe35 in operator() src/layout/base/FrameProperties.h:399
#6 0x7f7f0508fe35 in ApplyIf<const mozilla::FramePropertyDescriptorUntyped *, mozilla::FrameProperties::PropertyComparator, (lambda at /builds/worker/workspace/build/src/layout/base/FrameProperties.h:395:7), (lambda at /builds/worker/workspace/build/src/layout/base/FrameProperties.h:399:7)> src/obj-firefox/dist/include/nsTArray.h:1961
#7 0x7f7f0508fe35 in SetInternal src/layout/base/FrameProperties.h:393
#8 0x7f7f0508fe35 in Set<nsOverflowAreas> src/layout/base/FrameProperties.h:161
#9 0x7f7f0508fe35 in SetProperty<nsOverflowAreas> src/layout/generic/nsIFrame.h:3503
#10 0x7f7f0508fe35 in nsIFrame::FinishAndStoreOverflow(nsOverflowAreas&, nsSize, nsSize*, nsStyleDisplay const*) src/layout/generic/nsFrame.cpp:8979
#11 0x7f7f04f4dd83 in FinishAndStoreOverflow src/layout/generic/nsIFrame.h:3139:12
#12 0x7f7f04f4dd83 in nsBlockFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/nsBlockFrame.cpp:1428
#13 0x7f7f04f2d5b3 in nsAbsoluteContainingBlock::ReflowAbsoluteFrame(nsIFrame*, nsPresContext*, mozilla::ReflowInput const&, nsRect const&, nsAbsoluteContainingBlock::AbsPosReflowFlags, nsIFrame*, nsReflowStatus&, nsOverflowAreas*) src/layout/generic/nsAbsoluteContainingBlock.cpp:709:14
#14 0x7f7f04f2625e in nsAbsoluteContainingBlock::Reflow(nsContainerFrame*, nsPresContext*, mozilla::ReflowInput const&, nsReflowStatus&, nsRect const&, nsAbsoluteContainingBlock::AbsPosReflowFlags, nsOverflowAreas*) src/layout/generic/nsAbsoluteContainingBlock.cpp:158:7
#15 0x7f7f04f4dc40 in nsBlockFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/nsBlockFrame.cpp:1422:26
#16 0x7f7f04f77dae in nsBlockReflowContext::ReflowBlock(mozilla::LogicalRect const&, bool, nsCollapsingMargin&, int, bool, nsLineBox*, mozilla::ReflowInput&, nsReflowStatus&, mozilla::BlockReflowInput&) src/layout/generic/nsBlockReflowContext.cpp:297:11
#17 0x7f7f04f6957b in nsBlockFrame::ReflowBlockFrame(mozilla::BlockReflowInput&, nsLineList_iterator, bool*) src/layout/generic/nsBlockFrame.cpp:3408:11
#18 0x7f7f04f663f5 in nsBlockFrame::ReflowLine(mozilla::BlockReflowInput&, nsLineList_iterator, bool*) src/layout/generic/nsBlockFrame.cpp:2788:5
#19 0x7f7f04f57713 in nsBlockFrame::ReflowDirtyLines(mozilla::BlockReflowInput&) src/layout/generic/nsBlockFrame.cpp:2334:7
#20 0x7f7f04f4b026 in nsBlockFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/nsBlockFrame.cpp:1207:3
#21 0x7f7f04f77dae in nsBlockReflowContext::ReflowBlock(mozilla::LogicalRect const&, bool, nsCollapsingMargin&, int, bool, nsLineBox*, mozilla::ReflowInput&, nsReflowStatus&, mozilla::BlockReflowInput&) src/layout/generic/nsBlockReflowContext.cpp:297:11
#22 0x7f7f04f6957b in nsBlockFrame::ReflowBlockFrame(mozilla::BlockReflowInput&, nsLineList_iterator, bool*) src/layout/generic/nsBlockFrame.cpp:3408:11
#23 0x7f7f04f663f5 in nsBlockFrame::ReflowLine(mozilla::BlockReflowInput&, nsLineList_iterator, bool*) src/layout/generic/nsBlockFrame.cpp:2788:5
#24 0x7f7f04f57713 in nsBlockFrame::ReflowDirtyLines(mozilla::BlockReflowInput&) src/layout/generic/nsBlockFrame.cpp:2334:7
#25 0x7f7f04f4b026 in nsBlockFrame::Reflow(nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&) src/layout/generic/nsBlockFrame.cpp:1207:3
#26 0x7f7f04fcc9e0 in nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, mozilla::ReflowOutput&, mozilla::ReflowInput const&, mozilla::WritingMode const&, mozilla::LogicalPoint const&, nsSize const&, unsigned int, nsReflowStatus&, nsOverflowContinuationTracker*) src/layout/generic/nsContainerFrame.cpp:883:14
#27 0x7f7f04fd3fcb in nsColumnSetFrame::ReflowChildren(mozilla::ReflowOutput&, mozilla::ReflowInput const&, nsReflowStatus&, nsColumnSetFrame::ReflowConfig const&, bool, nsColumnSetFrame::ColumnBalanceData&) src/layout/generic/nsColumnSetFrame.cpp:754:7Flags: in-testsuite?
|
||
Updated•5 years ago
|
status-firefox64:
--- → unaffected
status-firefox65:
--- → disabled
status-firefox66:
--- → affected
status-firefox-esr60:
--- → unaffected
|
||
Comment 1•5 years ago
|
||
This (indirectly) blocks bug 1423383, so not something immediately critical.
Priority: -- → P3
|
||
Comment 2•5 years ago
|
||
This should be fixed by bug 1520722.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
|
||
Updated•10 months ago
|
Group: layout-core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•