say no to foreign colgroup children

RESOLVED FIXED

Status

()

Core
Layout: Tables
--
critical
RESOLVED FIXED
13 years ago
9 years ago

People

(Reporter: Bernd, Assigned: Bernd)

Tracking

({crash, testcase})

Trunk
x86
Windows XP
crash, testcase
Points:
---
Bug Flags:
in-testsuite +

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: mangleme, URL)

Attachments

(1 attachment, 1 obsolete attachment)

(Assignee)

Description

13 years ago
see https://bugzilla.mozilla.org/show_bug.cgi?id=265867#c28

<DIV STYLE="display:table-column-group;">
  <DIV>Hello</DIV>
</DIV>

the inner div should not create a frame, even if by some code path it does, it
should never be reflown.

patch coming soon
Note that the same is true for table-column frames.

Please make sure to fix ContentAppended and ContentInserted, not just
TableProcessChild...

Comment 2

13 years ago
Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b) Gecko/20050201
Firefox/1.0+

The testcase referenced at http://exchangecode.com/crashbugs/265867.html crashes
on the Mac.
(Assignee)

Comment 3

13 years ago
Hixie at w3c-style:

On Mon, 31 Jan 2005, Boris Zbarsky wrote:

>> 
>> Section 17.2.1 seems to miss a few cases of nesting of various types of table
>> elements.  In particular, I am interested in the following cases:
>> 
>> 1) A child T of a table-column-group P when T is not a table-column
>> 2) A child T of a table-column P


No anonymous boxes are created in those cases (since nothing is described 
in that section).



>> Should any sort of anonymous objects be generated in these cases?  If not,
>> what should be the rendering?


# Elements with 'display' set to 'table-column' or 'table-column-group' 
# are not rendered (exactly as if they had 'display: none'), but they are 
# useful, because they may have attributes which induce a certain style 
# for the columns they represent."
 -- http://www.w3.org/TR/CSS21/tables.html#q2
(Assignee)

Updated

13 years ago
Keywords: crash, testcase
(Assignee)

Comment 4

13 years ago
Created attachment 173467 [details] [diff] [review]
patch
(Assignee)

Comment 5

13 years ago
Created attachment 173781 [details] [diff] [review]
revised patch
Attachment #173467 - Attachment is obsolete: true
Attachment #173781 - Flags: superreview?(bzbarsky)
Attachment #173781 - Flags: review?(bzbarsky)
Comment on attachment 173781 [details] [diff] [review]
revised patch

r+sr=bzbarsky
Attachment #173781 - Flags: superreview?(bzbarsky)
Attachment #173781 - Flags: superreview+
Attachment #173781 - Flags: review?(bzbarsky)
Attachment #173781 - Flags: review+
(Assignee)

Comment 7

13 years ago
Comment on attachment 173781 [details] [diff] [review]
revised patch

I rtested the patch, it fixes one of these mangleme crashes
Attachment #173781 - Flags: approval1.8b?
(Assignee)

Updated

13 years ago
Blocks: 265867
Severity: normal → critical
Whiteboard: mangleme

Comment 8

13 years ago
Comment on attachment 173781 [details] [diff] [review]
revised patch

a=asa for 1.8b checkin
Attachment #173781 - Flags: approval1.8b? → approval1.8b+
(Assignee)

Comment 9

13 years ago
fix checked in
(Assignee)

Updated

13 years ago
Status: NEW → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → FIXED

Comment 10

13 years ago
*** Bug 282172 has been marked as a duplicate of this bug. ***

Comment 11

9 years ago
in-testsuite+ covered by the crashtest for bug 265867 (in my tree, will push soon).
Flags: in-testsuite+
You need to log in before you can comment on or make changes to this bug.