There are many bugs that occur when Firefox tries to render a large amount of text (e.g. thousands of characters). Common themes are severe slowdowns, system freezes, overlapping text, and invisible text. Some of these issues might impact security -- overlapping or invisible text could lead to spoofing or at least users having less information than they should, and system freezes are considered a security issue even though they're really the fault of the operating system.
There's a workaround for many of these in the Xft font code, but not other font backends. Probably we should just do something in nsTextFrame -- perhaps even just creating a maximum text frame size (say, 512 characters, which is I think what Xft uses) and using next-in-flow linkage for text frames within the same line. While it might be nice to want the Gfx API to be pure, it's probably a lot easier to restrict it and require layout to put things in chunks. We should be careful not to separate grapheme clusters between chunks -- i.e., be careful of both surrogates (representing characters outside of Unicode Plane 0) and combining characters (which are a bit harder).
*** Bug 326229 has been marked as a duplicate of this bug. ***
I'm working on something along the lines of comment #1. But I don't want to change how textframes break, that's rather risky. Instead I'm defining some wrapper functions around the nsIRenderingContext functions that break the text up into chunks of limited size.
Bug 338251 has a patch that fixes most of these issues.
Someone want to retest these bugs on trunk? Most of them should be fixed now.
I've been going through the tracked bug here and I can't reproduce any of these issues. Closing this tracking bug.