Closed
Bug 322185
Opened 19 years ago
Closed 19 years ago
Crash [@ nsBox::DoesNeedRecalc] with <svg:g style="display: -moz-grid-line; overflow: hidden;">
Categories
(Core :: SVG, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: jruderman, Assigned: bernd_mozilla)
References
Details
(4 keywords, Whiteboard: [rft-dl])
Crash Data
Attachments
(3 files, 2 obsolete files)
|
157 bytes,
image/svg+xml
|
Details | |
|
1.40 KB,
patch
|
Details | Diff | Splinter Review | |
|
1.06 KB,
patch
|
bzbarsky
:
review+
bzbarsky
:
superreview+
bzbarsky
:
approval-branch-1.8.1+
dveditz
:
approval1.8.0.2+
|
Details | Diff | Splinter Review |
testcase - crashes Firefox
Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.9a1) Gecko/20060102 Firefox/1.6a1 To crash, just load the testcase. Stack trace: nsBox::DoesNeedRecalc(nsSize const&) + 0 nsFrame::GetPrefSize(nsBoxLayoutState&, nsSize&) + 48 nsSprocketLayout::GetPrefSize(nsIFrame*, nsBoxLayoutState&, nsSize&) + 268 nsGridRowLeafLayout::GetPrefSize(nsIFrame*, nsBoxLayoutState&, nsSize&) + 116 nsBoxFrame::GetPrefSize(nsBoxLayoutState&, nsSize&) + 200 nsXULScrollFrame::GetPrefSize(nsBoxLayoutState&, nsSize&) + 240 nsBoxFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) + 204 nsXULScrollFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) + 56 nsSVGOuterSVGFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) + 256 nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, int, int, unsigned, unsigned&) + 148 CanvasFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) + 356 nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, int, int, unsigned, unsigned&) + 148 nsHTMLScrollFrame::ReflowScrolledFrame(ScrollReflowState const&, int, int, nsHTMLReflowMetrics*, int) + 500 nsHTMLScrollFrame::ReflowContents(ScrollReflowState*, nsHTMLReflowMetrics const&) + 160 nsHTMLScrollFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) + 848 nsContainerFrame::ReflowChild(nsIFrame*, nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, int, int, unsigned, unsigned&) + 148 ViewportFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned&) + 300 IncrementalReflow::Dispatch(nsPresContext*, nsHTMLReflowMetrics&, nsSize const&, nsIRenderingContext&) + 280 PresShell::ProcessReflowCommands(int) + 524 PresShell::WillPaint() + 88 nsViewManager::FlushPendingInvalidates() + 164 nsViewManager::EnableRefresh(unsigned) + 156 nsViewManager::EndUpdateViewBatch(unsigned) + 132 PresShell::InitialReflow(int, int) + 748 nsContentSink::StartLayout(int) + 208 nsXMLContentSink::StartLayout() + 144 nsXMLContentSink::DidBuildModel() + 456 nsExpatDriver::DidBuildModel(unsigned, int, nsIParser*, nsIContentSink*) + 56 nsParser::DidBuildModel(unsigned) + 120 nsParser::ResumeParse(int, int, int) + 592 nsParser::OnStopRequest(nsIRequest*, nsISupports*, unsigned) + 192 nsDocumentOpenInfo::OnStopRequest(nsIRequest*, nsISupports*, unsigned) + 124 nsBaseChannel::OnStopRequest(nsIRequest*, nsISupports*, unsigned) + 92 nsInputStreamPump::OnStateStop() + 160 nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) + 128 nsAStreamCopier::PostContinuationEvent_Locked() + 1240 PL_HandleEvent + 36 PL_ProcessPendingEvents + 128 ...
|
Reporter | |
Comment 1•19 years ago
|
||
The problem here is that xul creates frames based on display type regardless whether they are special content or not. This patch assumes that we want to keep it, otherwise we need to change
// Display types for XUL start here
// First is BOX
if (!newFrame && isXULDisplay) {
it to look up IsSpecialContent.Assignee: general → bernd_mozilla
Status: NEW → ASSIGNED
Attachment #207426 -
Attachment is obsolete: true
|
||
Comment 4•19 years ago
|
||
Hmmm... I guess this is OK for now pending us having a saner frame construction arch. :(
alternative patch, does slicing CreateXULFrame into three pieces one for tag based frame creation the second one the display based frame moving to createframesbydisplay type the third, cleanup after frame creation called by both of them count as a sane architecture or do you have something other in mind. The rearch is(should be) equivalent to the one liner attached as a patch.
|
|
||
Comment 6•19 years ago
|
||
I think I prefer the alternative patch, if there's not too much perf impact. And the rearch I want to do would be a lot more drastic than just slicing up CreateXULFrame. ;)
I hope this miminimizes the performance issue
Attachment #207521 -
Attachment is obsolete: true
Attachment #207737 -
Flags: superreview?(bzbarsky)
Attachment #207737 -
Flags: review?(bzbarsky)
|
|
||
Comment 8•19 years ago
|
||
Comment on attachment 207737 [details] [diff] [review] rev. patch Hmm.... r+sr=bzbarsky; let's see how this goes.
Attachment #207737 -
Flags: superreview?(bzbarsky)
Attachment #207737 -
Flags: superreview+
Attachment #207737 -
Flags: review?(bzbarsky)
Attachment #207737 -
Flags: review+
fixed on trunk, I did not see a tp txul or ts change due to the bug. Martijn this patch touches bugs where xul display types are assigned to mathml or svg tags it will get ignored now ;-)
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
|
||
Comment 10•19 years ago
|
||
You're spoiling the fun ;-) Will this patch also fix bug 314244?
|
Assignee | |
Comment 11•19 years ago
|
||
yes that seems to be now wfm and even bug 322656 - wfm, I had my fun today ;-)
|
|
Reporter | |
Comment 12•19 years ago
|
||
*** Bug 317522 has been marked as a duplicate of this bug. ***
|
|
Reporter | |
Comment 13•19 years ago
|
||
*** Bug 316604 has been marked as a duplicate of this bug. ***
|
|
Assignee | |
Comment 14•19 years ago
|
||
Comment on attachment 207737 [details] [diff] [review] rev. patch Giving the number of bugs which block bug 306939 that got fixed/or wfm'ed by this it might go with some more baking on branch.
Attachment #207737 -
Flags: approval1.8.1?
Attachment #207737 -
Flags: approval1.8.0.2?
|
||
Updated•19 years ago
|
Attachment #207737 -
Flags: approval1.8.1? → branch-1.8.1?(bzbarsky)
|
|
||
Updated•19 years ago
|
Attachment #207737 -
Flags: branch-1.8.1?(bzbarsky) → branch-1.8.1+
|
||
Updated•18 years ago
|
Flags: blocking1.8.0.2+
|
|
||
Comment 15•18 years ago
|
||
Comment on attachment 207737 [details] [diff] [review] rev. patch approved for 1.8.0 branch, a=dveditz
Attachment #207737 -
Flags: approval1.8.0.2? → approval1.8.0.2+
Keywords: fixed1.8.0.2
|
|
||
Comment 16•18 years ago
|
||
Bernd, you're going to land this on the 1.8.1 branch, right?
Flags: blocking1.8.1+
|
|
Assignee | |
Comment 17•18 years ago
|
||
yep, saturday is checkin day, only emergency checkins on weekdays
|
||
Updated•18 years ago
|
Whiteboard: [rft-dl]
|
||
Comment 19•18 years ago
|
||
verified on the 1.8.0 branch using Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.0.1) Gecko/20060302 Firefox/1.5.0.1. No testcase crash, adding keyword.
Keywords: fixed1.8.0.2 → verified1.8.0.2
|
|
||
Comment 20•18 years ago
|
||
verified on the 1.8.1 branch using Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1b1) Gecko/20060810 BonEcho/2.0b1. The testcase cited in the bug (https://bugzilla.mozilla.org/attachment.cgi?id=207407) does not crash. Adding keyword.
Keywords: fixed1.8.1 → verified1.8.1
|
||
Updated•13 years ago
|
Crash Signature: [@ nsBox::DoesNeedRecalc]
You need to log in
before you can comment on or make changes to this bug.
Description
•