Closed
Bug 344749
Opened 19 years ago
Closed 19 years ago
SVG Pattern crash [@ nsSVGUtils::RemoveObserver] [@ nsPropertyTable::GetPropertyInternal]
Categories
(Core :: SVG, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: jruderman, Assigned: tor)
References
Details
(Keywords: crash, regression, testcase, Whiteboard: [sg:critical] post 1.8 branch)
Crash Data
Attachments
(3 files)
544 bytes,
image/svg+xml
|
Details | |
5.72 KB,
text/plain
|
Details | |
3.07 KB,
patch
|
roc
:
review+
roc
:
superreview+
|
Details | Diff | Splinter Review |
Quitting Firefox with the testcase loaded makes it crash. A Mac debug build crashes with a random address on top of nsSVGUtils::RemoveObserver; a Mac nightly crashes with a random address on top of nsPropertyTable::GetPropertyInternal.
Reporter | ||
Comment 1•19 years ago
|
||
Reporter | ||
Comment 2•19 years ago
|
||
Regressed between 2006-05-27 and 2006-05-28 Mac trunk nightlies. Guessing that this is a regression from bug 339375, "Switch paint servers fields to properties", since the only other SVG checkin in that period was backed out.
Reporter | ||
Comment 3•19 years ago
|
||
Attachment #229481 -
Flags: superreview+
Attachment #229481 -
Flags: review?(roc)
Attachment #229481 -
Flags: review+
Checked in.
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Updated•18 years ago
|
Whiteboard: [sg:critical] → [sg:critical] post 1.8 branch
Updated•18 years ago
|
Group: security
Flags: wanted1.8.1.x-
Flags: wanted1.8.0.x-
Updated•18 years ago
|
Flags: blocking1.9a1?
Updated•14 years ago
|
Crash Signature: [@ nsSVGUtils::RemoveObserver]
[@ nsPropertyTable::GetPropertyInternal]
You need to log in
before you can comment on or make changes to this bug.
Description
•