Closed
Bug 344749
Opened 18 years ago
Closed 18 years ago
SVG Pattern crash [@ nsSVGUtils::RemoveObserver] [@ nsPropertyTable::GetPropertyInternal]
Categories
(Core :: SVG, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: jruderman, Assigned: tor)
References
Details
(Keywords: crash, regression, testcase, Whiteboard: [sg:critical] post 1.8 branch)
Crash Data
Attachments
(3 files)
|
544 bytes,
image/svg+xml
|
Details | |
|
5.72 KB,
text/plain
|
Details | |
|
3.07 KB,
patch
|
roc
:
review+
roc
:
superreview+
|
Details | Diff | Splinter Review |
testcase
Quitting Firefox with the testcase loaded makes it crash. A Mac debug build crashes with a random address on top of nsSVGUtils::RemoveObserver; a Mac nightly crashes with a random address on top of nsPropertyTable::GetPropertyInternal.
|
Reporter | |
Comment 1•18 years ago
|
||
|
|
Reporter | |
Comment 2•18 years ago
|
||
Regressed between 2006-05-27 and 2006-05-28 Mac trunk nightlies. Guessing that this is a regression from bug 339375, "Switch paint servers fields to properties", since the only other SVG checkin in that period was backed out.
|
|
Reporter | |
Comment 3•18 years ago
|
||
Attachment #229481 -
Flags: superreview+
Attachment #229481 -
Flags: review?(roc)
Attachment #229481 -
Flags: review+
Checked in.
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
|
||
Updated•18 years ago
|
Whiteboard: [sg:critical] → [sg:critical] post 1.8 branch
|
|
||
Updated•17 years ago
|
Group: security
Flags: wanted1.8.1.x-
Flags: wanted1.8.0.x-
|
||
Updated•17 years ago
|
Flags: blocking1.9a1?
|
||
Updated•13 years ago
|
Crash Signature: [@ nsSVGUtils::RemoveObserver]
[@ nsPropertyTable::GetPropertyInternal]
You need to log in
before you can comment on or make changes to this bug.
Description
•