Closed
Bug 356372
Opened 18 years ago
Closed 18 years ago
This SVG image crashes Firefox.
Categories
(Core :: SVG, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 307254
People
(Reporter: jbn, Unassigned)
References
()
Details
Attachments
(3 files)
The picture that crashed Firefox for me.
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20061003 Firefox/2.0 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20061003 Firefox/2.0 Opening this image from the Open clip art website quickly crashed Firefox. Reproducible: Always Steps to Reproduce: 1. Open this version of Firefox (no updates are available for it as I write this). 2. Visit http://openclipart.org/cchost/people/johnny_automatic/johnny_automatic_fish.svg 3. Watch Firefox crash. Actual Results: Firefox crashed. Expected Results: Firefox should do anything but crash. Ideally, it would show me the image of the fish.
|
Reporter | |
Comment 1•18 years ago
|
||
In case the URL doesn't work, here's a copy of the SVG image which I tried to view in Firefox by selecting a link from Openclipart.org.
|
|
Reporter | |
Comment 2•18 years ago
|
||
This SVG image also crashed Firefox for me.
|
|
Reporter | |
Comment 3•18 years ago
|
||
Another picture that crashed Firefox for me.
|
||
Comment 4•18 years ago
|
||
I am not having crashes with any images on trunk. I guess Cairo must have better handling for SVG. Build identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/2006100911 Minefield/3.0a1
|
||
Comment 5•18 years ago
|
||
No crashes here with Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20061011 BonEcho/2.0
Assignee: nobody → general
Component: General → SVG
Product: Firefox → Core
QA Contact: general → ian
Version: unspecified → 1.8 Branch
|
||
Comment 6•18 years ago
|
||
Crashed on all samples: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0 Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20061011 BonEcho/2.0 Debian testing, GNOME, a couple of libraries recompiled.
|
|
||
Comment 7•18 years ago
|
||
Yes, and no Talkback, just silent crash when loaded.
These testcases are all dying when the X connection gets dropped. There's some path in all of them that generates enough trapezoids to blow XRenderCompositeTrapezoids's little mind.
Program received signal SIGPIPE, Broken pipe.
[Switching to Thread 1076482464 (LWP 20773)]
0x008d5402 in __kernel_vsyscall ()
(gdb) where
#0 0x008d5402 in __kernel_vsyscall ()
#1 0x009b4843 in writev () from /lib/libc.so.6
#2 0x00a9c77e in _X11TransGetConnectionNumber () from /usr/lib/libX11.so.6
#3 0x00a9c56f in _X11TransWritev () from /usr/lib/libX11.so.6
#4 0x00aa2241 in _XSend () from /usr/lib/libX11.so.6
#5 0x00dc30c6 in XRenderCompositeTrapezoids () from /usr/lib/libXrender.so.1
#6 0x41367018 in _cairo_xlib_surface_composite_trapezoids (op=CAIRO_OPERATOR_OVER, pattern=0xbfd42510, abstract_dst=0xa269e38, antialias=CAIRO_ANTIALIAS_DEFAULT, src_x=0, src_y=0, dst_x=0, dst_y=0,
width=565, height=303, traps=0x42e00008, num_traps=157317) at /home/tor/moz/trunk/mozilla/gfx/cairo/cairo/src/cairo-xlib-surface.c:1639
...
|
||
Comment 9•18 years ago
|
||
Duplicate of bug 307254?
|
||
Comment 10•18 years ago
|
||
*** This bug has been marked as a duplicate of 307254 ***
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago
Resolution: --- → DUPLICATE
|
||
Comment 11•18 years ago
|
||
http://openclipart.org/cchost/people/johnny_automatic/johnny_automatic_peacock.svg crashes also on my "Linux blue 2.6.16.13-4-default #1 Wed May 3 04:53:23 UTC 2006 i686 athlon i386 GNU/Linux"
You need to log in
before you can comment on or make changes to this bug.
Description
•