Closed
Bug 373628
Opened 17 years ago
Closed 17 years ago
Crash [@ nsCharTraits::length] with unminimised testcase, long text and quotes
Categories
(Core :: Layout, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: martijn.martijn, Assigned: smontagu)
References
Details
(Keywords: crash, regression, testcase, Whiteboard: [sg:dupe 333659] post 1.8-branch)
Crash Data
Attachments
(1 file)
63.66 KB,
text/html
|
Details |
See testcase, which usually crashes for me directly or after a few reloads (reloads automatically) Talkback ID: TB30143067M nsCharTraits<unsigned short>::length [mozilla/dist/include/string/nschartraits.h, line 370] nsBidiPresUtils::ProcessText [mozilla/layout/base/nsbidipresutils.cpp, line 1515] 0x0012e60c nsROCSSPrimitiveValue::GetCssText [mozilla/layout/style/nsrocssprimitivevalue.cpp, line 199] 0x68016a01 This regressed between 2007-03-04 and 2007-03-05: http://bonsai.mozilla.org/cvsquery.cgi?treeid=default&module=all&branch=HEAD&branchtype=match&dir=&file=&filetype=match&who=&whotype=match&sortby=Date&hours=2&date=explicit&mindate=2007-03-04+04&maxdate=2007-03-05+08&cvsroot=%2Fcvsroot Regression from bug 370588, somehow? The talkback stacktrace seems to indicate this is regression from roc: [mozilla/layout/style/nsrocssprimitivevalue.cpp, line 199] ^^^ Marking security sensitive for now, please open up if this is not necessary.
Reporter | ||
Updated•17 years ago
|
Flags: blocking1.9?
Flags: blocking1.9? → blocking1.9+
Comment 1•17 years ago
|
||
If you are not the right person to assign this to, please help us find someone that is.
Assignee: nobody → smontagu
Assignee | ||
Comment 3•17 years ago
|
||
(In reply to comment #0) > The talkback stacktrace seems to indicate this is regression from roc: > [mozilla/layout/style/nsrocssprimitivevalue.cpp, line 199] Um, is this intended as a joke? "ro" in that filename means read-only.
This does not crash with new textframe.
Reporter | ||
Comment 5•17 years ago
|
||
Indeed, doesn't seem to crash, using: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a6pre) Gecko/20070620 Minefield/3.0a6pre (which is a build after the new-text-frame patch landed)
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Updated•17 years ago
|
Flags: wanted1.8.1.x-
Flags: wanted1.8.0.x-
Whiteboard: [sg:dupe 333659] post 1.8-branch
Updated•17 years ago
|
Group: security
Flags: in-testsuite?
Updated•13 years ago
|
Crash Signature: [@ nsCharTraits::length]
Comment 6•11 years ago
|
||
Crash test: https://hg.mozilla.org/integration/mozilla-inbound/rev/659d596caf43
Flags: in-testsuite? → in-testsuite+
Comment 7•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/659d596caf43
You need to log in
before you can comment on or make changes to this bug.
Description
•