Closed
Bug 389663
Opened 17 years ago
Closed 17 years ago
CSS test crashes Firefox [@ 0x1d13bf3a] [@ nsImageDocument::CheckOverflowing]
Categories
(Core :: CSS Parsing and Computation, defect)
Core
CSS Parsing and Computation
Tracking
()
VERIFIED
FIXED
People
(Reporter: mp3geek, Assigned: sharparrow1)
References
()
Details
(Keywords: crash)
Crash Data
Attachments
(3 files)
3.03 KB,
patch
|
bzbarsky
:
review+
bzbarsky
:
superreview+
|
Details | Diff | Splinter Review |
2.04 KB,
patch
|
Details | Diff | Splinter Review | |
3.00 KB,
patch
|
dbaron
:
review+
dbaron
:
superreview+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a7pre) Gecko/2007072605 Minefield/3.0a7pre Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a7pre) Gecko/2007072605 Minefield/3.0a7pre Clicking on the link from the website will crash firefox Reproducible: Always Steps to Reproduce: 1. Open the Above URL 2. Click on the link 3. Crash Actual Results: Crashes browser Expected Results: Shouldn't crash browser its only a beta test site, previously worked with other versions
Comment 1•17 years ago
|
||
Crash using Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a7pre) Gecko/2007072605 Minefield/3.0a7pre ID:2007072605 bp-b3c857ae-3b82-11dc-ae37-001a4bd43ef6
Comment 2•17 years ago
|
||
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a7pre) Gecko/2007072607 Minefield/3.0a7pre ID:2007072607 crashes here too (virgin profile)
Severity: normal → major
Status: UNCONFIRMED → NEW
Ever confirmed: true
Assignee | ||
Comment 3•17 years ago
|
||
Another case of someone holding onto a random stylecontext pointer too long and expecting things to work...
Assignee | ||
Comment 4•17 years ago
|
||
Updated•17 years ago
|
Severity: major → critical
Component: General → Style System (CSS)
Keywords: crash
OS: Linux → All
Product: Firefox → Core
QA Contact: general → style-system
Hardware: PC → All
Version: unspecified → Trunk
Comment 5•17 years ago
|
||
Comment on attachment 273989 [details] [diff] [review] Patch Looks fine, but what's killing the prescontext in this case? It might be worth filing a bug on somehow making style contexts keep things alive better or something...
Attachment #273989 -
Flags: superreview+
Attachment #273989 -
Flags: review?(bzbarsky)
Attachment #273989 -
Flags: review+
Assignee | ||
Comment 6•17 years ago
|
||
Wait, that comment is wrong. The issue is that the rule node is getting destroyed. I'll post a fixed version.
Assignee | ||
Comment 7•17 years ago
|
||
Patch with fixed-up comment.
Attachment #274019 -
Flags: superreview+
Attachment #274019 -
Flags: review+
Assignee | ||
Comment 8•17 years ago
|
||
Checked in.
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Comment 10•17 years ago
|
||
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a7pre) Gecko/2007072614 Minefield/3.0a7pre ID:2007072614 VERIFIED
Updated•17 years ago
|
Flags: in-testsuite?
Comment 14•17 years ago
|
||
Pasting stack here so people searching for this can actually find it. Also marking verified based on Peter's comment. 0 @0x1d13bf3a 1 nsImageDocument::CheckOverflowing(int) 2 nsImageDocument::OnStartContainer(imgIRequest*, imgIContainer*) 3 nsImageLoadingContent::OnStartContainer(imgIRequest*, imgIContainer*) 4 imgRequestProxy::OnStartContainer(imgIContainer*) 5 imgRequest::OnStartContainer(imgIRequest*, imgIContainer*) 6 nsGIFDecoder2::BeginGIF() 7 nsGIFDecoder2::GifWrite(unsigned char const*, unsigned int) 8 nsGIFDecoder2::ProcessData(unsigned char*, unsigned int, unsigned int*) 9 ReadDataOut(nsIInputStream*, void*, char const*, unsigned int, unsigned int, unsigned int*)
Status: RESOLVED → VERIFIED
Summary: CSS test crashes Firefox → CSS test crashes Firefox [@ 0x1d13bf3a] [@ nsImageDocument::CheckOverflowing]
Updated•13 years ago
|
Crash Signature: [@ 0x1d13bf3a]
[@ nsImageDocument::CheckOverflowing]
You need to log in
before you can comment on or make changes to this bug.
Description
•