Closed
Bug 454945
Opened 15 years ago
Closed 15 years ago
Crash [@ nsSVGIntegrationUtils::GetInvalidAreaForChangedSource][@ nsSVGPropertyBase::GetReferencedFrame] with 2 filters and removing style
Categories
(Core :: SVG, defect)
Core
SVG
Tracking
()
RESOLVED
FIXED
People
(Reporter: martijn.martijn, Unassigned)
References
Details
(Keywords: crash, testcase)
Crash Data
Attachments
(2 files)
See testcase which crashes current trunk build, within 100ms. http://crash-stats.mozilla.com/report/index/4bb24cf3-806b-11dd-b191-0013211cbf8a?p=1 0 @0x1 1 xul.dll nsSVGIntegrationUtils::GetInvalidAreaForChangedSource 2 xul.dll xul.dll@0x308f25 3 xul.dll nsIFrame::Invalidate 4 xul.dll nsFrameManager::RemoveFrame 5 xul.dll nsCSSFrameConstructor::ContentRemoved 6 xul.dll nsCSSFrameConstructor::RecreateFramesForContent 7 xul.dll nsCSSFrameConstructor::ProcessRestyledFrames 8 xul.dll nsCSSFrameConstructor::RestyleElement 9 xul.dll nsCSSFrameConstructor::ProcessOneRestyle 10 xul.dll nsCSSFrameConstructor::ProcessPendingRestyles 11 xul.dll PresShell::DoFlushPendingNotifications 12 xul.dll PresShell::FlushPendingNotifications 13 xul.dll nsDocument::FlushPendingNotifications 14 xul.dll nsGenericElement::GetPrimaryFrame 15 xul.dll nsGenericElement::GetStyledFrame 16 xul.dll nsNSElementTearoff::GetScrollInfo 17 xul.dll nsNSElementTearoff::SetScrollLeft 18 xul.dll NS_InvokeByIndex_P 19 xul.dll XPCWrappedNative::CallMethod
|
Reporter | |
Comment 1•15 years ago
|
||
> gklayout.dll!nsSVGPropertyBase::GetReferencedFrame(nsIAtom * aFrameType=0x012d7a18, int * aOK=0x0012ed38) Line 68 + 0xe bytes C++
gklayout.dll!nsSVGFilterProperty::GetFilterFrame(int * aOK=0x0012ed38) Line 109 C++
gklayout.dll!nsSVGEffects::GetFilterFrame(nsIFrame * aFrame=0x0989cc28) Line 193 + 0x12 bytes C++
gklayout.dll!nsSVGIntegrationUtils::GetInvalidAreaForChangedSource(nsIFrame * aFrame=0x0989cc28, const nsRect & aInvalidRect={...}) Line 141 + 0x9 bytes C++
gklayout.dll!nsIFrame::InvalidateInternal(const nsRect & aDamageRect={...}, int aX=0, int aY=0, nsIFrame * aForChild=0x00000000, int aImmediate=0) Line 3709 + 0x2c bytes C++
gklayout.dll!nsIFrame::Invalidate(const nsRect & aDamageRect={...}, int aImmediate=0) Line 3655 C++
gklayout.dll!nsFrameManager::RemoveFrame(nsIFrame * aParentFrame=0x0cfb1b84, nsIAtom * aListName=0x00000000, nsIFrame * aOldFrame=0x0989cc28) Line 693 + 0x17 bytes C++
gklayout.dll!nsCSSFrameConstructor::ContentRemoved(nsIContent * aContainer=0x05e191d8, nsIContent * aChild=0x0cec61d8, int aIndexInContainer=3, int * aDidReconstruct=0x0012efd4) Line 9457 + 0x12 bytes C++
gklayout.dll!nsCSSFrameConstructor::RecreateFramesForContent(nsIContent * aContent=0x0cec61d8) Line 11080 + 0x1d bytes C++
etc..|
|
Reporter | |
Updated•15 years ago
|
Summary: Crash [@ nsSVGIntegrationUtils::GetInvalidAreaForChangedSource] with 2 filters and removing style → Crash [@ nsSVGIntegrationUtils::GetInvalidAreaForChangedSource][@ nsSVGPropertyBase::GetReferencedFrame] with 2 filters and removing style
|
||
Comment 3•15 years ago
|
||
Bug still occurs. It's essentially the same as bug 455314.
Depends on: 455314
|
||
Comment 4•15 years ago
|
||
Crashes in a different place on Mac: [@ nsSVGRenderingObserver::GetReferencedFrame]
|
||
Updated•15 years ago
|
OS: Windows XP → All
Hardware: PC → All
|
|
||
Comment 6•15 years ago
|
||
not any more I don't :-(
Assignee: longsonr → nobody
No longer depends on: 458493
|
|
Reporter | |
Comment 7•15 years ago
|
||
Fixed by bug 455314.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
|
|
||
Updated•13 years ago
|
Flags: in-testsuite?
|
Assignee | |
Updated•12 years ago
|
Crash Signature: [@ nsSVGIntegrationUtils::GetInvalidAreaForChangedSource]
[@ nsSVGPropertyBase::GetReferencedFrame]
You need to log in
before you can comment on or make changes to this bug.
Description
•