Open
Bug 533796
Opened 15 years ago
Updated 2 years ago
frame poisoned Crash [@ nsStyleContext::Mark() ]
Categories
(Core :: CSS Parsing and Computation, defect)
Tracking
()
NEW
People
(Reporter: chofmann, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: crash, testcase-wanted, Whiteboard: [sg:watch])
Crash Data
http://crash-stats.mozilla.com/report/index/972ddfbb-dbdd-4695-bb22-977842091205 Frame Module Signature [Expand] Source 0 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:474 1 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 2 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 3 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 4 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 5 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 6 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 7 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 8 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 9 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 10 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 11 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 12 xul.dll nsStyleContext::Mark layout/style/nsStyleContext.cpp:492 13 xul.dll nsStyleSet::GCRuleTrees layout/style/nsStyleSet.cpp:915 14 xul.dll nsFrameManager::ReResolveStyleContext layout/base/nsFrameManager.cpp:1278 more reports across all releases with a variety of different stacks at http://crash-stats.mozilla.com/report/list?product=Firefox&query_search=signature&query_type=exact&query=&date=&range_value=1&range_unit=weeks&do_query=1&signature=nsStyleContext::Mark%28%29 sort by address to get at the FP address crashes
Reporter | ||
Updated•15 years ago
|
Blocks: PoisonFrameCrash
Comment 1•14 years ago
|
||
The security team would be interested if steps-to-reproduce showed up.
Group: core-security
Whiteboard: [sg:watch]
Comment 2•12 years ago
|
||
This frame-poisoned crash still happens, and is not limited to the old Firefox 3.6 branch.
Keywords: crash,
testcase-wanted
Summary: frame poisoned Firefox 3.6b4 Crash [@ nsStyleContext::Mark() ] → frame poisoned Crash [@ nsStyleContext::Mark() ]
Updated•9 years ago
|
Crash Signature: [@ nsStyleContext::Mark() ]
Updated•9 years ago
|
Crash Signature: [@ nsStyleContext::Mark() ] → [@ nsStyleContext::Mark ]
[@ nsStyleContext::Mark() ]
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•