Closed
Bug 580685
Opened 14 years ago
Closed 14 years ago
Crash [@ nsStyleSet::ResolveStyleFor] with computed style of outline-offset
Categories
(Core :: CSS Parsing and Computation, defect)
Tracking
()
VERIFIED
FIXED
mozilla2.0b3
| Tracking | Status | |
|---|---|---|
| blocking2.0 | --- | betaN+ |
People
(Reporter: martijn.martijn, Assigned: bzbarsky)
References
Details
(Keywords: crash, regression, testcase)
Crash Data
Attachments
(3 files)
|
266 bytes,
text/html
|
Details | |
|
2.42 KB,
patch
|
dbaron
:
review+
|
Details | Diff | Splinter Review |
|
4.43 KB,
patch
|
Details | Diff | Splinter Review |
See testcase, which crashes current trunk build. http://crash-stats.mozilla.com/report/index/190cf665-212c-472b-a58f-694bb2100721 0 xul.dll nsIContent::Tag obj-firefox/dist/include/nsIContent.h:287 1 xul.dll nsStyleSet::ResolveStyleFor layout/style/nsStyleSet.cpp:809 2 xul.dll CalcLengthWith 3 xul.dll SetCoord layout/style/nsRuleNode.cpp:628 4 xul.dll nsRuleNode::ComputeOutlineData layout/style/nsRuleNode.cpp:5382 5 xul.dll nsRuleNode::WalkRuleTree layout/style/nsStyleStructList.h:138 6 xul.dll nsRuleNode::GetOutlineData layout/style/nsRuleNode.cpp:2029 7 xul.dll nsRuleNode::GetStyleOutline layout/style/nsStyleStructList.h:138 8 xul.dll nsStyleContext::DoGetStyleOutline layout/style/nsStyleStructList.h:138 9 xul.dll nsStyleContext::GetStyleOutline layout/style/nsStyleStructList.h:138 10 xul.dll nsComputedDOMStyle::GetStyleOutline layout/style/nsStyleStructList.h:138 11 xul.dll nsComputedDOMStyle::DoGetOutlineOffset layout/style/nsComputedDOMStyle.cpp:2185 12 xul.dll nsComputedDOMStyle::GetPropertyCSSValue layout/style/nsComputedDOMStyle.cpp:549 13 xul.dll nsComputedDOMStyle::GetPropertyValue layout/style/nsComputedDOMStyle.cpp:314
|
Assignee | |
Comment 1•14 years ago
|
||
###!!! ASSERTION: aElement must not be null: 'aElement', file /Users/bzbarsky/mozilla/css-frameconst/mozilla/layout/style/nsStyleSet.cpp, line 789 ###!!! ASSERTION: null element leaked into SelectorMatches: 'aElement', file /Users/bzbarsky/mozilla/css-frameconst/mozilla/layout/style/nsCSSRuleProcessor.cpp, line 1045 and then we die. The issue is that there's "rem" involved, but no root element in the document, of course.
|
|
Assignee | |
Updated•14 years ago
|
Component: DOM: CSS Object Model → Style System (CSS)
QA Contact: general → style-system
|
|
Assignee | |
Comment 4•14 years ago
|
||
Attachment #459321 -
Flags: review?(dbaron)
|
|
Assignee | |
Updated•14 years ago
|
Assignee: nobody → bzbarsky
Comment on attachment 459321 [details] [diff] [review] Fix It might be worth testing for correct behavior (both for the case you have and the case where the style attribute also has font-size: 200px). r=dbaron (although I'm not sure if you'd get the latter test correct -- I suppose it's not that important)
Attachment #459321 -
Flags: review?(dbaron) → review+
|
|
Assignee | |
Comment 6•14 years ago
|
||
Requesting approval: this is effectively a null-check crash fix.
Attachment #459550 -
Flags: approval2.0?
|
||
Updated•14 years ago
|
blocking2.0: ? → betaN+
|
|
||
Updated•14 years ago
|
Attachment #459550 -
Flags: approval2.0?
|
|
Assignee | |
Comment 7•14 years ago
|
||
Pushed http://hg.mozilla.org/mozilla-central/rev/0a34cbad71b4
Status: NEW → RESOLVED
Closed: 14 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla2.0b3
|
Reporter | |
Comment 8•14 years ago
|
||
Verified fixed, using: Mozilla/5.0 (Windows; Windows NT 6.1; rv:2.0b3pre) Gecko/20100729 Minefield/4.0b3pre
Status: RESOLVED → VERIFIED
|
||
Updated•13 years ago
|
Crash Signature: [@ nsStyleSet::ResolveStyleFor]
You need to log in
before you can comment on or make changes to this bug.
Description
•