User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:34.0) Gecko/20100101 Firefox/34.0 Build ID: 20140912004004 Steps to reproduce: Using 34.0a2 Nightly on a Mac, with {Adblock Plus, HTTPS Everywhere, Flashblock} all installed but disabled, and Test Pilot enabled... (Cannot reproduce with Windows Nightly in a Virtualbox VM) Go to this link: http://24ways.org/2013/animating-vectors-with-svg/ Actual results: 1. Page starts to render 2. Empty "Codepen" box appears 3. Firefox hangs (for at least 10 minutes before I manually killed it) 4. Virtual memory usage in htop goes up to 149G Expected results: 1. Page renders 2. Animated SVG/Javascript stuff happens in the Codepen box 3. Virtual memory usage does not go bananas

WFM with Nightly on Win 7, Codepen box is not empty ("24 gift") and no VM peak.

(In reply to Oisín Mac Fhearaí from comment #0) > User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:34.0) > Gecko/20100101 Firefox/34.0 > Build ID: 20140912004004 > > Steps to reproduce: > > Using 34.0a2 Nightly on a Mac You mean Aurora? I'm confused - your build ID is for today, but Nightly is version 35 now... In any case, this WFM with current nightly on OS X 10.9... Can you confirm what version you're testing?

(In reply to :Gijs Kruitbosch from comment #2) > (In reply to Oisín Mac Fhearaí from comment #0) > > User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:34.0) > > Gecko/20100101 Firefox/34.0 > > Build ID: 20140912004004 > > > > Steps to reproduce: > > > > Using 34.0a2 Nightly on a Mac > > > You mean Aurora? I'm confused - your build ID is for today, but Nightly is > version 35 now... In any case, this WFM with current nightly on OS X 10.9... > Can you confirm what version you're testing? Ack, you're right -- it's Aurora running on my Mac at work. I'm running Nightly on two other machines. My bad :-/ Perhaps I can edit the description...

BTW, it also appears to hang FF 32.0 on my Ubuntu box. Perhaps it's been solved between 32/34 and 35 then?

I can reproduce in today's Nightly on Linux, both with the URL from comment 0, and with this URL that just directly goes to the Codepen: http://codepen.io/drewm/full/yJflC It hangs when loaded, and memory usage steadily creeps upwards. After ~10-15 seconds it was still hanging and memory usage had crossed 10% (and still growing) which would be 3.2 GB on my system. I killed it manually at that point. 35.0a1 (2014-09-13)

Here's a backtrace in GDB, during the hang. From a bit more poking around in gdb: we never escape from FlattenBezierCurveSegment, defined here: http://mxr.mozilla.org/mozilla-central/source/gfx/2d/Path.cpp#234 We just loop forever, waiting for 't' to be at least 1.0. But in my samples while we were hanging in that function, 't' seems to always be 0.00010483856 -- it never changes. s3 (from which t is derived) never changes either, between a few of my samples -- it always seems to be -12131.3711.

(Presumably the never-ending memory increase is from the LineTo() that gets called at the end of every loop-iteration, adding more and more segments to a path that will never complete.) Adding dependency on bug 935049, which added this code, and bumping to Graphics since this seems to be a bug in gfx/2d/. Bas, looks like this algorithm from bug 935049 might not be guaranteed to terminate (or, there's a bug in our impl). Any chance you can take a look?

Here's a reduced testcase, based on the smaller testcase in bug 1067695.

This bug is duped in several places, I should fix it sometime soon :-).

I can no longer reproduce in Ubuntu 15.10, with FF 45.0.1 I get a length of 67.77793884277344 and no hanging.