This bug was filed from the Socorro interface and is report bp-cf74c5f1-b522-4842-b227-c27870170818. ============================================================= I've got an insta crash on the following website, always with the same backtrace it seems: http://velvetyne.fr/ It's a panic in rust, looks like a signature from Stylo code. Please let me know if you need more information.

I can reproduce it. Chris, this might be interesting to you!

Thanks. I can reliably reproduce this crash on Windows by loading http://velvetyne.fr/. If I disable Stylo, then the website loads without crashing. Emilio, is this crash related to your "better-style-invalidation" changes in https://hg.mozilla.org/mozilla-central/rev/bdc22078e9f8?

Awesome, so this is the "Someone messed up selector parsing" assertion, thanks for finding a repro!

This was regressed by https://github.com/servo/servo/pull/17439 (bug 1373800)

Comment on attachment 8898918 [details] style: Skip state pseudo-classes when finding a pseudo-element. https://reviewboard.mozilla.org/r/170252/#review175612 ::: servo/components/style/invalidation/element/invalidator.rs:603 (Diff revision 1) > .iter_raw_parse_order_from(next_combinator_offset - 1) > - .next() > - .unwrap(); > + .flat_map(|component| { > + match *component { Code might be clearer if the previous structure is kept, and you insert this before the .next(): .skip_while(|c| matches!(c, Component::NonTSPseudoClass(..)) ?

Comment on attachment 8898919 [details] Bug 1391577: Crashtest. https://reviewboard.mozilla.org/r/170254/#review175614

(In reply to Cameron McCormack (:heycam) from comment #7) > Comment on attachment 8898918 [details] > style: Skip state pseudo-classes when finding a pseudo-element. > > https://reviewboard.mozilla.org/r/170252/#review175612 > > ::: servo/components/style/invalidation/element/invalidator.rs:603 > (Diff revision 1) > > .iter_raw_parse_order_from(next_combinator_offset - 1) > > - .next() > > - .unwrap(); > > + .flat_map(|component| { > > + match *component { > > Code might be clearer if the previous structure is kept, and you insert this > before the .next(): > > .skip_while(|c| matches!(c, Component::NonTSPseudoClass(..)) > > ? Agreed :)

Pushed by ecoal95@gmail.com: https://hg.mozilla.org/integration/autoland/rev/b45d12e72a83 Crashtest. r=heycam

In favor of beta 56 dogfooding, please create an uplift request to beta. Thanks.

Approval Request Comment [Feature/Bug causing the regression]: bug 1373800 [User impact if declined]: Crashes with stylo enabled [Is this code covered by automated tests?]: Yes [Has the fix been verified in Nightly?]: Yes [Needs manual test from QE? If yes, steps to reproduce]: No [List of other uplifts needed for the feature/fix]: None [Is the change risky?]: Not risky [Why is the change risky/not risky?]: Fairly trivial and hard to reach case. [String changes made/needed]: none

Comment on attachment 8899474 [details] [diff] [review] Patch for uplift. Crash fix for stylo issue, includes a new test. Let's uplift for 56 beta 5.

https://hg.mozilla.org/releases/mozilla-beta/rev/c4306d552f7a https://hg.mozilla.org/releases/mozilla-beta/rev/2df535c417bc

(In reply to Emilio Cobos Álvarez [:emilio] from comment #15) > [Is this code covered by automated tests?]: Yes > [Has the fix been verified in Nightly?]: Yes > [Needs manual test from QE? If yes, steps to reproduce]: No Setting qe-verify- based on Emilio's assessment on manual testing needs and the fact that this fix has automated coverage.

http://velvetyne.fr/ does not crash anymore. Nightly 57 x64 20170822100529 @ Debian Testing.