Closed
Bug 919434
Opened 11 years ago
Closed 11 years ago
position:sticky crash with too much recursion in mozilla::layers::LayerProperties::ClearInvalidations
Categories
(Core :: Layout, defect)
Tracking
()
VERIFIED
FIXED
mozilla28
People
(Reporter: jruderman, Assigned: roc)
References
Details
(Keywords: crash, testcase)
Attachments
(3 files)
With these prefs:
user_pref("layers.acceleration.disabled", true);
user_pref("layers.force-active", true);
the testcase makes Firefox infinitely recurse due to a cyclic layer tree.
|
Reporter | |
Comment 1•11 years ago
|
||
|
||
Comment 2•11 years ago
|
||
Caught that cycle being created. This presumably has something to do with how we process all descendants of a fixed position layer specially, and a bad interaction of that with sticky position layers.
|
|
||
Comment 5•11 years ago
|
||
(In reply to Jesse Ruderman from comment #3) > Should that assertion be added to mozilla-central? Sure. I had been thinking to add it in the same patch that actually fixes this problem, but then I never made any headway on figuring out the cause of the bug. I think this will need input from someone who knows the layer system better than I do.
|
|
||
Comment 7•11 years ago
|
||
I don't reproduce either this or bug 931450 in the latest Nightly. Discussion on bug 919156 suggests that they could have been fixed in bug 919144?
|
||
Comment 8•11 years ago
|
||
(In reply to Corey Ford [:corey] from comment #7) > I don't reproduce either this or bug 931450 in the latest Nightly. > Discussion on bug 919156 suggests that they could have been fixed in bug > 919144? Nice, yup. I verified that bug 919144 did indeed fix this, using targeted builds. (Its parent cset, 21df28ade757, reproduces this bug for me -- whereas the cset for the last patch in bug 919144 does not reproduce this bug for me.) --> Resolving as FIXED by bug 919144.
|
|
||
Comment 9•11 years ago
|
||
(Also: I'm using 64-bit Linux --> broadening Platform from Mac to All)
OS: Mac OS X → All
|
|
||
Updated•11 years ago
|
|
||
Updated•11 years ago
|
Assignee: nobody → roc
Target Milestone: --- → mozilla28
|
||
Comment 10•11 years ago
|
||
Reproduced in Nightly 2013-09-25. Verified fixed 28.0a1 (2013-12-05), Win 7 x64
Status: RESOLVED → VERIFIED
|
||
Comment 11•10 years ago
|
||
Landed the crashtest: https://hg.mozilla.org/integration/mozilla-inbound/rev/a1c8f8c10088
Flags: in-testsuite? → in-testsuite+
|
||
Comment 13•10 years ago
|
||
Pretty sure this test never actually tested the correct configuration. The layers.acceleration.disabled preference is queried once and the value reused, so setting it for a particular test is just ignored.
|
|
||
Comment 14•10 years ago
|
||
I can't build this far back, but certainly in today's builds, this does not run the test with layers.acceleration.disabled actually set, as the pref() line in crashtests.list sets it too late to get picked up. And if it was getting picked up, it would mean that the value of that preference changes mid execution, which is at best scary and certainly not supported.
You need to log in
before you can comment on or make changes to this bug.
Description
•