Svg font Face Element Makes the browser Unresponsive/Crash.
Reported by
mishra.d...@gmail.com,
Dec 5 2016
|
|||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0 Steps to reproduce the problem: Hi Again , I am able to produce this issue in all the Flavor and in Mobile Devices and System as well (Windows/Linux) Repr* : * Open the attached crash.html file in the Edge. * The Tab becomes unresponsive ,with a sad face ! * Chrome Crashes. What is the expected behavior? What went wrong? However I think , Address 0x36bad2b8 is 88 bytes inside a block of size 1,424 free'd Address 0x7d7d7d7d7d7d7d41 is not stack'd, malloc'd or (recently) free'd at 0x125C916: WebCore::CSSStyleSelector::popParent(WebCore::Element*) Attached File for the Reference ,Looking forward to it. Thank You Did this work before? N/A Chrome version: 56.0.2924.0 (Developer Build) Channel: n/a OS Version: 6.1 (Windows 7, Windows Server 2008 R2) Flash Version: Shockwave Flash 23.0 r0
,
Dec 5 2016
,
Dec 6 2016
It is not the SVG face that makes the page unresponsive it is the 100000 iteration to do a bunch of editing commands. This keeps the main loop busy so this in fact is working as designed. The main loop should be used for short iteration work and event handlers.
This Hung Renderer Dialog is intended for poorly written javascript just as this example. You could certainly get the same result with just a for(;;) {} loop as well.
,
Dec 8 2016
Hanging up with infinite loop is by design, but even in such case, browser should be able to stop such script and work as normal. Especially, if it's crashed as this bug summary, there is (at least) one bug actually.
,
Dec 8 2016
No the browser doesn't stop execution of scripts part way. It is tells you it isn't responding and you have the ability to kill the browser or wait longer for it to become responsive. |
|||
►
Sign in to add a comment |
|||
Comment 1 by och...@chromium.org
, Dec 5 2016