6951 2006-01-30 18:10:24 -0800 hang due to infinitely growing points array because parsePoints loop is broken 2011-11-11 08:29:15 -0800 1 1 1 Unclassified WebKit SVG 420+ Mac OS X 10.4 RESOLVED FIXED http://www.treebuilder.de/default.asp?file=606899.xml HasReduction, SVGHitList P1 Normal --- 6890 1 eric webkit-unassigned joost pnormand oldest_to_newest 30685 0 eric 2006-01-30 18:10:24 -0800 "Brown" SVG hangs safari Crash/Data Loss, SVGHitList, p2. http://www.treebuilder.de/default.asp?file=606899.xml 31332 1 6249 joost 2006-02-04 10:25:53 -0800 Created attachment 6249 testcase This testcase still hangs WebKit. The var "d" is initialized without a value, and then used to set an attribute, if the var "d" is given a value, the testcase no longer hangs Safari. 32144 2 darin 2006-02-11 10:49:46 -0800 Might be nice to have a reduction that didn't involve SVG. 32291 3 darin 2006-02-12 21:40:51 -0800 The hang doesn't seem to have anything to do with the unintiailized JS variable. It's inside SVG path parsing. 32293 4 darin 2006-02-12 21:52:50 -0800 The reason for the hang is that SVGPolyParser::parsePoints ends up calling parseMappedAttribute over and over again, because each time it calls svgPolyTo it then appends a new item to the points which triggers the attribute mapping machinery again over and over again, so it just keeps making the points array longer and longer forever. 32309 5 a 2006-02-13 02:40:30 -0800 i've already got a fix for this one, actually its not due to notifications, its just because parsePoints never steps forward through the empty string, it just infinite loops over nothing 35334 6 darin 2006-03-06 15:08:47 -0800 Alex landed a fix for this. 500793 7 mrobinson 2011-11-11 08:29:15 -0800 *** Bug 71454 has been marked as a duplicate of this bug. *** 6249 2006-02-04 10:25:53 -0800 2006-02-04 10:25:53 -0800 testcase brown.svg image/svg+xml 432 joost PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciDQogeG1sbnM6eGxpbms9Imh0 dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiDQogb25sb2FkPSJpbml0KCkiPgoNCg0KPHNjcmlw dD4NCgk8IVtDREFUQVsNCgkJdmFyIHN2Z25zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIN CgkJdmFyIGQNCgkJDQoJCWZ1bmN0aW9uIGluaXQoKXsNCgkJCXZhciBwb2w9ZG9jdW1lbnQuY3Jl YXRlRWxlbWVudE5TKHN2Z25zLCJwb2x5bGluZSIpDQoJCQlwb2wuc2V0QXR0cmlidXRlKCJwb2lu dHMiLGQpDQoJCQl2YXIgaGlzdD1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiaGlzdG9ncmFtbSIp DQoJCQloaXN0LmFwcGVuZENoaWxkKHBvbCkNCgkJfQogDQoJXV0+DQo8L3NjcmlwdD4NCiANCiA8 ZyBpZD0iaGlzdG9ncmFtbSI+PC9nPgoNCg0KPC9zdmc+