Closed
Bug 24306
Opened 25 years ago
Closed 25 years ago
crash from window.close() in anchor onclick()
Categories
(Core :: DOM: Core & HTML, defect, P3)
Tracking
()
VERIFIED
WORKSFORME
M14
People
(Reporter: naga, Assigned: vidur)
References
()
Details
(Keywords: crash, Whiteboard: [PDT+])
Hi,
Go to www.cnn.com and select related links and go to wall street journal.
It asks you for a subscription offer. If you click the no I dont want the offer
the browser crashes with a general protection fault.
Thanks,
Naga.
Updated•25 years ago
|
Severity: normal → critical
Assignee: nobody → gagan
Component: Browser-General → Networking
QA Contact: nobody → tever
tever, another cnn issue. could be related to others. Can you check oiut
please?
Adding "crash" keyword to all known open crasher bugs.
Keywords: crash
Comment 3•25 years ago
|
||
To reproduce this you can go directly to www.wsj.com. Select the
link 'Looking for regular wsj site' in the lower right hand corner.
A small popup window should appear (this will popup if the wsj
'survey' cookie has not been set). Select turn down offer.
I think this might be different than the other cnn problems. This happens
consistantly and on both NT and Linux. (can't check Mac right now) Supplying a
stack trace.
Call Stack: (Signature = 0x1028d320 56d08ccf)
0x1028d320
nsWebShell::OnLinkClick
[d:\builds\seamonkey\mozilla\webshell\src\nsWebShell.cpp, line 2772]
nsGenericElement::TriggerLink
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 1311]
nsHTMLAnchorElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLAnchorElement.cpp,
line 390]
nsGenericElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 814]
nsHTMLTableRowElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLTableRowElement.cpp,
line 739]
nsGenericElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 814]
nsHTMLTableRowElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLTableRowElement.cpp,
line 739]
nsGenericDOMDataNode::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericDOMDataNode.cpp, line 802]
nsXMLCDATASection::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\xml\content\src\nsXMLCDATASection.cpp, line
241]
nsEventStateManager::CheckForAndDispatchClick
[d:\builds\seamonkey\mozilla\layout\events\src\nsEventStateManager.cpp, line
1571]
nsEventStateManager::PostHandleEvent
[d:\builds\seamonkey\mozilla\layout\events\src\nsEventStateManager.cpp, line
787]
PresShell::HandleEvent
[d:\builds\seamonkey\mozilla\layout\html\base\src\nsPresShell.cpp, line 2856]
nsView::HandleEvent
[d:\builds\seamonkey\mozilla\view\src\nsView.cpp, line 797]
nsView::HandleEvent
[d:\builds\seamonkey\mozilla\view\src\nsView.cpp, line 782]
nsView::HandleEvent
[d:\builds\seamonkey\mozilla\view\src\nsView.cpp, line 782]
nsViewManager::DispatchEvent
[d:\builds\seamonkey\mozilla\view\src\nsViewManager.cpp, line 1705]
HandleEvent
[d:\builds\seamonkey\mozilla\view\src\nsView.cpp, line 69]
nsWindow::DispatchEvent
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 511]
nsWindow::DispatchWindowEvent
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 528]
nsWindow::DispatchMouseEvent
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 3483]
ChildWindow::DispatchMouseEvent
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 3699]
nsWindow::ProcessMessage
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 2781]
nsWindow::WindowProc
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 688]
USER32.dll + 0x1268 (0x77e71268)
tever: this stack trace looks like a DOM problem...
Assignee: gagan → vidur
Component: Networking → DOM Level 0
QA Contact: tever → desale
Assignee | ||
Comment 5•25 years ago
|
||
The problem is the window.close() that happens as a result of an onclick() on a
link. This used to work - what changed in the ownership model or codepath? The
webshell of the window (and hence the link handler) gets destroyed in the
window.close(). As a result we crash when trying to reference the link handler
as part of the rest of the event dispatch (in the TriggerLink method of the
link).
Status: NEW → ASSIGNED
Summary: Browser crashed with General Protection Fault!I → crash from window.close() in anchor onclick()
Assignee | ||
Comment 7•25 years ago
|
||
Fixed on 1/2/2000. Dangling (weak) references to the webshell were left in the
PresContext.
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
Comment 8•25 years ago
|
||
Vidur, I am still seeing a crash at the wsj site. The steps to reproduce are
identical to those listed. The trace is different though so this one may have
been hidden by your previous fix. Do you want a new bug on this?
Here's the new stack trace:
Call Stack: (Signature = nsMenuBarListener::MouseDown c4d5db04)
nsMenuBarListener::MouseDown
[d:\builds\seamonkey\mozilla\layout\xul\base\src\nsMenuBarListener.cpp, line
196]
nsEventListenerManager::HandleEvent
[d:\builds\seamonkey\mozilla\layout\events\src\nsEventListenerManager.cpp, line
738]
nsXULDocument::HandleDOMEvent
[d:\builds\seamonkey\mozilla\rdf\content\src\nsXULDocument.cpp, line 1913]
nsXULElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\rdf\content\src\nsXULElement.cpp, line 2961]
nsXULElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\rdf\content\src\nsXULElement.cpp, line 2953]
nsXULElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\rdf\content\src\nsXULElement.cpp, line 2953]
nsXULElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\rdf\content\src\nsXULElement.cpp, line 2953]
nsXULElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\rdf\content\src\nsXULElement.cpp, line 2953]
nsXULElement::HandleChromeEvent
[d:\builds\seamonkey\mozilla\rdf\content\src\nsXULElement.cpp, line 3918]
GlobalWindowImpl::HandleDOMEvent
[d:\builds\seamonkey\mozilla\dom\src\base\nsGlobalWindow.cpp, line 381]
nsDocument::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsDocument.cpp, line 2477]
nsGenericElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 1031]
nsHTMLFrameSetElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLFrameSetElement.cpp,
line 216]
nsGenericElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 1021]
nsHTMLFrameSetElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLFrameSetElement.cpp,
line 216]
nsGenericElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 1021]
nsHTMLFrameSetElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLFrameSetElement.cpp,
line 216]
nsGenericElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 1021]
nsHTMLFrameSetElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLFrameSetElement.cpp,
line 216]
nsGenericElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 1021]
nsHTMLFrameSetElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLFrameSetElement.cpp,
line 216]
nsGenericElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 1021]
nsHTMLFrameSetElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLFrameSetElement.cpp,
line 216]
nsGenericElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 1021]
nsHTMLAnchorElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLAnchorElement.cpp,
line 344]
nsGenericElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 1021]
nsHTMLFrameSetElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLFrameSetElement.cpp,
line 216]
nsGenericElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericElement.cpp, line 1021]
nsHTMLFrameSetElement::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\html\content\src\nsHTMLFrameSetElement.cpp,
line 216]
nsGenericDOMDataNode::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsGenericDOMDataNode.cpp, line 804]
nsTextNode::HandleDOMEvent
[d:\builds\seamonkey\mozilla\layout\base\src\nsTextNode.cpp, line 234]
PresShell::HandleEvent
[d:\builds\seamonkey\mozilla\layout\html\base\src\nsPresShell.cpp, line 2861]
nsView::HandleEvent
[d:\builds\seamonkey\mozilla\view\src\nsView.cpp, line 799]
nsView::HandleEvent
[d:\builds\seamonkey\mozilla\view\src\nsView.cpp, line 784]
nsView::HandleEvent
[d:\builds\seamonkey\mozilla\view\src\nsView.cpp, line 784]
nsViewManager::DispatchEvent
[d:\builds\seamonkey\mozilla\view\src\nsViewManager.cpp, line 1704]
HandleEvent
[d:\builds\seamonkey\mozilla\view\src\nsView.cpp, line 69]
nsWindow::DispatchEvent
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 502]
nsWindow::DispatchWindowEvent
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 519]
nsWindow::DispatchMouseEvent
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 3042]
ChildWindow::DispatchMouseEvent
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 3258]
nsWindow::ProcessMessage
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 2350]
nsWindow::WindowProc
[d:\builds\seamonkey\mozilla\widget\src\windows\nsWindow.cpp, line 679]
re-assigning QA contact to myself
Status: RESOLVED → REOPENED
QA Contact: desale → tever
Resolution: FIXED → ---
Assignee | ||
Comment 9•25 years ago
|
||
Well...the main wsj page seems to have changed. There's no longer a "Looking for
regular wsj site" link and the US home doesn't bring up the popup. I tried other
sites that had popups that contain anchors that use window.close() in their
onclick() handlers and they seemed to work. Marking WORKSFORME. Please send me
more details if you need to reopen.
Status: REOPENED → RESOLVED
Closed: 25 years ago → 25 years ago
Resolution: --- → WORKSFORME
Comment 10•25 years ago
|
||
Yeah, this site changed a bit. You need to select the middle link "Go to US
view". A popup window with some deal will show up (if the survey cookie
has not been previously set). Select NO to turn down the offer and you will
see the crash. Actually, selecting either link will cause the crash.
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
Assignee | ||
Comment 11•25 years ago
|
||
Tried it again and didn't see the crash. Are you sure you have the correct
build? This works for me on the 2/11/2000 build.
Status: REOPENED → RESOLVED
Closed: 25 years ago → 25 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•