Closed
Bug 5263
Opened 25 years ago
Closed 25 years ago
crash in frame code
Categories
(Core :: DOM: Core & HTML, defect, P3)
Tracking
()
VERIFIED
FIXED
M6
People
(Reporter: rickg, Assigned: vidur)
References
()
Details
I've been seeing a really odd crash recently, which appears to be a regression.
Here's the snippet from the warnerbros.com homepage:
<html><body>
text
<img src="img/newday4.jpg" align=right">
</body></html>
Here's the stack trace:
nsDebug::PreCondition(const char * 0x007c5cb4, const char * 0x007c5ca0, const
char * 0x007c5c70, int 1994) line 120 + 13 bytes
PresShell::SetPlaceholderFrameFor(PresShell * const 0x011571a0, nsIFrame *
0x00000000, nsIFrame * 0x036050d0) line 1994 + 32 bytes
nsCSSFrameConstructor::CantRenderReplacedElement(nsCSSFrameConstructor * const
0x01156170, nsIPresContext * 0x0112d040, nsIFrame * 0x036051e0) line 4733
StyleSetImpl::CantRenderReplacedElement(StyleSetImpl * const 0x01156570,
nsIPresContext * 0x0112d040, nsIFrame * 0x036051e0) line 828
PresShell::HandleCantRenderReplacedElementEvent(nsIFrame * 0x036051e0) line 1363
Updated•25 years ago
|
Assignee: peterl → troy
Component: Style System → Layout
Summary: crash in style/frame code → crash in frame code
I fixed the ConstructAlternateImageFrame() and that fixes the bug Rick reported
(using his small example).
Vidur, assigning the bug to you, because I'm getting a crash in what looks like
DOM code when I try and display http://www.warnerbros.com
00000049()
nsJSUtils::nsConvertObjectToJSVal(nsISupports * 0x0012ff40, JSContext *
0x0112c340, long * 0x0012f0e0) line 130 + 20 bytes
GetNavigatorProperty(JSContext * 0x0112c340, JSObject * 0x0122f128, long -9,
long * 0x0012f0e0) line 124 + 20 bytes
js_GetProperty(JSContext * 0x0112c340, JSObject * 0x0122f128, long 18233008,
long * 0x0012f0e0) line 1695 + 25 bytes
js_Interpret(JSContext * 0x0112c340, long * 0x0012f260) line 2149 + 913 bytes
js_Invoke(JSContext * 0x0112c340, unsigned int 3, int 0) line 666 + 13 bytes
js_Interpret(JSContext * 0x0112c340, long * 0x0012f9d8) line 2183 + 15 bytes
js_Execute(JSContext * 0x0112c340, JSObject * 0x0122d708, JSScript * 0x02539210,
JSFunction * 0x00000000, JSStackFrame * 0x00000000, int 0, long * 0x0012f9d8)
line 815 + 13 bytes
JS_EvaluateUCScriptForPrincipals(JSContext * 0x0112c340, JSObject * 0x0122d708,
JSPrincipals * 0x00000000, const unsigned short * 0x01218830, unsigned int 870,
const char * 0x010d5cc0, unsigned int 191, long * 0x0012f9d8) line 2322 + 27
bytes
nsJSContext::EvaluateString(nsJSContext * const 0x0112c580, const nsString &
{...}, const char * 0x010d5cc0, unsigned int 191, nsString & {...}, int *
0x0012fa04) line 122 + 64 bytes
HTMLContentSink::EvaluateScript(nsString & {...}, int 191) line 2829
HTMLContentSink::ProcessSCRIPTTag(const nsIParserNode & {...}) line 2943
HTMLContentSink::AddLeaf(HTMLContentSink * const 0x010d17a0, const nsIParserNode
& {...}) line 1979 + 12 bytes
CNavDTD::AddLeaf(const nsIParserNode & {...}) line 2665 + 31 bytes
CNavDTD::HandleScriptToken(nsCParserNode & {...}) line 1593 + 12 bytes
CNavDTD::OpenContainer(const nsIParserNode & {...}, int 1) line 2488 + 12 bytes
CNavDTD::HandleDefaultStartToken(CToken * 0x01167f90, nsHTMLTag eHTMLTag_script,
nsIParserNode & {...}) line 992 + 14 bytes
CNavDTD::HandleStartToken(CToken * 0x01167f90) line 1228 + 25 bytes
NavDispatchTokenHandler(CToken * 0x01167f90, nsIDTD * 0x0115b950) line 247 + 12
bytes
CTokenHandler::operator()(CToken * 0x01167f90, nsIDTD * 0x0115b950) line 80 + 14
bytes
CNavDTD::HandleToken(CNavDTD * const 0x0115b950, CToken * 0x01167f90, nsIParser
* 0x010d1910) line 634 + 18 bytes
CNavDTD::BuildModel(CNavDTD * const 0x0115b950, nsIParser * 0x010d1910,
nsITokenizer * 0x0115b040, nsITokenObserver * 0x00000000, nsIContentSink *
0x010d17a0) line 508 + 20 bytes
nsParser::BuildModel() line 869 + 34 bytes
nsParser::ResumeParse(nsIDTD * 0x00000000) line 821 + 11 bytes
nsParser::EnableParser(int 1) line 523 + 19 bytes
HTMLContentSink::ResumeParsing() line 2751
nsDoneLoadingScript(nsIUnicharStreamLoader * 0x024b4f80, nsString & {...}, void
* 0x010d17a0, unsigned int 0) line 2860
nsUnicharStreamLoader::OnStopBinding(nsUnicharStreamLoader * const 0x024b4f84,
nsIURL * 0x024b0500, unsigned int 0, const unsigned short * 0x024b04d0) line 156
+ 31 bytes
nsDocumentBindInfo::OnStopBinding(nsDocumentBindInfo * const 0x024b4d40, nsIURL
* 0x024b0500, unsigned int 0, const unsigned short * 0x024b04d0) line 1994 + 30
bytes
OnStopBindingProxyEvent::HandleEvent(OnStopBindingProxyEvent * const 0x024b2780)
line 591 + 45 bytes
StreamListenerProxyEvent::HandlePLEvent(PLEvent * 0x024b2784) line 471 + 12
bytes
PL_HandleEvent(PLEvent * 0x024b2784) line 476 + 10 bytes
PL_ProcessPendingEvents(PLEventQueue * 0x0107f680) line 437 + 9 bytes
_md_EventReceiverProc(HWND__ * 0x002c032c, unsigned int 49425, unsigned int 0,
long 17299072) line 799 + 9 bytes
USER32! 77e71250()
0107f680()
Updated•25 years ago
|
QA Contact: 4110 → 4144
Assignee | ||
Updated•25 years ago
|
Assignee: vidur → beard
Assignee | ||
Comment 2•25 years ago
|
||
Patrick, the problems occurs because navigator.mimeTypes and navigator.plugins
now exist, return NS_OK from their stub implementations, but do not set the
return out pointer to null.
Updated•25 years ago
|
Target Milestone: M6
Comment 3•25 years ago
|
||
-> M6
Updated•25 years ago
|
Assignee: beard → vidur
Component: Layout → DOM Level 0
Comment 4•25 years ago
|
||
This doesn't crash on the Mac, as of 4/29/99. I've expanded the Navigator
properties implementation. Should be fixed now.
Assignee | ||
Updated•25 years ago
|
Status: NEW → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 5•25 years ago
|
||
Patrick, feel free to mark the bugs as FIXED when you're done with them, rather
than reassigning them.
Updated•25 years ago
|
Status: RESOLVED → VERIFIED
Comment 6•25 years ago
|
||
Fixed in 5/17 Build.
You need to log in
before you can comment on or make changes to this bug.
Description
•