Closed
Bug 5643
Opened 26 years ago
Closed 26 years ago
Crash in initial layout of empty framesets
Categories
(Core :: Layout, defect, P3)
Tracking
()
VERIFIED
FIXED
People
(Reporter: morse, Assigned: chofmann)
References
()
Details
Bringing up the browswer on a page containing the html shown below results in a
gp-trap.
Note this looks very similar to bug 1252 but the stack trace at time of crash is
completely different. And the only difference between the html in this report
and the one in 1252 is the addition of the "SRC=about:blank" in the frame
statements.
This bug is currently causing crashes when any of the viewers (cookie viewer,
single-signon viewer, and safe-formfill) are selected from the menu. For this
reason I would consider this to be an M5 showstopper.
Here's the html:
<HTML>
<HEAD>
<SCRIPT>
function loadCookies(){
top.frames[0].document.open();
top.frames[0].document.close();
}
</SCRIPT>
</HEAD>
<FRAMESET onLoad=loadCookies()>
<FRAME SRC=about:blank>
<FRAME SRC=about:blank>
</FRAMESET>
</HTML>
and here's the stack trace:
nsDTDContext::GetStyles() line 269 + 11 bytes
CNavDTD::UpdateStyleStackForCloseTag(nsHTMLTag eHTMLTag_html, nsHTMLTag
eHTMLTag_html) line 2871 + 11 bytes
CNavDTD::HandleEndToken(CToken * 0x0117f120) line 1403
NavDispatchTokenHandler(CToken * 0x0117f120, nsIDTD * 0x0270af30) line 250 + 12
bytes
CTokenHandler::operator()(CToken * 0x0117f120, nsIDTD * 0x0270af30) line 80 + 14
bytes
CNavDTD::HandleToken(CNavDTD * const 0x0270af30, CToken * 0x0117f120, nsIParser
* 0x02711770) line 635 + 18 bytes
CNavDTD::BuildModel(CNavDTD * const 0x0270af30, nsIParser * 0x02711770,
nsITokenizer * 0x027127e0, nsITokenObserver * 0x00000000, nsIContentSink *
0x02711b40) line 509 + 20 bytes
nsParser::BuildModel() line 847 + 34 bytes
nsParser::ResumeParse(nsIDTD * 0x00000000) line 799 + 11 bytes
nsParser::Parse(nsString & {...}, void * 0x80000001, const nsString & {...}, int
0, int 1) line 742 + 13 bytes
nsHTMLDocument::Close(nsHTMLDocument * const 0x012afbcc) line 1249 + 76 bytes
HTMLDocumentClose(JSContext * 0x012976e0, JSObject * 0x01b10860, unsigned int 0,
long * 0x01a63f5c, long * 0x0012b0d0) line 681 + 15 bytes
js_Invoke(JSContext * 0x012976e0, unsigned int 0, int 0) line 650 + 26 bytes
js_Interpret(JSContext * 0x012976e0, long * 0x0012b8d4) line 2199 + 15 bytes
js_Invoke(JSContext * 0x012976e0, unsigned int 0, int 0) line 666 + 13 bytes
js_Interpret(JSContext * 0x012976e0, long * 0x0012c094) line 2199 + 15 bytes
js_Invoke(JSContext * 0x012976e0, unsigned int 1, int 0) line 666 + 13 bytes
js_CallFunctionValue(JSContext * 0x012976e0, JSObject * 0x01a891a8, long
28234048, unsigned int 1, long * 0x0012c1c0, long * 0x0012c1c8) line 735 + 15
bytes
JS_CallFunctionValue(JSContext * 0x012976e0, JSObject * 0x01a891a8, long
28234048, unsigned int 1, long * 0x0012c1c0, long * 0x0012c1c8) line 2437 + 29
bytes
nsJSEventListener::HandleEvent(nsIDOMEvent * 0x02706750) line 97 + 34 bytes
nsEventListenerManager::HandleEvent(nsIPresContext & {...}, nsEvent *
0x0012c36c, nsIDOMEvent * * 0x0012c2f0, unsigned int 3, nsEventStatus &
nsEventStatus_eIgnore) line 870 + 21 bytes
GlobalWindowImpl::HandleDOMEvent(GlobalWindowImpl * const 0x01297624,
nsIPresContext & {...}, nsEvent * 0x0012c36c, nsIDOMEvent * * 0x0012c2f0,
unsigned int 1, nsEventStatus & nsEventStatus_eIgnore) line 1896
nsWebShell::OnEndDocumentLoad(nsWebShell * const 0x01294ad0, nsIURL *
0x026d66d0, int 0) line 2285 + 34 bytes
nsDocLoaderImpl::FireOnEndDocumentLoad(int 0) line 1420
nsDocLoaderImpl::FireOnEndDocumentLoad(int 0) line 1428
nsDocLoaderImpl::LoadURLComplete(nsIURL * 0x012acd30, nsISupports * 0x012accb0,
int 0) line 1580
nsDocumentBindInfo::OnStopBinding(nsDocumentBindInfo * const 0x012accb0, nsIURL
* 0x012acd30, unsigned int 0, unsigned short * 0x0012c484) line 2141
nsStreamListenerProxy::OnStopBinding(nsStreamListenerProxy * const 0x012afdb0,
nsIURL * 0x012acd30, unsigned int 0, unsigned short * 0x0012c484) line 768 + 30
bytes
stub_complete(_NET_StreamClass * 0x012af8b0) line 766
net_output_about_url(_ActiveEntry * 0x012af4f0) line 687 + 10 bytes
net_AboutLoad(_ActiveEntry * 0x012af4f0) line 910 + 9 bytes
NET_GetURL(URL_Struct_ * 0x012afe30, int 102, MWContext_ * 0x012af2f0, void
(URL_Struct_ *, int, MWContext_ *)* 0x00412f2c bam_exit_routine(URL_Struct_ *,
int, MWContext_ *)) line 2979 + 12 bytes
nsNetlibService::OpenStream(nsNetlibService * const 0x00f94e50, nsIURL *
0x012acd30, nsIStreamListener * 0x012accb0) line 476 + 20 bytes
nsDocumentBindInfo::Bind(nsIURL * 0x012acd30, nsIStreamListener * 0x00000000)
line 1866 + 23 bytes
nsDocumentBindInfo::Bind(const nsString & {...}, nsIPostData * 0x00000000,
nsIStreamListener * 0x00000000) line 1830 + 16 bytes
nsDocLoaderImpl::LoadDocument(nsDocLoaderImpl * const 0x012ac120, const nsString
& {...}, char * 0x01c2aac4, nsIContentViewerContainer * 0x012abe60, nsIPostData
* 0x00000000, nsISupports * 0x00000000, nsIStreamObserver * 0x012abd40,
nsURLReloadType nsURLReload, const unsigned int 0) line 1104 + 21 bytes
nsWebShell::DoLoadURL(const nsString & {...}, char * 0x01c2aac4, nsIPostData *
0x00000000, nsURLReloadType nsURLReload, const unsigned int 0) line 1525
nsWebShell::LoadURL(nsWebShell * const 0x012abe60, unsigned short * 0x012acb30,
char * 0x01c2aac4, nsIPostData * 0x00000000, int 1, nsURLReloadType nsURLReload,
const unsigned int 0) line 1606 + 28 bytes
nsWebShell::LoadURL(nsWebShell * const 0x012abe60, unsigned short * 0x012acb30,
nsIPostData * 0x00000000, int 1, nsURLReloadType nsURLReload, const unsigned int
0) line 1453
nsHTMLFrameInnerFrame::Reflow(nsHTMLFrameInnerFrame * const 0x012abce4,
nsIPresContext & {...}, nsHTMLReflowMetrics & {...}, const nsHTMLReflowState &
{...}, unsigned int & 1233116) line 858 + 39 bytes
nsContainerFrame::ReflowChild(nsIFrame * 0x012abce0, nsIPresContext & {...},
nsHTMLReflowMetrics & {...}, const nsHTMLReflowState & {...}, unsigned int &
1233116) line 389 + 28 bytes
nsHTMLFrameOuterFrame::Reflow(nsHTMLFrameOuterFrame * const 0x012abc74,
nsIPresContext & {...}, nsHTMLReflowMetrics & {...}, const nsHTMLReflowState &
{...}, unsigned int & 1233116) line 362
nsContainerFrame::ReflowChild(nsIFrame * 0x012abc70, nsIPresContext & {...},
nsHTMLReflowMetrics & {...}, const nsHTMLReflowState & {...}, unsigned int &
1233116) line 389 + 28 bytes
nsHTMLFramesetFrame::ReflowPlaceChild(nsIFrame * 0x012abc70, nsIPresContext &
{...}, const nsHTMLReflowState & {...}, nsPoint & {...}, nsSize & {...}, nsPoint
* 0x0012d240) line 755
nsHTMLFramesetFrame::Reflow(nsHTMLFramesetFrame * const 0x012ab3b4,
nsIPresContext & {...}, nsHTMLReflowMetrics & {...}, const nsHTMLReflowState &
{...}, unsigned int & 1234184) line 1147
nsLineLayout::ReflowFrame(nsIFrame * 0x012ab3b0, nsIFrame * * 0x0012f3a8,
unsigned int & 1234184) line 844
nsBlockFrame::ReflowInlineFrame(nsBlockReflowState & {...}, nsLineBox *
0x012ab4d0, nsIFrame * 0x012ab3b0, unsigned char * 0x0012d4dc) line 2818 + 23
bytes
nsBlockFrame::ReflowInlineFrames(nsBlockReflowState & {...}, nsLineBox *
0x012ab4d0, int * 0x0012d56c) line 2695 + 24 bytes
nsBlockFrame::ReflowLine(nsBlockReflowState & {...}, nsLineBox * 0x012ab4d0, int
* 0x0012d56c) line 1968 + 20 bytes
nsBlockFrame::ReflowDirtyLines(nsBlockReflowState & {...}) line 1775 + 20 bytes
nsBlockFrame::Reflow(nsBlockFrame * const 0x012ab124, nsIPresContext & {...},
nsHTMLReflowMetrics & {...}, const nsHTMLReflowState & {...}, unsigned int & 0)
line 1180 + 18 bytes
nsAreaFrame::Reflow(nsAreaFrame * const 0x012ab124, nsIPresContext & {...},
nsHTMLReflowMetrics & {...}, const nsHTMLReflowState & {...}, unsigned int & 0)
line 261 + 25 bytes
nsContainerFrame::ReflowChild(nsIFrame * 0x012ab120, nsIPresContext & {...},
nsHTMLReflowMetrics & {...}, const nsHTMLReflowState & {...}, unsigned int & 0)
line 389 + 28 bytes
RootFrame::Reflow(RootFrame * const 0x012aa7e4, nsIPresContext & {...},
nsHTMLReflowMetrics & {...}, const nsHTMLReflowState & {...}, unsigned int & 0)
line 225
nsContainerFrame::ReflowChild(nsIFrame * 0x012aa7e0, nsIPresContext & {...},
nsHTMLReflowMetrics & {...}, const nsHTMLReflowState & {...}, unsigned int & 0)
line 389 + 28 bytes
ViewportFrame::Reflow(ViewportFrame * const 0x012aa634, nsIPresContext & {...},
nsHTMLReflowMetrics & {...}, const nsHTMLReflowState & {...}, unsigned int & 0)
line 434
PresShell::InitialReflow(PresShell * const 0x012ad6f0, int 8745, int 4785) line
881
HTMLContentSink::StartLayout() line 1963
HTMLContentSink::CloseFrameset(HTMLContentSink * const 0x026d4bf0, const
nsIParserNode & {...}) line 1813
CNavDTD::CloseFrameset(const nsIParserNode & {...}) line 2433 + 31 bytes
CNavDTD::CloseContainer(const nsIParserNode & {...}, nsHTMLTag
eHTMLTag_frameset, int 1) line 2568 + 12 bytes
CNavDTD::CloseContainersTo(int 1, nsHTMLTag eHTMLTag_frameset, int 1) line 2604
+ 26 bytes
CNavDTD::CloseContainersTo(nsHTMLTag eHTMLTag_frameset, int 1) line 2625 + 20
bytes
CNavDTD::HandleEndToken(CToken * 0x0117e120) line 1409 + 14 bytes
NavDispatchTokenHandler(CToken * 0x0117e120, nsIDTD * 0x026d0aa0) line 250 + 12
bytes
CTokenHandler::operator()(CToken * 0x0117e120, nsIDTD * 0x026d0aa0) line 80 + 14
bytes
CNavDTD::HandleToken(CNavDTD * const 0x026d0aa0, CToken * 0x0117e120, nsIParser
* 0x025a16c0) line 635 + 18 bytes
CNavDTD::BuildModel(CNavDTD * const 0x026d0aa0, nsIParser * 0x025a16c0,
nsITokenizer * 0x012a0b80, nsITokenObserver * 0x00000000, nsIContentSink *
0x026d4bf0) line 509 + 20 bytes
nsParser::BuildModel() line 847 + 34 bytes
nsParser::ResumeParse(nsIDTD * 0x00000000) line 799 + 11 bytes
nsParser::OnDataAvailable(nsParser * const 0x025a16c4, nsIURL * 0x026d66d0,
nsIInputStream * 0x0266ba00, unsigned int 276) line 1011 + 17 bytes
nsDocumentBindInfo::OnDataAvailable(nsDocumentBindInfo * const 0x026d6a70,
nsIURL * 0x026d66d0, nsIInputStream * 0x0266ba00, unsigned int 276) line 2102 +
24 bytes
OnDataAvailableProxyEvent::HandleEvent(OnDataAvailableProxyEvent * const
0x012ad8a0) line 632
StreamListenerProxyEvent::HandlePLEvent(PLEvent * 0x012ad8a4) line 471 + 12
bytes
PL_HandleEvent(PLEvent * 0x012ad8a4) line 476 + 10 bytes
PL_ProcessPendingEvents(PLEventQueue * 0x00f90470) line 437 + 9 bytes
_md_EventReceiverProc(void * 0x005f0136, unsigned int 49305, unsigned int 0,
long 16319600) line 799 + 9 bytes
USER32! 77e71250()
Reporter | ||
Comment 1•26 years ago
|
||
OK, let me back off a little. The only crash is when selecting the cookie
viewer (edit/wallet/display-cookies). This bug does not cause a crash for the
signon-viewer or for safe-formfill.
Reporter | ||
Updated•26 years ago
|
Status: NEW → RESOLVED
Closed: 26 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 2•26 years ago
|
||
This is now fixed with a change that rickg checked in last night at midnight (in
nsDTDUtils.cpp). Cookie viewer no longer crashes. Closing out this bug report.
Updated•26 years ago
|
Status: RESOLVED → VERIFIED
Comment 3•26 years ago
|
||
Fixed in the April 29th Build.
Updated•26 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•