Closed
Bug 265376
Opened 20 years ago
Closed 20 years ago
Crash when handling malformed HTML code [@ nsGenericHTMLElement::GetOffsetWidth]
Categories
(SeaMonkey :: General, defect)
SeaMonkey
General
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 265181
People
(Reporter: thomas+mozilla, Unassigned)
References
()
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
174 bytes,
text/html
|
Details |
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/125.5 (KHTML, like Gecko) Safari/125.9 Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8a5) Gecko/20041020 I was doing some FireFox QA using iExploder - http://toadstool.se/software/iexploder - and stumbled upon this crash bug. I can't make heads or tails of what HTML generates the issue, as I've simplified it as much as I can. Reproducible: Always Steps to Reproduce: Talkback ID: TB1431888Q Stack Trace: Thread 0 Crashed: 0 <<00000000>> 0x6e659cc0 0 + 0x6e659cc0 1 org.mozilla.firefox 0x00319c6c nsGenericHTMLElement::GetOffsetWidth(int*) + 0x4c 2 libxpcom.dylib 0x07059c80 _XPTC_InvokeByIndex + 0xd8 3 org.mozilla.firefox 0x00031fec XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) + 0x9cc 4 org.mozilla.firefox 0x000284d4 XPC_WN_GetterSetter(JSContext*, JSObject*, unsigned, long*, long*) + 0x150 5 libmozjs.dylib 0x06028678 js_Invoke + 0x6b4 6 libmozjs.dylib 0x060288c4 js_InternalInvoke + 0xb8 7 libmozjs.dylib 0x06028a50 js_InternalGetOrSet + 0x144 8 libmozjs.dylib 0x0603ab60 js_GetProperty + 0x354 9 libmozjs.dylib 0x0602eb84 js_Interpret + 0x57c4 10 libmozjs.dylib 0x060286b8 js_Invoke + 0x6f4 11 libmozjs.dylib 0x060288c4 js_InternalInvoke + 0xb8 12 libmozjs.dylib 0x06028a50 js_InternalGetOrSet + 0x144 13 libmozjs.dylib 0x0603ab60 js_GetProperty + 0x354 14 libmozjs.dylib 0x0602eb84 js_Interpret + 0x57c4 15 libmozjs.dylib 0x060286b8 js_Invoke + 0x6f4 16 org.mozilla.firefox 0x0003b0dc nsXPCWrappedJSClass::CallMethod(nsXPCWrappedJS*, unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) + 0x8d4
Reporter | ||
Comment 1•20 years ago
|
||
This is as thin as I could make the test case. It crashes FireFox 0.10, and the FireFox and Mozilla 20041020 nightlies as well, so you have been warned.
Comment 2•20 years ago
|
||
Confirmed with Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.3) Gecko/20041019 Firefox/1.0
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: crash
Summary: nsGenericHTMLElement::GetOffsetWidth crash → Crash when handling malformed HTML code [@ nsGenericHTMLElement::GetOffsetWidth]
I believe its a dupe of bug 265181, it has the same pattern (two captions and then a tag after it)
Depends on: 265181
this is now fixed even on aviary by the fix in bug 265181 *** This bug has been marked as a duplicate of 265181 ***
Updated•20 years ago
|
Product: Browser → Seamonkey
Updated•13 years ago
|
Crash Signature: [@ nsGenericHTMLElement::GetOffsetWidth]
You need to log in
before you can comment on or make changes to this bug.
Description
•