Closed Bug 42191 Opened 24 years ago Closed 23 years ago

Offline: SCRIPT SRC=file causes crash

Categories

(Core :: Networking, defect, P3)

Product:
Core
Component:
Networking
Type:
defect

Tracking

()

Status:
VERIFIED WORKSFORME

People

(Reporter: kazhik, Assigned: gagan)

Details

(Keywords: crash, testcase, Whiteboard: [nsbeta3-])

Attachments

(1 file)

Simple testcase
150 bytes, text/html
Details 
JavaScript file seems to cause crash on off-line mode.

(1) Make a html file which includes the following line.

<SCRIPT SRC="http://sitestatic.netscape.com/common/banner.js"></SCRIPT>

(2) Go off-line mode and open the file. Mozilla crashes.
Build ID 2000061308, Windows 98

I can confirm this, marking NEW.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: crash
Adding crash keyword
Browser issue, not engine -  reassigning
Assignee: rogerl → asa
Component: Javascript Engine → Browser-General
QA Contact: pschwartau → doronr
reporter - are you still seeing this with new builds? of yes, assign to dom level 0
crashes for me with 071008 mozilla talkback build.  stack trace below. updating 
componens and setting default owner.
 
   HTMLContentSink::ProcessSCRIPTTag 
                                       
[d:\builds\seamonkey\mozilla\layout\html\document\src\nsHTMLContentSink.cpp, 
line 4836]
     
   HTMLContentSink::AddLeaf 
                                       
[d:\builds\seamonkey\mozilla\layout\html\document\src\nsHTMLContentSink.cpp, 
line 3045]
     
   CNavDTD::AddLeaf 
                                       
[d:\builds\seamonkey\mozilla\htmlparser\src\CNavDTD.cpp, line 3499]
     
   CNavDTD::HandleScriptToken 
                                       
[d:\builds\seamonkey\mozilla\htmlparser\src\CNavDTD.cpp, line 2048]
     
   CNavDTD::OpenContainer 
                                       
[d:\builds\seamonkey\mozilla\htmlparser\src\CNavDTD.cpp, line 3176]
     
   CNavDTD::HandleDefaultStartToken 
                                       
[d:\builds\seamonkey\mozilla\htmlparser\src\CNavDTD.cpp, line 1140]
     
   CNavDTD::HandleStartToken 
                                       
[d:\builds\seamonkey\mozilla\htmlparser\src\CNavDTD.cpp, line 1530]
     
   CNavDTD::HandleToken 
                                       
[d:\builds\seamonkey\mozilla\htmlparser\src\CNavDTD.cpp, line 765]
     
   CNavDTD::BuildModel 
                                       
[d:\builds\seamonkey\mozilla\htmlparser\src\CNavDTD.cpp, line 504]
     
   nsParser::BuildModel 
                                       
[d:\builds\seamonkey\mozilla\htmlparser\src\nsParser.cpp, line 1983]
     
   nsParser::ResumeParse 
                                       
[d:\builds\seamonkey\mozilla\htmlparser\src\nsParser.cpp, line 1862]
     
   nsParser::OnDataAvailable 
                                       
[d:\builds\seamonkey\mozilla\htmlparser\src\nsParser.cpp, line 2313]
     
   nsDocumentOpenInfo::OnDataAvailable 
                                       
[d:\builds\seamonkey\mozilla\uriloader\base\nsURILoader.cpp, line 252]
     
   nsFileChannel::OnDataAvailable 
                                       
[d:\builds\seamonkey\mozilla\netwerk\protocol\file\src\nsFileChannel.cpp, line 
661]
     
   nsOnDataAvailableEvent::HandleEvent 
                                       
[d:\builds\seamonkey\mozilla\netwerk\base\src\nsAsyncStreamListener.cpp, line 
407]
     
   nsStreamListenerEvent::HandlePLEvent
                                       
[d:\builds\seamonkey\mozilla\netwerk\base\src\nsAsyncStreamListener.cpp, line 
106]
     
   PL_HandleEvent 
                                       
[d:\builds\seamonkey\mozilla\xpcom\threads\plevent.c, line 588]
     
   PL_ProcessPendingEvents 
                                       
[d:\builds\seamonkey\mozilla\xpcom\threads\plevent.c, line 547]
     
   _md_EventReceiverProc 
                                       
[d:\builds\seamonkey\mozilla\xpcom\threads\plevent.c, line 1045]
     
   USER32.dll + 0x1820 (0x77e71820)
Assignee: asa → clayton
Component: Browser-General → Layout
QA Contact: doronr → petersen
jst, could you take a look at this or assign it to the right person? Thanks.
Assignee: clayton → jst
Attached file Simple testcase 

    
    

    
  
I see this on WinNT and linux, looks like this is a necko problem, necko
basically does (in NS_NewStreamLoader()):

    rv = nsComponentManager::CreateInstance(kStreamLoaderCID, nsnull,
                                            NS_GET_IID(nsIStreamLoader),
                                            getter_AddRefs(loader));
    if (NS_FAILED(rv)) return rv;
    rv = loader->Init(uri, observer, context, loadGroup, ...);
    if (NS_FAILED(rv)) return rv;
    *result = loader;
    NS_ADDREF(*result);
    return rv;

The loader is properly created but when loader->Init() is called
(layer->mRefCnt is 1) the loader is deleted, so we crash at NS_ADDREF(*result)
(*result is the deleted loader).

Over to gagan for futher investigation...
Assignee: jst → gagan
OS: Windows 98 → All
Hardware: PC → All

    
    

    
  
this looks bad. we shouldn't return NS_OK on that Init. 
Assignee: gagan → ruslan

    
  
Keywords: nsbeta3
Whiteboard: [nsbeta3+]

    
  
Status: NEW → ASSIGNED

    
    

    
  
Not holding PR3 for this; marking nsbeta3-. Please nominate for RTM if we really
need to fix this before shipping Seamonkey.

Whiteboard: [nsbeta3+] → [nsbeta3-]

    
    

    
  
WORKSFORME with 2000112204-Mtrunk/Win98.

    
    

    
  
Upon managerial request, adding the "testcase" keyword to 84 open layout bugs that
do not have the "testcase" keyword and yet have an attachement with the word
"test" in the description field. Apologies for any mistakes.
Keywords: testcase

    
    

    
  
Reassigning to module owner.
Assignee: ruslan → karnaze
Status: ASSIGNED → NEW

    
    

    
  
Reassigning to javascript module owner.
Assignee: karnaze → rogerl
Component: Layout → Javascript Engine
QA Contact: petersen → pschwartau

    
    

    
  
karnaze: did you read this bug?  The crash stacks and faulty code have nothing
to do with the JS engine.  I'm not sure why you took the bug, briefly, but it
looks like it should stay in Necko-land, this time with a real, still-present
hacker/manager: gagan.

/be
Assignee: rogerl → gagan
Component: Javascript Engine → Networking

    
    

    
  
Setting default QA -
QA Contact: pschwartau → tever

    
    

    
  
Hmmm.... seems like this must have slipped between the cracks. But anyhow... I 
am not having any problems with this. Seeing no crash with today's build. Anyone 
else confirm this? if so then its a worksforme-thru-a-miraculous-anonymous-fix 
:)

    
    

    
  
wfm
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → WORKSFORME

    
    

    
  
reporter:

This bug is a "futured" or "untargeted" bug which has been "resolved/works for
me". Most bugs meeting this criteria are usually somewhat out of date or working
in the current builds.

If this bug is not happening for you in a recent build (such as the Mozilla
daily build, Mozilla 0.9.3, or Netscape 6.1), please use the friendly "Mark bugs
as VERIFIED" radio button to set this bug to "VERIFIED/WORKS FOR ME"
If you reported the bug on a platform (e.g. Linux) and other contributors
reported on another platform (e.g. Mac OS), please comment that it works for you
 but do not verify it yet.

For these multi-platform bug reports, we need to verify all reported platforms
-OR- create new "still broken on platform X" bugs when you verify.


    
  
QA Contact: tever → benc

    
    

    
  
reporter: does this still happen to you?
Summary: JavaScript file causes crash on off-line mode → Offline: SCRIPT SRC=file causes crash

    
    

    
  
Verified.
Status: RESOLVED → VERIFIED

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: