Closed
Bug 50960
Opened 24 years ago
Closed 24 years ago
Crash while loading XML IRS test
Categories
(Core :: DOM: HTML Parser, defect, P3)
Tracking
()
VERIFIED
FIXED
People
(Reporter: hjtoi-bugzilla, Assigned: nisheeth_mozilla)
Details
(Keywords: crash, regression, Whiteboard: [nsbeta3+])
Load either Debug > Viwer Demos > #15 XML IRS or open file mozilla/layout/xml/tests/toc/rights.xml We have bogus mRawPtr in nsCOMPtr, looks like it might have been deleted earlier (0xdddddddd). Not sure if this is a parser issue or nsCOMPtr or what, trying harishd first. Stack trace: nsQueryInterface::operator()(const nsID & {...}, void * * 0x0012f688) line 32 + 23 bytes nsCOMPtr<nsIAtom>::assign_from_helper(const nsCOMPtr_helper & {...}, const nsID & {...}) line 856 + 18 bytes nsCOMPtr<nsIAtom>::nsCOMPtr<nsIAtom>(const nsQueryInterface & {...}) line 565 nsCOMPtr<nsIAtom>::Assert_NoQueryNeeded() line 500 nsGetterAddRefs<nsIAtom>::~nsGetterAddRefs<nsIAtom>() line 909 CWellFormedDTD::HandleStartToken(CToken * 0x03f7c968) line 641 CWellFormedDTD::HandleToken(CWellFormedDTD * const 0x04445c50, CToken * 0x03f7c968, nsIParser * 0x03d391b0) line 521 + 12 bytes CWellFormedDTD::BuildModel(CWellFormedDTD * const 0x04445c50, nsIParser * 0x03d391b0, nsITokenizer * 0x044459d0, nsITokenObserver * 0x00000000, nsIContentSink * 0x03d3cd30) line 258 + 20 bytes nsParser::BuildModel() line 1978 + 34 bytes nsParser::ResumeParse(int 1, int 0) line 1859 + 11 bytes nsParser::EnableParser(int 1) line 1496 + 15 bytes CSSLoaderImpl::Cleanup(URLKey & {...}, SheetLoadData * 0x03af5e10) line 710 CSSLoaderImpl::SheetComplete(nsICSSStyleSheet * 0x00000000, SheetLoadData * 0x03af5e10) line 833 CSSLoaderImpl::ParseSheet(nsIUnicharInputStream * 0x03af9fd0, SheetLoadData * 0x03af5e10, int & 1, nsICSSStyleSheet * & 0x03af9f40) line 868 CSSLoaderImpl::DidLoadStyle(nsIStreamLoader * 0x03af5ca0, nsString * 0x03af9590 {"/* * The contents of this file are subject to the Mozilla Public * License Version 1.1 (the "License"); you may not use this"}, SheetLoadData * 0x03af5e10, unsigned int 0) line 903 + 24 bytes SheetLoadData::OnStreamComplete(SheetLoadData * const 0x03af5e10, nsIStreamLoader * 0x03af5ca0, nsISupports * 0x00000000, unsigned int 0, unsigned int 1802, const char * 0x03f27470) line 644 nsStreamLoader::OnStopRequest(nsStreamLoader * const 0x03af5ca4, nsIChannel * 0x03af5ad0, nsISupports * 0x00000000, unsigned int 0, const unsigned short * 0x100a45e8 gCommonEmptyBuffer) line 121 + 78 bytes nsHTTPFinalListener::OnStopRequest(nsHTTPFinalListener * const 0x03af58d0, nsIChannel * 0x03af5ad0, nsISupports * 0x00000000, unsigned int 0, const unsigned short * 0x100a45e8 gCommonEmptyBuffer) line 1155 + 42 bytes InterceptStreamListener::OnStopRequest(InterceptStreamListener * const 0x03aff2b0, nsIChannel * 0x03af5ad0, nsISupports * 0x00000000, unsigned int 0, const unsigned short * 0x100a45e8 gCommonEmptyBuffer) line 1186 nsHTTPChannel::ResponseCompleted(nsIStreamListener * 0x03aff2b0, unsigned int 0, const unsigned short * 0x100a45e8 gCommonEmptyBuffer) line 1778 + 42 bytes nsHTTPServerListener::OnStopRequest(nsHTTPServerListener * const 0x03af39e0, nsIChannel * 0x03d30ee4, nsISupports * 0x03af5ad0, unsigned int 0, const unsigned short * 0x100a45e8 gCommonEmptyBuffer) line 726 nsOnStopRequestEvent::HandleEvent(nsOnStopRequestEvent * const 0x03af9530) line 302 nsStreamListenerEvent::HandlePLEvent(PLEvent * 0x03af94e0) line 97 + 12 bytes PL_HandleEvent(PLEvent * 0x03af94e0) line 587 + 10 bytes PL_ProcessPendingEvents(PLEventQueue * 0x00b41150) line 528 + 9 bytes _md_EventReceiverProc(HWND__ * 0x020b0690, unsigned int 49427, unsigned int 0, long 11800912) line 1043 + 9 bytes USER32! 77e71820() 00b41150()
Reporter | ||
Comment 1•24 years ago
|
||
Nominating for nsbeta3. This is a bad regression. We use this demo for a lot of testing and demoing. I'd even say this might be dogfood.
Severity: normal → critical
Nisheeth, this is something to do with mIDAttributeAtom that you added to the CStartToken. When I tested my changes for token cache I did not take this into account. Now, it's haunting me. Might need some help from you ( though I'm asking you too early before actually exploring into the problem ). Anyway, will sleep first and then look into this bug. Any input will be greatly appreciated. Thanx
Status: NEW → ASSIGNED
Assignee | ||
Comment 3•24 years ago
|
||
Re-assigning to myself.
Assignee: harishd → nisheeth
Status: ASSIGNED → NEW
Assignee | ||
Comment 4•24 years ago
|
||
Marking bug nsbeta3+... The getter for the ID attribute atom in the start toke, the parser node and the node info object was not addref'ing the returned atom. The fix is checked in. Marking bug fixed.
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
Whiteboard: [nsbeta3+]
You need to log in
before you can comment on or make changes to this bug.
Description
•