Closed
Bug 120911
Opened 24 years ago
Closed 24 years ago
Crash while printing due lousy error checking
Categories
(Core :: Printing: Output, defect, P1)
Core
Printing: Output
Tracking
()
VERIFIED
FIXED
mozilla0.9.8
People
(Reporter: roland.mainz, Assigned: roland.mainz)
References
Details
(Keywords: crash)
Attachments
(2 files, 1 obsolete file)
|
14.94 KB,
patch
|
Details | Diff | Splinter Review | |
|
Same patch as attachment 66120 without whitespace changes (created with gdiff -u -w)/(REVIEW ONLY!!)
2.62 KB,
patch
|
jag+mozilla
:
review+
jag+mozilla
:
superreview+
|
Details | Diff | Splinter Review |
I am getting the following stack trace when I return an error from
nsDeviceContextXP::SetSpec() (or any other printer device SetSpec() method):
-- snip --
###!!! ASSERTION: You can't dereference a NULL nsCOMPtr with operator->().:
'mRawPtr != 0', file ../../../dist/include/xpcom/nsCOMPtr.h, line 650
###!!! Break: at file ../../../dist/include/xpcom/nsCOMPtr.h, line 650
t@1 (l@6) signal SEGV (no mapping at the fault address) in
DocumentViewerImpl::Print dbx: warning: can't find file
"/shared/bigtmp2/mozilla/2002-01-17-08-trunk/objdir_ws6_xlib/content/build/nsDocumentViewer.o"
dbx: warning: see `help finding-files'
at 0xfcec89bc
0xfcec89bc: Print+0x0e7c: ld [%l0], %l0
dbx: warning: can't find file
"/shared/bigtmp2/mozilla/2002-01-17-08-trunk/objdir_ws6_xlib/dom/src/build/nsGlobalWindow.o"
dbx: internal warning: Typeid already exists with different
name:__1nKnsACString_ or symclass:struct, ignore current
stab:/shared/bigtmp2/mozilla/2002-01-17-08-trunk/objdir_ws6_xlib/dist/bin/components/libxpconnect.so:../../../../../../../../../home/mozilla/src/2002-01-17-08-trunk/mozilla/js/src/xpconnect/src/xpcwrappednative.cpp
stab #1786 __1nKnsACString_:U(0,905)
Current function is XPCWrappedNative::CallMethod (optimized)
1997 invokeResult = XPTC_InvokeByIndex(callee, vtblIndex,
(/opt/SUNWspro/FD7/bin/../YNH/bin/sparcv9/dbx) where
current thread: t@1
[1] DocumentViewerImpl::Print(0x7735e8, 0x0, 0x70df70, 0x0, 0x6, 0x6671d8), at
0xfcec89bc
[2] GlobalWindowImpl::DoPrint(0x50dec0, 0x0, 0x70df70, 0x0, 0x92, 0x70df70),
at 0xfc6cf544
[3] GlobalWindowImpl::PrintWithSettings(0x50dec0, 0x70df70, 0x0, 0x22de24,
0x1a989c, 0x0), at 0xfc6cf600
[4] XPTC_InvokeByIndex(0x50dec4, 0x49, 0x1, 0xffbec858, 0x80000000,
0xffbec794), at 0xff0b3f00
=>[5] XPCWrappedNative::CallMethod(ccx = CLASS, mode = ???) (optimized), at
0xfd7ff518 (line ~1997) in "xpcwrappednative.cpp"
[6] XPC_WN_CallMethod(cx = ???, obj = ???, argc = ???, argv = ???, vp = ???)
(optimized), at 0xfd80beb8 (line ~1266) in "xpcwrappednativejsops.cpp"
[7] js_Invoke(cx = ???, argc = ???, flags = ???) (optimized), at 0xff1c99a8
(line ~832) in "jsinterp.c"
[8] js_Interpret(cx = ???, result = ???) (optimized), at 0xff1d5c04 (line
~2798) in "jsinterp.c"
[9] js_Invoke(cx = ???, argc = ???, flags = ???) (optimized), at 0xff1c9a1c
(line ~849) in "jsinterp.c"
[10] js_InternalInvoke(cx = ???, obj = ???, fval = ???, flags = ???, argc =
???, argv = ???, rval = ???) (optimized), at 0xff1c9cc4 (line ~924) in
"jsinterp.c"
[11] JS_CallFunctionValue(cx = ???, obj = ???, fval = ???, argc = ???, argv =
???, rval = ???) (optimized), at 0xff19ea1c (line ~3405) in "jsapi.c"
dbx: warning: can't find file
"/shared/bigtmp2/mozilla/2002-01-17-08-trunk/objdir_ws6_xlib/dom/src/build/nsJSEnvironment.o"
[12] nsJSContext::CallEventHandler(0x1a6f88, 0x4f60d0, 0x4f60e0, 0x1,
0xffbed444, 0xffbed0f8), at 0xfc6bbfc0
dbx: warning: can't find file
"/shared/bigtmp2/mozilla/2002-01-17-08-trunk/objdir_ws6_xlib/dom/src/build/nsJSEventListener.o"
[13] nsJSEventListener::HandleEvent(0x3f1f18, 0x7e8048, 0x0, 0x80000000,
0xffbed1bc, 0xffbed1c0), at 0xfc74f408
dbx: warning: can't find file
"/shared/bigtmp2/mozilla/2002-01-17-08-trunk/objdir_ws6_xlib/content/build/nsEventListenerManager.o"
[14] nsEventListenerManager::HandleEventSubType(0x3e2610, 0x3e99b8, 0x7e8048,
0x3e25d8, 0x8, 0x7), at 0xfc9bace0
[15] nsEventListenerManager::HandleEvent(0x3e2610, 0x225728, 0xffbee910,
0xffbee728, 0x3e25d8, 0x1), at 0xfc9bf324
dbx: warning: can't find file
"/shared/bigtmp2/mozilla/2002-01-17-08-trunk/objdir_ws6_xlib/content/build/nsXULElement.o"
[16] nsXULElement::HandleDOMEvent(0xfc9baf40, 0x225728, 0xffbee910, 0x0, 0x1,
0xffbee958), at 0xfccab15c
dbx: warning: can't find file
"/shared/bigtmp2/mozilla/2002-01-17-08-trunk/objdir_ws6_xlib/layout/build/nsPresShell.o"
[17] PresShell::HandleDOMEventWithTarget(0x225e20, 0x3e25d0, 0xffbee910,
0xffbee958, 0xfcca73f8, 0xfbdf9650), at 0xfbdf97b0
dbx: warning: can't find file
"/shared/bigtmp2/mozilla/2002-01-17-08-trunk/objdir_ws6_xlib/layout/build/nsMenuFrame.o"
[18] nsMenuFrame::Execute(0x7c741c, 0x289e58, 0xffbee868, 0x225e20,
0xffbee848, 0xffbee904), at 0xfc00be94
[19] nsMenuFrame::HandleEvent(0x7c741c, 0x225728, 0x0, 0x0, 0x1, 0x5de098), at
0xfc007bac
[20] PresShell::HandleEventInternal(0x225e20, 0xffbef0b8, 0x6d8910, 0x1,
0xffbeeee4, 0xfbd6b6e8), at 0xfbdf957c
[21] PresShell::HandleEvent(0x225e20, 0x6d8910, 0xffbef0b8, 0xffbeeee4, 0x0,
0xffbeee18), at 0xfbdf8ea4
dbx: internal warning: Typeid already exists with different
name:__1nKnsACString_ or symclass:struct, ignore current
stab:/shared/bigtmp2/mozilla/2002-01-17-08-trunk/objdir_ws6_xlib/dist/bin/components/libgkview.so:../../../../../../../home/mozilla/src/2002-01-17-08-trunk/mozilla/view/src/nsView.cpp
stab #1111 __1nKnsACString_:U(0,437)
[22] nsView::HandleEvent(this = ???, event = ???, aEventFlags = ???, aStatus =
???, aForceHandle = ???, aHandled = ???) (optimized), at 0xfc5bc4b8 (line ~374)
in "nsView.cpp"
[23] nsView::HandleEvent(this = ???, event = ???, aEventFlags = ???, aStatus =
???, aForceHandle = ???, aHandled = ???) (optimized), at 0xfc5bc3d8 (line ~342)
in "nsView.cpp"
[24] nsView::HandleEvent(this = ???, event = ???, aEventFlags = ???, aStatus =
???, aForceHandle = ???, aHandled = ???) (optimized), at 0xfc5bc3d8 (line ~342)
in "nsView.cpp"
[25] nsView::HandleEvent(this = ???, event = ???, aEventFlags = ???, aStatus =
???, aForceHandle = ???, aHandled = ???) (optimized), at 0xfc5bc3d8 (line ~342)
in "nsView.cpp"
[26] nsViewManager::DispatchEvent(this = 0x2259e8, aEvent = 0xffbef0b8,
aStatus = 0xffbeeee4), line 1907 in "nsViewManager.cpp"
[27] HandleEvent(aEvent = ???) (optimized), at 0xfc5bb9c0 (line ~80) in
"nsView.cpp"
[28] nsWidget::DispatchEvent(this = ???, aEvent = ???, aStatus = ???)
(optimized), at 0xfdcaa9a8 (line ~1227) in "nsWidget.cpp"
[29] nsWidget::DispatchWindowEvent(this = ???, aEvent = STRUCT) (optimized),
at 0xfdcaa8f8 (line ~1134) in "nsWidget.cpp"
[30] nsWidget::DispatchMouseEvent(this = ???, aEvent = STRUCT) (optimized), at
0xfdcaa7d8 (line ~1094) in "nsWidget.cpp"
[31] nsAppShell::HandleButtonEvent(event = ???, aWidget = ???) (optimized), at
0xfdc9b568 (line ~744) in "nsAppShell.cpp"
[32] nsAppShell::DispatchXEvent(event = ???) (optimized), at 0xfdc9aea4 (line
~552) in "nsAppShell.cpp"
[33] nsAppShell::Run(this = ???) (optimized), at 0xfdc9a83c (line ~360) in
"nsAppShell.cpp"
[34] nsAppShellService::Run(this = ???) (optimized), at 0xfdd2e31c (line ~302)
in "nsAppShellService.cpp"
[35] main1(argc = ???, argv = ???, nativeApp = ???) (optimized), at 0x171e8
(line ~1285) in "nsAppRunner.cpp"
[36] main(argc = ???, argv = ???) (optimized), at 0x17c10 (line ~1625) in
"nsAppRunner.cpp"
-- snip --
This is a result from lame error checking in
http://lxr.mozilla.org/seamonkey/source/content/base/src/nsDocumentViewer.cpp#5289
- the code uses the returned object reference without looking at the |rv| return
value. BAD.
|
Assignee | |
Comment 1•24 years ago
|
||
I think am resposible for this issue as I wrote the original print error dialog
code and the "improvements" in error checking...
... taking myself!
|
|
Assignee | |
Updated•24 years ago
|
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 2•24 years ago
|
||
|
|
Assignee | |
Updated•24 years ago
|
|
|
Assignee | |
Comment 3•24 years ago
|
||
Requesting r=/sr= ...
rods ?
|
||
Updated•24 years ago
|
Severity: normal → critical
|
|
Assignee | |
Updated•24 years ago
|
Severity: critical → blocker
Priority: -- → P1
|
||
Comment 4•24 years ago
|
||
r=rods, please also add the missing brace and fix the formatting, thanks.
|
|
Assignee | |
Comment 5•24 years ago
|
||
Added the missing branches, fixed source formatting, switched manual
refcounting of |nsIDeviceContextSpec| over to use of
nsCOMPtr<nsIDeviceContextSpec> - otherwise we may leak the object when an error
occurs...
Attachment #65750 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 6•24 years ago
|
||
|
|
||
Comment 7•24 years ago
|
||
r=rods
|
||
Comment 8•24 years ago
|
||
Comment on attachment 66121 [details] [diff] [review]
Same patch as attachment 66120 [details] [diff] [review] without whitespace changes (created with gdiff -u -w)/(REVIEW ONLY!!)
sr=jag
Attachment #66121 -
Flags: superreview+
Attachment #66121 -
Flags: review+
|
|
Assignee | |
Comment 9•24 years ago
|
||
Fix checked in, marking bug as FIXED.
|
|
Assignee | |
Comment 10•24 years ago
|
||
FIXED, really...
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
|
||
Comment 11•24 years ago
|
||
Roland, please verify and mark verified-fixed....thanks
You need to log in
before you can comment on or make changes to this bug.
Description
•