Closed
Bug 1411088
Opened 7 years ago
Closed 7 years ago
Crash in mozilla::dom::AutoEntryScript::AutoEntryScript parsing a custom element in an XHTML document
Categories
(Core :: DOM: Core & HTML, defect, P2)
Tracking
()
RESOLVED
DUPLICATE
of bug 1378079
Tracking | Status | |
---|---|---|
firefox58 | --- | affected |
People
(Reporter: MattN, Assigned: edgar)
References
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
424 bytes,
application/xhtml+xml
|
Details |
This bug was filed from the Socorro interface and is
report bp-b90ad092-15ee-4f2f-9241-2a30d0171023.
=============================================================
STR:
1) Enable custom element prefs
2) Add a custom element to an XHTML document (to be parsed, not via createElement)
3) Load that page
Expected result:
Page and component renders
Actual result:
Crash in:
> mozilla::dom::AutoEntryScript::AutoEntryScript(nsIGlobalObject*, char const*, bool)
> NS_NewHTMLElement(mozilla::dom::Element**, already_AddRefed<mozilla::dom::NodeInfo>&&, mozilla::dom::FromParser, nsTSubstring<char16_t> const*)
> NS_NewElement(mozilla::dom::Element**, already_AddRefed<mozilla::dom::NodeInfo>&&, mozilla::dom::FromParser, nsTSubstring<char16_t> const*)
> …
Assignee | ||
Updated•7 years ago
|
Assignee: nobody → echen
Priority: -- → P2
Assignee | ||
Comment 1•7 years ago
|
||
Hmm, there will be no entry script if create element calls is from parser, but we still try to get entry global and will hit the assertion in http://searchfox.org/mozilla-central/rev/d30462037ffea383e74c42542c820cf65b2b144e/dom/html/nsHTMLContentSink.cpp#299 on debug build.
We didn't hit this in HTML document is because HTML parser doesn't go the same call path right now, I suspect we will hit this on HTML document after bug 1378079.
Comment 2•7 years ago
|
||
(In reply to Edgar Chen [:edgar] from comment #1)
> Hmm, there will be no entry script if create element calls is from parser,
> but we still try to get entry global and will hit the assertion in
> http://searchfox.org/mozilla-central/rev/
> d30462037ffea383e74c42542c820cf65b2b144e/dom/html/nsHTMLContentSink.cpp#299
> on debug build.
>
> We didn't hit this in HTML document is because HTML parser doesn't go the
> same call path right now, I suspect we will hit this on HTML document after
> bug 1378079.
In bug 1378079, we use node document's global object if it is called from parser, see bug 1378079 attachment 8918165 [details] [diff] [review].
Assignee | ||
Comment 3•7 years ago
|
||
(In reply to Jessica Jong [:jessica] from comment #2)
> (In reply to Edgar Chen [:edgar] from comment #1)
> > Hmm, there will be no entry script if create element calls is from parser,
> > but we still try to get entry global and will hit the assertion in
> > http://searchfox.org/mozilla-central/rev/
> > d30462037ffea383e74c42542c820cf65b2b144e/dom/html/nsHTMLContentSink.cpp#299
> > on debug build.
> >
> > We didn't hit this in HTML document is because HTML parser doesn't go the
> > same call path right now, I suspect we will hit this on HTML document after
> > bug 1378079.
>
> In bug 1378079, we use node document's global object if it is called from
> parser, see bug 1378079 attachment 8918165 [details] [diff] [review].
Ah, right, so let's wait bug 1378079.
Assignee | ||
Comment 4•7 years ago
|
||
Bug 1378079 fixes this crash, close as duplicated of bug 1378079.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•