Closed
Bug 186056
Opened 22 years ago
Closed 22 years ago
browser crashed on second call to applet using javascript
Categories
(Core Graveyard :: Java: OJI, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: pschmandra, Assigned: joshua.xia)
References
()
Details
(Keywords: crash, Whiteboard: confirm)
Attachments
(2 files)
|
643 bytes,
patch
|
Details | Diff | Splinter Review | |
|
645 bytes,
patch
|
brendan
:
review+
beard
:
superreview+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826
A javascript function at http://www.webdice.org/help.html crashes the browser
when it attempts to call an applet the second time.
Reproducible: Always
Steps to Reproduce:
1.Go to http://www.webdice.org/help.html with java and javascript enabled.
2.Press the "Browser Information" button half way down the page.
3.Dissmiss the javascript alert
4.Disable java in Edit..Preferances..Advanced
5.Press the "Browser Information"
6.Dissmiss the javascript alert
7.Go to http://www.webdice.irg/index.html
8.Enable java
9.Go back to the help page and click the "Browser Information" button
Actual Results:
crashes browser
Expected Results:
javascript alert should display java information
|
||
Comment 1•22 years ago
|
||
does it happen with 1.2.1 ?
Severity: normal → critical
Keywords: crash,
stackwanted
|
||
Comment 2•22 years ago
|
||
confirming with win2k build 20021218.. and JRE1.4.1
JSJ_HashTableRawLookup(JSJHashTable * 0x00000000, unsigned int 3932167, const
void * 0x1aa4be94, void * 0x03d77838) line 201 + 6 bytes
jsj_WrapJavaObject(JSContext * 0x03c5ee20, const JNINativeInterface_ * *
0x03d77838, _jobject * 0x1aa4be94, _jobject * 0x1aa4be90) line 169 + 23 bytes
jsj_ConvertJavaObjectToJSValue(JSContext * 0x03c5ee20, const JNINativeInterface_
* * 0x03d77838, _jobject * 0x1aa4be94, long * 0x0012d5b8) line 861 + 21 bytes
JSJ_ConvertJavaObjectToJSValue(JSContext * 0x03c5ee20, _jobject * 0x1aa4be94,
long * 0x0012d5b8) line 846 + 21 bytes
nsJVMManager::WrapJavaObject(nsJVMManager * const 0x0144b498, JSContext *
0x03c5ee20, _jobject * 0x1aa4be94, JSObject * * 0x0012d688) line 440 + 17 bytes
nsHTMLAppletElementSH::GetPluginJSObject(JSContext * 0x03c5ee20, JSObject *
0x03cd61a0, nsIPluginInstance * 0x055d5ff8, JSObject * * 0x0012d688, JSObject *
* 0x0012d67c) line 5553 + 35 bytes
nsHTMLExternalObjSH::PostCreate(nsHTMLExternalObjSH * const 0x03d767b8,
nsIXPConnectWrappedNative * 0x1df4d860, JSContext * 0x03c5ee20, JSObject *
0x03cd61a0) line 5413 + 36 bytes
XPCWrappedNative::GetNewOrUsed(XPCCallContext & {...}, nsISupports * 0x1df79724,
XPCWrappedNativeScope * 0x04084b90, XPCNativeInterface * 0x00f1f608,
XPCWrappedNative * * 0x0012d808) line 418
XPCConvert::NativeInterface2JSObject(XPCCallContext & {...},
nsIXPConnectJSObjectHolder * * 0x0012d908, nsISupports * 0x1df79724, const nsID
* 0x0234112c iid_NS_ISUPPORTS_IID, JSObject * 0x03a89d30, unsigned int *
0x0012d8cc) line 1059 + 30 bytes
nsXPConnect::WrapNative(nsXPConnect * const 0x00f13dd8, JSContext * 0x03c5ee20,
JSObject * 0x03a89d30, nsISupports * 0x1df79724, const nsID & {...},
nsIXPConnectJSObjectHolder * * 0x0012d908) line 565 + 29 bytes
nsDOMClassInfo::WrapNative(JSContext * 0x03c5ee20, JSObject * 0x03a89d30,
nsISupports * 0x1df79724, const nsID & {...}, long * 0x0012e160) line 988 + 58 bytes
nsHTMLDocumentSH::GetProperty(nsHTMLDocumentSH * const 0x015bb9a0,
nsIXPConnectWrappedNative * 0x1e0cae90, JSContext * 0x03c5ee20, JSObject *
0x03cd7720, long 64523276, long * 0x0012e160, int * 0x0012d96c) line 4957 + 42 bytes
XPC_WN_Helper_GetProperty(JSContext * 0x03c5ee20, JSObject * 0x03cd7720, long
64523276, long * 0x0012e160) line 810 + 47 bytes
js_GetProperty(JSContext * 0x03c5ee20, JSObject * 0x03cd7720, long 502934952,
long * 0x0012e160) line 2548 + 239 bytes
js_Interpret(JSContext * 0x03c5ee20, long * 0x0012e2e0) line 2634 + 1785 bytes
js_Invoke(JSContext * 0x03c5ee20, unsigned int 1, unsigned int 2) line 856 + 13
bytes
js_InternalInvoke(JSContext * 0x03c5ee20, JSObject * 0x03cd5ba8, long 63790016,
unsigned int 0, unsigned int 1, long * 0x0012e540, long * 0x0012e410) line 931 +
20 bytes
JS_CallFunctionValue(JSContext * 0x03c5ee20, JSObject * 0x03cd5ba8, long
63790016, unsigned int 1, long * 0x0012e540, long * 0x0012e410) line 3431 + 31 bytes
nsJSContext::CallEventHandler(nsJSContext * const 0x03d5e360, void * 0x03cd5ba8,
void * 0x03cd5bc0, unsigned int 1, void * 0x0012e540, int * 0x0012e544, int 0)
line 1041 + 33 bytes
nsJSEventListener::HandleEvent(nsJSEventListener * const 0x1e060df8, nsIDOMEvent
* 0x03dd27e8) line 182 + 77 bytes
nsEventListenerManager::HandleEventSubType(nsListenerStruct * 0x1df680a8,
nsIDOMEvent * 0x03dd27e8, nsIDOMEventTarget * 0x1e0d4948, unsigned int 4,
unsigned int 7) line 1217 + 20 bytes
nsEventListenerManager::HandleEvent(nsEventListenerManager * const 0x1e060d90,
nsIPresContext * 0x1dec1a10, nsEvent * 0x0012f23c, nsIDOMEvent * * 0x0012ed10,
nsIDOMEventTarget * 0x1e0d4948, unsigned int 7, nsEventStatus * 0x0012f5b4) line
1386 + 36 bytes
nsGenericElement::HandleDOMEvent(nsGenericElement * const 0x1df67e78,
nsIPresContext * 0x1dec1a10, nsEvent * 0x0012f23c, nsIDOMEvent * * 0x0012ed10,
unsigned int 7, nsEventStatus * 0x0012f5b4) line 1935
nsHTMLInputElement::HandleDOMEvent(nsHTMLInputElement * const 0x1df67e78,
nsIPresContext * 0x1dec1a10, nsEvent * 0x0012f23c, nsIDOMEvent * * 0x00000000,
unsigned int 1, nsEventStatus * 0x0012f5b4) line 1433 + 29 bytes
PresShell::HandleEventInternal(nsEvent * 0x0012f23c, nsIView * 0x00000000,
unsigned int 1, nsEventStatus * 0x0012f5b4) line 6153 + 47 bytes
PresShell::HandleEventWithTarget(PresShell * const 0x03f73978, nsEvent *
0x0012f23c, nsIFrame * 0x1df876b8, nsIContent * 0x1df67e78, unsigned int 1,
nsEventStatus * 0x0012f5b4) line 6122 + 22 bytes
nsEventStateManager::CheckForAndDispatchClick(nsIPresContext * 0x1dec1a10,
nsMouseEvent * 0x0012f7b8, nsEventStatus * 0x0012f5b4) line 2936 + 66 bytes
nsEventStateManager::PostHandleEvent(nsEventStateManager * const 0x1e04ccf8,
nsIPresContext * 0x1dec1a10, nsEvent * 0x0012f7b8, nsIFrame * 0x1df876b8,
nsEventStatus * 0x0012f5b4, nsIView * 0x03e12888) line 1872 + 23 bytes
PresShell::HandleEventInternal(nsEvent * 0x0012f7b8, nsIView * 0x03e12888,
unsigned int 1, nsEventStatus * 0x0012f5b4) line 6189 + 43 bytes
PresShell::HandleEvent(PresShell * const 0x03f7397c, nsIView * 0x03e12888,
nsGUIEvent * 0x0012f7b8, nsEventStatus * 0x0012f5b4, int 0, int & 1) line 6076 +
25 bytes
nsViewManager::HandleEvent(nsView * 0x1debadc0, nsGUIEvent * 0x0012f7b8, int 0)
line 2209
nsView::HandleEvent(nsViewManager * 0x1e103108, nsGUIEvent * 0x0012f7b8, int 0)
line 304
nsViewManager::DispatchEvent(nsViewManager * const 0x1e103108, nsGUIEvent *
0x0012f7b8, nsEventStatus * 0x0012f6b8) line 1943 + 23 bytes
HandleEvent(nsGUIEvent * 0x0012f7b8) line 83
nsWindow::DispatchEvent(nsWindow * const 0x1debae7c, nsGUIEvent * 0x0012f7b8,
nsEventStatus & nsEventStatus_eIgnore) line 1116 + 10 bytes
nsWindow::DispatchWindowEvent(nsGUIEvent * 0x0012f7b8) line 1137
nsWindow::DispatchMouseEvent(unsigned int 301, unsigned int 0, nsPoint *
0x00000000) line 5376 + 21 bytes
ChildWindow::DispatchMouseEvent(unsigned int 301, unsigned int 0, nsPoint *
0x00000000) line 5633
nsWindow::ProcessMessage(unsigned int 514, unsigned int 0, long 11862559, long *
0x0012fc48) line 4088 + 28 bytes
nsWindow::WindowProc(HWND__ * 0x00190536, unsigned int 514, unsigned int 0, long
11862559) line 1403 + 27 bytes
USER32! 77e2a290()
USER32! 77e045b1()
USER32! 77e0a752()
nsAppShellService::Run(nsAppShellService * const 0x00f6f810) line 472
main1(int 2, char * * 0x00276ac8, nsISupports * 0x00276b40) line 1543 + 32 bytes
main(int 2, char * * 0x00276ac8) line 1904 + 37 bytes
mainCRTStartup() line 338 + 17 bytes
KERNEL32! 77e8ca90()
Assignee: asa → rogerl
Status: UNCONFIRMED → NEW
Component: Browser-General → Live Connect
Ever confirmed: true
Keywords: stackwanted
QA Contact: asa → pschwartau
|
||
Comment 3•22 years ago
|
||
It sounds like the culprit here is not the top frames in the stack,
but farther back in the OJI code. Reassigning to OJI -
Assignee: rogerl → joshua.xia
Component: Live Connect → OJI
QA Contact: pschwartau → petersen
Confirm on Linux(RH8.0) mozilla1.2 JRE1.4.1_01
OS->All
OS: Windows 2000 → All
Whiteboard: confirm
|
|
Assignee | |
Comment 6•22 years ago
|
||
making patch
|
|
Assignee | |
Comment 7•22 years ago
|
||
I found that this bug 's reason is nsJVMManager::ShutdownJVM call
MaybeShutdownLiveConnect() to shutdown liveconnect when set java disable, but
mozilla do nothing when set java Enable.
I sugguest delete MaybeShutdownLiveConnect() from nsJVMManager::ShutdownJVM
Patrick Beard and Alex Musil, do you have any sugguestion?
Thanks a lot!
|
|
Assignee | |
Comment 8•22 years ago
|
||
It is not right to Shutdown liveconnect when Shutdown JVM but not to Startup
liveconnect when Startup JVM.
|
|
Assignee | |
Comment 9•22 years ago
|
||
Comment on attachment 115474 [details] [diff] [review]
patch to delete MaybeShutdownLiveConnect
Beard and AV:
Please super-review and review.
Thanks a lot!
Attachment #115474 -
Flags: superreview?(beard)
Attachment #115474 -
Flags: review?(av)
|
|
Assignee | |
Comment 10•22 years ago
|
||
add cc to AV
|
|
Assignee | |
Comment 11•22 years ago
|
||
Brendan,
Please review this patch,
Thanks a lot!
Attachment #115474 -
Flags: review?(av) → review?(brendan)
|
|
||
Comment 12•22 years ago
|
||
Comment on attachment 115474 [details] [diff] [review]
patch to delete MaybeShutdownLiveConnect
Don't comment out code, remove it (CVS will remember), unless you really mean
to bring that code back soon. If you do intend to uncomment the code soon, say
more in a big comment about what is going on, and cite the bug number.
What's the right answer here? I don't think commenting out code is the right
thing.
/be
|
|
Assignee | |
Comment 13•22 years ago
|
||
OK, I will delete this line, making new patch.
|
|
Assignee | |
Comment 14•22 years ago
|
||
|
|
Assignee | |
Comment 15•22 years ago
|
||
Comment on attachment 119798 [details] [diff] [review]
new patch according to Brendan 's comment
please r/sr
Thanks!
Attachment #119798 -
Flags: superreview?(beard)
Attachment #119798 -
Flags: review?(brendan)
|
|
||
Comment 16•22 years ago
|
||
Comment on attachment 119798 [details] [diff] [review]
new patch according to Brendan 's comment
What about the other commented out code? I realize it was already there, but
what should be done? If it needs to be uncommented, please say under what
condition and cite a bug number.
/be
|
|
Assignee | |
Comment 17•22 years ago
|
||
Comment on attachment 119798 [details] [diff] [review]
new patch according to Brendan 's comment
Brendan,
Please sr this patch.
Thanks!
Attachment #119798 -
Flags: superreview?(beard) → superreview?(brendan)
|
|
||
Comment 18•22 years ago
|
||
Comment on attachment 119798 [details] [diff] [review]
new patch according to Brendan 's comment
Sure, ok -- maybe the cvs history will be enough (I was still looking for a
change to the XXX comment and the commented-out code on the next few lines).
Beard should sr=.
/be
Attachment #119798 -
Flags: superreview?(brendan)
Attachment #119798 -
Flags: superreview?(beard)
Attachment #119798 -
Flags: review?(brendan)
Attachment #119798 -
Flags: review+
|
|
||
Comment 19•22 years ago
|
||
Comment on attachment 119798 [details] [diff] [review]
new patch according to Brendan 's comment
sr=beard
Attachment #119798 -
Flags: superreview?(beard) → superreview+
|
|
Assignee | |
Comment 20•22 years ago
|
||
checkin->fixed
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
|
|
||
Updated•22 years ago
|
Attachment #115474 -
Flags: superreview?(beard)
Attachment #115474 -
Flags: review?(brendan)
|
|
||
Comment 21•22 years ago
|
||
-- Reporter, this url http://www.webdice.irg/index.html is no longer live. can
you put a live url. or can you verify using latest JRE(1.4.2_Beta).
QA Contact: cpetersen0953 → dsirnapalli
You need to log in
before you can comment on or make changes to this bug.
Description
•