Closed Bug 208892 Opened 22 years ago Closed 22 years ago

Save as complete page crash on www.dancefreak.com/steps.htm

Categories

(Core :: CSS Parsing and Computation, defect)

Product:
Core
Component:
CSS Parsing and Computation
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: artiip, Assigned: dbaron)

References

(
URL
)

Details

(Keywords: crash, stackwanted, Whiteboard: TB20903958Q)

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4b ; ..:: Ar't ::..) Gecko/20030609 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4b ; ..:: Ar't ::..) Gecko/20030609 Save as complete page crash on www.dancefreak.com/steps.htm some image files is saved to dir "steps_files" but steps.htm is empty or truncate mayby this code <applet code="fphover.class" width="150" height="24"> [...] </applet> i don't have instaled java Reproducible: Always Steps to Reproduce: 1. try save www.dancefreak.com/steps.htm 2. 3. Actual Results: crash Expected Results: save witout crash
Reporter: Which JRE Do you use (see help/about plugins)
I don't use any JRE this <applet... code is part of mising code from file steps.htm "Book your hotel reservations </b></font><b><i><blink>" is the last line in this file (if truncated)
sorry, missed your comment.. Do you have a stacktrace (from a debug build) or a tralkback ID ?
Assignee: darin → law
Component: Networking: File → File Handling
QA Contact: benc → petersen
Freshly created ;-) TB20903958Q
No problem here under Win2000 with build 2003060905 with Java 1.4.0 installed. (Though the author of the site is asking for a crash, ghee man, who uses over 50 applets on a single page! Not a reason for Moz to crash of course :-)
Keywords: crash, stackwanted
Whiteboard: TB20903958Q
stack trace points to CSS... libc.so.6 + 0x69238 (0x403ec238) PR_Free() [/builds/client/linux22/seamonkey/mozilla/nsprpub/pr/src/malloc/prmem.c, line 456] nsMemoryImpl::Free() [/builds/client/linux22/seamonkey/mozilla/xpcom/base/nsMemoryImpl.cpp, line 345] nsMemory::Free() [/builds/client/linux22/seamonkey/mozilla/xpcom/glue/standalone/nsMemory.cpp, line 106] nsCSSValue::() [/builds/client/linux22/seamonkey/mozilla/content/html/style/src/nsCSSValue.cpp, line 78] Clone() [/builds/client/linux22/seamonkey/mozilla/content/html/style/src/nsCSSDataBlock.cpp, line 330] nsCSSDeclaration::nsCSSDeclaration() [/builds/client/linux22/seamonkey/mozilla/content/html/style/src/nsCSSDeclaration.cpp, line 94] Clone() [/builds/client/linux22/seamonkey/mozilla/content/html/style/src/nsCSSDeclaration.cpp, line 1237] CSSStyleRuleImpl::CSSStyleRuleImpl() [/builds/client/linux22/seamonkey/mozilla/content/html/style/src/nsCSSStyleRule.cpp, line 1136] Clone() [/builds/client/linux22/seamonkey/mozilla/content/html/style/src/nsCSSStyleRule.cpp, line 1329] nsGenericHTMLElement::CopyInnerTo() [/builds/client/linux22/seamonkey/mozilla/content/html/content/src/nsGenericHTMLElement.cpp, line 351] nsGenericHTMLContainerElement::CopyInnerTo() [/builds/client/linux22/seamonkey/mozilla/content/html/content/src/nsGenericHTMLElement.cpp, line 3512] nsHTMLTableElement::CloneNode() [/builds/client/linux22/seamonkey/mozilla/content/html/content/src/nsHTMLTableElement.cpp, line 392] nsWebBrowserPersist::GetNodeToFixup() [/builds/client/linux22/seamonkey/mozilla/embedding/components/webbrowserpersist/src/nsWebBrowserPersist.cpp, line 2784] nsWebBrowserPersist::CloneNodeWithFixedUpURIAttributes() [/builds/client/linux22/seamonkey/mozilla/embedding/components/webbrowserpersist/src/nsWebBrowserPersist.cpp, line 2888] nsEncoderNodeFixup::FixupNode() [/builds/client/linux22/seamonkey/mozilla/embedding/components/webbrowserpersist/src/nsWebBrowserPersist.cpp, line 3716] nsDocumentEncoder::SerializeNodeStart() [/builds/client/linux22/seamonkey/mozilla/content/base/src/nsDocumentEncoder.cpp, line 306] nsDocumentEncoder::SerializeToStringRecursive() [/builds/client/linux22/seamonkey/mozilla/content/base/src/nsDocumentEncoder.cpp, line 387] nsDocumentEncoder::SerializeToStringRecursive() [/builds/client/linux22/seamonkey/mozilla/content/base/src/nsDocumentEncoder.cpp, line 408] nsDocumentEncoder::SerializeToStringRecursive() [/builds/client/linux22/seamonkey/mozilla/content/base/src/nsDocumentEncoder.cpp, line 408] nsDocumentEncoder::SerializeToStringRecursive() [/builds/client/linux22/seamonkey/mozilla/content/base/src/nsDocumentEncoder.cpp, line 408] nsDocumentEncoder::SerializeToStringRecursive() [/builds/client/linux22/seamonkey/mozilla/content/base/src/nsDocumentEncoder.cpp, line 408] nsDocumentEncoder::SerializeToStringRecursive() [/builds/client/linux22/seamonkey/mozilla/content/base/src/nsDocumentEncoder.cpp, line 408] nsDocumentEncoder::SerializeToStringRecursive() [/builds/client/linux22/seamonkey/mozilla/content/base/src/nsDocumentEncoder.cpp, line 408] nsDocumentEncoder::SerializeToStringRecursive() [/builds/client/linux22/seamonkey/mozilla/content/base/src/nsDocumentEncoder.cpp, line 408] nsDocumentEncoder::EncodeToString() [/builds/client/linux22/seamonkey/mozilla/content/base/src/nsDocumentEncoder.cpp, line 963] nsDocumentEncoder::EncodeToStream() [/builds/client/linux22/seamonkey/mozilla/content/base/src/nsDocumentEncoder.cpp, line 1003] nsWebBrowserPersist::SaveDocumentWithFixup() [/builds/client/linux22/seamonkey/mozilla/embedding/components/webbrowserpersist/src/nsWebBrowserPersist.cpp, line 3377] nsWebBrowserPersist::SaveDocuments() [/builds/client/linux22/seamonkey/mozilla/embedding/components/webbrowserpersist/src/nsWebBrowserPersist.cpp, line 1642] nsWebBrowserPersist::OnStopRequest() [/builds/client/linux22/seamonkey/mozilla/embedding/components/webbrowserpersist/src/nsWebBrowserPersist.cpp, line 687] nsHttpChannel::OnStopRequest() [/builds/client/linux22/seamonkey/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp, line 579] nsInputStreamPump::OnStateStop() [/builds/client/linux22/seamonkey/mozilla/netwerk/base/src/nsInputStreamPump.cpp, line 579] nsInputStreamPump::OnInputStreamReady() [/builds/client/linux22/seamonkey/mozilla/netwerk/base/src/nsInputStreamPump.cpp, line 325] nsInputStreamReadyEvent::EventHandler() PL_HandleEvent() [/builds/client/linux22/seamonkey/mozilla/xpcom/threads/plevent.c, line 671] PL_ProcessPendingEvents() [/builds/client/linux22/seamonkey/mozilla/xpcom/threads/plevent.c, line 608] nsEventQueueImpl::ProcessPendingEvents() [/builds/client/linux22/seamonkey/mozilla/xpcom/threads/nsEventQueue.cpp, line 391] event_processor_callback() [/builds/client/linux22/seamonkey/mozilla/widget/src/gtk/nsAppShell.cpp, line 188] our_gdk_io_invoke() [/builds/client/linux22/seamonkey/mozilla/widget/src/gtk/nsAppShell.cpp, line 75] libglib-1.2.so.0 + 0xea56 (0x40283a56) libglib-1.2.so.0 + 0x1003d (0x4028503d) libglib-1.2.so.0 + 0x104f4 (0x402854f4) libglib-1.2.so.0 + 0x10724 (0x40285724) libgtk-1.2.so.0 + 0x8bc3f (0x401abc3f) nsAppShell::Run() [/builds/client/linux22/seamonkey/mozilla/widget/src/gtk/nsAppShell.cpp, line 330] nsAppShellService::Run() [/builds/client/linux22/seamonkey/mozilla/xpfe/appshell/src/nsAppShellService.cpp, line 478] main1() [/builds/client/linux22/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1686] main() [/builds/client/linux22/seamonkey/mozilla/xpfe/bootstrap/nsAppRunner.cpp, line 1670] libc.so.6 + 0x15a51 (0x40398a51)
Status: UNCONFIRMED → NEW
Ever confirmed: true
-> style system
Assignee: law → dbaron
Component: File Handling → Style System
QA Contact: petersen → ian
The stack is a bit garbled, but I'm pretty sure I fixed this with the patch on bug 208872. It was reading unininitialized memory and potentially trying to free a n uninitialized pointer depending on what it found. Please try in a build after 2003-06-10 15:08 -0700.
Status: NEW → RESOLVED
Closed: 22 years ago
Depends on: 208872
Resolution: --- → FIXED
confirmed as fix 2003061122 thx
You need to log in before you can comment on or make changes to this bug.