Xopus Xml editor crashes Mozilla and Firebird [@ js_Interpret]

RESOLVED DUPLICATE of bug 174709

Status

()

--
critical
RESOLVED DUPLICATE of bug 174709
15 years ago
15 years ago

People

(Reporter: simon, Unassigned)

Tracking

({crash})

Trunk
x86
All
crash
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(crash signature, URL)

(Reporter)

Description

15 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6) Gecko/20040206 Firefox/0.8
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6) Gecko/20040206 Firefox/0.8

If I access the Xopus Website (http://xopus.com/demo/index.html) and open the
link "Simple Document Demo" Mozilla and Firefox totally crash on my Windows 2000. 

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

Actual Results:  
mozilla & firefox crashed


see also http://forums.mozillazine.org/viewtopic.php?t=62368 for additional comments

Comment 1

15 years ago
confirming on Linux using FF 20040317 (non debug build, can't investigate more
with this build)

#0  0x400491ce in js_Interpret () from ./libmozjs.so
#1  0x40047fd9 in js_Execute () from ./libmozjs.so
#2  0x4002b888 in JS_EvaluateUCScriptForPrincipals () from ./libmozjs.so
#3  0x087692a0 in nsJSContext::EvaluateString(nsAString const&, void*,
nsIPrincipal*, char const*, unsigned, char const*, nsAString&, int*) ()
#4  0x085be3a2 in nsScriptLoader::EvaluateScript(nsScriptLoadRequest*, nsString
const&) ()
#5  0xbfffe5e8 in ?? ()
#6  0x09000148 in ?? ()
#7  0x092cfeb0 in ?? ()
#8  0x08de85e0 in ?? ()
#9  0x0000004f in ?? ()
#10 0x40074f3b in js_valueOf_str () from ./libmozjs.so
#11 0xbfffe508 in ?? ()
#12 0xbfffe4a4 in ?? ()

Stack is similar to bug 234013.
Keywords: crash
OS: Windows 2000 → All
I just added a simpler testcase and explanation to bug 174709
It is definitely about this bug, maybe it is useful.
#0  0x400603ee in js_Interpret (cx=0x87048c8, result=0xbfffdf4c)
    at /home/bzbarsky/mozilla/xlib/mozilla/js/src/jsinterp.c:1933
#1  0x4005e291 in js_Execute (cx=0x87048c8, chain=0x86fa4a8, script=0x919fa18,
down=0x0, 
    special=0, result=0xbfffdf4c)
    at /home/bzbarsky/mozilla/xlib/mozilla/js/src/jsinterp.c:1155
#2  0x4002d1f8 in JS_EvaluateUCScriptForPrincipals (cx=0x87048c8, obj=0x86fa4a8, 
    principals=0x89c0024, chars=0x42b45010, length=419541, 
    filename=0x8b0c9e8
"http://www.xopus.com/demo/xopus/xopus.html#http%3A//www.xopus.com/demo/demos/sample/index.html",
lineno=79, rval=0xbfffdf4c)
    at /home/bzbarsky/mozilla/xlib/mozilla/js/src/jsapi.c:3540
#3  0x4161f55d in nsJSContext::EvaluateString(nsAString const&, void*,
nsIPrincipal*, char const*, unsigned, char const*, nsAString&, int*)
(this=0x8704810, aScript=@0xbfffe1a0, 
    aScopeObject=0x86fa4a8, aPrincipal=0x89c0020, 
    aURL=0x8b0c9e8
"http://www.xopus.com/demo/xopus/xopus.html#http%3A//www.xopus.com/demo/demos/sample/index.html",
aLineNo=79, aVersion=0x400b3cef "default", 
    aRetValue=@0xbfffe090, aIsUndefined=0xbfffe02c)
    at /home/bzbarsky/mozilla/xlib/mozilla/dom/src/base/nsJSEnvironment.cpp:909
#4  0x4142644e in nsScriptLoader::EvaluateScript(nsScriptLoadRequest*, nsString
const&) (
    this=0x89bff00, aRequest=0x8b053f0, aScript=@0xbfffe1a0)
    at /home/bzbarsky/mozilla/xlib/mozilla/content/base/src/nsScriptLoader.cpp:656


#0  0x400603ee in js_Interpret (cx=0x87048c8, result=0xbfffdf4c)
    at /home/bzbarsky/mozilla/xlib/mozilla/js/src/jsinterp.c:1933
1933                OBJ_ENUMERATE(cx, obj, JSENUMERATE_NEXT, &iter_state, &rval);
(gdb) p obj
$3 = (struct JSObject *) 0x0
(gdb) p cx
$4 = (struct JSContext *) 0x87048c8

I suspect that obj being null is what does it, since OBJ_ENUMERATE dereferences
the pointer.
Assignee: general → general
Status: UNCONFIRMED → NEW
Component: Browser-General → JavaScript Engine
Ever confirmed: true
QA Contact: general → pschwartau
Summary: Xopus Xml editor crashes Mozilla and Firebird → Xopus Xml editor crashes Mozilla and Firebird [@ js_Interpret]
Dup'ing toward the better testcase.

/be

*** This bug has been marked as a duplicate of 174709 ***
Status: NEW → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → DUPLICATE
Crash Signature: [@ js_Interpret]
You need to log in before you can comment on or make changes to this bug.