Closed Bug 27953 Opened 25 years ago Closed 25 years ago

crash if I scroll caret through URL bar while loading page

Categories

(Core :: XPCOM, defect, P3)

Product:
Core
Component:
XPCOM
Platform:
x86
Windows 98
Type:
defect

Tracking

()

Status:
VERIFIED FIXED

People

(Reporter: andyb, Assigned: vidur)

References

(
URL
)

Details

(Keywords: crash, Whiteboard: [PDT-][HAVE FIX])

Attachments

(1 file)

simpler test case
360 bytes, text/html
Details
From Bug Helper: User-Agent: Mozilla/4.7 [en]C-CCK-MCD NSCPCD47 (Win98; I) BuildID: 2000012520 While loading from the "Site Map" link on http://levis.alis.com:8080/ and viewing the URL bar by scrolling the cursor through it, Mozilla crashes. Reproducible: Always Steps to Reproduce: 1. Open browser. Go to http://levis.alis.com:8080/ 2. Click the link that says "Site Map." 3. While the page loads (or rather, never finishes loading), click in the URL bar at the top of the screen. 4. Use the left and right arrows to scroll through the URL. It may be necessary to scroll the cursor off the end of the URL bar to the right. If that happens, click in the URL bar again and repeat. 5. It might take some time to get the bug to appear. Actual Results: Mozilla crashes. Info from Dr. Watson below. Expected Results: Um, not crash? :) XPCOM.DLL performed an invalid memory access. Module Name: XPCOM.DLL Application Name: Mozilla.exe Command line: "C:\Program Files\Netscape\Seamonkey\mozilla.exe" Trap 0e 0000 - Invalid page fault eax=00000000 ebx=0063f360 ecx=426bab20 edx=00000001 esi=ffffffff edi=426bab20 eip=60c21660 esp=0063f29c ebp=0063f2c4 -- -- -- nv up EI pl nz na po nc cs=015f ss=0167 ds=0167 es=0167 fs=6a2f gs=0000 XPCOM.DLL:.text 0x10660: >015f:60c21660 668b11 mov dx,word ptr [ecx] sel type base lim/bot ---- ---- -------- -------- cs 015f r-x- 00000000 ffffffff ss 0167 rw-e 00000000 0000fe60 ds 0167 rw-e 00000000 0000fe60 es 0167 rw-e 00000000 0000fe60 fs 6a2f rw-- 8bcf66fc 00000037 gs 0000 ---- stack base: 00540000 TIB limits: 00630000 - 00640000 (Let me know if you need the rest of the information from the Details page.)
I hit this assertion when viewing this page on linux. Assigning to parser folks. And the url never stops loading on linux. ###!!! ASSERTION: NS_ENSURE_TRUE(globalObject) failed: 'globalObject', file nsHTMLContentSink.cpp, line 4056 ###!!! Break: at file nsHTMLContentSink.cpp, line 4056 Error loading URL http://levis.alis.com:8080/sitemap.html?AlisFramesTgtDoc&AlisTargetHost=http://www.alis.com ###!!! ASSERTION: NS_ENSURE_TRUE(globalObject) failed: 'globalObject', file nsHTMLContentSink.cpp, line 4056 ###!!! Break: at file nsHTMLContentSink.cpp, line 4056 Error loading URL http://levis.alis.com:8080/sitemap.html?AlisFramesTgtDoc&AlisTargetHost=http://www.alis.com Nominating for beta.
Assignee: dp → harishd
Keywords: beta1
Putting on the PDT+ radar for beta1.
Whiteboard: [PDT+]
Attached file simpler test case
The URL never stops loading because...it's wacky ( see the simpler test case ). This is not a commonly seen problem and therefore would not qualify as PDT+. Would be a nice fix for beta1...though ;)
Whiteboard: [PDT+] → [PDT+] *** RECONSIDER ***
Something wrong with my attachment..... Here is the simpler test case: <!--~ Changed by: Lloyd-Eden Keays, webmaster@alis.com, DATE: 1999-08-10, ~--> <HTML> <SCRIPT> <!-- if (self != top) top.location.href = window.location.href; //--> </SCRIPT> <FRAMESET cols="*,143" frameborder="0" border=0 framespacing="0"> <FRAME src="27953.htm"> </FRAMESET> <body>This site requires the use of frames. </body></HTML> Note: Make sure to save this as 27953.htm.
Since the content sink is involved..i'm ccing vidur@netscape.com
vidur, could you take a look at this? Giving bug to vidur ;)
Assignee: harishd → vidur
Removed the PDT+ designation, but left beta1 so that it can reconsidered by the PDT team. It's a crash, but as far as I can tell, the page is doing something pretty whacky and it's not commonly done. Not a beta showstopper in my mind.
Keywords: crash
Whiteboard: [PDT+] *** RECONSIDER ***
will reconsider if it's top 100 site.
Whiteboard: [PDT-]
Well, actually, I found out about the website by using the "translate" function in Mozilla... does that make it somewhat important? (I was trying to figure out why the translation server wasn't doing anything.)
I have a fix that gets us a bit more in line with what I would expect (and IE does) for the page - we get into a loop, reloading the page into the top frameset. The fix terminates further parsing of a page if a SCRIPT causes the page to be unloaded (e.g. by setting the location). This was supposed to have been dealt with by bug 3571, but the fix checked in was incomplete.
Whiteboard: [PDT-] → [PDT-][HAVE FIX]
Status: NEW → ASSIGNED
Target Milestone: M15
Vidur--can you attach the patch so someone else could check it in while you are away?
change summary to "caret" rather than "cursor"
Summary: crash if I scroll cursor through URL bar while loading page → crash if I scroll caret through URL bar while loading page
CC ing jst. He probably has the patch.
Yup, I believe I do have it and if all goes well I'll be checking it in tomorrow (along with all other changes Vidur gave me).
Fix patch checked in. Marking FIXED but I was never able to reproduce this so please reopen if it's still not fixed.
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
I cannot get this to reproduce with 2000-03-22-06 win32 build. Marking Verified.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: