Closed
Bug 294862
Opened 20 years ago
Closed 20 years ago
crash when I use sizetopopup="always" [@ AppendUTF8toUTF16 ]
Categories
(Core :: XUL, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: surkov, Assigned: bryner)
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
|
4.17 KB,
patch
|
roc
:
review+
roc
:
superreview+
asa
:
approval1.8b3+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; ru-RU; rv:1.7.5) Gecko/20041108 Firefox/1.0 (ax) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; ru-RU; rv:1.7.5) Gecko/20041108 Firefox/1.0 (ax) crash when I do the next: <binding id="mymenulist" extends="chrome://global/content/bindings/menulist.xml#menulist"> <content sizetopopup="always"> </content> </binding> Reproducible: Always Steps to Reproduce:
|
Reporter | |
Comment 1•20 years ago
|
||
Test mozilla: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8b) Gecko/20050217
|
|
Reporter | |
Comment 3•20 years ago
|
||
TB5979532Y
|
||
Comment 4•20 years ago
|
||
Stack Signature AppendUTF8toUTF16 d056a5ad Product ID MozillaTrunk Build ID 2005021712 Trigger Time 2005-05-19 20:26:08.0 Platform Win32 Operating System Windows NT 5.0 build 2195 Module xpcom_core.dll + (00037af3) URL visited User Comments https://bugzilla.mozilla.org/show_bug.cgi?id=294862 Since Last Crash 60 sec Total Uptime 1152100 sec Trigger Reason Stack overflow Source File, Line No. c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/xpcom/string/src/nsReadableUtils.cpp, line 232 Stack Trace AppendUTF8toUTF16 [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/xpcom/string/src/nsReadableUtils.cpp, line 232] AtomImpl::ToString [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/xpcom/ds/nsAtomTable.cpp, line 362] nsAttrValue::ToString [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/content/base/src/nsAttrValue.cpp, line 318] nsXULElement::GetAttr [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/content/xul/content/src/nsXULElement.cpp, line 1477] nsMenuFrame::IsSizedToPopup [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 944] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 965] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953] nsMenuFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 1907] nsMenuFrame::GetMinSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsMenuFrame.cpp, line 966] nsBoxFrame::GetPrefSize [c:/builds/tinderbox/MozillaTrunk/WINNT_5.0_Clobber/mozilla/layout/xul/base/src/nsBoxFrame.cpp, line 953]
Summary: crash when I use sizetopopup="always" → crash when I use sizetopopup="always" [@ AppendUTF8toUTF16 ]
|
||
Comment 5•20 years ago
|
||
That looks suspiciously like a stack overflow...
|
|
||
Comment 6•20 years ago
|
||
It is a stack overflow. When you use sizetopopup="always", nsMenuFrame::GetMinSize calls nsMenuFrame::GetPrefSize. Now near the end of GetPrefSize there's a lovely comment that says "the min size is the pref size, do not call GetMinSize, you will recurse infinitely". Unfortunately near the start of GetPrefSize is a call to nsBoxFrame::GetPrefSize which now calls GetMinSize as a result of bryner's checkin for bug 258513.
Status: UNCONFIRMED → NEW
Ever confirmed: true
|
||
Comment 7•20 years ago
|
||
So perhaps nsMenuFrame should set a boolean while somewhere to prevent this recursion (and short-circuit out of one of the methods involved instead)?
|
|
||
Comment 8•20 years ago
|
||
I was thinking along the lines of factoring out the popup size calculation into a separate method and calling that from GetMinSize and GetPrefSize.
|
|
||
Comment 9•20 years ago
|
||
This seems to work, although I've no idea how much I'm abusing the APIs.
|
|
||
Comment 10•20 years ago
|
||
That seems like a reasonable approach...
|
|
||
Comment 11•20 years ago
|
||
Comment on attachment 184446 [details] [diff] [review] Hack Feel free to r+sr if appropriate ;-)
Attachment #184446 -
Flags: superreview?(roc)
Attachment #184446 -
Flags: review?(bryner)
Attachment #184446 -
Flags: superreview?(roc)
Attachment #184446 -
Flags: superreview+
Attachment #184446 -
Flags: review?(bryner)
Attachment #184446 -
Flags: review+
|
|
||
Comment 12•20 years ago
|
||
Comment on attachment 184446 [details] [diff] [review] Hack crash regression fix
Attachment #184446 -
Flags: approval1.8b3?
|
||
Updated•20 years ago
|
Attachment #184446 -
Flags: approval1.8b3? → approval1.8b3+
|
|
||
Comment 13•20 years ago
|
||
Fix checked in.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Component: XP Toolkit/Widgets: Menus → XUL
QA Contact: xptoolkit.menus → xptoolkit.widgets
|
||
Updated•13 years ago
|
Crash Signature: [@ AppendUTF8toUTF16 ]
You need to log in
before you can comment on or make changes to this bug.
Description
•