Closed
Bug 300730
Opened 19 years ago
Closed 19 years ago
crash if printing iframe of malformed declaration [@ JS_GetFrameFunctionObject]
Categories
(Firefox :: General, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 279678
People
(Reporter: jkolonko, Unassigned)
References
()
Details
(Keywords: crash)
Crash Data
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Maxthon; .NET CLR 1.1.4322; .NET CLR 2.0.50215; Avalon 6.0.4030; %WAP version%) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.9) Gecko/20050711 Firefox/1.0.5 In the page http://grupa-net.pwr.wroc.pl/jk/ff2.html I show the example of malformed html (opening iframe tag not closed) that causes FF to crash. Document tree is not built correctly and the iframe fails to print. Reproducible: Always Steps to Reproduce: 1. Start Firefox 2. Go to http://grupa-net.pwr.wroc.pl/jk/ff2.html Actual Results: crash Expected Results: iframe displayed, frame printing script ignored (or run)
I can't reproduce the crash on the trunk; is probably 1.0 branch only.
reporter: talkback incidents are the only way anything will happen, the following is from mook, if your incident points the finger elsewhere then you'll need to get the incident to someone's eyes, otherwise your discovery will be lost. Incident ID: 7468381 Stack Signature JS_GetFrameFunctionObject deeff97f Product ID Firefox10 Build ID 2005051112 Trigger Time 2005-07-13 23:23:24.0 Platform Win32 Operating System Windows NT 5.1 build 2600 Module js3250.dll + (0000d8ab) URL visited http://grupa-net.pwr.wroc.pl/jk/ff2.html User Comments crash for bug 300730 Since Last Crash 112845 sec Total Uptime 112845 sec Trigger Reason Access violation Source File, Line No. d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/js/src/jsdbgapi.c, line 770 Stack Trace JS_GetFrameFunctionObject [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/js/src/jsdbgapi.c, line 770] nsScriptSecurityManager::GetPrincipalAndFrame [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1891] nsScriptSecurityManager::GetSubjectPrincipal [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1931] nsScriptSecurityManager::GetSubjectPrincipal [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/caps/src/nsScriptSecurityManager.cpp, line 1594] nsContentUtils::IsCallerChrome [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/content/base/src/nsContentUtils.cpp, line 921] PresShell::HandleEventInternal [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/layout/html/base/src/nsPresShell.cpp, line 6027] PresShell::HandleEvent [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/layout/html/base/src/nsPresShell.cpp, line 5921] nsViewManager::HandleEvent [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/view/src/nsViewManager.cpp, line 2280] nsViewManager::DispatchEvent [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/view/src/nsViewManager.cpp, line 2066] HandleEvent [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/view/src/nsView.cpp, line 77] nsWindow::DispatchEvent [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/widget/src/windows/nsWindow.cpp, line 1067] nsWindow::DispatchFocus [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/widget/src/windows/nsWindow.cpp, line 5451] nsWindow::ProcessMessage [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/widget/src/windows/nsWindow.cpp, line 4216] nsWindow::WindowProc [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/widget/src/windows/nsWindow.cpp, line 1349] USER32.dll + 0x8734 (0x77d18734) USER32.dll + 0x8816 (0x77d18816) USER32.dll + 0xb4c0 (0x77d1b4c0) USER32.dll + 0xb50c (0x77d1b50c) ntdll.dll + 0xeae3 (0x7c92eae3) USER32.dll + 0x9402 (0x77d19402) PeekKeyAndIMEMessage [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/widget/src/windows/nsAppShell.cpp, line 91] nsAppShell::Run [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/widget/src/windows/nsAppShell.cpp, line 128] nsAppShellService::Run [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/xpfe/appshell/src/nsAppShellService.cpp, line 495] main [d:/builds/tinderbox/Fx- Aviary1.0.1/WINNT_5.0_Depend/mozilla/browser/app/nsBrowserApp.cpp, line 58] kernel32.dll + 0x16d4f (0x7c816d4f)
Keywords: crash
Summary: crash if printing iframe of malformed declaration → crash if printing iframe of malformed declaration [@ JS_GetFrameFunctionObject]
Whiteboard: DUPEME
Version: unspecified → 1.0 Branch
Comment 3•19 years ago
|
||
stack appears to match bug 279678 (can't access URL cited in this bug) *** This bug has been marked as a duplicate of 279678 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Assignee | ||
Updated•13 years ago
|
Crash Signature: [@ JS_GetFrameFunctionObject]
You need to log in
before you can comment on or make changes to this bug.
Description
•