Closed
Bug 318415
Opened 19 years ago
Closed 19 years ago
after any search on www.noxtrum.com page, camino 1.0b1 and Firefox 1.5 crash
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
VERIFIED
DUPLICATE
of bug 315509
People
(Reporter: cgbraschi, Unassigned)
References
()
Details
(Keywords: crash, regression)
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8) Gecko/20051107 Camino/1.0b1 Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8) Gecko/20051107 Camino/1.0b1 Camion should not crash on any common circumstance (Safari does not crash on this) Reproducible: Always Steps to Reproduce: 1. Open http://www.noxtrum.com/ 2. enter any keyword and press enter 3. Camino crashes Actual Results: crash Expected Results: Results from search TB12441289G is related to this crash (although is a Firefox crash, I can't reproduce a camino one without interrupting this helper).
|
||
Updated•19 years ago
|
Keywords: crash,
talkbackid
|
Reporter | |
Comment 1•19 years ago
|
||
Other Talkbackid: TB12441545W
|
||
Comment 2•19 years ago
|
||
*** Bug 318548 has been marked as a duplicate of this bug. ***
|
|
||
Comment 3•19 years ago
|
||
confirming on several setups, crashes on Firefow Windows as well. Asking to be a blocker for the next release. This is a regression bug, works fine with Firefox 1.0
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: blocking1.8.1?
Flags: blocking1.8.0.1?
Keywords: regression
OS: MacOS X → All
Product: Camino → Firefox
Hardware: Macintosh → All
Version: unspecified → 1.5 Branch
|
||
Comment 4•19 years ago
|
||
A JS bug. (As NoScript or suitable Adblock filter will save from crashing.)
|
||
Comment 5•19 years ago
|
||
FF trunk is not affected. Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.9a1) Gecko/20051130 Firefox/1.6a1 ID:2005113005
|
||
Comment 6•19 years ago
|
||
Stack Signature js_DeleteProperty() 9601103a Product ID Firefox15 Build ID 2005111116 Trigger Time 2005-11-30 14:08:48.0 Platform MacOSX Operating System Darwin 8.3.0 Module libmozjs.dylib.1.0.0 + (00042fd0) URL visited http://www.noxtrum.com/ Trigger Reason SIGSEGV: Segmentation Violation: (signal 11) Source File, Line No. mozilla/js/src/jsobj.c, line 3215 Stack Trace js_DeleteProperty() [mozilla/js/src/jsobj.c, line 3215] js_DeleteProperty() [mozilla/js/src/jsobj.c, line 3199] js_Invoke() [mozilla/js/src/jsinterp.c, line 1177] js_Interpret() [mozilla/js/src/jsinterp.c, line 3526] js_Invoke() [mozilla/js/src/jsinterp.c, line 1197] js_InternalInvoke() [mozilla/js/src/jsinterp.c, line 1275] JS_CallFunctionValue() [mozilla/js/src/jsapi.c, line 4159] nsJSContext::CallEventHandler() [mozilla/dom/src/base/nsJSEnvironment.cpp, line 1413] nsJSEventListener::HandleEvent() nsEventListenerManager::HandleEventSubType() [mozilla/content/events/src/nsEventListenerManager.cpp, line 848] nsEventListenerManager::HandleEvent() [mozilla/content/events/src/nsEventListenerManager.cpp, line 1766] nsGenericElement::HandleDOMEvent() nsHTMLFormElement::HandleDOMEvent() [mozilla/content/html/content/src/nsHTMLFormElement.cpp, line 708] PresShell::HandleDOMEventWithTarget() nsHTMLInputElement::HandleDOMEvent() [mozilla/content/html/content/src/nsHTMLInputElement.cpp, line 255] PresShell::HandleDOMEventWithTarget() nsHTMLInputElement::MaybeSubmitForm() [mozilla/content/html/content/src/nsHTMLInputElement.cpp, line 842] nsHTMLInputElement::HandleDOMEvent() [mozilla/content/html/content/src/nsHTMLInputElement.cpp, line 1617] PresShell::HandleEventInternal() PresShell::HandleEvent() nsViewManager::HandleEvent() [mozilla/view/src/nsViewManager.cpp, line 2514] nsViewManager::DispatchEvent() [mozilla/view/src/nsViewManager.cpp, line 2246] HandleEvent() [mozilla/view/src/nsView.cpp, line 175] nsWindow::DispatchEvent() [mozilla/widget/src/mac/nsWindow.cpp, line 1809] nsWindow::DispatchWindowEvent() [mozilla/widget/src/mac/nsWindow.cpp, line 1825] nsMacEventHandler::HandleUKeyEvent()
Assignee: mikepinkerton → general
Component: General → JavaScript Engine
Keywords: talkbackid
Product: Firefox → Core
QA Contact: general
Version: 1.5 Branch → 1.8 Branch
|
|
||
Comment 7•19 years ago
|
||
*** Bug 318541 has been marked as a duplicate of this bug. ***
|
|
||
Comment 8•19 years ago
|
||
The fix for bug 315509 still needs to get checked into branch. :( *** This bug has been marked as a duplicate of 315509 ***
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
|
||
Comment 9•19 years ago
|
||
I checked the source, and http://www.noxtrum.com//javascript/cestel.queue.js indeed uses unshift. Note to talkback signature gurus: the stack fails to show array_unshift between js_Invoke and js_DeleteProperty, instead calling that frame js_DeleteProperty and giving the line number of the opening brace of that function. Not sure why, but there it is. /be
Status: RESOLVED → VERIFIED
|
|
||
Updated•19 years ago
|
Flags: blocking1.8.1?
Flags: blocking1.8.0.1?
You need to log in
before you can comment on or make changes to this bug.
Description
•