Closed
Bug 31870
Opened 24 years ago
Closed 24 years ago
crash in JS_PushArguments() upon re-entering page with IFRAME
Categories
(Core :: Layout, defect, P1)
Tracking
()
VERIFIED
WORKSFORME
M16
People
(Reporter: msuencks, Assigned: travis)
References
()
Details
(Keywords: crash)
the following setup: go to a page with an IFRAME. then navigate "back" and then "forward" again. Mozilla will crash. the URL provides a small test case which however contains no Javascript at all. mozilla will crash wheter Javascript is enabled or not. here is also a gdb stack trace, hope it helps ! Program received signal SIGSEGV, Segmentation fault. 0x4042a295 in __DTOR_END__ () from /home/msuencks/Moz14/package/components/libnsappshell.so (gdb) bt #0 0x4042a295 in __DTOR_END__ () from /home/msuencks/Moz14/package/components/libnsappshell.so #1 0x40436038 in NSGetModule () from /home/msuencks/Moz14/package/components/libnsappshell.so #2 0x4042a8b0 in __DTOR_END__ () from /home/msuencks/Moz14/package/components/libnsappshell.so #3 0x4042b323 in __DTOR_END__ () from /home/msuencks/Moz14/package/components/libnsappshell.so #4 0x4019318c in nsWebShell::LoadURL () from /home/msuencks/Moz14/package/libraptorwebwidget.so #5 0x40190cf8 in nsWebShell::LoadURL () from /home/msuencks/Moz14/package/libraptorwebwidget.so #6 0x40191d93 in nsWebShell::LoadURI () from /home/msuencks/Moz14/package/libraptorwebwidget.so #7 0x40bec7ab in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #8 0x40b3831f in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #9 0x40beafe4 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #10 0x40b4f3f9 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #11 0x40b3220f in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #12 0x40b32067 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #13 0x40b31edd in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #14 0x40b31da7 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #15 0x40b30bec in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #16 0x40b30588 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #17 0x40b2f3b3 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #18 0x40b35a87 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #19 0x40b3180c in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #20 0x40b30943 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #21 0x40b30588 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #22 0x40b2f3b3 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #23 0x40b2cf9a in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #24 0x40b3831f in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #25 0x40b446e9 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #26 0x40b3831f in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #27 0x40b698b3 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #28 0x40b3831f in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #29 0x40b680a6 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #30 0x40b68235 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #31 0x40b670c4 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #32 0x40b3831f in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #33 0x40b665a4 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #34 0x40b45714 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #35 0x40b58f4b in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #36 0x40b56e8d in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #37 0x40b59d7b in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #38 0x40cc3cef in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #39 0x40be60de in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #40 0x40be0a8b in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #41 0x40bdc168 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #42 0x40bdda88 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtml.so #43 0x40dd08eb in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtmlpars.so #44 0x40dd101a in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtmlpars.so #45 0x40dd1118 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtmlpars.so #46 0x40dd1309 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtmlpars.so #47 0x40dcdd48 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtmlpars.so #48 0x40ddcd8c in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtmlpars.so #49 0x40ddd816 in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtmlpars.so #50 0x40dde03c in NSGetModule () from /home/msuencks/Moz14/package/components/libraptorhtmlpars.so #51 0x408734c2 in NSGetModule () from /home/msuencks/Moz14/package/components/liburiloader.so ---Type <return> to continue, or q <return> to quit--- #52 0x40ee1e62 in NSGetModule () from /home/msuencks/Moz14/package/components/libnecko_http.so #53 0x40ee44b4 in NSGetModule () from /home/msuencks/Moz14/package/components/libnecko_http.so #54 0x40f1867e in NSGetModule () from /home/msuencks/Moz14/package/components/libnecko_cache.so #55 0x408219fa in NSGetModule () from /home/msuencks/Moz14/package/components/libnecko.so #56 0x408214b0 in NSGetModule () from /home/msuencks/Moz14/package/components/libnecko.so #57 0x4010177b in PL_HandleEvent () from /home/msuencks/Moz14/package/libxpcom.so #58 0x401016b6 in PL_ProcessPendingEvents () from /home/msuencks/Moz14/package/libxpcom.so #59 0x40102378 in nsEventQueueImpl::ProcessPendingEvents () from /home/msuencks/Moz14/package/libxpcom.so #60 0x4047c2bf in nsAppShell::SetDispatchListener () from /home/msuencks/Moz14/package/libwidget_gtk.so #61 0x4047c08d in keysym2ucs () from /home/msuencks/Moz14/package/libwidget_gtk.so #62 0x40615568 in g_io_unix_dispatch () from /usr/lib/libglib-1.2.so.0 #63 0x40616df2 in g_main_dispatch () from /usr/lib/libglib-1.2.so.0 #64 0x4061745b in g_main_iterate () from /usr/lib/libglib-1.2.so.0 #65 0x40617611 in g_main_run () from /usr/lib/libglib-1.2.so.0 #66 0x4053dddb in gtk_main () from /usr/lib/libgtk-1.2.so.0 #67 0x4047c77a in nsAppShell::Run () from /home/msuencks/Moz14/package/libwidget_gtk.so #68 0x4041fa32 in __DTOR_END__ () from /home/msuencks/Moz14/package/components/libnsappshell.so #69 0x804af9c in JS_PushArguments () #70 0x804b2bc in JS_PushArguments () #71 0x402ee1eb in __libc_start_main (main=0x804b130 <JS_PushArguments+7344>, argc=1, argv=0xbffff024, init=0x8049190 <_init>, fini=0x804c0c0 <_fini>, rtld_fini=0x4000a610 <_dl_fini>, stack_end=0xbffff01c) at ../sysdeps/generic/libc-start.c:90 (gdb)
Comment 1•24 years ago
|
||
I see the crash on Linux with 2000-03-18-08. Confirm, adding crash keyword, reassigning to HTML Element.
Status: UNCONFIRMED → NEW
Component: Javascript Engine → HTML Element
Ever confirmed: true
Keywords: crash
I was just about to write that the bug has disappeared with the latest builds but with build 2000031909 it seems to be back again. here's a real site - click on any article on this site: http://www.theregister.co.uk/ there is a doubleClick Ad-Iframe in there. gdb traceback: Program received signal SIGSEGV, Segmentation fault. 0x40415047 in NSGetModule () from /home/msuencks/package/components/libnsappshell.so (gdb) bt #0 0x40415047 in NSGetModule () from /home/msuencks/package/components/libnsappshell.so #1 0x40415224 in NSGetModule () from /home/msuencks/package/components/libnsappshell.so #2 0x4041661d in NSGetModule () from /home/msuencks/package/components/libnsappshell.so #3 0x4019384c in nsWebShell::LoadURL () from /home/msuencks/package/libraptorwebwidget.so #4 0x401945ba in nsWebShell::HandleLinkClickEvent () from /home/msuencks/package/libraptorwebwidget.so #5 0x40194291 in nsWebShell::SetRendering () from /home/msuencks/package/libraptorwebwidget.so #6 0x401018cb in PL_HandleEvent () from /home/msuencks/package/libxpcom.so #7 0x40101806 in PL_ProcessPendingEvents () from /home/msuencks/package/libxpcom.so #8 0x401024c8 in nsEventQueueImpl::ProcessPendingEvents () from /home/msuencks/package/libxpcom.so #9 0x404644ef in nsAppShell::SetDispatchListener () from /home/msuencks/package/libwidget_gtk.so #10 0x404642bd in keysym2ucs () from /home/msuencks/package/libwidget_gtk.so #11 0x406c425a in g_io_unix_dispatch (source_data=0x8285f18, current_time=0xbfffee58, user_data=0x81fe378) at giounix.c:135 #12 0x406c5796 in g_main_dispatch (dispatch_time=0xbfffee58) at gmain.c:656 #13 0x406c5d51 in g_main_iterate (block=1, dispatch=1) at gmain.c:877 #14 0x406c5ec9 in g_main_run (loop=0x81fe2d0) at gmain.c:935 #15 0x4053360a in gtk_main () at gtkmain.c:476 #16 0x404649aa in nsAppShell::Run () from /home/msuencks/package/libwidget_gtk.so #17 0x4040acf2 in NSGetModule () from /home/msuencks/package/components/libnsappshell.so #18 0x804af9c in JS_PushArguments () #19 0x804b2bc in JS_PushArguments () #20 0x402ed1eb in __libc_start_main (main=0x804b130 <JS_PushArguments+7344>, argc=1, argv=0xbffff034, init=0x8049190 <_init>, fini=0x804c0a0 <_fini>, rtld_fini=0x4000a610 <_dl_fini>, stack_end=0xbffff02c) at ../sysdeps/generic/libc-start.c:90
Travis -- is this related to your recent webshell changes?
Assignee: rickg → travis
Comment 7•24 years ago
|
||
I believe it's the Disk Cache. I saw the crash in www.mozillazine.org, ran with gdb, and saw the same kind of trace (begginning at JS_PushArguments followed by lots of NsGetModule). Disabling the Disk Cache (in Debug) made the crash go away.
Comment 8•24 years ago
|
||
Forgot to say, mine is 2000041915
Comment 9•24 years ago
|
||
I can't reproduce anything mentioned in this bug on PC/Linux with build 2000042809. Recommend WORKSFORME. msuencks@marcant.de: Are you still seeing this on a recent build? cesarb@dcc.ufrj.br: It is likely that your crash is something different because there are lots of stack traces that start with "JS_PushArguments" right after "main". If it is not exactly "re-entering page with IFRAME" what makes you crash, could you please open a separate bug with a detailed description how to reproduce? Speaking for myself, I prefer the Bug Helper http://www.mozilla.org/quality/help/bug-form.html for reporting new bugs because it always reminds me of something I would have forgotten otherwise. It will also help if you attach the stack trace to the bug. Adding you and me to the CC list of this bug.
Reporter | ||
Comment 10•24 years ago
|
||
I test build 2000042809: the reported crash does not occur anymore ! (maybe it disappeared earlier)
Comment 11•24 years ago
|
||
Marking WORKSFORME then, based on reporter's statement.
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → WORKSFORME
SPAM. HTML Element component is deprecated, changing to Layout component. See bug 88132 for details.
Come on Bugzilla, you can do it...
Component: HTML Element → Layout
You need to log in
before you can comment on or make changes to this bug.
Description
•