Closed Bug 37178 Opened 25 years ago Closed 25 years ago

Crash in nsScanner::~nsScanner when visiting Japanese web pages

Categories

(Core :: DOM: HTML Parser, defect, P3)

Product:
Core
Component:
DOM: HTML Parser
Platform:
x86
Linux
Type:
defect

Tracking

()

Status:
VERIFIED WORKSFORME

People

(Reporter: cks+mozilla, Assigned: rickg)

References

(
URL
)

Details

(Keywords: crash)

Build ID: 2000042512 When I visit a Japanese web page (any Japanese web page; http://www.asahi.com or http://cnn.co.jp/ or one of the http://www.debian.org/ web pages in Japanese all do it, as well as the listed URL) Mozilla crashes in libraptorhtml at nsScanner::~nsScanner. This appears due to a recent change, since build ID 2000042416 works fine. Stack backtrace from a current CVS build in gdb: (gdb) where #0 0x40db3d43 in nsScanner::~nsScanner () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #1 0x40db1ab4 in CParserContext::~CParserContext () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #2 0x40daf7c1 in nsParser::~nsParser () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #3 0x40daf840 in nsParser::Release () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #4 0x40b7b6c1 in HTMLContentSink::~HTMLContentSink () from /scratch/mozilla/dist/bin/components/libraptorhtml.so #5 0x40b7b947 in HTMLContentSink::Release () from /scratch/mozilla/dist/bin/components/libraptorhtml.so #6 0x40d9f6b9 in CNavDTD::~CNavDTD () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #7 0x40d9f3c0 in CNavDTD::Release () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #8 0x40db1ae8 in CParserContext::~CParserContext () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #9 0x40daf7c1 in nsParser::~nsParser () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #10 0x40daf840 in nsParser::Release () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #11 0x40b7c0e3 in HTMLContentSink::DidBuildModel () ---Type <return> to continue, or q <return> to quit--- from /scratch/mozilla/dist/bin/components/libraptorhtml.so #12 0x40d9febe in CNavDTD::DidBuildModel () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #13 0x40daff75 in nsParser::DidBuildModel () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #14 0x40db0ae5 in nsParser::ResumeParse () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #15 0x40db13b6 in nsParser::OnDataAvailable () from /scratch/mozilla/dist/bin/components/libraptorhtmlpars.so #16 0x40897d6b in nsDocumentOpenInfo::OnDataAvailable () from /scratch/mozilla/dist/bin/components/liburiloader.so #17 0x40d616f1 in nsHTTPFinalListener::OnDataAvailable () from /scratch/mozilla/dist/bin/components/libnecko_http.so #18 0x41144d35 in InterceptStreamListener::OnDataAvailable () from /scratch/mozilla/dist/bin/components/libnecko_cache.so #19 0x40d60785 in nsHTTPServerListener::OnDataAvailable () from /scratch/mozilla/dist/bin/components/libnecko_http.so #20 0x4082969c in nsOnDataAvailableEvent::HandleEvent () from /scratch/mozilla/dist/bin/components/libnecko.so #21 0x40828f38 in nsStreamListenerEvent::HandlePLEvent () from /scratch/mozilla/dist/bin/components/libnecko.so #22 0x40110a06 in PL_HandleEvent () from /scratch/mozilla/dist/bin/libxpcom.so #23 0x40110936 in PL_ProcessPendingEvents () ---Type <return> to continue, or q <return> to quit--- from /scratch/mozilla/dist/bin/libxpcom.so #24 0x401116da in nsEventQueueImpl::ProcessPendingEvents () from /scratch/mozilla/dist/bin/libxpcom.so #25 0x404cd24e in event_processor_callback () from /scratch/mozilla/dist/bin/libwidget_gtk.so #26 0x404ccff2 in our_gdk_io_invoke () from /scratch/mozilla/dist/bin/libwidget_gtk.so #27 0x40665aca in g_io_unix_dispatch () from /usr/lib/libglib-1.2.so.0 #28 0x40667186 in g_main_dispatch () from /usr/lib/libglib-1.2.so.0 #29 0x40667751 in g_main_iterate () from /usr/lib/libglib-1.2.so.0 #30 0x406678f1 in g_main_run () from /usr/lib/libglib-1.2.so.0 #31 0x4058f5b9 in gtk_main () from /usr/lib/libgtk-1.2.so.0 #32 0x404cd72d in nsAppShell::Run () from /scratch/mozilla/dist/bin/libwidget_gtk.so #33 0x4038262d in nsAppShellService::Run () from /scratch/mozilla/dist/bin/components/libnsappshell.so #34 0x804af92 in main1 () #35 0x804b2ce in main () #36 0x402449cb in __libc_start_main (main=0x804b138 <main>, argc=2, argv=0xbfffe934, init=0x8049128 <_init>, fini=0x804c060 <_fini>, rtld_fini=0x4000ae60 <_dl_fini>, stack_end=0xbfffe92c) at ../sysdeps/generic/libc-start.c:92 (gdb)
Changing component to Parser
Assignee: troy → rickg
Component: Layout → Parser
QA Contact: petersen → janc
Blocks: 30243
Adding crash keyword.
Keywords: crash
This crash (with a backtrace that seems to be quite the same) also occured in bug 30243 (see dependency). CC'ing reporter & QA of that bug, and myself. I could reproduce this on PC/Linux with exacly the same build: 2000042512. However, this does not seem to occur with any other build. Especially both 2000042416 and 2000042518 builds do not show this. Also, build 2000042609 works fine. There were quite a lot of changes in htmlparser checked in on 4/25, so I assume that this has been fixed. Marking WORKSFORME. Please reopen if you think this needs further investigation.
Status: UNCONFIRMED → RESOLVED
Closed: 25 years ago
Resolution: --- → WORKSFORME
Verified worksforme.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.