Closed
Bug 459663
Opened 16 years ago
Closed 16 years ago
Crash [@ nsEventDispatcher::Dispatch] when doing window.print() on a deleted window
Categories
(Core :: Layout, defect)
Tracking
()
VERIFIED
FIXED
People
(Reporter: martijn.martijn, Assigned: smaug)
Details
(Keywords: crash, regression, testcase)
Crash Data
Attachments
(2 files, 1 obsolete file)
358 bytes,
text/html
|
Details | |
1.02 KB,
patch
|
Details | Diff | Splinter Review |
This crash doesn't occur in Firefox 3, but since this is related to the problem of bug 424377, I'm marking this security sensitive. (and because this is a regression from Firefox 3, I'm filing this bug at all). See testcase, a print dialog comes up, click on "Ok". Result: crash http://crash-stats.mozilla.com/report/index/b476dd45-9926-11dd-839f-0013211cbf8a?p=1 0 xul.dll nsEventDispatcher::Dispatch content/events/src/nsEventDispatcher.cpp:438 1 xul.dll nsPresContext::FireDOMPaintEvent layout/base/nsPresContext.cpp:1628 2 xul.dll nsRunnableMethod<nsBindingManager>::Run obj-firefox/dist/include/xpcom/nsThreadUtils.h:264 3 xul.dll nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:510 4 xul.dll NS_ProcessNextEvent_P obj-firefox/xpcom/build/nsThreadUtils.cpp:227 5 xul.dll xul.dll@0x337270 6 xul.dll NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/win32/xptcinvoke.cpp:101 7 xul.dll XPCWrappedNative::CallMethod js/src/xpconnect/src/xpcwrappednative.cpp:2405 Looking at the stack, I guess this might be a regresion from bug 450930.
Reporter | ||
Comment 1•16 years ago
|
||
Assignee | ||
Comment 2•16 years ago
|
||
Assignee: nobody → Olli.Pettay
Assignee | ||
Updated•16 years ago
|
Attachment #342872 -
Flags: superreview?(roc)
Attachment #342872 -
Flags: review?(roc)
Assignee | ||
Comment 3•16 years ago
|
||
Comment on attachment 342872 [details] [diff] [review] add some needed null checks Why I didn't ask review for this?
The ourWindow check is now redundant, I checked in an early-exit if ourWindow is null. The eventTarget check can be hoisted to just after "eventTarget = ourWindow->GetChromeEventHandler();". r+sr with that.
Assignee | ||
Comment 5•16 years ago
|
||
Attachment #342872 -
Attachment is obsolete: true
Attachment #342872 -
Flags: superreview?(roc)
Attachment #342872 -
Flags: review?(roc)
Assignee | ||
Updated•16 years ago
|
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 6•16 years ago
|
||
Verified fixed, using: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b2pre) Gecko/20081020 Minefield/3.1b2pre
Status: RESOLVED → VERIFIED
Updated•13 years ago
|
Crash Signature: [@ nsEventDispatcher::Dispatch]
Updated•9 years ago
|
Group: core-security → core-security-release
Updated•9 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•