Closed Bug 59070 Opened 25 years ago Closed 25 years ago

crash on an embedded object in a div if we are in strict layout mode

Categories

(Core :: Layout, defect, P1)

Product:
Core
Component:
Layout
Platform:
x86
All
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 59426

People

(Reporter: cesarb, Assigned: waterson)

References

(
URL
)

Details

(Keywords: crash, testcase)

Attachments

(2 files)

testcase (crashes)
315 bytes, text/html
Details
testcase, no html4 strict, no crash
223 bytes, text/html
Details
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux 2.2.17 i686; en-US; m18) Gecko/20001103 BuildID: 2000110308 Loading the page causes a crash. Reproducible: Always Steps to Reproduce: Open the page Actual Results: Mozilla is killed by SIGSEGV Expected Results: Not crashed I have no idea if this makes any difference, but mozilla is configured to ask before loading any image (it was saved before the first crash by "don't ask me this again", so it didn't ask the next four times). The stack trace is: Program received signal SIGSEGV, Segmentation fault. 0x40bdd9e0 in NSGetModule () from /home/cesarb/mozilla/components/libgklayout.so (gdb) where #0 0x40bdd9e0 in NSGetModule () from /home/cesarb/mozilla/components/libgklayout.so #1 0x40cf1e01 in NSGetModule () from /home/cesarb/mozilla/components/libgklayout.so #2 0x40d08165 in NSGetModule () from /home/cesarb/mozilla/components/libgklayout.so #3 0x40d042fa in NSGetModule () from /home/cesarb/mozilla/components/libgklayout.so #4 0x40e03192 in NSGetModule () from /home/cesarb/mozilla/components/libgklayout.so #5 0x40bd79e9 in NSGetModule () from /home/cesarb/mozilla/components/libgklayout.so #6 0x400c29b3 in PL_HandleEvent () from /home/cesarb/mozilla/libxpcom.so #7 0x400c28d6 in PL_ProcessPendingEvents () from /home/cesarb/mozilla/libxpcom.so #8 0x400c362d in nsEventQueueImpl::ProcessPendingEvents () from /home/cesarb/mozilla/libxpcom.so #9 0x40484e0f in NSGetModule () from /home/cesarb/mozilla/components/libwidget_gtk.so #10 0x40484bcd in NSGetModule () from /home/cesarb/mozilla/components/libwidget_gtk.so #11 0x40628c10 in g_io_add_watch () from /usr/lib/libglib-1.2.so.0 #12 0x4062a2d9 in g_get_current_time () from /usr/lib/libglib-1.2.so.0 ---Type <return> to continue, or q <return> to quit--- #13 0x4062a8e3 in g_get_current_time () from /usr/lib/libglib-1.2.so.0 #14 0x4062aa7c in g_main_run () from /usr/lib/libglib-1.2.so.0 #15 0x4054dd97 in gtk_main () from /usr/lib/libgtk-1.2.so.0 #16 0x404852fc in NSGetModule () from /home/cesarb/mozilla/components/libwidget_gtk.so #17 0x4043196a in inflate_mask () from /home/cesarb/mozilla/components/libnsappshell.so #18 0x804e197 in JS_PushArguments () #19 0x804e715 in JS_PushArguments () #20 0x4025aa52 in __libc_start_main () from /lib/libc.so.6
WFM Linux 11/03 build. I don't have mozilla configured to ask before loading any page.
TB# 20360374G
I see this crash on WIN2k, build 2000110120. I don't have mozilla configured to ask before loading any image. 100% reproducible. I want to change OS to all, but I can´t :-(
os all, crash on embedded object in a div in strict mode. Over to layout, cc harishd as this could be a parser issue (strict mode)
Assignee: asa → clayton
Status: UNCONFIRMED → NEW
Component: Browser-General → Layout
Ever confirmed: true
Keywords: crash, mozilla0.9
OS: Linux → All
QA Contact: doronr → petersen
Summary: Crash while loading page → crash on an embedded object in a div if we are in strict mode
Attached file testcase (crashes)
Keywords: testcase
Parser does not distinguish between strict and non-strict documents anymore ( since strict DTD was pulled out ). The problem happens in the strict *layout* mode...and therefore is a layout issue. Updating summary to reflect that..
Summary: crash on an embedded object in a div if we are in strict mode → crash on an embedded object in a div if we are in strict layout mode
Adding Andrei just in case it was plugins related... But based on harishd's comment, handing over to buster.
Assignee: clayton → buster
Status: NEW → ASSIGNED
Priority: P3 → P1
looks like another instance of the bug you've already got, chris
Assignee: buster → waterson
Status: ASSIGNED → NEW
nsHTMLContainerFrame::ReparentFrameViewList(nsIPresContext * 0x037c4820, nsIFrame * 0x00eb6f94, nsIFrame * 0x00eb6c10, nsIFrame * 0x00000000) line 356 + 38 bytes MoveChildrenTo(nsIPresContext * 0x037c4820, nsIStyleContext * 0x03423a50, nsIFrame * 0x00eb7040, nsIFrame * 0x00eb6f94) line 432 + 21 bytes nsCSSFrameConstructor::SplitToContainingBlock(nsIPresContext * 0x037c4820, nsFrameConstructorState & {...}, nsIFrame * 0x00eb6ce0, nsIFrame * 0x00eb6e78, nsIFrame * 0x00eb6f94, nsIFrame * 0x00eb7008, int 0) line 13140 + 26 bytes nsCSSFrameConstructor::CantRenderReplacedElement(nsCSSFrameConstructor * const 0x037d73e0, nsIPresShell * 0x037d4a00, nsIPresContext * 0x037c4820, nsIFrame * 0x00eb6ce0) line 10737 StyleSetImpl::CantRenderReplacedElement(StyleSetImpl * const 0x037d2790, nsIPresContext * 0x037c4820, nsIFrame * 0x00eb6ce0) line 1247 + 35 bytes FrameManager::HandlePLEvent(CantRenderReplacedElementEvent * 0x03548420) line 917 PL_HandleEvent(PLEvent * 0x03548420) line 576 + 10 bytes PL_ProcessPendingEvents(PLEventQueue * 0x00fb7c30) line 509 + 9 bytes _md_EventReceiverProc(HWND__ * 0x00000c90, unsigned int 59696, unsigned int 0, long 16481328) line 1054 + 9 bytes KERNEL32! bff63613() KERNEL32! bff848f7() 007b8a32() dup of topcrash *** This bug has been marked as a duplicate of 59426 ***
Status: NEW → RESOLVED
Closed: 25 years ago
Resolution: --- → DUPLICATE
Blocks: robin's
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: