Closed Bug 671970 Opened 13 years ago Closed 13 years ago

Crash [@ nsPrintEngine::ReflowDocList] with frameset onbeforeprint window.print() in foreignObject

Categories

(Core :: Printing: Output, defect)

Product:
Core
Component:
Printing: Output
Platform:
x86
Windows 7
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: martijn.martijn, Unassigned)

Details

(Keywords: crash, testcase)

Crash Data

Attachments

(2 files)

testcase
201 bytes, application/xhtml+xml
Details
patch
1.96 KB, patch
roc
: review+
Details | Diff | Splinter Review
Attached file testcase 
See testcase, sometimes it crashes directly when trying to print. Otherwise, you have to try it a few times.

I think I've seen this crash happening before bug 307258 was fixed, but the fix for that bug seems to make it easier to trigger.

https://crash-stats.mozilla.com/report/index/bp-619e8817-5bfd-457e-bd74-fb4462110715
0 	xul.dll 	nsPrintEngine::ReflowDocList 	layout/printing/nsPrintEngine.cpp:1832
1 	xul.dll 	nsPrintEngine::ReflowDocList 	layout/printing/nsPrintEngine.cpp:1865
2 	xul.dll 	nsPrintEngine::SetupToPrintContent 	layout/printing/nsPrintEngine.cpp:1669
3 	xul.dll 	nsPrintEngine::DocumentReadyForPrinting 	layout/printing/nsPrintEngine.cpp:1501
4 	xul.dll 	nsPrintEngine::DoCommonPrint 	layout/printing/nsPrintEngine.cpp:736
5 	xul.dll 	nsPrintEngine::CommonPrint 	layout/printing/nsPrintEngine.cpp:444
6 	xul.dll 	nsPrintEngine::Print 	layout/printing/nsPrintEngine.cpp:759
7 	xul.dll 	DocumentViewerImpl::Print 	layout/base/nsDocumentViewer.cpp:3680
8 	xul.dll 	nsGlobalWindow::Print 	dom/base/nsGlobalWindow.cpp:5184
9 	xul.dll 	nsGlobalWindow::Print 	dom/base/nsGlobalWindow.cpp:5149
10 	xul.dll 	NS_InvokeByIndex_P 	xpcom/reflect/xptcall/src/md/win32/xptcinvoke.cpp:102
11 	xul.dll 	XPC_WN_CallMethod 	js/src/xpconnect/src/xpcwrappednativejsops.cpp:1592
12 	mozjs.dll 	CallCompiler::generateNativeStub 	js/src/methodjit/MonoIC.cpp:813
13 	mozjs.dll 	js::mjit::ic::NativeCall 	js/src/methodjit/MonoIC.cpp:1031
14 	mozjs.dll 	js::mjit::EnterMethodJIT 	js/src/methodjit/MethodJIT.cpp:686
15 	mozjs.dll 	js::mjit::JaegerShot 	js/src/methodjit/MethodJIT.cpp:733
16 	mozjs.dll 	js::RunScript 	js/src/jsinterp.cpp:610
17 	mozjs.dll 	js::Invoke 	js/src/jsinterp.cpp:686
18 	mozjs.dll 	js::ExternalInvoke 	js/src/jsinterp.cpp:805
19 	mozjs.dll 	JS_CallFunctionValue 	js/src/jsapi.cpp:5055
20 	xul.dll 	nsJSContext::CallEventHandler 	dom/base/nsJSEnvironment.cpp:1905
So far no luck with reproducing.
Attached patch patchSplinter Review 
Martijn, does this help?
Yes, that seems to fix the crash. Thanks.
Comment on attachment 546301 [details] [diff] [review]
patch

This effectively brings back the null check we had before primary frame was
moved to nsIContent.
Attachment #546301 - Flags: review?(roc)
Comment on attachment 546301 [details] [diff] [review]
patch

Review of attachment 546301 [details] [diff] [review]:
-----------------------------------------------------------------
Attachment #546301 - Flags: review?(roc) → review+
http://hg.mozilla.org/mozilla-central/rev/819a2ffc4f0e
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: