Closed Bug 671970 Opened 14 years ago Closed 14 years ago

Crash [@ nsPrintEngine::ReflowDocList] with frameset onbeforeprint window.print() in foreignObject

Categories

(Core :: Printing: Output, defect)

Product:
Core
Component:
Printing: Output
Platform:
x86
Windows 7
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: martijn.martijn, Unassigned)

Details

(Keywords: crash, testcase)

Crash Data

Attachments

(2 files)

testcase
201 bytes, application/xhtml+xml
Details
patch
1.96 KB, patch
roc
: review+
Details | Diff | Splinter Review
Attached file testcase
See testcase, sometimes it crashes directly when trying to print. Otherwise, you have to try it a few times. I think I've seen this crash happening before bug 307258 was fixed, but the fix for that bug seems to make it easier to trigger. https://crash-stats.mozilla.com/report/index/bp-619e8817-5bfd-457e-bd74-fb4462110715 0 xul.dll nsPrintEngine::ReflowDocList layout/printing/nsPrintEngine.cpp:1832 1 xul.dll nsPrintEngine::ReflowDocList layout/printing/nsPrintEngine.cpp:1865 2 xul.dll nsPrintEngine::SetupToPrintContent layout/printing/nsPrintEngine.cpp:1669 3 xul.dll nsPrintEngine::DocumentReadyForPrinting layout/printing/nsPrintEngine.cpp:1501 4 xul.dll nsPrintEngine::DoCommonPrint layout/printing/nsPrintEngine.cpp:736 5 xul.dll nsPrintEngine::CommonPrint layout/printing/nsPrintEngine.cpp:444 6 xul.dll nsPrintEngine::Print layout/printing/nsPrintEngine.cpp:759 7 xul.dll DocumentViewerImpl::Print layout/base/nsDocumentViewer.cpp:3680 8 xul.dll nsGlobalWindow::Print dom/base/nsGlobalWindow.cpp:5184 9 xul.dll nsGlobalWindow::Print dom/base/nsGlobalWindow.cpp:5149 10 xul.dll NS_InvokeByIndex_P xpcom/reflect/xptcall/src/md/win32/xptcinvoke.cpp:102 11 xul.dll XPC_WN_CallMethod js/src/xpconnect/src/xpcwrappednativejsops.cpp:1592 12 mozjs.dll CallCompiler::generateNativeStub js/src/methodjit/MonoIC.cpp:813 13 mozjs.dll js::mjit::ic::NativeCall js/src/methodjit/MonoIC.cpp:1031 14 mozjs.dll js::mjit::EnterMethodJIT js/src/methodjit/MethodJIT.cpp:686 15 mozjs.dll js::mjit::JaegerShot js/src/methodjit/MethodJIT.cpp:733 16 mozjs.dll js::RunScript js/src/jsinterp.cpp:610 17 mozjs.dll js::Invoke js/src/jsinterp.cpp:686 18 mozjs.dll js::ExternalInvoke js/src/jsinterp.cpp:805 19 mozjs.dll JS_CallFunctionValue js/src/jsapi.cpp:5055 20 xul.dll nsJSContext::CallEventHandler dom/base/nsJSEnvironment.cpp:1905
So far no luck with reproducing.
Attached patch patchSplinter Review
Martijn, does this help?
Yes, that seems to fix the crash. Thanks.
Comment on attachment 546301 [details] [diff] [review] patch This effectively brings back the null check we had before primary frame was moved to nsIContent.
Attachment #546301 - Flags: review?(roc)
Comment on attachment 546301 [details] [diff] [review] patch Review of attachment 546301 [details] [diff] [review]: -----------------------------------------------------------------
Attachment #546301 - Flags: review?(roc) → review+
http://hg.mozilla.org/mozilla-central/rev/819a2ffc4f0e
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: