Closed
Bug 76453
Opened 23 years ago
Closed 23 years ago
crash If I hit the search button on that page.
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
mozilla0.9.1
People
(Reporter: Matti, Assigned: rods)
References
()
Details
(Keywords: crash, regression, top100, Whiteboard: 0.9 blocker?)
Attachments
(2 files)
using build 20010417.. (early CVS build). Go to the URL. Type something in the search (suchen) field at the right top corner. Hit "Finden" - crash A part of the Stack: nsXULElement::HandleDOMEvent(nsXULElement * const 0x02d5ecb8, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 3526 + 3 bytes nsXULElement::HandleDOMEvent(nsXULElement * const 0x02d5c248, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 3654 nsXULElement::HandleDOMEvent(nsXULElement * const 0x02d5c480, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 3654 nsXULElement::HandleDOMEvent(nsXULElement * const 0x02d5c5e0, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 3654 nsXULElement::HandleChromeEvent(nsXULElement * const 0x02d5c5f4, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 4630 + 39 bytes GlobalWindowImpl::HandleDOMEvent(GlobalWindowImpl * const 0x0368c000, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 568 nsDocument::HandleDOMEvent(nsDocument * const 0x04b1b8d8, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 2817 nsGenericElement::HandleDOMEvent(nsGenericElement * const 0x04b18580, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 1488 + 39 bytes nsGenericElement::HandleDOMEvent(nsGenericElement * const 0x039a1618, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 1486 nsGenericElement::HandleDOMEvent(nsGenericElement * const 0x03889720, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 1486 nsGenericElement::HandleDOMEvent(nsGenericElement * const 0x037f4578, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 1486 nsGenericElement::HandleDOMEvent(nsGenericElement * const 0x036db688, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 1486 nsGenericElement::HandleDOMEvent(nsGenericElement * const 0x036db6f0, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 1486 nsGenericElement::HandleDOMEvent(nsGenericElement * const 0x04a72278, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 4, nsEventStatus * 0x00034cd0) line 1486 nsGenericElement::HandleDOMEvent(nsGenericElement * const 0x04a725d8, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00034c10, unsigned int 1, nsEventStatus * 0x00034cd0) line 1486 nsHTMLFormElement::HandleDOMEvent(nsHTMLFormElement * const 0x04a725d8, nsIPresContext * 0x03773008, nsEvent * 0x00034ca4, nsIDOMEvent * * 0x00000000, unsigned int 1, nsEventStatus * 0x00034cd0) line 426 + 29 bytes nsHTMLFormElement::Submit(nsHTMLFormElement * const 0x04a72604) line 340 + 40 bytes HTMLFormElementSubmit(JSContext * 0x0368c190, JSObject * 0x03824d98, unsigned int 0, long * 0x039a5b90, long * 0x00034dd4) line 426 + 15 bytes js_Invoke(JSContext * 0x0368c190, unsigned int 0, unsigned int 0) line 813 + 23 bytes js_Interpret(JSContext * 0x0368c190, long * 0x00035b54) line 2706 + 15 bytes js_Invoke(JSContext * 0x0368c190, unsigned int 1, unsigned int 2) line 830 + 13 bytes js_InternalInvoke(JSContext * 0x0368c190, JSObject * 0x03824d98, long 59955784, unsigned int 0, unsigned int 1, long * 0x00035cec, long * 0x00035c7c) line 902 + 20 bytes JS_CallFunctionValue(JSContext * 0x0368c190, JSObject * 0x03824d98, long 59955784, unsigned int 1, long * 0x00035cec, long * 0x00035c7c) line 3334 + 31 bytes nsJSContext::CallEventHandler(nsJSContext * const 0x0368c128, void * 0x03824d98, void * 0x0392da48, unsigned int 1, void * 0x00035cec, int * 0x00035ce8, int 0) line 940 + 33 bytes nsJSEventListener::HandleEvent(nsIDOMEvent * 0x039e69dc) line 154 + 64 bytes
Reporter | ||
Comment 1•23 years ago
|
||
Comment 2•23 years ago
|
||
Confirming using today's moz bits on Win98, but this is Form Submission, reassigning to component owner.
Assignee: trudelle → rods
Status: UNCONFIRMED → NEW
Component: XP Toolkit/Widgets: XUL → Form Submission
Ever confirmed: true
QA Contact: jrgm → vladimire
Pls try the testcase. You'll find that it's not Form Submission's fault. Probably JavaScript-related.
Comment 5•23 years ago
|
||
Seeing this on Linux build 2001-04-17-08 too. Reading the JS, here's what's happening. The form has a onSubmit handler that does some parsing of the data in the form and unless it fits some _very_ narrow constraints calls form.submit() This gets us into an infinite recursion and eventually we just blow the runtime stack. For an even simpler testcase, try this: <form onsubmit="form.submit(); return false;"> So it would seem that the right thing is to prevent a form from being submitted from its own onsubmit handler... would that make sense? Certainly looks like form submission (or maybe event handling) to me... What NS4.x seems to be doing is completely bypassing the onsubmit handler if form.submit() is called inside the onsubmit handler.
OS: Windows 2000 → All
Reporter | ||
Comment 7•23 years ago
|
||
Another URL http://pages.ebay.com/catindex/computers.html hit search and boom. I think this should be fixed in moz0.9 !
Comment 8•23 years ago
|
||
Matti says "go to to Ebay/Computers and hit the search button, crash". Sounds like top100 to me. Asa: 0.9 blocker?
Keywords: top100
Whiteboard: 0.9 blocker?
Assignee | ||
Comment 10•23 years ago
|
||
This works fine for me on WinNT is this a Linux onloy bug?
Status: NEW → ASSIGNED
Assignee | ||
Updated•23 years ago
|
Target Milestone: --- → mozilla0.9.1
Reporter | ||
Comment 11•23 years ago
|
||
No, I use Win2k. I see thecrash with an new build (CVS updated ~20min). You can find me on IRC if you need some Info (Nick:Matti)
Comment 12•23 years ago
|
||
*** This bug has been marked as a duplicate of 76694 ***
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Updated•5 years ago
|
Component: HTML: Form Submission → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•