This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
First Last Prev Next    This bug is not in your last search results.
Bug 442023 - Firefox crashes in nsPresContext::GetViewManager
Firefox crashes in nsPresContext::GetViewManager
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: firefox (Show other bugs)
5.1
i386 Linux
high Severity high
: rc
: ---
Assigned To: Martin Stransky
desktop-bugs@redhat.com
:
Depends On: 433823
Blocks:
  Show dependency treegraph
 
Reported: 2008-04-11 07:33 EDT by Martin Stransky
Modified: 2008-05-06 02:58 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-06 02:58:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Martin Stransky 2008-04-11 07:33:46 EDT 
I found a web page that crashes firefox 100% of the time:
http://www.worldtimeserver.com/convert_time_in_US-MN.aspx

Sometimes just visiting that page will crash it, but if you choose a country on
the right (I've been choosing UTC), firefox will crash.  Looking at the bt, it's
similar to crashes I get in less reproduceable scenarios.  I tested multiple
systems with freshly created users and they all crash.  I removed all plugins
from the systems as well.

I've tested the current firefox (firefox-1.5.0.12-14.el5_1) and the debug
edition posted here (referenced in comment 57).  They both crash on that page.

It does not affect Firefox 3.

BT:

#0  0x00002aaab3f49aca in nsIPresShell::GetViewManager (this=0x0) at
../../../../../base/nsIPresShell.h:179
#1  0x00002aaab3f49bb1 in nsPresContext::GetViewManager (this=0x1e50250) at
../../../../../base/nsPresContext.h:170
#2  0x00002aaab430f4f5 in nsGlobalWindow::GetScrollInfo (this=0x1c7df60,
aScrollableView=0x7fff89b824e0, 
    aP2T=0x7fff89b824dc, aT2P=0x7fff89b824d8) at nsGlobalWindow.cpp:6953
#3  0x00002aaab4312cb4 in nsGlobalWindow::ScrollTo (this=0x1c7df60, aXScroll=0,
aYScroll=0) at nsGlobalWindow.cpp:3951
#4  0x00002aaaab065ea5 in XPTC_InvokeByIndex (that=0x1c7df60, methodIndex=14,
paramCount=2, params=0x7fff89b826e0)
    at xptcinvoke_x86_64_linux.cpp:209
#5  0x00002aaab2c1e5f2 in XPCWrappedNative::CallMethod (ccx=@0x7fff89b82b00,
mode=XPCWrappedNative::CALL_METHOD)
    at xpcwrappednative.cpp:2156
#6  0x00002aaab2c2a04f in XPC_WN_CallMethod (cx=0x1c86090, obj=0x1ecda40,
argc=2, argv=0x1c587a0, vp=0x7fff89b82cf0)
    at xpcwrappednativejsops.cpp:1451
#7  0x00002aaaaab0311d in js_Invoke (cx=0x1c86090, argc=2, flags=0) at
jsinterp.c:1175
#8  0x00002aaaaab118ac in js_Interpret (cx=0x1c86090, pc=0x1b6a3ba ":",
result=0x7fff89b83b38) at jsinterp.c:3599
#9  0x00002aaaaab0318e in js_Invoke (cx=0x1c86090, argc=1, flags=2) at
jsinterp.c:1195
#10 0x00002aaaaab03507 in js_InternalInvoke (cx=0x1c86090, obj=0x1f3af20,
fval=32753488, flags=0, argc=1, 
    argv=0x7fff89b84090, rval=0x7fff89b84070) at jsinterp.c:1272
#11 0x00002aaaaaac956b in JS_CallFunctionValue (cx=0x1c86090, obj=0x1f3af20,
fval=32753488, argc=1, argv=0x7fff89b84090, 
    rval=0x7fff89b84070) at jsapi.c:4191
#12 0x00002aaab4307e74 in nsJSContext::CallEventHandler (this=0x1ab19a0,
aTarget=0x1f3af20, aHandler=0x1f3c750, argc=1, 
    argv=0x7fff89b84090, rval=0x7fff89b84070) at nsJSEnvironment.cpp:1456
#13 0x00002aaab435b3ad in nsJSEventListener::HandleEvent (this=0x1e0d0f0,
aEvent=0x1e9be10) at nsJSEventListener.cpp:186
#14 0x00002aaab41e5c2a in nsEventListenerManager::HandleEventSubType
(this=0x1c0f590, aListenerStruct=0x1d3a330, 
    aDOMEvent=0x1e9be10, aCurrentTarget=0x1c7dfb8, aSubType=1, aPhaseFlags=7) at
nsEventListenerManager.cpp:1687
#15 0x00002aaab41e674b in nsEventListenerManager::HandleEvent (this=0x1c0f590,
aPresContext=0x1e50250, 
    aEvent=0x7fff89b845c0, aDOMEvent=0x7fff89b84570, aCurrentTarget=0x1c7dfb8,
aFlags=7, aEventStatus=0x7fff89b84638)
    at nsEventListenerManager.cpp:1788
#16 0x00002aaab4315859 in nsGlobalWindow::HandleDOMEvent (this=0x1a75df0,
aPresContext=0x1e50250, aEvent=0x7fff89b845c0, 
    aDOMEvent=0x7fff89b84570, aFlags=7, aEventStatus=0x7fff89b84638) at
nsGlobalWindow.cpp:1636
#17 0x00002aaab3f6ca91 in DocumentViewerImpl::LoadComplete (this=0x13a1990,
aStatus=0) at nsDocumentViewer.cpp:1013
#18 0x00002aaab7092987 in nsDocShell::EndPageLoad (this=0x1c7dc60,
aProgress=0x1c7dc88, aChannel=0x1e9caa8, aStatus=0)
    at nsDocShell.cpp:4894
#19 0x00002aaab70ab15b in nsWebShell::EndPageLoad (this=0x1c7dc60,
aProgress=0x1c7dc88, channel=0x1e9caa8, aStatus=0)
    at nsWebShell.cpp:667
#20 0x00002aaab7095151 in nsDocShell::OnStateChange (this=0x1c7dc60,
aProgress=0x1c7dc88, aRequest=0x1e9caa8, 
    aStateFlags=131088, aStatus=0) at nsDocShell.cpp:4820
#21 0x00002aaab70ba4d3 in nsDocLoader::FireOnStateChange (this=0x1c7dc60,
aProgress=0x1c7dc88, aRequest=0x1e9caa8, 
    aStateFlags=131088, aStatus=0) at nsDocLoader.cpp:1210
#22 0x00002aaab70ba55d in nsDocLoader::doStopDocumentLoad (this=0x1c7dc60,
request=0x1e9caa8, aStatus=0)
    at nsDocLoader.cpp:833
#23 0x00002aaab70bb7a1 in nsDocLoader::DocLoaderIsEmpty (this=0x1c7dc60) at
nsDocLoader.cpp:739
Comment 1 Martin Stransky 2008-04-11 07:36:42 EDT 
Can be reproduced with 1.5.0.12-15.
Comment 2 Martin Stransky 2008-05-06 02:58:56 EDT 
Will be fixed in RHEL_5.2. No update for 1.5 line.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.