Closed
Bug 129002
Opened 23 years ago
Closed 23 years ago
[FIX]crashed when clicking on select box in [@BinarySearchForPosition][@nsRenderingContextPS::GetWidth]
Categories
(Core :: Print Preview, defect, P1)
Tracking
()
VERIFIED
FIXED
mozilla1.0
People
(Reporter: alan, Assigned: rods)
References
Details
(Keywords: crash)
Crash Data
Attachments
(2 files)
(deleted),
text/html
|
Details | |
(deleted),
patch
|
dcone
:
review+
attinasi
:
superreview+
jud
:
approval+
|
Details | Diff | Splinter Review |
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.9+) Gecko/20020304
BuildID:
mozilla crashed when clicking on select box in print preview.
Reproducible: Always
Steps to Reproduce:
1.open testcase
2.click on select box
3.see the lizard crash into your computer.
Actual Results: crash
Expected Results: doesn't crash and does nothing
Reporter | ||
Comment 1•23 years ago
|
||
attached testcase for crash.
Incident ID: TB3653408Z
and ... may be this crash is related to the patch of bug 120745 ?
Comment 2•23 years ago
|
||
From URL: 2002030421 (entered by reporter)
URL: http://2002030421
Keywords: crash
Reporter | ||
Comment 3•23 years ago
|
||
oh well ... it's not from URL 2002030421 ... :)
it's just by accident as the lizard had just crashed before i have reported the
bug :)
Comment 4•23 years ago
|
||
#0 0x00000000 in ?? ()
#1 0x42623937 in nsRenderingContextPS::GetWidth (this=0x879e660,
aString=0xbfffe80c,
aLength=14, aWidth=@0xbfffe3fc, aFontID=0x0) at nsRenderingContextPS.cpp:1019
#2 0x41c165a9 in BinarySearchForPosition (acx=0x879e660, aText=0xbfffe80c,
aBaseWidth=196, aBaseInx=0, aStartInx=0, aEndInx=28, aCursorPos=966,
aIndex=@0xbfffe4f4, aTextWidth=@0xbfffe4f0) at nsTextFrame.cpp:3309
#3 0x41c16fbd in nsTextFrame::GetPosition (this=0x876557c, aCX=0x854caf0,
aPoint=@0xbfffe9a4, aNewContent=0xbfffec84, aContentOffset=@0xbfffec88,
aContentOffsetEnd=@0xbfffec8c) at nsTextFrame.cpp:3442
#4 0x41c175f8 in nsTextFrame::GetContentAndOffsetsFromPoint (this=0x876557c,
aCX=0x854caf0, aPoint=@0xbfffeb28, aNewContent=0xbfffec84,
aContentOffset=@0xbfffec88, aContentOffsetEnd=@0xbfffec8c,
aBeginFrameContent=@0xbfffec98) at nsTextFrame.cpp:3525
#5 0x41ba9198 in nsFrame::GetNextPrevLineFromeBlockFrame (aPresContext=0x854caf0,
aPos=0xbfffec70, aBlockFrame=0x876546c, aLineStart=-1, aOutSideLimit=0 '\000')
at nsFrame.cpp:3058
#6 0x41b93759 in nsBlockFrame::HandleEvent (this=0x8761004,
aPresContext=0x854caf0,
aEvent=0xbffff1e8, aEventStatus=0xbfffef48) at nsBlockFrame.cpp:5721
#7 0x41c33b32 in nsComboboxControlFrame::HandleEvent (this=0x8761004,
aPresContext=0x854caf0, aEvent=0xbffff1e8, aEventStatus=0xbfffef48)
at nsComboboxControlFrame.cpp:2122
#8 0x41c00067 in PresShell::HandleEventInternal (this=0x86578f8,
aEvent=0xbffff1e8,
aView=0x8761608, aFlags=1, aStatus=0xbfffef48) at nsPresShell.cpp:6021
Status: UNCONFIRMED → NEW
Ever confirmed: true
Assignee | ||
Comment 5•23 years ago
|
||
I am making this dependent on Bug 119491, I think this might be related because
when you click on the control it ends up creating a RenderingContentPS. If that
doesn't fix we will have to add another nsStyleConst NS_STYLE_USER_INPUT_PREVENT
or something like that. Where we indicate we do not ANY processing. It's that
NONE and DISABLED still process the events.
Comment 7•23 years ago
|
||
*** Bug 128662 has been marked as a duplicate of this bug. ***
Comment 8•23 years ago
|
||
Bulk moving all nsbeta1 nominations to future-P1. If they are approved
(nsbeta1+) they will be moved to mozilla1.0
Target Milestone: mozilla1.0 → Future
./run-mozilla.sh -g -d gdb51 ./mozilla-bin /root/coredumps/mozilla-bin.71981.core
#0 0x00000000 in ?? ()
(gdb) up
#1 0x2a5f084b in nsRenderingContextPS::GetWidth (this=0x8d90b00, aString=0xbfbfe5f0, aLength=9, aWidth=@0xbfbfe1bc, aFontID=0x0)
at /home/timeless/mozilla/gfx/src/ps/nsRenderingContextPS.cpp:1019
1019 rv = NS_REINTERPRET_CAST(nsFontMetricsPS *, mFontMetrics.get())->GetStringWidth(aString, aWidth, aLength);
Current language: auto; currently c++
(gdb) p mFontMetrics
$1 = {mRawPtr = 0x8acac00}
(gdb) x/wa *(void**)mFontMetrics
0x29733b60 <_vt$16nsFontMetricsGTK>: 0x0
(gdb) l
1014 nsRenderingContextPS :: GetWidth(const PRUnichar *aString,PRUint32 aLength,nscoord &aWidth, PRInt32 *aFontID)
1015 {
1016 nsresult rv = NS_ERROR_FAILURE;
1017
1018 if (mFontMetrics) {
1019 rv = NS_REINTERPRET_CAST(nsFontMetricsPS *, mFontMetrics.get())->GetStringWidth(aString, aWidth, aLength);
1020 }
1021
1022 return rv;
1023 }
Shouldn't you QI to PS and check for failure?
Summary: mozilla crashed when clicking on select box in print preview. → crashed when clicking on select box in [@nsRenderingContextPS::GetWidth]
Assignee | ||
Comment 10•23 years ago
|
||
*** Bug 133478 has been marked as a duplicate of this bug. ***
Reporter | ||
Comment 11•23 years ago
|
||
wondering will this bug get fixed before Mozilla 1.0 ...
Assignee | ||
Comment 12•23 years ago
|
||
fixed by other patch
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → WORKSFORME
Comment 13•23 years ago
|
||
rods wrote:
> fixed by other patch
Which one ?
Comment 14•23 years ago
|
||
-> reopening bug
Works fine on win32 (20020503 / 20020513),
but on linux:
2002051023 - boom!
2002051123 - boom! (thats the newest ppc linux nightly)
cant provide a talkback id, see Bug 139858
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
Reporter | ||
Comment 15•23 years ago
|
||
testcase crashed on 2002051321/Linux, talkback ID: TB6263620M.
Comment 16•23 years ago
|
||
Stephend, could you get the stack? TB6263620M
0x00000000
BinarySearchForPosition()
nsTextFrame::GetPosition()
nsTextFrame::GetContentAndOffsetsFromPoint()
nsFrame::GetNextPrevLineFromeBlockFrame()
nsBlockFrame::HandleEvent()
nsComboboxControlFrame::HandleEvent()
PresShell::HandleEventInternal()
PresShell::HandleEvent()
nsViewManager::HandleEvent()
nsView::HandleEvent()
nsViewManager::DispatchEvent()
HandleEvent()
nsWidget::DispatchEvent()
nsWidget::DispatchWindowEvent()
nsWidget::DispatchMouseEvent()
nsWidget::OnButtonPressSignal()
nsWindow::OnButtonPressSignal()
nsWindow::HandleGDKEvent()
dispatch_superwin_event()
handle_gdk_event()
libgdk-1.2.so.0 + 0x17457 (0x4034b457)
libglib-1.2.so.0 + 0x104d8 (0x4037b4d8)
libglib-1.2.so.0 + 0x10ae3 (0x4037bae3)
libglib-1.2.so.0 + 0x10c7c (0x4037bc7c)
libgtk-1.2.so.0 + 0x8d7e7 (0x4029b7e7)
nsAppShell::Run()
nsAppShellService::Run()
main1()
main()
libc.so.6 + 0x1914f (0x404b714f)
Summary: crashed when clicking on select box in [@nsRenderingContextPS::GetWidth] → crashed when clicking on select box in [@BinarySearchForPosition][@nsRenderingContextPS::GetWidth]
Assignee | ||
Updated•23 years ago
|
Status: REOPENED → ASSIGNED
Target Milestone: Future → mozilla1.0
Assignee | ||
Comment 18•23 years ago
|
||
temporary patch to the forms controls to ignore mouse events when in
printpreview until Bug 124990 gets fixed (radio and checkbox doesn't need the
fix)
Assignee | ||
Updated•23 years ago
|
Summary: crashed when clicking on select box in [@BinarySearchForPosition][@nsRenderingContextPS::GetWidth] → [FIX]crashed when clicking on select box in [@BinarySearchForPosition][@nsRenderingContextPS::GetWidth]
Comment 20•23 years ago
|
||
Comment on attachment 84501 [details] [diff] [review]
patch
r=dcone
Attachment #84501 -
Flags: review+
Comment 21•23 years ago
|
||
Comment on attachment 84501 [details] [diff] [review]
patch
sr=attinasi (though really this should be a BRANCH-only fix and the correct fix
should be applied to the trunk when it is ready, IMO).
Attachment #84501 -
Flags: superreview+
Assignee | ||
Comment 22•23 years ago
|
||
fixed
Status: ASSIGNED → RESOLVED
Closed: 23 years ago → 23 years ago
Keywords: adt1.0.0
Resolution: --- → FIXED
Reporter | ||
Comment 23•23 years ago
|
||
i have a question, since the patch is temporary, what to do after bug 124990 got
fixed? should i create a new bug now and setting its dependancy to bug 124990 or
just wait for bug 124990 to get fixed and reopen this?
Comment 24•23 years ago
|
||
Wouldn't a simple hack to fix the "things get events in print preview" bugs be
to make the top-level frame's (page frame's?) GetFrameForPoint method always
return itself (if in bounds), and not check its children?
Comment 26•23 years ago
|
||
adt1.0.0+ (on ADT's behalf) for approval to checkin to the 1.0 branch,pending
Driver's approval. After, checking in, please add the fixed1.0 keyword.
Whiteboard: [adt2 RTM] [ETA 05/24] [Needs a=] → [adt2 RTM] [ETA 05/24] [Needs a=],custrtm-
Updated•23 years ago
|
Attachment #84501 -
Flags: approval+
Comment 27•23 years ago
|
||
please checkin to the 1.0.1 branch. once there, remove the "mozilla1.0.1+"
keyword and add the "fixed1.0.1" keyword.
Keywords: mozilla1.0.1+
Keywords: fixed1.0.1 → verified1.0.1
Updated•14 years ago
|
Crash Signature: [@BinarySearchForPosition]
[@nsRenderingContextPS::GetWidth]
You need to log in
before you can comment on or make changes to this bug.
Description
•