Closed Bug 1375 Opened 26 years ago Closed 26 years ago

ss:Crash in Parser after visiting page with plugin

Categories

(Core :: DOM: HTML Parser, defect, P1)

x86
Windows NT
defect

Tracking

()

VERIFIED FIXED

People

(Reporter: amusil, Assigned: sar)

References

()

Details

To repro: - go to the above url - click the back button - crash Looks like a null pointer is being dereferenced (mDTD) in: PRInt32 nsParser::ResumeParse() { PRInt32 result=kNoError; mParserContext->mDTD->WillResumeParse(); <----- HERE if(kNoError==result) { result=Tokenize(); BuildModel(); if(kInterrupted==result) mParserContext->mDTD->WillInterruptParse(); } return result; } That's it.
Here's the stack: nsParser::ResumeParse() line 662 + 18 bytes nsParser::OnDataAvailable(nsParser * const 0x012a7434, nsIURL * 0x012a5a60, nsIInputStream * 0x012a6f70, int 5840) line 895 nsDocumentBindInfo::OnDataAvailable(nsDocumentBindInfo * const 0x012a59e0, nsIURL * 0x012a5a60, nsIInputStream * 0x012a6f70, int 5840) line 1459 + 24 bytes OnDataAvailableProxyEvent::HandleEvent(OnDataAvailableProxyEvent * const 0x012b51b0) line 607 StreamListenerProxyEvent::HandlePLEvent(PLEvent * 0x012b51b4) line 452 + 12 bytes PL_HandleEvent(PLEvent * 0x012b51b4) line 395 + 10 bytes PL_ProcessPendingEvents(PLEventQueue * 0x01198cb0) line 357 + 9 bytes _md_EventReceiverProc(void * 0x080e05e8, unsigned int 49325, unsigned int 0, long 18451632) line 675 + 9 bytes USER32! 77e71250()
Status: NEW → ASSIGNED
Assignee: rickg → rpotts
Status: ASSIGNED → NEW
While researching bug 1375 for Alex (regarding plugins) I learned that there are times when our IStreamListener protocol doesn't do the right thing. In particular, it fails to call OnStartBinding() prior to a call to OnDataAvailable(). To aid in the debugging of this error, I've added a few assertions to the parser (who implements the IStreamListener protocol). This should help RickP.
Status: NEW → ASSIGNED
I believe that this is another instance of the NSPR PLEvent reenterancy bug exposed by plugins... I have the changes in my local tree and am waiting for approval to check them in...
Summary: Crash in Parser after visiting page with plugin → ss:Crash in Parser after visiting page with plugin
Putting on ss: radar.
Assignee: rpotts → sar
Status: ASSIGNED → NEW
Assigning to sar, need to build from the tip per bug mtg discussion today.
Moving to Resolved/Fixed. This should be fixed with Nov 25 build coming out any minute now.
Status: NEW → RESOLVED
Closed: 26 years ago
Resolution: --- → FIXED
Status: RESOLVED → VERIFIED
verified on 11/25 build. Alex, please also try on NT to confirm. I used Win 98, looked fine there...
Inserting Milestone info.
You need to log in before you can comment on or make changes to this bug.