Closed Bug 86313 Opened 23 years ago Closed 23 years ago

Invalid page fault in JSDOM.DLL

Categories

(Core :: DOM: Core & HTML, defect)

defect
Not set
critical

Tracking

()

VERIFIED FIXED
mozilla0.9.2

People

(Reporter: basic, Assigned: jst)

Details

(Keywords: crash, Whiteboard: [HAVE FIX] r=jag, sr=me)

Attachments

(5 files)

Build 2001061520 win32 talkback installer sea trunk In the to be attached testcase when pressing on the "test" button it causes a crash. Not sure how to describe this bug any further.
Attached file testcase (left frame) (deleted) —
Attached file actual testcase (main file) (deleted) —
Attached file testcase that actually works (deleted) —
confirming with win2k build 20010613 (CVS debug) and 0617 (CVS opt) A part of the stack : GlobalWindowImpl::GetScrollY(GlobalWindowImpl * const 0x0360a704, int * 0x0012d620) line 1507 + 17 bytes GlobalWindowImpl::GetPageYOffset(GlobalWindowImpl * const 0x0360a704, int * 0x0012d620) line 1474 XPTC_InvokeByIndex(nsISupports * 0x0360a704, unsigned int 58, unsigned int 1, nsXPTCVariant * 0x0012d620) line 139 XPCWrappedNative::CallMethod(XPCCallContext & {...}, XPCWrappedNative::CallMode CALL_GETTER) line 1881 + 42 bytes XPCWrappedNative::GetAttribute(XPCCallContext & {...}) line 1771 + 14 bytes XPC_WN_GetterSetter(JSContext * 0x02b4f378, JSObject * 0x0338a830, unsigned int 0, long * 0x036bd614, long * 0x0012d868) line 1284 + 9 bytes
Severity: normal → critical
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: crash
Attached file Full stack trace (deleted) —
I know that I should not patch more than one bug per patch, but one could argue that they're all the same bug. I'll bet dolars to donuts that this particular oversight happens more often.
Keywords: patch
Thanks for the patch! I had a look at it and it's a good change, but I'd like to add this change too (which fixes the root of the problem in this case): Index: dom/src/base/nsGlobalWindow.cpp =================================================================== RCS file: /cvsroot/mozilla/dom/src/base/nsGlobalWindow.cpp,v retrieving revision 1.412 diff -u -r1.412 nsGlobalWindow.cpp --- nsGlobalWindow.cpp 2001/05/23 06:33:28 1.412 +++ nsGlobalWindow.cpp 2001/06/17 21:04:18 @@ -3685,6 +3685,8 @@ GlobalWindowImpl::GetScrollInfo(nsIScrollableView **aScrollableView, float *aP2T, float *aT2P) { + *aScrollableView = nsnull; + // Flush pending notifications so that the presentation is up to // date. FlushPendingNotifications(); With that addition, sr=jst, we should get this in for mozilla0.9.2. Jag, r=?
Status: NEW → ASSIGNED
Keywords: mozilla0.9.2
OS: Windows 98 → All
Hardware: PC → All
Whiteboard: [HAVE FIX]
Target Milestone: --- → mozilla0.9.2
r=jag
Whiteboard: [HAVE FIX] → [HAVE FIX] r=jag, sr=me
a=tor for trunk checkin
Fix checked in.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
verified fixed build 2001061804 win32
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: