Closed
Bug 384844
Opened 17 years ago
Closed 17 years ago
CycleCollector fault when using findbar on about:config
Categories
(Core :: XPCOM, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 386947
People
(Reporter: sayrer, Assigned: graydon)
Details
Attachments
(1 file)
25.62 KB,
text/plain
|
Details |
The findbar doesn't happen to work on about:config, but I did it by accident and found this: ###!!! ASSERTION: Fault in cycle collector: traversed refs exceed refcount (ptr: 15b8e40) : 'Not Reached', file nsCycleCollector.cpp, line 892
Reporter | ||
Comment 1•17 years ago
|
||
Steps to reproduce: 1.) start Minefield 2.) type about:config into the location bar 3.) use the findbar and try to search for a string 4.) close the browser
Updated•17 years ago
|
Version: unspecified → Trunk
Assignee | ||
Comment 2•17 years ago
|
||
This shows the node in question that's fauling: it's an nsXULPrototypeNode that has a refcount of 1 but appears to be strongly owned by both a parent nsXULPrototypeNode and a parent nsGenericElement. Note that this pattern repeats across the graph. We're fauling on the first, but not only, instance of a dually-owned nsXULPrototypeNode with refcnt=1. I don't really know the content ownership model well enough to say which of those is correct, but someone broke the rules.
Flags: blocking1.9?
Comment 3•17 years ago
|
||
Boris, do you know how this ownership model works?
Assignee: nobody → graydon
Flags: blocking1.9? → blocking1.9+
Comment 4•17 years ago
|
||
I'm guessing the problem is that nsXULPrototypeElement::ReleaseSubtree doesn't null out the pointers in question. So if the prototype survives past that call, any traversal through it will lead to problems, no? Does nulling out the pointers in that method help? This business of prototype nodes holding refs to themselves is really quite silly; we should fix it sometime...
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
Updated•17 years ago
|
Flags: blocking1.9+
Reporter | ||
Updated•17 years ago
|
Flags: blocking1.9+
You need to log in
before you can comment on or make changes to this bug.
Description
•