Closed Bug 102813 Opened 24 years ago Closed 21 years ago

open new window, and then quit before page is loaded results in crash

Categories

(SeaMonkey :: General, defect)

Product:
SeaMonkey
Component:
General
Platform:
x86
Windows 98
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: chofmann, Assigned: vidur)

References

(
URL
)

Details

about 50% or more of the time when I do this I hit the following crash. Incident ID 36188616 Stack Signature MSVCRT.DLL + 0xd16a (0x7800d16a) f7ada4a7 Bug ID Trigger Time 2001-10-02 18:53:56 Email Address chofmann@netscape.com User Comments installed todays build, brought up browser window, then mail, then another browser window and then quit that window before my homepage at my.netscape.com was completely downloaded and displayed. Build ID 2001100205 Product ID Netscape6.20 Platform ID Win32 Trigger Reason Access violation Stack Trace MSVCRT.DLL + 0xd16a (0x7800d16a) MSVCRT.DLL + 0x11b77 (0x78011b77) PR_Realloc [../../../../pr/src/malloc/prmem.c, line 75] nsVoidArray::SizeTo [d:\builds\seamonkey\mozilla\xpcom\ds\nsVoidArray.cpp, line 172] nsVoidArray::GrowArrayBy [d:\builds\seamonkey\mozilla\xpcom\ds\nsVoidArray.cpp, line 259] nsVoidArray::InsertElementAt [d:\builds\seamonkey\mozilla\xpcom\ds\nsVoidArray.cpp, line 391] nsCheapVoidArray::AppendElement [d:\builds\seamonkey\mozilla\content\base\src\nsGenericElement.cpp, line 287] nsGenericHTMLContainerElement::AppendChildTo [d:\builds\seamonkey\mozilla\content\html\content\src\nsGenericHTMLElement.cpp, line 3796] 0xf84dd470 0x2cc38358 ----- MSVCRT.DLL + 0xd16a (0x7800d16a) MSVCRT.DLL + 0x11b77 (0x78011b77) PR_Realloc [../../../../pr/src/malloc/prmem.c, line 75] nsVoidArray::SizeTo [d:\builds\seamonkey\mozilla\xpcom\ds\nsVoidArray.cpp, line 172] nsVoidArray::GrowArrayBy [d:\builds\seamonkey\mozilla\xpcom\ds\nsVoidArray.cpp, line 259] nsVoidArray::InsertElementAt [d:\builds\seamonkey\mozilla\xpcom\ds\nsVoidArray.cpp, line 391] nsCheapVoidArray::AppendElement [d:\builds\seamonkey\mozilla\content\base\src\nsGenericElement.cpp, line 287] nsGenericHTMLContainerElement::AppendChildTo [d:\builds\seamonkey\mozilla\content\html\content\src\nsGenericHTMLElement.cpp, line 3796]
vidur, any ideas on if we could short circuit the crash around here, http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/content/base/src/nsGenericElement.cpp 266 nsCheapVoidArray::ReplaceElementAt(void* aElement, PRInt32 aIndex) 267 vidur 3.80 { 268 if (HasSingleChild()) { 269 if (aIndex == 0) { 270 SetSingleChild(aElement); 271 return PR_TRUE; 272 } 273 else { 274 return PR_FALSE; 275 } 276 } 277 else { 278 nsVoidArray* vector = GetChildVector(); 279 if (vector) { 280 return vector->ReplaceElementAt(aElement, aIndex); 281 } 282 else { 283 return PR_FALSE; 284 } 285 } 286 } 287 or thoughts on who might be a better owner for this one? shiva, jay, tom, does this stack correlate to anything on the top crash list?
Assignee: asa → vidur
I think I copied the wrong section of code above... should be the section just below.
Does this seem more like heap corruption? Or is there a reason we might pass a bad pointer to realloc?
I don't see this. Maybe we need better steps to reproduce? Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7b) Gecko/20040316
Chris, are you still seeing this? I can't reproduce with windows 1.7 beta after about 20 tries.
haven't seen it for ages.... bang! it's dead ;-)
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → WORKSFORME
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.