Crash when displaying some mail messages

VERIFIED DUPLICATE of bug 17393

Status

()

Core
ImageLib
P3
normal
VERIFIED DUPLICATE of bug 17393
19 years ago
19 years ago

People

(Reporter: Scott MacGregor, Assigned: pnunn)

Tracking

Trunk
x86
Windows NT
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

19 years ago
Every once in a while, I crash trying to display a mail message in if.cpp.

The stack trace looks like:
IL_StreamWriteReady(il_container_struct * 0x05a64be0) line 833 + 16 bytes
NetReaderImpl::WriteReady(NetReaderImpl * const 0x05a626d0, unsigned int *
0x0012fd0c) line 72 + 12 bytes
ImageConsumer::OnDataAvailable(ImageConsumer * const 0x05a62430, nsIChannel *
0x05b5feb0, nsISupports * 0x00000000, nsIInputStream * 0x05d1d748, unsigned int
0, unsigned int 289) line 221 + 16 bytes
nsChannelListener::OnDataAvailable(nsChannelListener * const 0x05a62620,
nsIChannel * 0x05b5feb0, nsISupports * 0x00000000, nsIInputStream * 0x05d1d748,
unsigned int 0, unsigned int 289) line 1402
nsChannelListener::OnDataAvailable(nsChannelListener * const 0x05b5fc90,
nsIChannel * 0x05b5feb0, nsISupports * 0x00000000, nsIInputStream * 0x05d1d748,
unsigned int 0, unsigned int 289) line 1402
nsHTTPResponseListener::OnDataAvailable(nsHTTPResponseListener * const
0x05d1d7c0, nsIChannel * 0x05a14580, nsISupports * 0x05b5feb0, nsIInputStream *
0x05d1d748, unsigned int 0, unsigned int 289) line 171 + 47 bytes
nsOnDataAvailableEvent::HandleEvent(nsOnDataAvailableEvent * const 0x05d58040)
line 413
nsStreamListenerEvent::HandlePLEvent(PLEvent * 0x05d58420) line 169 + 12 bytes
PL_HandleEvent(PLEvent * 0x05d58420) line 526 + 10 bytes
PL_ProcessPendingEvents(PLEventQueue * 0x01080ca0) line 487 + 9 bytes

And we crash because the il_container passed into IL_StreamWriteReady has
already been deleted out from under us.
(Assignee)

Updated

19 years ago
Status: NEW → RESOLVED
Last Resolved: 19 years ago
Resolution: --- → DUPLICATE
(Assignee)

Comment 1

19 years ago
This call stack indicates this is a duplicate of 174393.
A temp fix was checked in by Nisheeth last night. If updating layout
doesn't fix the problem, call/email me.

The real problem is an image url
which is a cgi redirect. Necko has trouble with the redirect, sends an
unload page to layout. Layout then tells the image library to delete the
image container before the image decoder is even loaded. The image library
gets a stream complete message before it gets any data.

Bug 17393 is now assigned to gagan.

*** This bug has been marked as a duplicate of 17393 ***

Updated

19 years ago
Status: RESOLVED → VERIFIED

Comment 2

19 years ago
Rubber-stamping Verified based on stack crawl being identical to 17458, also
marked duplicate of 17393.

mscott & lchiang, if you're still seeing this after 17393 is fixed, could you
please re-open this bug? Thanks!
You need to log in before you can comment on or make changes to this bug.