Closed
Bug 198301
Opened 22 years ago
Closed 22 years ago
Crashing when loading standalone image when images disabled in mailnews - Trunk [@ nsImgManager::GetRootDocShell]
Categories
(Core Graveyard :: Image: Painting, defect)
Core Graveyard
Image: Painting
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: fredbezies, Assigned: bzbarsky)
References
Details
(Keywords: crash, topcrash)
Crash Data
Attachments
(1 file)
2.51 KB,
patch
|
john
:
review+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4a) Gecko/20030319
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4a) Gecko/20030319
It looks like bug 198181. It should be a duplicate of it (sorry if it is the
case), but I am facing a crash everytime I want to click (left or wheel click)
on a picture.
See details to reproduce it.
Reproducible: Always
Steps to Reproduce:
1.go here (it is one of my sites) : http://frederic.bezies.free.fr/
2.In the right frame, click on the big image
Actual Results:
Mozilla freezing then crashing :-/
Expected Results:
opening the image in a new window.
Modern theme, clean install of my homemade build.
Here are my buildconfig data :
Build platform
target
i686-pc-cygwin
Build tools
Compiler Version Compiler flags
cl 12.00.8804 for 80x86 -TC -nologo -W3 -nologo -Gy -Fd$(PDBFILE)
cl 12.00.8804 for 80x86 -TP -nologo -W3 -nologo -Gy -Fd$(PDBFILE)
Configure arguments
--enable-extensions --enable-crypto --disable-debug --enable-optimize
--enable-calendar --disable-pedantic --disable-installer --enable-strip
--disable-tests
Also, when I want to launch debugging, VC++ said me there is an access violation
in cookie.dll.
Or, I do not set any cookies on my site :-|
I just customized cookies managing in Prefs/Privacy & Security/View.
Reporter | ||
Comment 1•22 years ago
|
||
This bug is weird. it only happens with my main profile. I created a blank new
one, did not touch to cookies advanced settings and it crashes again.
I will download a nightly with talkback and send a TB ID.
Assignee | ||
Comment 2•22 years ago
|
||
At what _exact_ time did you pull? You have no image settings under privacy &
security?
Reporter | ||
Comment 3•22 years ago
|
||
Here is a talkback ID : TB18262739Y
This bug is driving me crazy. I remember I tweaked p3p settings. Is this related ?
Is this bug a duplicate of bug 198270 ?
Reporter | ||
Comment 4•22 years ago
|
||
I pulled 2 or 3 hours ago.
Crash also happens with build 2003031908, see talkback datas.
Only settings I modified for images is "Do not load remote images in Mail &
Newsgroups messages".
Assignee | ||
Comment 5•22 years ago
|
||
Just as a hint, since you're building yourself, build with symbols and use a
debugger....
Keywords: stackwanted
Whiteboard: TB18262739Y
Reporter | ||
Comment 6•22 years ago
|
||
Got it !
Try my test case with "Do not load remote images in Mail..." and you will crash.
Uncheck it, and all will be fine !
Weird !
Security related problem, isn't it ?
Setting "?" for 1.4a blocking.
Reporter | ||
Comment 7•22 years ago
|
||
Thanks for the tip, I will use it. Modifying summary to make bug more "speaking".
Summary: Crashing when clicking on an image link. → Crashing when clicking on an image link and when "Do not load remote image" option is checked.
Assignee | ||
Comment 8•22 years ago
|
||
This is mine.... biesi, this is the bug you were seeing:
#0 nsImgManager::GetRootDocShell (this=0x81da520, aWindow=0x0, result=0xbfffe564)
at /home/bzbarsky/mozilla/profile/mozilla/extensions/cookie/nsImgManager.cpp:171
#1 0x41debf2c in nsImgManager::ShouldLoad (this=0x81da520, aContentType=2,
aContentLoc=0x8a5ee90, aContext=0x8a5e168, aWindow=0x0, _retval=0xbfffe67c)
at /home/bzbarsky/mozilla/profile/mozilla/extensions/cookie/nsImgManager.cpp:129
#2 0x40f78f97 in nsContentPolicy::CheckPolicy (this=0x81dca58, policyType=0,
contentType=2, contentLocation=0x8a5ee90, context=0x8a5e168, window=0x0,
shouldProceed=0xbfffe67c)
at
/home/bzbarsky/mozilla/profile/mozilla/content/base/src/nsContentPolicy.cpp:143
#3 0x40f79011 in nsContentPolicy::ShouldLoad (this=0x81dca58, contentType=2,
contentLocation=0x8a5ee90, context=0x8a5e168, window=0x0, shouldLoad=0xbfffe67c)
at
/home/bzbarsky/mozilla/profile/mozilla/content/base/src/nsContentPolicy.cpp:166
#4 0x4122f520 in NS_CheckContentLoadPolicy (contentType=2, aURI=0x8a5ee90,
context=0x8a5e168, window=0x0, shouldLoad=0xbfffe67c)
at ../../../dist/include/content/nsContentPolicyUtils.h:56
#5 0x40ff1500 in nsImageLoadingContent::CanLoadImage (this=0x8a5e168,
aURI=0x8a5ee90,
aDocument=0x8a5e858)
at
/home/bzbarsky/mozilla/profile/mozilla/content/base/src/nsImageLoadingContent.cpp:440
Note the null DOM window being passed around....
Assignee: jdunn → bzbarsky
OS: Windows XP → All
Hardware: PC → All
Summary: Crashing when clicking on an image link and when "Do not load remote image" option is checked. → Crashing when loading standalone image when images disabled in mailnews
Assignee | ||
Comment 9•22 years ago
|
||
So the problem is that nsImageDocument::CreateSyntheticDocument gets called
before the document has a scriptglobalobject.... The resulting call into the
content policy code with a null domwindow crashes.
The best solution, imo, is to move the CreateSyntheticDocument call. One issue
is that now we will not be erroring out of StartDocumentLoad but rather out of
SetScriptGlobalObject on out-of-memory and such.... I don't think this is a
big deal.
Other solutions that would work: make content policy handle null windows
(should maybe still do that), make GetScriptGlobalObject go to the docshell if
mScriptGlobalObject is null (seems a little risky).
Assignee | ||
Comment 10•22 years ago
|
||
Comment on attachment 117791 [details] [diff] [review]
Proposed patch
jst? What do you think?
Attachment #117791 -
Flags: superreview?(jst)
Attachment #117791 -
Flags: review?(jkeiser)
Comment 11•22 years ago
|
||
Comment on attachment 117791 [details] [diff] [review]
Proposed patch
sr=jst
Attachment #117791 -
Flags: superreview?(jst) → superreview+
Updated•22 years ago
|
Attachment #117791 -
Flags: superreview?(jst)
Attachment #117791 -
Flags: superreview+
Attachment #117791 -
Flags: review?(jkeiser)
Attachment #117791 -
Flags: review+
Assignee | ||
Comment 12•22 years ago
|
||
fixed.
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Comment 13•22 years ago
|
||
Added Trunk [@ nsImgManager::GetRootDocShell] and crash, topcrash keywords for
future reference. This has been a topcrash for the last couple of days on the
MozillaTrunk.
Comment 14•22 years ago
|
||
*** Bug 198367 has been marked as a duplicate of this bug. ***
Updated•22 years ago
|
Flags: blocking1.4a?
Comment 15•22 years ago
|
||
*** Bug 198709 has been marked as a duplicate of this bug. ***
Comment 16•22 years ago
|
||
v.fixed per Talkback data. no crashes since 3/19.
Status: RESOLVED → VERIFIED
Updated•22 years ago
|
Attachment #117791 -
Flags: superreview?(jst)
Updated•13 years ago
|
Crash Signature: [@ nsImgManager::GetRootDocShell]
Blocks: 1261536
You need to log in
before you can comment on or make changes to this bug.
Description
•