User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3) Gecko/20041001 Firefox/0.10.1 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3) Gecko/20041001 Firefox/0.10.1 browser crashes some times when loading gmail and loading another tab Reproducible: Always Steps to Reproduce: 1.load firefox without home page (about:blank) 2.open using link gmail (www.gmail.com) 3.while loading load different address in same/different tab Actual Results: error messege - crash Expected Results: worked . . .
I encountered the same type of crash this morning while opening a new tab with gmail loading in the background. My talkback ID was TB1549193Z. Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20041026 Firefox/1.0RC1
js_Interpret() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/js/src/jsinterp.c, line 1494] js_Invoke() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/js/src/jsinterp.c, line 958] js_InternalInvoke() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/js/src/ jsinterp.c, line 1036] JS_CallFunctionValue() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/js/src/ jsapi.c, line 3698] nsJSContext::CallEventHandler() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/ dom/src/base/nsJSEnvironment.cpp, line 1296] nsJSEventListener::HandleEvent() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/ dom/src/events/nsJSEventListener.cpp, line 177] nsXBLPrototypeHandler::ExecuteHandler() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/ mozilla/content/xbl/src/nsXBLPrototypeHandler.cpp, line 458] nsXBLEventHandler::HandleEvent() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/ mozilla/content/xbl/src/nsXBLEventHandler.cpp, line 84] nsEventListenerManager::HandleEventSubType() [/builds/tinderbox/firefox-1.0/Linux_2.4.20 -28.8_Clobber/mozilla/content/events/src/nsEventListenerManager.cpp, line 1436] nsEventListenerManager::HandleEvent() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/ mozilla/content/events/src/nsEventListenerManager.cpp, line 1529] nsXULElement::HandleDOMEvent() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/ mozilla/content/xul/content/src/nsXULElement.cpp, line 2841] PresShell::HandleEventInternal() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/ layout/html/base/src/nsPresShell.cpp, line 710] PresShell::HandleEventWithTarget() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/ mozilla/layout/html/base/src/nsPresShell.cpp, line 5984] nsEventStateManager::CheckForAndDispatchClick() [/builds/tinderbox/firefox-1.0/Linux_2.4.20 -28.8_Clobber/mozilla/content/events/src/nsEventStateManager.cpp, line 2985] nsEventStateManager::PostHandleEvent() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/ mozilla/content/events/src/nsEventStateManager.cpp, line 142] PresShell::HandleEventInternal() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/ layout/html/base/src/nsPresShell.cpp, line 710] PresShell::HandleEvent() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/layout/ html/base/src/nsPresShell.cpp, line 5920] nsViewManager::HandleEvent() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/ view/src/nsViewManager.cpp, line 710] nsViewManager::DispatchEvent() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/ view/src/nsViewManager.cpp, line 2066] HandleEvent() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/view/src/ nsView.cpp, line 243] nsCommonWidget::DispatchEvent() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/ mozilla/widget/src/gtk2/nsCommonWidget.cpp, line 215] nsWindow::OnButtonReleaseEvent() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/ mozilla/widget/src/gtk2/nsWindow.cpp, line 1449] button_release_event_cb() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/widget/ src/gtk2/nsWindow.cpp, line 3277] libgtk-x11-2.0.so.0 + 0x112434 (0x00223434) libgobject-2.0.so.0 + 0x9160 (0x003f2160) libgobject-2.0.so.0 + 0x1d165 (0x00406165) libgobject-2.0.so.0 + 0x1befe (0x00404efe) libgobject-2.0.so.0 + 0x1c424 (0x00405424) libgtk-x11-2.0.so.0 + 0x2119e5 (0x003229e5) libgtk-x11-2.0.so.0 + 0x1109d2 (0x002219d2) libgtk-x11-2.0.so.0 + 0x10f726 (0x00220726) libgdk-x11-2.0.so.0 + 0x3e025 (0x004cd025) libglib-2.0.so.0 + 0x241e2 (0x005ef1e2) libglib-2.0.so.0 + 0x252d8 (0x005f02d8) libglib-2.0.so.0 + 0x25610 (0x005f0610) libglib-2.0.so.0 + 0x25c53 (0x005f0c53) libgtk-x11-2.0.so.0 + 0x10eff3 (0x0021fff3) nsAppShell::Run() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/widget/src/ gtk2/nsAppShell.cpp, line 144] nsAppShellService::Run() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/xpfe/ appshell/src/nsAppShellService.cpp, line 495] xre_main() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/toolkit/xre/ nsAppRunner.cpp, line 692] main() [/builds/tinderbox/firefox-1.0/Linux_2.4.20-28.8_Clobber/mozilla/browser/app/ nsBrowserApp.cpp, line 59] libc.so.6 + 0x14ad4 (0x00b94ad4) kinda sounds like pc=0 (since i had that happen to me only yesterday)
I experience the same crash. I'm using FireFox 1.0 on Linux. I've already logged into GMail before so this time it doesn't ask for a password. First it says "Redirecting to /gmail", then "Loading..." and then FireFox crashes before showing my inbox. This bug is very severe because GMail is gaining popularity.
Hongli Lai, did you send a talkback report? Please post it here if so. Anyone who gets this crash, please show the stack backtrace and as much debugging data as you can. Thanks, /be
A quick search for "gmail" in the comments for Firefox10 branch builds shows a lot of crashes in js_MarkScript (but bug 273221 is already logged for the gmail pop-up compose window problem): http://talkback-public.mozilla.org/talkback/fastfind.jsp?search=1&searchby=comments&match=contains&searchfor=gmail&vendor=All&product=Firefox10&platform=All&buildid=&sdate=&stime=&edate=&etime=&sortby=bbid I wonder if this is related to that bug in some way. Does gmail ever throw any kind of pop-up windows after login? I have never seen any except for when opening a compose window. I'll do some more digging tomorrow to see what I can find.
Created attachment 177137 [details] crash log
Scott, that attachment is not useful, unfortunately (RTF isn't that good a format, either). Talkback is better -- did you have the talkback agent installed, and see it sending a report? You can run it to find the ID, IIRC. The stacks in this bug are not consistent, but this smells like a bad JSContext pointer being passed in from DOM or window/dialog embedding code. Reassigning. /be
Er... is this seriously just an issue in Firefox 0.10.1? Can people reproduce this on trunk?
I had a similar experince as comment #3 with FF 1.0.6 on XP, although I had to enter my username and password, because I had no gmail session open. I've had this happen many times before (probably FF 1.0.4) but this is the first time I was able to file a talkback report (TB8209877K). Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6
I'm having crashes with Gmail here as well. Steps to reproduce: 1. Log in to Gmail. 2. Click "Compose Mail". 3. Click "Open in new window" icon. 4. Just before new window loads, Firefox crashes with error in js3250.dll Btw, the following settings might be related: browser.link.open_newwindow = 3; browser.link.open_newwindow.restriction = 2; browser.tabs.showSingleWindowModePrefs = true; Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6
My *guess* would be that this will be fixed by the cleanup patch in bug 296639.
I think I can confirm this problem. I'm using a build compiled from CVS and when I load Gmail (and a few other things) the browser will crash if I'm not focused on the tab that is loading gmail.
This happens to me often too, using FF V1.0.7 on Windows XP SP2. It can happen even if another page isn't loading but more commonly if one is. It's actually happened a few times with other encrypted (https) pages but seems to be far more common with Gmail. The most recent time (just a minute ago), Talkbalk also closed itself a second after it appeared. In most cases this only happens when first loading Gmail, not when viewing a message, sending, etc; however it has happened one time when viewing a message while submitting a form in another tab. Also, in reply to #5, Gmail does not launch any popup windows when loading.
Is anyone seeing this with something moderately non-ancient? That is, current trunk or Firefox 1.5?
Yes -- it's been happening since I installed 1.5 for OS-X
Do you have a talkback id?
I probably do, but can't figure out how to find it. Next time it crashes and talkback opens up I'll let you know.
William, there are directions explaining how to find the incident id in the next to last paragraph of the "How to Write a Useful Bug Report" section at http://www.mozilla.org/quality/bug-writing-guidelines.html
Ok -- the latest crash has this talkback id: TB12927458Q
that one's useless. no stack to speak of Incident ID: 12927458 Stack Signature 0x20202020 189b7728 Product ID Firefox15 Build ID 2005111116 Trigger Time 2005-12-13 15:55:21.0 Platform MacOSX Operating System Darwin 7.9.0 Module URL visited User Comments Since Last Crash 325246 sec Total Uptime 1189075 sec Trigger Reason SIGSEGV: Segmentation Violation: (signal 11) Source File, Line No. N/A Stack Trace 0x20202020
OK -- here are a couple more: 12772045W 12799100Y
Incident ID: TB15019505 Stack Signature xpsp2res.dll + 0x202113 (0x20202113) e86a7100 Product ID Firefox15 Build ID 2006011112 Trigger Time 2006-02-10 17:41:57.0 Platform Win32 Operating System Windows NT 5.1 build 2600 Module xpsp2res.dll + (00202113) URL visited User Comments opening GMail. tbid: monks Since Last Crash 20449 sec Total Uptime 20449 sec Trigger Reason Access violation Source File, Line No. N/A Stack Trace xpsp2res.dll + 0x202113 (0x20202113) XPCNativeWrapper::AttachNewConstructorObject [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/xpconnect/src/XPCNativeWrapper.cpp, line 1316] nsXPConnect::InitClasses [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/xpconnect/src/nsXPConnect.cpp, line 451] nsXPCComponents_utils_Sandbox::CallOrConstruct [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/xpconnect/src/xpccomponents.cpp, line 2253] nsXPCComponents_utils_Sandbox::Call [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/xpconnect/src/xpccomponents.cpp, line 2208] XPC_WN_Helper_Construct [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/xpconnect/src/xpcwrappednativejsops.cpp, line 1000] js_Construct [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsobj.c, line 3768] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1177] js_Interpret [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 3095] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1197] fun_apply [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsfun.c, line 1640] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1177] js_Interpret [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 3551] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1197] fun_apply [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsfun.c, line 1640] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1177] js_Interpret [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 3551] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1197] nsXPCWrappedJSClass::CallMethod [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/xpconnect/src/xpcwrappedjsclass.cpp, line 1369] nsXPCWrappedJS::CallMethod [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/xpconnect/src/xpcwrappedjs.cpp, line 462] SharedStub [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp, line 147] XPTC_InvokeByIndex [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/xpcom/reflect/xptcall/src/md/win32/xptcinvoke.cpp, line 102] XPCWrappedNative::CallMethod [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/xpconnect/src/xpcwrappednative.cpp, line 2152] XPC_WN_CallMethod [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/xpconnect/src/xpcwrappednativejsops.cpp, line 1444] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1177] js_Interpret [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 3551] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1197] fun_apply [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsfun.c, line 1640] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1177] js_Interpret [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 3551] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1197] fun_apply [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsfun.c, line 1640] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1177] js_Interpret [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 3551] js_Invoke [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/jsinterp.c, line 1197] nsXPCWrappedJSClass::CallMethod [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/xpconnect/src/xpcwrappedjsclass.cpp, line 1369] nsXPCWrappedJS::CallMethod [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/js/src/xpconnect/src/xpcwrappedjs.cpp, line 462] SharedStub [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/xpcom/reflect/xptcall/src/md/win32/xptcstubs.cpp, line 147] nsEventListenerManager::HandleEventSubType [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/events/src/nsEventListenerManager.cpp, line 1685] nsEventListenerManager::HandleEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/events/src/nsEventListenerManager.cpp, line 1786] nsXULElement::HandleDOMEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/xul/content/src/nsXULElement.cpp, line 2153] nsXULElement::HandleDOMEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/xul/content/src/nsXULElement.cpp, line 2174] nsXULElement::HandleDOMEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/xul/content/src/nsXULElement.cpp, line 2174] nsXULElement::HandleDOMEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/xul/content/src/nsXULElement.cpp, line 2174] nsXULElement::HandleDOMEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/xul/content/src/nsXULElement.cpp, line 2174] nsXULElement::HandleDOMEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/xul/content/src/nsXULElement.cpp, line 2174] nsXULElement::HandleChromeEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/xul/content/src/nsXULElement.cpp, line 2833] nsGlobalWindow::HandleDOMEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/dom/src/base/nsGlobalWindow.cpp, line 1585] nsDocument::HandleDOMEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/base/src/nsDocument.cpp, line 4013] nsEventStateManager::DispatchNewEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/events/src/nsEventStateManager.cpp, line 4578] nsDocument::DispatchEvent [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/base/src/nsDocument.cpp, line 4097] nsDocument::DispatchContentLoadedEvents [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/base/src/nsDocument.cpp, line 2213] nsHTMLDocument::EndLoad [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/html/document/src/nsHTMLDocument.cpp, line 983] HTMLContentSink::DidBuildModel [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/content/html/document/src/nsHTMLContentSink.cpp, line 2203] CNavDTD::DidBuildModel [c:/builds/tinderbox/Fx-Mozilla1.8.0/WINNT_5.2_Depend/mozilla/parser/htmlparser/src/CNavDTD.cpp, line 604]
Created attachment 212252 [details] [diff] [review] this is the patch i'd want
Comment on attachment 212252 [details] [diff] [review] this is the patch i'd want >+ jsval val = OBJECT_TO_JSVAL(sandbox); >+ AUTO_MARK_JSVAL(ccx, val); There isn't any particular reason to use an AUTO_MARK_JSVAL, except to waste cycles. Other options include: - *vp = OBJECT_TO_JSVAL(sandbox); - JS_SetGlobalObject(tempcx, sandbox) I think I prefer the 2nd one.
Comment on attachment 212252 [details] [diff] [review] this is the patch i'd want >+ jsval val = OBJECT_TO_JSVAL(sandbox); >+ AUTO_MARK_JSVAL(ccx, val); You don't need val -- just pass OBJECT_TO_JSVAL(sandbox) to AUTO_MARK_JSVAL as the second actual argument. /be
(In reply to comment #24) > There isn't any particular reason to use an AUTO_MARK_JSVAL, except to waste > cycles. Other options include: > - *vp = OBJECT_TO_JSVAL(sandbox); > - JS_SetGlobalObject(tempcx, sandbox) > > I think I prefer the 2nd one. Yeah, that's more righteous. /be
Comment on attachment 212252 [details] [diff] [review] this is the patch i'd want As well as my previous comment. Won't nsXPCComponents_Utils::EvalInSandbox need an AutoJSRequest as well? I'll put together a new patch.
Created attachment 212275 [details] [diff] [review] Proposed patch This even avoids making a new native call context.
Comment on attachment 212275 [details] [diff] [review] Proposed patch sr=jst
This is a GC hazard in code that's pretty extensively used by GreaseMonkey. The fix is straightforward. I think that we are going to want this on the branches.
Comment on attachment 212275 [details] [diff] [review] Proposed patch r=me. /be
Fix checked into trunk.
Actually, evalinsandbox needs *two*, one for when it reports an error. so that stuff isn't complete. i'll file a new bug after i resolve the conflicts w/ your changes.
This bug only used to occurr (except in rare cases) if you switched to another tab while Gmail was loading. However, since the addition of the chat feature, I'm encountering it even with no other tabs open. It still doesn't happen every time, though.
Comment on attachment 212275 [details] [diff] [review] Proposed patch approved for 1.8.0 branch, a=dveditz
Woah... I just had Gmail fail to load for some reason (presumably my connection cut out). It left the browser in a semi-frozen state; dialogs and menus would appear, and tabs could be opened and closed, but nothing would redraw. It crashed when I tried to close it, though the 'you are closing multiple tabs' dialog appeared as normal.
Fix checked into the 1.8 branches. I opted against checking the request stuff in since I realized that even with the fix for bug 3228044, it wasn't entirely complete (but it wasn't wrong either).
The bug number in comment 37 had a typo. It should have been "bug 328044".
Can someone attach a simple testcase so QA can verify the fix?
*** Bug 328557 has been marked as a duplicate of this bug. ***
or
