browser crashed after clicking on the link (stack trace included)

RESOLVED WORKSFORME

Status

()

Core
JavaScript Engine
P3
normal
RESOLVED WORKSFORME
18 years ago
17 years ago

People

(Reporter: Aleks Totic, Assigned: rogerl (gone))

Tracking

Trunk
x86
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

18 years ago
From Bugzilla Helper:
User-Agent: Mozilla/4.6 [en] (X11; I; Linux 2.2.5-15 i686)
BuildID:    0 (9/26/00 AM pull)

I've crashed the browser when clicking on a link. It was my second
click. The URLs are company internal, so no reproducible case. It looks like
some threading problem, where you are walking stuff that has been deleted.

Reproducible: Didn't try
Steps to Reproduce:


Actual Results:  						

0x401c5e0c in js_ContextIterator (rt=0x8162d08, iterp=0xbfffeae0) at
jscntxt.c:255
#1  0x401e3650 in js_GC (cx=0x85256c0, gcflags=0) at jsgc.c:989
#2  0x401e33e8 in js_ForceGC (cx=0x85256c0) at jsgc.c:871
#3  0x401bb16e in JS_GC (cx=0x85256c0) at jsapi.c:1542
#4  0x40515d8d in nsJSContext::GC (this=0x8525680) at nsJSEnvironment.cpp:1286
#5  0x40529879 in GlobalWindowImpl::SetNewDocument (this=0x85255a0,
aDocument=0x8631604)
    at nsGlobalWindow.cpp:358
#6  0x419ee9a6 in DocumentViewerImpl::Init (this=0x8904af0,
aParentWidget=0x8641e48, aDeviceContext=0x85251c8, 
    aBounds=@0xbffff040) at nsDocumentViewer.cpp:535
#7  0x4107d5cd in nsDocShell::SetupNewViewer (this=0x8641830,
aNewViewer=0x8904af0) at nsDocShell.cpp:2775
#8  0x41085892 in nsWebShell::SetupNewViewer (this=0x8641830, aViewer=0x8904af0)
at nsWebShell.cpp:350
#9  0x4107b4f0 in nsDocShell::Embed (this=0x8641830, aContentViewer=0x8904af0,
aCommand=0x410ace24 "", 
    aExtraInfo=0x0) at nsDocShell.cpp:2409
#10 0x41085a6a in nsWebShell::Embed (this=0x8641830, aContentViewer=0x8904af0,
aCommand=0x410ace24 "", 
    aExtraInfo=0x0) at nsWebShell.cpp:379
#11 0x4107bf2c in nsDocShell::CreateContentViewer (this=0x8641830,
aContentType=0xbffff33c "text/html", 
    aOpenedChannel=0x88238b0, aContentHandler=0xbffff3a4) at nsDocShell.cpp:2588
#12 0x4108bad0 in nsDSURIContentListener::DoContent (this=0x8641130,
aContentType=0xbffff33c "text/html", 
    aCommand=1, aWindowTarget=0x4017e290 "", aOpenedChannel=0x88238b0,
aContentHandler=0xbffff3a4, 
    aAbortProcess=0xbffff37c) at nsDSURIContentListener.cpp:105
#13 0x40baa4a4 in nsDocumentOpenInfo::DispatchContent (this=0x8823ad0,
aChannel=0x88238b0, aCtxt=0x0)
    at nsURILoader.cpp:359
#14 0x40ba9db1 in nsDocumentOpenInfo::OnStartRequest (this=0x8823ad0,
aChannel=0x88238b0, aCtxt=0x0)
    at nsURILoader.cpp:233
#15 0x409da943 in nsHTTPFinalListener::OnStartRequest (this=0x8823b10,
aChannel=0x88238b0, aContext=0x0)
    at nsHTTPResponseListener.cpp:1121
#16 0x409a78e9 in InterceptStreamListener::OnStartRequest (this=0x8788a08,
channel=0x88238b0, ctxt=0x0)
    at nsCachedNetData.cpp:1177
#17 0x409da446 in nsHTTPServerListener::FinishedResponseHeaders (this=0x8902490)
    at nsHTTPResponseListener.cpp:1047
#18 0x409d87f9 in nsHTTPServerListener::OnDataAvailable (this=0x8902490,
channel=0x855a1d4, context=0x88238b0, 
    i_pStream=0x87c9520, i_SourceOffset=20553, i_Length=2598) at
nsHTTPResponseListener.cpp:427
#19 0x4096e05f in nsOnDataAvailableEvent::HandleEvent (this=0x8903d90) at
nsAsyncStreamListener.cpp:400
#20 0x4096d2e7 in nsStreamListenerEvent::HandlePLEvent (aEvent=0x8903db8) at
nsAsyncStreamListener.cpp:97
#21 0x401273b1 in PL_HandleEvent (self=0x8903db8) at plevent.c:575
#22 0x401271a0 in PL_ProcessPendingEvents (self=0x80ae148) at plevent.c:508
#23 0x40129059 in nsEventQueueImpl::ProcessPendingEvents (this=0x80ae120) at
nsEventQueue.cpp:356
#24 0x40c4fae4 in event_processor_callback (data=0x80ae120, source=7,
condition=GDK_INPUT_READ)
    at nsAppShell.cpp:158
#25 0x40c4f71f in our_gdk_io_invoke (source=0x81fe568, condition=G_IO_IN,
data=0x81fe558) at nsAppShell.cpp:58
#26 0x40e08d6a in g_io_unix_dispatch () at
../../../dist/include/nsIPageSequenceFrame.h:112
#27 0x40e0a2c6 in g_main_dispatch () at
../../../dist/include/nsIPageSequenceFrame.h:112
#28 0x40e0a801 in g_main_iterate () at
../../../dist/include/nsIPageSequenceFrame.h:112
#29 0x40e0a979 in g_main_run () at
../../../dist/include/nsIPageSequenceFrame.h:112
#30 0x40d3cf3a in gtk_main () at
../../../dist/include/nsIPageSequenceFrame.h:112
#31 0x40c501da in nsAppShell::Run (this=0x80fd600) at nsAppShell.cpp:335
#32 0x4072f414 in nsAppShellService::Run (this=0x814f5d0) at
nsAppShellService.cpp:407
#33 0x8055f55 in main1 (argc=1, argv=0xbffffa94, nativeApp=0x0) at
nsAppRunner.cpp:1004
#34 0x80565fe in main (argc=1, argv=0xbffffa94) at nsAppRunner.cpp:1185
#35 0x40367cb3 in __libc_start_main (main=0x805644c <main>, argc=1,
argv=0xbffffa94, init=0x8050c74 <_init>, 
    fini=0x8064ee0 <_fini>, rtld_fini=0x4000a350 <_dl_fini>,
stack_end=0xbffffa8c)
    at ../sysdeps/generic/libc-start.c:78
(gdb) p cx
$2 = (JSContext *) 0x0
(gdb) p rt->contextList
$3 = {next = 0x0, prev = 0x43500000}

Comment 1

18 years ago
cc'ing Brendan in case this trace helps to understand other crashing bugs. 
Notice this at the bottom:

                      (gdb) p cx
                      $2 = (JSContext *) 0x0
                      (gdb) p rt->contextList
                      $3 = {next = 0x0, prev = 0x43500000}


Reporter, thank you for providing this trace. However, would it be possible to 
make a reduced test case for the crash and attach it to this bug? I'm going to 
have to close it if there is no way for us to reproduce it... 
(Reporter)

Comment 2

18 years ago
Fully reproducible. The link followed causes a redirect, which probably
messes up your context list. The redirect is inside an HTML page:
Here is the doc that redirects:

<HEAD>
<META HTTP-EQUIV="Refresh" CONTENT="0;
url=http://dev.round-one.com/engineering/">
</HEAD>
Looks like a dup of bug 53094, again.  Was the build from source pulled after
the 19th?

/be

Comment 4

18 years ago
Yes, I believe. The reporter mentions this at the top: 

                  BuildID: 0 (9/26/00 AM pull)
(Reporter)

Comment 5

18 years ago
This morning's pull (26th), I've pulled and rebuilt. Did not make clean, though.
(Reporter)

Comment 6

18 years ago
did a make clean, it no longer crashes
Status: UNCONFIRMED → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.