Closed
Bug 610690
Opened 15 years ago
Closed 15 years ago
Crash when printing many documents successively [@ nsCOMPtr_base::assign_from_qi | nsDocShell::SetTreeOwner ]
Categories
(Core :: Printing: Output, defect)
Core
Printing: Output
Tracking
()
RESOLVED
FIXED
mozilla2.0b9
People
(Reporter: ehsan.akhgari, Assigned: smaug)
Details
(Keywords: crash, reproducible)
Crash Data
Attachments
(2 files, 1 obsolete file)
|
3.86 KB,
text/plain
|
Details | |
|
3.43 KB,
patch
|
MatsPalmgren_bugz
:
review+
benjamin
:
approval2.0+
|
Details | Diff | Splinter Review |
I was printing my pay slips from hrpassport.com successively (clicking on a link, Cmd+P, Enter, Cmd+W, clicking on the next link, and so on) and Firefox crashes twice in a row, with these signatures:
bp-f1adac90-c9f5-49d1-a82e-321d52101109
bp-433b75bb-b31e-4918-8c37-11de92101109
|
Assignee | |
Comment 1•15 years ago
|
||
Exact steps to reproduce would be great.
|
||
Comment 2•15 years ago
|
||
http://tinyurl.com/24u2xxf link to the crashes. Some people hit this back in Beta 6 as well.
|
|
Assignee | |
Comment 3•15 years ago
|
||
Ok, I think I might know what the problem is.
Assignee: nobody → Olli.Pettay
|
|
Assignee | |
Comment 4•15 years ago
|
||
Ehsan, any chance you could try this?
It might or might not help.
I still don't know how to reproduce.
|
|
||
Comment 5•15 years ago
|
||
I can try to reproduce as well - Ehsan - were you printing to a local printer or network printer?
|
|
Assignee | |
Comment 6•15 years ago
|
||
I would be surprised if that matters. I'd start with print-to-file.
|
Reporter | |
Comment 7•15 years ago
|
||
Here is what I did:
1. log into hrpassport.
2. Go to earnings statements.
3. Starting from the oldest one, click on the bluish icon to the right of each row. A new window is opened.
4. Cmd+P. I printed to a network printer, FWIW.
5. Cmd+W to close the newly opened window.
6. Go back to step 3 and repeat for the next row.
Olli, I'll try to reproduce the problem under a debug build, and then will try your patch to see if it fixes the problem.
|
||
Comment 8•15 years ago
|
||
STEPS TO REPRODUCE
1. Open two windows (just to avoid closing the last window in step 6)
2. load a reasonably large document in one window. Choose a document
that takes a few seconds to print, eg http://slashdot.org/
3. CTRL+P
4. Select Print-to-file / PDF and click Print
5. focus the main window with the printed document
6. CTRL+W
ACTUAL RESULTS
(gdb) bt
#0 nsQueryInterface::operator() at nsCOMPtr.cpp:47
#1 nsCOMPtr<nsIWebProgressListener>::assign_from_qi at nsCOMPtr.h:1212
#2 nsCOMPtr at nsCOMPtr.h:595
#3 nsDocShell::SetTreeOwner at docshell/base/nsDocShell.cpp:2975
#4 nsDocShell::Destroy at docshell/base/nsDocShell.cpp:4534
#5 ~nsDocShell at docshell/base/nsDocShell.cpp:756
#6 nsDocLoader::Release at uriloader/base/nsDocLoader.cpp:241
#7 nsDocShell::Release at docshell/base/nsDocShell.cpp:835
#8 ~nsPrintData at layout/printing/nsPrintData.cpp:126
#9 nsPrintEngine::Destroy at layout/printing/nsPrintEngine.cpp:285
#10 DocumentViewerImpl::Destroy at layout/base/nsDocumentViewer.cpp:1604
#11 ~nsPagePrintTimer at layout/printing/nsPagePrintTimer.cpp:61
#12 nsPagePrintTimer::Release at layout/printing/nsPagePrintTimer.cpp:43
#13 nsCOMPtr<nsITimerCallback>::assign_with_AddRef at nsCOMPtr.h:1204
#14 nsCOMPtr<nsITimerCallback>::operator= at nsCOMPtr.h:663
#15 nsTimerImpl::Fire at xpcom/threads/nsTimerImpl.cpp:453
#16 nsTimerEvent::Run at xpcom/threads/nsTimerImpl.cpp:517
...
(gdb) fr 3
(gdb) p *mTreeOwner
$2 = {
<nsISupports> = {
_vptr.nsISupports = 0x5a5a5a5a5a5a5a5a
}, <No data fields>}
(gdb)
|
|
||
Updated•15 years ago
|
|
|
Assignee | |
Comment 9•15 years ago
|
||
Actually based on some code inspection the patch might not fix the problem.
Although the crash seems to be exactly what I expected.
Docshell's addred/release can't be called inside dtor.
|
|
Assignee | |
Comment 10•15 years ago
|
||
Hmm, but why don't we always crash, with all the docshells...
|
|
Assignee | |
Updated•15 years ago
|
Attachment #489234 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 11•15 years ago
|
||
Ah, it is the treeowner which is dead object..
|
|
Assignee | |
Comment 12•15 years ago
|
||
This fixes the crash for me.
Attachment #489463 -
Flags: review?(matspal)
|
|
||
Comment 13•15 years ago
|
||
Comment on attachment 489463 [details] [diff] [review]
patch
Looks good. r=mats
while you're here, remove the bogus comment above nsPrintObject::Init
Attachment #489463 -
Flags: review?(matspal) → review+
|
|
Assignee | |
Updated•15 years ago
|
Attachment #489463 -
Flags: approval2.0?
|
||
Updated•15 years ago
|
Attachment #489463 -
Flags: approval2.0? → approval2.0+
|
|
Reporter | |
Comment 14•15 years ago
|
||
The patch seems to fix the crash for me using my own lame STR as well. :-)
|
|
Assignee | |
Comment 15•15 years ago
|
||
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Comment 16•15 years ago
|
||
I just got this crash again when trying to print again:
http://crash-stats.mozilla.com/report/index/bp-7de48daf-a5bb-4379-9572-7bd8c2101217
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
Assignee | |
Comment 17•15 years ago
|
||
Different stack. Could you please open a new bug.
Status: REOPENED → RESOLVED
Closed: 15 years ago → 15 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Comment 18•15 years ago
|
||
Filed bug 620158.
|
|
||
Updated•15 years ago
|
Target Milestone: --- → mozilla2.0b9
|
||
Updated•14 years ago
|
Crash Signature: [@ nsCOMPtr_base::assign_from_qi | nsDocShell::SetTreeOwner ]
You need to log in
before you can comment on or make changes to this bug.
Description
•