M09 & Trunk topcrash [@ nsEventListenerManager::HandleEvent]

VERIFIED FIXED in mozilla0.9.1

Status

()

--
critical
VERIFIED FIXED
18 years ago
18 years ago

People

(Reporter: greer, Assigned: joki)

Tracking

({crash, topcrash})

Trunk
mozilla0.9.1
x86
All
crash, topcrash
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(crash signature, URL)

(Reporter)

Description

18 years ago
This topcrash has a lot of users crashing while using secure sites. It has been 
showing up both in M09 and Trunk, most often with a stack trace like this:

nsEventListenerManager::HandleEvent() 
GlobalWindowImpl::HandleDOMEvent() 
DocumentViewerImpl::LoadComplete() 
nsDocShell::EndPageLoad() 
nsWebShell::EndPageLoad() 
nsDocShell::OnStateChange() 
nsWebShell::OnStateChange() 
nsDocLoaderImpl::FireOnStateChange() 
nsDocLoaderImpl::doStopDocumentLoad() 
nsDocLoaderImpl::DocLoaderIsEmpty() 
nsDocLoaderImpl::OnStopRequest() 
nsLoadGroup::RemoveRequest() 
PresShell::RemoveDummyLayoutRequest() 
PresShell::DoneRemovingReflowCommands() 
PresShell::ProcessReflowCommands() 
HandlePLEvent() 
PL_HandleEvent() 
PL_ProcessEventsBeforeID() 
processQueue() 
nsVoidArray::EnumerateForwards() 
nsAppShell::ProcessBeforeID() 
handle_gdk_event() 
libgdk-1.2.so.0 + 0x17162 (0x406c9162) 
libglib-1.2.so.0 + 0x10716 (0x406f4716) 
libglib-1.2.so.0 + 0x10d43 (0x406f4d43) 
libglib-1.2.so.0 + 0x10ef3 (0x406f4ef3) 
libgtk-1.2.so.0 + 0x8f1dd (0x4061a1dd) 
nsAppShell::Run() 
nsAppShellService::Run() 
main1() 
main() 
libc.so.6 + 0x1d72c (0x401f972c) 

Some user comments to lep repro:
(30359970) Comments: Everytime I surf to www.tvtv.de Mozilla crashes.
(30151223) Comments: ericcson.com/products/   and i click on mobiles
(30137733) Comments: i was opening a list of ericsson's mobile phones
(30310238) URL:
http://www.ericsson.com/consumers/spg.jsp?page=frames&redirectpage=W1F&GridName=
Grid_Image1&CatID=50

(30161057) Comments: Clicked on a link within banking site. This previously 
worked
(30166295) Comments: Logging in to a secure website
(30251818) Comments: Logging into my bank account. It's got a lot of javascript 
on the page so that's probably what crashed the browser. It's also framed.
(30277473) Comments: I was logging in to 5/3 bank's online banking site.  Upon 
entering my SSN and PIN

(30289200) URL: www.netbank.com
(30289797) URL: http://www.53.com
(30270932) URL: Secure site via www.unibank.com
(30184560) URL: https://bmo.com
(30170872) URL: http://kurier.tvtv.at
(30151916) URL: http://www.mercedes-benz.de
(Reporter)

Comment 1

18 years ago
Adding crash and topcrash keywords for tracking. Also qawanted until firm repro 
steps are found.
Keywords: crash, qawanted, topcrash
(Assignee)

Updated

18 years ago
Target Milestone: --- → mozilla0.9.1
Severity: normal → critical
(Assignee)

Comment 2

18 years ago
We think we have a good lead on this.  Working on a fix now.
Status: NEW → ASSIGNED

Updated

18 years ago
Blocks: 82033
(Assignee)

Comment 3

18 years ago
My local machine is having some issues right now so I'm having some problems 
testing but I believe this patch fixes at least some of these cases, if not all. 
 A number of the pages seem to be rapidly loading through a few pages to get to 
the final page.  For those situations this patch should work.  There may be 
other cases as well, I'm not sure.

Index: dom/src/base/nsGlobalWindow.cpp
===================================================================
RCS file: /cvsroot/mozilla/dom/src/base/nsGlobalWindow.cpp,v
retrieving revision 1.404
diff -u -r1.404 nsGlobalWindow.cpp
--- nsGlobalWindow.cpp  2001/05/18 00:02:52     1.404
+++ nsGlobalWindow.cpp  2001/05/21 18:29:43
@@ -374,8 +374,10 @@
           mSidebar = nsnull;
         }
 
-        if (mListenerManager)
+        if (mListenerManager) {
           mListenerManager->RemoveAllListeners(PR_FALSE);
+          mListenerManager = nsnull;
+        }
 
         if (mContext && mJSObject) {
 //      if (mContext && mJSObject && aDocument) {
sr=jst
(Assignee)

Comment 5

18 years ago
Adding r=nisheeth per my phone call with him this evening.

This fix definitely fixes some of the cases listed here.  Since they don't each 
include individual steps I want a little more testing before I close this as 
fixed.  Its entirely possible there is more than one codepath causing this crash 
that this patch doesn't cover.
(Assignee)

Comment 6

18 years ago
(30151223) Comments: ericsson.com/products/   and i click on mobiles
(30289200) URL: www.netbank.com
(30289797) URL: http://www.53.com
(30270932) URL: Secure site via www.unibank.com
(30184560) URL: https://bmo.com
(30170872) URL: http://kurier.tvtv.at
(30151916) URL: http://www.mercedes-benz.de

So of these I'm still seeing a crash on www.53.com but not on the others, though 
I may not be hitting the right steps to reproduce.

Comment 7

18 years ago
using the win32 2001052504 build on win98 I'm not able to crash 
on any of these sites over a dialup connection.  wonder if
timing or connection speed is involved?  joki, is the stack
trace the same for the www.53.com crash you still see...

I also notice that I get a funny "security error: domain name mismatch" 
error message telling me that I attempted to connect to bmo.com but
the cert presented is for www.bmo.com...   I wonder if variations
of the hosts names with and without 'www.' makes a difference in
trying to reproduce..

(Assignee)

Comment 8

18 years ago
Okay, I rebuilt today and tried to today's build and I'm not seeing the crash I 
was.  I haven't changed any of my stuff but it could either have been something 
else or old profile info or registry or something.  In any case, I'm going to 
mark this one fixed.  If we continue to see it showing up in the topcrash list 
on new builds then it should be reopened.  But without new info, at the moment, 
I don't see the problem.
Status: ASSIGNED → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → FIXED

Comment 9

18 years ago
perhaps we can email the users from the talkback reports to see if they can
download the latest mozilla nightly build to see if the problem is gone.  This
way, if the issue is a timing/configuration item, then the users who experienced
the crash may be able to tell us if latest nightlies are ok.
(Reporter)

Comment 10

18 years ago
All of the users reporting crashes were using Trunk builds from the old product 
ID: Netscape6.50. The product name change and joki's fix checkin both happened 
on the 22nd. Since then we have gotten no new reports of this crash under the 
MozillaTrunk product ID. Verified fixed.
Status: RESOLVED → VERIFIED

Updated

18 years ago
Keywords: qawanted
Crash Signature: [@ nsEventListenerManager::HandleEvent]
You need to log in before you can comment on or make changes to this bug.