Created attachment 773524 [details] testcase 1. Install https://www.squarefree.com/extensions/domFuzzLite3.xpi 2. Load the testcase About half of the time, it trips: ###!!! ASSERTION: Double UnblockOnload!?: 'mCurrentRequestFlags & REQUEST_BLOCKS_ONLOAD', file content/base/src/nsImageLoadingContent.cpp, line 641
Can also hit: ###!!! ASSERTION: Double BlockOnload!?: '!(mCurrentRequestFlags & REQUEST_BLOCKS_ONLOAD)', file content/base/src/nsImageLoadingContent.cpp, line 618 ###!!! ASSERTION: More UnblockOnload() calls than BlockOnload() calls; dropping call: 'Not Reached', file content/base/src/nsDocument.cpp, line 7880
This could be the same problem as bug 886080, which Kyle says is caused by decode-on-draw triggering re-entrancy into imagelib while notifications are being dispatched.
Yeah, looks related.
You need to log in before you can comment on or make changes to this bug.