Hello,
You still do
if(!m_pop3ConData->msg_info[m_listpos-1].msgnum)
in your fix.
Yes, you are right. My fix does not work. Anyway, the problem comes from
m_listpos being incremented at each line of the answer to the UIDL command.
BTW, can you still reproduce the jsgc memory stack?
I did not manage to reproduce it today (I tried a few times), but it
does not necessarily means that it is corrected: the crash occurred at
several points.
Ah ... and attach a bt full from the first bt you submitted.
Here is a full backtrace from Icedove 1.5.0.9.dfsg1-1:
#0 0xb7521cc0 in free () from /lib/tls/i686/cmov/libc.so.6
No symbol table info available.
#1 0xb752387f in malloc () from /lib/tls/i686/cmov/libc.so.6
No symbol table info available.
#2 0xb7db9495 in PL_strdup (s=0x8975798 "112695870š^·4491") at strdup.c:53
n = 17
#3 0xb521e0b1 in put_hash (table=0x89757b0, key=0x8a58ef0
"1126958738.14354", value=<value optimized out>, dateReceived=1166983101)
at nsPop3Protocol.cpp:166
No locals.
#4 0xb5222d6f in nsPop3Protocol::GetMsg (this=0x892e410) at
nsPop3Protocol.cpp:2746
rv = <value optimized out>
mailboxSpaceLeft = <value optimized out>
folder = {<nsCOMPtr_base> = {mRawPtr = 0x89f515d}, <No data
fields>}
path = {<nsCOMPtr_base> = {mRawPtr = 0x897842c}, <No data fields>}
c = <value optimized out>
i = 1884
prefBool = 0
popstateTimestamp = 1166983101
#5 0xb522626e in nsPop3Protocol::ProcessProtocolState (this=0x892e410,
url=0x897842c, aInputStream=0x8a5e1c0, sourceOffset=65133, aLength=2356)
at nsPop3Protocol.cpp:3786
prefBool = -1222916272
status = 0
mailnewsurl = {<nsCOMPtr_base> = {mRawPtr = 0x897842c}, <No
data fields>}
#6 0xb519670e in nsMsgProtocol::OnDataAvailable (this=0x892e410,
request=0x89f85d8, ctxt=0x897842c, inStr=0x8a5e1c0, sourceOffset=65133,
count=2356) at nsMsgProtocol.cpp:350
uri = {<nsCOMPtr_base> = {mRawPtr = 0x897842c}, <No data fields>}
#7 0xb71481d1 in nsInputStreamPump::OnStateTransfer (this=0x89f85d8) at
nsInputStreamPump.cpp:437
offsetBefore = <value optimized out>
seekable = {<nsCOMPtr_base> = {mRawPtr = 0x8a5e1c4}, <No data
fields>}
rv = <value optimized out>
avail = 2356
#8 0xb714832f in nsInputStreamPump::OnInputStreamReady (this=0x89f85d8,
stream=0x8a5e1c0) at nsInputStreamPump.cpp:340
nextState = 926430520
#9 0xb7e177cc in nsInputStreamReadyEvent::EventHandler
(plevent=0x87e7efc) at nsStreamUtils.cpp:119
ev = <value optimized out>
#10 0xb7e2c0d7 in PL_HandleEvent (self=0x87e7efc) at plevent.c:688
result = <value optimized out>
#11 0xb7e2c3e9 in PL_ProcessPendingEvents (self=0x89d83e0) at plevent.c:623
event = (PLEvent *) 0x31393434
count = 2
#12 0xb7e2e26e in nsEventQueueImpl::ProcessPendingEvents
(this=0x8967768) at nsEventQueue.cpp:417
correctThread = <value optimized out>
#13 0xb67aaf75 in event_processor_callback (source=0x842a008,
condition=G_IO_IN, data=0x37383538) at nsAppShell.cpp:67
No locals.
#14 0xb7756c7f in g_io_channel_unix_get_fd () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#15 0xb772d731 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#16 0xb77307a6 in g_main_context_check () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#17 0xb7730d27 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#18 0xb67ab416 in nsAppShell::DispatchNativeEvent (this=0x8a0bcc8,
aRealEvent=0, aEvent=0x0) at nsAppShell.cpp:274
No locals.
#19 0xb60e538c in nsXULWindow::ShowModal (this=0xb7d67000) at
nsXULWindow.cpp:404
data = (void *) 0x0
isRealEvent = 0
processEvent = 1
cx = (JSContext *) 0xbf81916c
appShell = {<nsCOMPtr_base> = {mRawPtr = 0x8a0bcc8}, <No data
fields>}
window = {<nsCOMPtr_base> = {mRawPtr = 0x89904d0}, <No data
fields>}
tempRef = {<nsCOMPtr_base> = {mRawPtr = 0x8936858}, <No data
fields>}
appShellService = {<nsCOMPtr_base> = {mRawPtr = 0x81e6c38}, <No
data fields>}
stack = {<nsCOMPtr_base> = {mRawPtr = 0x8107ed8}, <No data fields>}
rv = 134698472
#20 0xb60e0f87 in nsContentTreeOwner::ShowAsModal (this=0x864ba18) at
nsContentTreeOwner.cpp:430
No locals.
#21 0xb66dc228 in nsWindowWatcher::OpenWindowJS (this=0x813c478,
aParent=0x831cd88, aUrl=0xb66f8ea0
"chrome://global/content/commonDialog.xul",
aName=0xb66f89c0 "_blank", aFeatures=0xb66f8d54
"centerscreen,chrome,modal,titlebar", aDialog=1, argc=1, argv=0x8994848,
_retval=0xbf819260)
at nsWindowWatcher.cpp:824
newTreeOwner = {<nsCOMPtr_base> = {mRawPtr = 0x8960678}, <No
data fields>}
newChrome = {<nsCOMPtr_base> = {mRawPtr = 0x864ba24}, <No data
fields>}
rv = <value optimized out>
nameSpecified = 1
featuresSpecified = 1
windowIsNew = 1
windowIsModal = 1
uriToLoadIsChrome = 1
chromeFlags = 4160750598
name = {<nsFixedString> = {<nsString> = {<nsSubstring> =
{<nsAString_internal> = {mVTable = 0xb7e61ce8, mData = 0xbf81903c,
mLength = 6,
mFlags = 65553}, <No data fields>}, <No data fields>},
mFixedCapacity = 63, mFixedBuf = 0xbf81903c}, mStorage = {95, 98, 108,
97, 110,
107, 0, 49025, 17284, 47070, 37184, 49025, 7808, 2057, 36416,
46703, 21836, 47067, 9688, 47078, 42232, 46942, 18472, 2201, 107, 0, 3672,
2207, 72, 0, 12, 0, 37000, 49025, 62977, 46672, 52616, 2097, 37032,
49025, 21836, 47067, 36852, 46942, 42176, 46942, 12, 0, 37048, 49025,
14463, 46930, 42176, 46942, 8211, 0, 8608, 47088, 0, 0, 12, 0,
37096, 49025}}
features = {<nsFixedCString> = {<nsCString> = {<nsCSubstring> =
{<nsACString_internal> = {mVTable = 0xb7e61de8,
mData = 0xbf8190d4 "centerscreen,chrome,modal,titlebar",
mLength = 34, mFlags = 65553}, <No data fields>}, <No data fields>},
mFixedCapacity = 63, mFixedBuf = 0xbf8190d4
"centerscreen,chrome,modal,titlebar"},
mStorage =
"centerscreen,chrome,modal,titlebar\000\000(\221\201¿Ø%æ·0\207o¶\000\000\000\000(\221\201¿ !ð·\210Î1\b"}
uriToLoad = {<nsCOMPtr_base> = {mRawPtr = 0x8986500}, <No data
fields>}
parentTreeOwner = {<nsCOMPtr_base> = {mRawPtr = 0x830c120}, <No
data fields>}
newDocShellItem = {<nsCOMPtr_base> = {mRawPtr = 0x8a30c88}, <No
data fields>}
queueGuard = {mService = {<nsCOMPtr_base> = {mRawPtr =
0x80c0fd0}, <No data fields>}, mQueue = {<nsCOMPtr_base> = {
mRawPtr = 0x8967768}, <No data fields>}, mAppShell =
{<nsCOMPtr_base> = {mRawPtr = 0x89ad198}, <No data fields>}}
callerContextGuard = {mService = {<nsCOMPtr_base> = {mRawPtr =
0x0}, <No data fields>}, mContext = 0x0}
chromeParent = {<nsCOMPtr_base> = {mRawPtr = 0x831ce78}, <No
data fields>}
isCallerChrome = 1
sm = {<nsCOMPtr_base> = {mRawPtr = 0x81419a0}, <No data fields>}
cx = <value optimized out>
newDocShell = {<nsCOMPtr_base> = {mRawPtr = 0x8a30c84}, <No
data fields>}
parentSGO = {<nsCOMPtr_base> = {mRawPtr = 0x831cdb0}, <No data
fields>}
#22 0xb66db44c in nsWindowWatcher::OpenWindow (this=0x813c478,
aParent=0x831cd88, aUrl=0xb66f8ea0
"chrome://global/content/commonDialog.xul",
aName=0xb66f89c0 "_blank", aFeatures=0xb66f8d54
"centerscreen,chrome,modal,titlebar", aArguments=0x828dfd8,
_retval=0xbf819260)
at nsWindowWatcher.cpp:476
argc = 1
argv = (jsval *) 0x8994848
cx = (JSContext *) 0x831ce88
mark = (void *) 0x831ceb0
kungFuDeathGrip = {<nsCOMPtr_base> = {mRawPtr = 0x818c910}, <No
data fields>}
rv = 0
#23 0xb66dde20 in nsPromptService::DoDialog (this=0x8410fd0,
aParent=0x831cd88, aParamBlock=0x828dfd8,
aChromeURL=0xb66f8ea0 "chrome://global/content/commonDialog.xul")
at nsPromptService.cpp:659
rv = <value optimized out>
activeParent = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data
fields>}
arguments = {<nsCOMPtr_base> = {mRawPtr = 0x828dfd8}, <No data
fields>}
dialog = {<nsCOMPtr_base> = {mRawPtr = 0x88c4718}, <No data
fields>}
#24 0xb66de853 in nsPromptService::Alert (this=0x8410fd0,
parent=0x831cd88, dialogTitle=0x89f0e58, text=0x87efa08) at
nsPromptService.cpp:132
rv = <value optimized out>
stringOwner = {<nsString> = {<nsSubstring> =
{<nsAString_internal> = {mVTable = 0xb7e61ce8, mData = 0x89f0e58,
mLength = 6,
mFlags = 9}, <No data fields>}, <No data fields>}, <No data
fields>}
block = {mBlock = 0x828dfd8}
url = {<nsSubstring> = {<nsAString_internal> = {mVTable =
0xb7e61ce8, mData = 0xb7e5ba46, mLength = 0,
mFlags = 1}, <No data fields>}, <No data fields>}
styleClass = {<nsAutoString> = {<nsFixedString> = {<nsString> =
{<nsSubstring> = {<nsAString_internal> = {mVTable = 0xb7e61ce8,
mData = 0xbf8192c0, mLength = 10, mFlags = 65553}, <No data
fields>}, <No data fields>}, mFixedCapacity = 63,
mFixedBuf = 0xbf8192c0}, mStorage = {97, 108, 101, 114, 116, 45,
105, 99, 111, 110, 0, 47078, 37608, 49025, 583, 47077, 3665, 46930,
36912, 46866, 37816, 49025, 20821, 46864, 54664, 2096, 37676,
49025, 38232, 49025, 1, 0, 38240, 49025, 17, 0, 37912, 49025, 37930, 49025,
62708, 46941, 7400, 47078, 37676, 49025, 3, 0, 17, 1, 7400,
47078, 34376, 46703, 6, 0, 1, 0, 52668, 2097, 57312, 2088, 1,
0}}, <No data fields>}
#25 0xb66d76cd in nsPrompt::Alert (this=0x8324e50, dialogTitle=0x0,
text=0x87efa08) at nsPrompt.cpp:217
autoDOMEventDispatcher = {mWindow = 0x831cd88, mDefaultEnabled = 1}
#26 0xb5197450 in nsMsgProtocol::OnStopRequest (this=0x8a8afd0,
request=0x88bb928, ctxt=0x8976394, aStatus=2152398861) at
nsMsgProtocol.cpp:441
errorMsg = (PRUnichar *) 0x87efa08
msgPrompt = {<nsCOMPtr_base> = {mRawPtr = 0x8324e50}, <No data
fields>}
errorID = 103
rv = 0
msgUrl = {<nsCOMPtr_base> = {mRawPtr = 0x8976394}, <No data
fields>}
#27 0xb522166a in nsPop3Protocol::OnStopRequest (this=0x8a8afd0,
request=0x88bb928, aContext=0x8976394, aStatus=2152398861)
at nsPop3Protocol.cpp:767
rv = 3212940744
#28 0xb71479a6 in nsInputStreamPump::OnStateStop (this=0x88bb928) at
nsInputStreamPump.cpp:506
No locals.
#29 0xb7148368 in nsInputStreamPump::OnInputStreamReady (this=0x88bb928,
stream=0x89616c8) at nsInputStreamPump.cpp:343
nextState = 825832500
#30 0xb7e177cc in nsInputStreamReadyEvent::EventHandler
(plevent=0x86c4c8c) at nsStreamUtils.cpp:119
ev = <value optimized out>
#31 0xb7e2c0d7 in PL_HandleEvent (self=0x86c4c8c) at plevent.c:688
result = <value optimized out>
#32 0xb7e2c3e9 in PL_ProcessPendingEvents (self=0x80e7c50) at plevent.c:623
event = (PLEvent *) 0x31393434
count = 5
#33 0xb7e2e26e in nsEventQueueImpl::ProcessPendingEvents
(this=0x80c0d28) at nsEventQueue.cpp:417
correctThread = <value optimized out>
#34 0xb67aaf75 in event_processor_callback (source=0x8233b00,
condition=G_IO_IN, data=0x37383538) at nsAppShell.cpp:67
No locals.
#35 0xb7756c7f in g_io_channel_unix_get_fd () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#36 0xb772d731 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#37 0xb77307a6 in g_main_context_check () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#38 0xb7730b67 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#39 0xb7b9a281 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
No symbol table info available.
#40 0xb67ab3c2 in nsAppShell::Run (this=0x813ba88) at nsAppShell.cpp:139
No locals.
#41 0xb676ad80 in nsAppStartup::Run (this=0x813ba48) at nsAppStartup.cpp:150
rv = <value optimized out>
#42 0x0804e69a in XRE_main (argc=1, argv=0xbf819cb4, aAppData=0x8059020)
at nsAppRunner.cpp:2380
remoteService = {<nsCOMPtr_base> = {mRawPtr = 0x8330358}, <No
data fields>}
rv = 0
i = <value optimized out>
dirProvider = {<nsIDirectoryServiceProvider2> =
{<nsIDirectoryServiceProvider> = {<nsISupports> = {
_vptr.nsISupports = 0x8059228}, <No data fields>}, <No data
fields>}, <nsIProfileStartup> = {<nsISupports> = {
_vptr.nsISupports = 0x805924c}, <No data fields>}, mAppDir =
{<nsCOMPtr_base> = {mRawPtr = 0x805c498}, <No data fields>},
mXULAppDir = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>},
mProfileDir = {<nsCOMPtr_base> = {mRawPtr = 0x807b810}, <No data fields>},
mProfileLocalDir = {<nsCOMPtr_base> = {mRawPtr = 0x807b888}, <No data
fields>}, mProfileNotified = 1}
glib2 = (PRLibrary *) 0x805c0c8
nativeApp = {<nsCOMPtr_base> = {mRawPtr = 0x8076330}, <No data
fields>}
canRun = 1
registryFile = {<nsCOMPtr_base> = {mRawPtr = 0x8077000}, <No
data fields>}
xremotearg = <value optimized out>
ar = <value optimized out>
profileLock = {<nsCOMPtr_base> = {mRawPtr = 0x807bcf8}, <No
data fields>}
startOffline = 0
profD = {<nsCOMPtr_base> = {mRawPtr = 0x807b810}, <No data fields>}
profLD = {<nsCOMPtr_base> = {mRawPtr = 0x807b888}, <No data
fields>}
upgraded = 0
version = {<nsFixedCString> = {<nsCString> = {<nsCSubstring> =
{<nsACString_internal> = {mVTable = 0xb7e61de8,
mData = 0xbf819990 "1.5.0.9_2006122001/1.8.0.9_2006122001",
mLength = 37, mFlags = 65553}, <No data fields>}, <No data fields>},
mFixedCapacity = 63, mFixedBuf = 0xbf819990
"1.5.0.9_2006122001/1.8.0.9_2006122001"},
mStorage =
"1.5.0.9_2006122001/1.8.0.9_2006122001\000b·\000\000\000\000\000\000\000\000\001\000\000\000</?·\002\000\000\000ôÏñ·"}
osABI = {<nsCString> = {<nsCSubstring> = {<nsACString_internal>
= {mVTable = 0xb7e61de8, mData = 0x80577f3 "Linux_x86-gcc3",
mLength = 14, mFlags = 1}, <No data fields>}, <No data
fields>}, <No data fields>}
versionOK = <value optimized out>
needsRestart = 0
appInitiatedRestart = <value optimized out>
#43 0x0804abdf in main (argc=Cannot access memory at address 0x37383520
) at nsMailApp.cpp:62
No locals.
#44 0xb74d0ea8 in __libc_start_main () from /lib/tls/i686/cmov/libc.so.6
No symbol table info available.
#45 0x0804ab11 in _start () at ../sysdeps/i386/elf/start.S:119
No locals.
Hope this helps.
Merry Christmas,
Nicolas
