Closed
Bug 118279
Opened 23 years ago
Closed 23 years ago
URL Loads, displays, then segfaults in nsCOMPtr_base::~nsCOMPtr_base(void)
Categories
(Core :: XPCOM, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: harik, Assigned: dougt)
References
()
Details
(Keywords: crash, stackwanted)
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.7) Gecko/20011229 BuildID: 20011229 Something's clobbering a pointer, and it's in C++ nastyness so I'm at a loss. The actuall code in question seems innocent, if (pointer) MACRO_FREE(pointer), but somehow the address in the object for the pointer is getting zeroed. I let it dump core and went in with gdb, more information is available there. Reproducible: Always Steps to Reproduce: 1. Start browser. 2. Load URL. 3. Core dump. (gdb) bt #0 0x401a721f in nsCOMPtr_base::~nsCOMPtr_base () from /usr/lib/libxpcom.so (gdb) disass Dump of assembler code for function _._13nsCOMPtr_base: 0x401a7208 <_._13nsCOMPtr_base>: push %ebp 0x401a7209 <_._13nsCOMPtr_base+1>: mov %esp,%ebp 0x401a720b <_._13nsCOMPtr_base+3>: sub $0x10,%esp 0x401a720e <_._13nsCOMPtr_base+6>: push %esi 0x401a720f <_._13nsCOMPtr_base+7>: push %ebx 0x401a7210 <_._13nsCOMPtr_base+8>: call 0x401a7215 <_._13nsCOMPtr_base+13> 0x401a7215 <_._13nsCOMPtr_base+13>: pop %ebx 0x401a7216 <_._13nsCOMPtr_base+14>: add $0x1f4e7,%ebx 0x401a721c <_._13nsCOMPtr_base+20>: mov 0x8(%ebp),%esi 0x401a721f <_._13nsCOMPtr_base+23>: mov (%esi),%edx 0x401a7221 <_._13nsCOMPtr_base+25>: test %edx,%edx 0x401a7223 <_._13nsCOMPtr_base+27>: je 0x401a7233 <_._13nsCOMPtr_base+43> 0x401a7225 <_._13nsCOMPtr_base+29>: add $0xfffffff4,%esp 0x401a7228 <_._13nsCOMPtr_base+32>: mov (%edx),%eax 0x401a722a <_._13nsCOMPtr_base+34>: push %edx 0x401a722b <_._13nsCOMPtr_base+35>: mov 0x10(%eax),%eax 0x401a722e <_._13nsCOMPtr_base+38>: call *%eax
Reporter | ||
Comment 1•23 years ago
|
||
http://finance.yahoo.com/ alone yields the crash, the extra information is personilzation and requires a login.
![]() |
||
Comment 2•23 years ago
|
||
Where is this destructor getting called from (what're the next 10-20 things on the stack?)
Comment 4•23 years ago
|
||
Reporter, do you still crash with latest nightly build ? Build available here: http://ftp.mozilla.org/pub/mozilla/nightly/latest/mozilla-i686-pc-linux-gnu-sea.tar.gz
Keywords: crash,
stackwanted
Comment 5•23 years ago
|
||
Resolving worksforme - more than a month since a request to the reporter (Dan Merillat) and no reply. Reporter - please reopen this bug if it still occurs in a recent (Moz 1.0RC1+) build.
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•