Closed Bug 118279 Opened 23 years ago Closed 23 years ago

URL Loads, displays, then segfaults in nsCOMPtr_base::~nsCOMPtr_base(void)

Categories

(Core :: XPCOM, defect)

x86
Linux
defect
Not set
critical

Tracking

()

RESOLVED WORKSFORME

People

(Reporter: harik, Assigned: dougt)

References

()

Details

(Keywords: crash, stackwanted)

From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.7) Gecko/20011229 BuildID: 20011229 Something's clobbering a pointer, and it's in C++ nastyness so I'm at a loss. The actuall code in question seems innocent, if (pointer) MACRO_FREE(pointer), but somehow the address in the object for the pointer is getting zeroed. I let it dump core and went in with gdb, more information is available there. Reproducible: Always Steps to Reproduce: 1. Start browser. 2. Load URL. 3. Core dump. (gdb) bt #0 0x401a721f in nsCOMPtr_base::~nsCOMPtr_base () from /usr/lib/libxpcom.so (gdb) disass Dump of assembler code for function _._13nsCOMPtr_base: 0x401a7208 <_._13nsCOMPtr_base>: push %ebp 0x401a7209 <_._13nsCOMPtr_base+1>: mov %esp,%ebp 0x401a720b <_._13nsCOMPtr_base+3>: sub $0x10,%esp 0x401a720e <_._13nsCOMPtr_base+6>: push %esi 0x401a720f <_._13nsCOMPtr_base+7>: push %ebx 0x401a7210 <_._13nsCOMPtr_base+8>: call 0x401a7215 <_._13nsCOMPtr_base+13> 0x401a7215 <_._13nsCOMPtr_base+13>: pop %ebx 0x401a7216 <_._13nsCOMPtr_base+14>: add $0x1f4e7,%ebx 0x401a721c <_._13nsCOMPtr_base+20>: mov 0x8(%ebp),%esi 0x401a721f <_._13nsCOMPtr_base+23>: mov (%esi),%edx 0x401a7221 <_._13nsCOMPtr_base+25>: test %edx,%edx 0x401a7223 <_._13nsCOMPtr_base+27>: je 0x401a7233 <_._13nsCOMPtr_base+43> 0x401a7225 <_._13nsCOMPtr_base+29>: add $0xfffffff4,%esp 0x401a7228 <_._13nsCOMPtr_base+32>: mov (%edx),%eax 0x401a722a <_._13nsCOMPtr_base+34>: push %edx 0x401a722b <_._13nsCOMPtr_base+35>: mov 0x10(%eax),%eax 0x401a722e <_._13nsCOMPtr_base+38>: call *%eax
http://finance.yahoo.com/ alone yields the crash, the extra information is personilzation and requires a login.
Where is this destructor getting called from (what're the next 10-20 things on the stack?)
WFM, Linux 2002010308.
Reporter, do you still crash with latest nightly build ? Build available here: http://ftp.mozilla.org/pub/mozilla/nightly/latest/mozilla-i686-pc-linux-gnu-sea.tar.gz
Keywords: crash, stackwanted
Resolving worksforme - more than a month since a request to the reporter (Dan Merillat) and no reply. Reporter - please reopen this bug if it still occurs in a recent (Moz 1.0RC1+) build.
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.