Thunderbird 52.2.0-1 on Arch Linux (4.11.5-1-ARCH) crashes when user clicks on a contact in the chat tab and Thunderbird is compiled with GCC 7

RESOLVED WORKSFORME

Status

--
critical
RESOLVED WORKSFORME
2 years ago
6 months ago

People

(Reporter: bugzilla, Unassigned)

Tracking

({crash})

52 Branch
crash

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(6 attachments)

(Reporter)

Description

2 years ago
Created attachment 8878582 [details]
Thunderbird 52.2.0-1 Crash journalctl.txt

User Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:43.0) Gecko/20100101 Firefox/43.0 SeaMonkey/2.40

Steps to reproduce:

Launch Thunderbird -> click Chat button -> click contact under "Online Contacts"


Actual results:

Thunderbird crashes (the window disappears)


Expected results:

Previous conversation should have been loaded in main window
"the window disappears" but you don't have to kill the process?
Component: Untriaged → Instant Messaging
Flags: needinfo?(bugzilla)
(Reporter)

Comment 2

2 years ago
(In reply to Wayne Mery (:wsmwk, NI for questions) from comment #1)
> "the window disappears" but you don't have to kill the process?

No I don't have to kill the process manually.  

More - Thunderbird autoconnects to an XMPP account.  It connects ok but crashes when I click on an online contact.  After launching TB again the "chat status" windows says "A previous run exited unexpectedly while connecting a new or edited account.  It has not been contacted so you can Edit its Settings."

Was previously on 52.1.1-1-x86_64 and this behavior is new.
Flags: needinfo?(bugzilla)

Comment 3

2 years ago
The crash is a segmentation fault in /usr/lib/thunderbird/libxul.so.

For me it crashes if I select a contact with chat history. Contacts without history are fine.

Updated

2 years ago
Severity: normal → critical
Keywords: crash

Comment 4

2 years ago
I rebuilt Thunderbird with --disable-optimize --enable-debug, and the crash disappeared. I'll try to get a meaningful stacktrace for the normal build.

Note: the compiler is GCC 7.1.1 20170516.
(In reply to Andrey Vihrov from comment #4)
> I rebuilt Thunderbird with --disable-optimize --enable-debug, and the crash
> disappeared. I'll try to get a meaningful stacktrace for the normal build.

thanks
Flags: needinfo?(andrey.vihrov)
Keywords: stackwanted

Comment 6

2 years ago
Created attachment 8882788 [details]
Stack trace
Flags: needinfo?(andrey.vihrov)

Comment 7

2 years ago
Created attachment 8882789 [details]
buildconfig.txt

Comment 8

2 years ago
I have the same crash with IRC accounts, so the issue is likely not specific to single protocols.
The log shows "prpl-irc: Connection closed by server." as last entry before the crash.

Comment 9

2 years ago
Created attachment 8882860 [details]
Stack trace when clicking reconnect in account list

Updated

2 years ago
Duplicate of this bug: 1376908

Comment 11

2 years ago
It crashes for me when loading any chat history.

I had 4 Twitter accounts connected. I removed all of them, as well as all of their logs, reconnected a single one -> it crashes when loading the chat window.

Comment 12

2 years ago
Created attachment 8891612 [details]
Stack trace when opening Twitter chat window

From my Arch system journal.

Comment 13

a year ago
Any progress? I also have this issue.
Does it also happen with beta from http://www.mozilla.org/en-US/thunderbird/channel/ ?
Flags: needinfo?(bugzilla)
It works for me on archlinux with thunderbird-beta-bin 58.0b1-1 found on AUR.

Comment 16

a year ago
The official beta build linked above works, but is compiled with GCC 4.9. It is possible that this crash is caused by optimizations introduced in GCC 7.

Updated

a year ago
See Also: → bug 1431150

Comment 17

a year ago
Is there any work going on regarding this bug? For me the Thunderbird build (52.6.0) from Arch Linux still crashes as soon as somebody messages me or when I try to message someone. The beta build from AUR mentioned by Jérémie Marquès works.
Patrick, can you move this forward with someone? Thanks


Only attachment 8882860 [details] and attachment 8882788 [details] have mozilla symbols, respectively

* attachment 8882860 [details]
#0  0x00007f9ba47b87f0 in raise () at /usr/lib/libpthread.so.0
#1  0x00007f9b97ebc436 in nsProfileLock::FatalSignalHandler(int, siginfo_t*, void*) () at /usr/lib/thunderbird/libxul.so
#2  0x00007f9b988cffc8 in void WasmFaultHandler<(Signal)0>(int, siginfo_t*, void*) () at /usr/lib/thunderbird/libxul.so
#3  0x00007f9ba47b8940 in <signal handler called> () at /usr/lib/libpthread.so.0
#4  0x00007f9b987c8621 in js::ProxyObject::New(JSContext*, js::BaseProxyHandler const*, JS::Handle<JS::Value>, js::TaggedProto, js::ProxyOptions const&) () at /usr/lib/thunderbird/libxul.so
#5  0x00007f9b9869c8e6 in js::CloneObject(JSContext*, JS::Handle<JSObject*>, JS::Handle<js::TaggedProto>) () at /usr/lib/thunderbird/libxul.so
#6  0x00007f9b9866476b in JS_CloneObject(JSContext*, JS::Handle<JSObject*>, JS::Handle<JSObject*>) () at /usr/lib/thunderbird/libxul.so
#7  0x00007f9b96d4036f in mozilla::dom::ReparentWrapper(JSContext*, JS::Handle<JSObject*>) () at /usr/lib/thunderbird/libxul.so
#8  0x00007f9b96f73ec5 in nsHTMLDocument::Open(JSContext*, nsAString_internal const&, nsAString_internal const&, mozilla::ErrorResult&) () at /usr/lib/thunderbird/libxul.so
#9  0x00007f9b96c47135 in mozilla::dom::HTMLDocumentBinding::open(JSContext*, JS::Handle<JSObject*>, nsHTMLDocument*, JSJitMethodCallArgs const&) () at /usr/lib/thunderbird/libxul.so
#10 0x00007f9b96d38d7b in mozilla::dom::GenericBindingMethod(JSContext*, unsigned int, JS::Value*) () at /usr/lib/thunderbird/libxul.so

* attachment 8882788 [details]
#0  0x00007fffeb882911 in js::ProxyObject::New(JSContext*, js::BaseProxyHandler const*, JS::Handle<JS::Value>, js::TaggedProto, js::ProxyOptions const&) (cx=cx@entry=0x7fffdc4a0000, handler=0x7fffecee0500 <mozilla::dom::HTMLDocumentBinding::DOMProxyHandler::getInstance()::instance>, priv=..., proto_=..., options=...) at /home/andrey/download/thunderbird/src/thunderbird-52.2.1/mozilla/js/src/vm/ProxyObject.cpp:50
#1  0x00007fffeb74f966 in js::CloneObject(JSContext*, JS::Handle<JSObject*>, JS::Handle<js::TaggedProto>) (cx=cx@entry=0x7fffdc4a0000, obj=..., proto=..., proto@entry=...)
    at /home/andrey/download/thunderbird/src/thunderbird-52.2.1/mozilla/js/src/jsobj.cpp:1136
#2  0x00007fffeb716e5b in JS_CloneObject(JSContext*, JS::Handle<JSObject*>, JS::Handle<JSObject*>) (cx=cx@entry=0x7fffdc4a0000, obj=..., obj@entry=..., protoArg=...)
    at /home/andrey/download/thunderbird/src/thunderbird-52.2.1/mozilla/js/src/jsfriendapi.cpp:656
#3  0x00007fffe9c37215 in mozilla::dom::ReparentWrapper(JSContext*, JS::Handle<JSObject*>) (aCx=aCx@entry=0x7fffdc4a0000, aObjArg=..., aObjArg@entry=...)
    at /home/andrey/download/thunderbird/src/thunderbird-52.2.1/mozilla/dom/bindings/BindingUtils.cpp:2145
#4  0x00007fffe9e7faa5 in nsHTMLDocument::Open(JSContext*, nsAString_internal const&, nsAString_internal const&, mozilla::ErrorResult&) (this=this@entry=
    0x7fffcabef000, cx=cx@entry=0x7fffdc4a0000, aType=..., aReplace=..., rv=...) at /home/andrey/download/thunderbird/src/thunderbird-52.2.1/mozilla/dom/html/nsHTMLDocument.cpp:1634
#5  0x00007fffe9b2d4f5 in mozilla::dom::HTMLDocumentBinding::open(JSContext*, JS::Handle<JSObject*>, nsHTMLDocument*, JSJitMethodCallArgs const&) (cx=0x7fffdc4a0000, obj=..., self=0x7fffcabef000, args=...)
    at /home/andrey/download/thunderbird/src/thunderbird-52.2.1/obj-x86_64-pc-linux-gnu/dom/bindings/HTMLDocumentBinding.cpp:527
#6  0x00007fffe9c30e09 in mozilla::dom::GenericBindingMethod(JSContext*, unsigned int, JS::Value*) (cx=cx@entry=0x7fffdc4a0000, argc=<optimized out>, vp=<optimized out>)
    at /home/andrey/download/thunderbird/src/thunderbird-52.2.1/mozilla/dom/bindings/BindingUtils.cpp:2879
#7  0x00007fffeb868b6e in js::CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), JS::CallArgs const&) (args=..., native=<optimized out>, cx=0x7fffdc4a0000)
    at /home/andrey/download/thunderbird/src/thunderbird-52.2.1/mozilla/js/src/jscntxtinlines.h:239
#8  0x00007fffeb868b6e in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) (cx=cx@entry=0x7fffdc4a0000, args=..., construct=construct@entry=js::NO_CONSTRUCT)
    at /home/andrey/download/thunderbird/src/thunderbird-52.2.1/mozilla/js/src/vm/Interpreter.cpp:459
#9  0x00007fffeb868d64 in InternalCall(JSContext*, js::AnyInvokeArgs const&) (cx=cx@entry=0x7fffdc4a0000, args=...)
    at /home/andrey/download/thunderbird/src/thunderbird-52.2.1/mozilla/js/src/vm/Interpreter.cpp:504
#10 0x00007fffeb868dc8 in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>) (cx=cx@entry=0x7fffdc4a0000, fval=...,
Flags: needinfo?(bugzilla) → needinfo?(clokep)
Keywords: stackwanted
This is a bit beyond me, I think. Maybe Florian knows what's happening?
Flags: needinfo?(clokep) → needinfo?(florian)
(In reply to Patrick Cloke [:clokep] from comment #19)
> This is a bit beyond me, I think. Maybe Florian knows what's happening?

No idea, sorry.
Flags: needinfo?(florian)

Comment 21

10 months ago
Just a note: in the duplicate bug report it was confirmed that a GCC 6 build works. The crash should be reproducible if Thunderbird is compiled with GCC 7.

Updated

10 months ago
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: Thunderbird 52.2.0-1 on Arch Linux (4.11.5-1-ARCH) crashes when user clicks on a contact in the chat tab → Thunderbird 52.2.0-1 on Arch Linux (4.11.5-1-ARCH) crashes when user clicks on a contact in the chat tab and Thunderbird is compiled with GCC 7
see bug 1342344 comment 2. Is there a direct correlation?
Flags: needinfo?(bugzilla)

Updated

8 months ago
Blocks: 1468103

Comment 23

8 months ago
Created attachment 8990002 [details]
threaddump.txt

Thread dump from crash on Arch Linux (Thunderbird 52.8.0).

Comment 24

8 months ago
Also affected by this (Thunderbird 52.8.0 on Arch Linux).

I attached a thread dump from the crash.

Comment 25

7 months ago
I can confirm that this has been solved after updating to thunderbird 60.0-2 with glibc 2.28-1.

Comment 26

7 months ago
Yes, the crash is gone (or masked) with Thunderbird 60.0 on Arch Linux. It is built with GCC 8.2.

For reference, here are the toolchain versions for the working configuration:

glibc 2.28
binutils 2.31
gcc 8.2.0

Compiler flags:

-D_FORTIFY_SOURCE=2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wall -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wsign-compare -Wtype-limits -Wunreachable-code -Wwrite-strings -Wno-invalid-offsetof -Wc++1z-compat -Wduplicated-cond -Wimplicit-fallthrough -Wno-error=maybe-uninitialized -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=free-nonheap-object -Wformat -Wformat-overflow=2 -fno-sized-deallocation -march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -g -freorder-blocks -O2 -fomit-frame-pointer

And build config:

--enable-application=comm/mail --enable-update-channel=release --enable-hardening --enable-linker=gold --enable-calendar --enable-system-ffi --with-mozilla-api-keyfile=/build/thunderbird/src/thunderbird-60.0/mozilla-api-key --with-google-api-keyfile=/build/thunderbird/src/thunderbird-60.0/google-api-key --enable-rust-simd MAKE=/usr/bin/make --enable-system-hunspell --enable-alsa --disable-crashreporter --enable-official-branding --enable-pie --enable-startup-notification --enable-system-sqlite --disable-updater --prefix=/usr --with-distribution-id=org.archlinux --with-system-bz2 --with-system-icu --with-system-jpeg --with-system-libvpx --with-system-nspr --with-system-nss --with-system-zlib

Updated

7 months ago
Status: NEW → RESOLVED
Last Resolved: 7 months ago
Flags: needinfo?(bugzilla)
Resolution: --- → WORKSFORME

Updated

6 months ago
Duplicate of this bug: 1468103
You need to log in before you can comment on or make changes to this bug.