Last Comment Bug 221385 - Crash in libc strftime on completion of downloading any files
: Crash in libc strftime on completion of downloading any files
Status: RESOLVED FIXED
:
Product: NSPR
Classification: Components
Component: NSPR (show other bugs)
: other
: x86 FreeBSD
: -- blocker (vote)
: 4.4.1
Assigned To: Wan-Teh Chang
: Wan-Teh Chang
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2003-10-06 10:42 PDT by Avleen Vig
Modified: 2004-03-04 09:22 PST (History)
3 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Workaround to convert tm_zone locally (605 bytes, patch)
2003-10-13 02:47 PDT, Tai-hwa Liang
timeless: review+
Details | Diff | Splinter Review

Description Avleen Vig 2003-10-06 10:42:51 PDT
User-Agent:       Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6a) Gecko/20030925 Firebird/0.7+
Build Identifier: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6a) Gecko/20030925 Firebird/0.7+

When downloading a file (any file off the internet), firebird crashes as soon as
the fire download completes. Sometimes it crashes before it has completed.
The crash is in strftime, so I'm assuming it has somethign to do with working
out the date/time to print on how long it took to download the file.

Backtrace:
(gdb) where
#0  0x29f8039d in strftime () from /usr/lib/libc_r.so.4
#1  0x29f801c7 in strftime () from /usr/lib/libc_r.so.4
#2  0x29f7f720 in strftime () from /usr/lib/libc_r.so.4
#3  0x29a02d94 in PR_FormatTime (buf=0xbfbfd2f4 "17", buflen=40, 
    fmt=0x29a13cd6 "%Z", tm=0xbfbfd464)
    at /usr/home/viga3/tmp/mozilla/nsprpub/pr/src/misc/prtime.c:1674
#4  0x29a03685 in PR_FormatTimeUSEnglish (
    buf=0xbfbfd364 "Mon Oct 06 10:01:17
`\221<CE>\t`\221<CE>\t<D4><D3><BF><BF>\200*\214\t\016", 
    bufSize=236, format=0x93edd16 "%a %b %d %H:%M:%S %Z %Y", time=0xbfbfd464)
    at /usr/home/viga3/tmp/mozilla/nsprpub/pr/src/misc/prtime.c:1905
#5  0x8564018 in rdf_FormatDate (aTime=1065459677615497, aResult=@0xbfbfd504)
    at /usr/home/viga3/tmp/mozilla/rdf/base/src/rdfutil.cpp:181
#6  0x855f350 in nsRDFXMLSerializer::SerializeChildAssertion (this=0x9ce9940, 
    aStream=0xa191968, aResource=0xa092a60, aProperty=0x9f6f440, 
    aValue=0x9ce9160)
    at /usr/home/viga3/tmp/mozilla/rdf/base/src/nsRDFXMLSerializer.cpp:429
#7  0x855f95e in nsRDFXMLSerializer::SerializeProperty (this=0x9ce9940, 
    aStream=0xa191968, aResource=0xa092a60, aProperty=0x9f6f440, aInline=0, 
    aSkipped=0xbfbfd958)
    at /usr/home/viga3/tmp/mozilla/rdf/base/src/nsRDFXMLSerializer.cpp:491
#8  0x8560d60 in nsRDFXMLSerializer::SerializeDescription (this=0x9ce9940, 
    aStream=0xa191968, aResource=0xa092a60)
    at /usr/home/viga3/tmp/mozilla/rdf/base/src/nsRDFXMLSerializer.cpp:650
#9  0x85631ab in nsRDFXMLSerializer::Serialize (this=0x9ce9940, 
    aStream=0xa191968)
    at /usr/home/viga3/tmp/mozilla/rdf/base/src/nsRDFXMLSerializer.cpp:1045
#10 0x855b544 in RDFXMLDataSourceImpl::Serialize (this=0x9d24800, 
    aStream=0xa191968)
    at /usr/home/viga3/tmp/mozilla/rdf/base/src/nsRDFXMLDataSource.cpp:1175
#11 0x8559c25 in RDFXMLDataSourceImpl::rdfXMLFlush (this=0x9d24800, 
    aURI=0xa164d00)
    at /usr/home/viga3/tmp/mozilla/rdf/base/src/nsRDFXMLDataSource.cpp:827
#12 0x855a1ec in RDFXMLDataSourceImpl::Flush (this=0x9d24800)
    at /usr/home/viga3/tmp/mozilla/rdf/base/src/nsRDFXMLDataSource.cpp:880
#13 0x91d9875 in nsDownloadManager::AssertProgressInfoFor (this=0x9e60500, 
    aPath=0xbfbfe1e8)
    at
/usr/home/viga3/tmp/mozilla/browser/components/downloads/src/nsDownloadManager.cpp:368
#14 0x91d76b5 in nsDownloadManager::DownloadEnded (this=0x9e60500, 
    aPath=0xbfbfe1e8, aMessage=0x0)
    at
/usr/home/viga3/tmp/mozilla/browser/components/downloads/src/nsDownloadManager.cpp:232
#15 0x91e10ba in nsDownload::OnStateChange (this=0x9e6d000, aWebProgress=0x0, 
    aRequest=0x0, aStateFlags=16, aStatus=0)
    at
/usr/home/viga3/tmp/mozilla/browser/components/downloads/src/nsDownloadManager.cpp:1052

Reproducible: Always

Steps to Reproduce:
1. Build mozilla with the following options:
MOZ_THUNDERBIRD=1
BUILD_OFFICIAL=1
MOZ_OBJDIR=/home/viga3/tmp/obj-thunderbird
export MOZ_THUNDERBIRD BUILD_OFFICIAL MOZ_OBJDIR
mk_add_options MOZ_THUNDERBIRD=1
mk_add_options BUILD_OFFICIAL=1
mk_add_options MOZ_OBJDIR=/home/viga3/tmp/obj-thunderbird
ac_add_options --prefix=/usr/local/thunderbird
ac_add_options --disable-tests
ac_add_options --disable-debug
ac_add_options --disable-composer
ac_add_options --disable-calendar
ac_add_options --disable-xinerama
ac_add_options --disable-ctl
ac_add_options --disable-mathml
ac_add_options --disable-ldap
ac_add_options --disable-ldap-experimental
ac_add_options --disable-js-ultrasparc
ac_add_options --disable-xpfe-components
ac_add_options --disable-gtktest
ac_add_options --disable-shared
ac_add_options --enable-static
ac_add_options --enable-plaintext-editor-only
ac_add_options --enable-crypto
ac_add_options --enable-extensions=default,-content-packs,-help

2. run obj-firebird/dist/MozillaFirebird
3. Download a file off the internet and watch it crash. Sometimes happens with
small file (< 1k). Always happens with largers files (a few hundred kb).
Actual Results:  
The browser crashed. The shell wrapper tidied up the lock files, etc, and
exited. No corefile.

Expected Results:  
Not crash!

FreeBSD 4.8-STABLE (The problem has been present since at least 4.7-RELEASE)
PIII 650
256Mb RAM
XFree86 4.3.99 (tried with 4.3.0 and versions since then also, same problem)
Blackbox WM
gtk-1.2.10_10       Gimp Toolkit for X11 GUI (previous stable version)

:~ $ ls -l /usr/lib/libc.so.4                                                
-r--r--r--  1 root  wheel  648896 Aug  4 19:34 /usr/lib/libc.so.4

:~ $ file /usr/lib/libc.so.4
file /usr/lib/libc.so.4
/usr/lib/libc.so.4: ELF 32-bit LSB shared object, Intel 80386, version 1
(FreeBSD), stripped
Comment 1 Mike Connor [:mconnor] 2003-10-06 10:52:53 PDT
ben, this blocks having a FreeBSD nightlies contributed for Firebird
Comment 2 Avleen Vig 2003-10-09 00:43:48 PDT
Any updates on this? Still wanting to release FreeBSD nightlies :-)
Willing to test patches against -HEAD.
Comment 3 Tai-hwa Liang 2003-10-13 02:47:31 PDT
Created attachment 133180 [details] [diff] [review]
Workaround to convert tm_zone locally

It appears that the time zone conversion(strftime with a %Z format)
crashes(overflow!?) strftime. A quick workaround is to treat FREEBSD like the
other two ([NET|OPEN]BSD) platforms which compute the gmt offset locally.
Comment 4 Avleen Vig 2003-10-13 05:13:52 PDT
This patch works, please commit? :-)
Comment 5 Mike Connor [:mconnor] 2003-10-13 07:55:43 PDT
Comment on attachment 133180 [details] [diff] [review]
Workaround to convert tm_zone locally

requesting review from wtc, since this falls into NSPR.
Comment 6 timeless 2003-10-13 09:17:26 PDT
.
Comment 7 timeless 2003-10-13 09:18:59 PDT
.
Comment 8 Wan-Teh Chang 2003-10-13 12:37:38 PDT
Comment on attachment 133180 [details] [diff] [review]
Workaround to convert tm_zone locally

r=wtc.	This patch is good.  Thank you.
Comment 9 Wan-Teh Chang 2003-10-13 12:43:25 PDT
Patch checked into the NSPR trunk (NSPR 4.5) and the
NSPRPUB_PRE_4_2_CLIENT_BRANCH (Mozilla 1.6 alpha).
Comment 10 Mike Connor [:mconnor] 2004-02-22 19:55:57 PST
Comment on attachment 133180 [details] [diff] [review]
Workaround to convert tm_zone locally

This is still under my review queue, this was r=wtc
Comment 11 timeless 2004-03-04 09:22:46 PST
Comment on attachment 133180 [details] [diff] [review]
Workaround to convert tm_zone locally

for the record
mconnor marked (firebird-r)?wtc in comment 5
timeless moved the bug from firebird to nspr in comment 6
wtc marked r+ in Comment 8
mconnor removed wtc:(nspr-r)+ in comment 10

i added nspr to the firebird-r flag inclusion list
i removed mconnnor:(firebird-r)?wtc
i removed nspr from the firebird-r flag inclusion list
i changed the firebird-r flag description to actually say firefox [Firefox and
Thunderbird: this patch has passed review by a module owner or peer.]
i'm marking r+ although perhaps I should leave it blank and let wtc remark r+,
oh well.

Note You need to log in before you can comment on or make changes to this bug.