Closed Bug 235201 Opened 21 years ago Closed 21 years ago

selecting "downloads" in "options" cause segfault [@ nsGNOMERegistry::GetFromType]

Categories

(Core Graveyard :: File Handling, defect)

Product:
Core Graveyard
Component:
File Handling
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: basic, Assigned: chpe)

Details

Attachments

(1 file)

proposed fix
1.70 KB, patch
bryner
: superreview+
Details | Diff | Splinter Review
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7b) Gecko/20040222 Firefox/0.8.0+ selecting "downloads" in "options" cause segfault. Backtrace below. #0 0x40810006 in nanosleep () from /lib/i686/libc.so.6 #1 0xffffffa0 in ?? () #2 0x08062316 in ah_crap_handler(int) (signum=11) at nsSigHandlers.cpp:135 #3 0x41c54346 in nsProfileLock::FatalSignalHandler(int) (signo=0) at /mnt/build/mozilla/profile/dirserviceprovider/src/nsProfileLock.cpp:209 #4 0x4022f4ec in __pthread_clock_settime () from /lib/i686/libpthread.so.0 #5 0x4078dca8 in __libc_sigaction () from /lib/i686/libc.so.6 #6 0x41f201c5 in nsDependentCString (this=0xbfff843c, data=0xbfff84b8 "\177\003ÿÿ#\001ÿÿÿÿÿÿ") at nsTDependentString.h:90 #7 0x41f557df in nsGNOMERegistry::GetFromType(char const*) (aMIMEType=0x8a9ab30 "text/x-javascript") at /mnt/build/mozilla/uriloader/exthandler/unix/nsGNOMERegistry.cpp:297 #8 0x41f53180 in nsOSHelperAppService::GetFromType(char const*) (this=0x8152190, aMIMEType=0x8a9ab30 "text/x-javascript") at /mnt/build/mozilla/uriloader/exthandler/unix/nsOSHelperAppService.cpp:1531 #9 0x41f53312 in nsOSHelperAppService::GetMIMEInfoFromOS(char const*, char const*, int*) (this=0x8152190, aType=0x8a9ab30 "text/x-javascript", aFileExt=0x0, aFound=0xbfff9098) at /mnt/build/mozilla/uriloader/exthandler/unix/nsOSHelperAppService.cpp:1619 #10 0x41f43aef in nsExternalHelperAppService::GetFromTypeAndExtension(char const*, char const*, nsIMIMEInfo**) ( this=0x8152190, aMIMEType=0x8a9ab30 "text/x-javascript", aFileExt=0x0, _retval=0xbfff9300) at /mnt/build/mozilla/uriloader/exthandler/nsExternalHelperAppService.cpp:2198 #11 0x401a6f7d in XPTC_InvokeByIndex () from /mnt/build/mozilla/obj-firefox/dist/bin/libxpcom.so #12 0x40b49019 in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) (ccx=@0xbfff93a0, mode=CALL_METHOD) at /mnt/build/mozilla/js/src/xpconnect/src/xpcwrappednative.cpp:2021 #13 0x40b51f00 in XPC_WN_CallMethod(JSContext*, JSObject*, unsigned, long*, long*) (cx=0x879afa0, obj=0x84cf430, argc=2, argv=0x8a8ba30, vp=0xbfff94d0) at /mnt/build/mozilla/js/src/xpconnect/src/xpcwrappednativejsops.cpp:1287 #14 0x40052714 in js_Invoke (cx=0x879afa0, argc=2, flags=0) at /mnt/build/mozilla/js/src/jsinterp.c:941 #15 0x400589da in js_Interpret (cx=0x879afa0, result=0xbfff97fc) at /mnt/build/mozilla/js/src/jsinterp.c:2962 #16 0x400527dc in js_Invoke (cx=0x879afa0, argc=3, flags=2) at /mnt/build/mozilla/js/src/jsinterp.c:958 #17 0x40b4223a in nsXPCWrappedJSClass::CallMethod(nsXPCWrappedJS*, unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) (this=0x89db778, wrapper=0x89e20e0, methodIndex=7, info=0x868f168, nativeParams=0xbfff9c10) at /mnt/build/mozilla/js/src/xpconnect/src/xpcwrappedjsclass.cpp:1336 #18 0x40b3c77f in nsXPCWrappedJS::CallMethod(unsigned short, nsXPTMethodInfo const*, nsXPTCMiniVariant*) ( this=0x89e20e0, methodIndex=7, info=0x868f168, params=0xbfff9c10) at /mnt/build/mozilla/js/src/xpconnect/src/xpcwrappedjs.cpp:449 #19 0x401a71f4 in PrepareAndDispatch (methodIndex=7, self=0x89e20e0, args=0x868f168) ---Type <return> to continue, or q <return> to quit--- at /mnt/build/mozilla/xpcom/reflect/xptcall/src/md/unix/xptcstubs_gcc_x86_unix.cpp:100 #20 0x419ace4b in CompositeAssertionEnumeratorImpl::GetEnumerator(nsIRDFDataSource*, nsISimpleEnumerator**) ( this=0x408919a0, aDataSource=0xbfff8158, aResult=0x8a4c4f0) at /mnt/build/mozilla/rdf/base/src/nsCompositeDataSource.cpp:573 #21 0x419ac504 in CompositeEnumeratorImpl::HasMoreElements(int*) (this=0x86777b0, aResult=0xbfff9dd4) at /mnt/build/mozilla/rdf/base/src/nsCompositeDataSource.cpp:240 #22 0x4157eb6f in nsRDFPropertyTestNode::FilterInstantiations(InstantiationSet&, void*) const (this=0x8a600f0, aInstantiations=@0xbfffa050, aClosure=0xbfffa2b0) at /mnt/build/mozilla/content/xul/templates/src/nsRDFPropertyTestNode.cpp:245 #23 0x41582359 in TestNode::Propagate(InstantiationSet const&, void*) (this=0x8a600f0, aInstantiations=@0xbfffa0c0, aClosure=0xbfffa2b0) at /mnt/build/mozilla/content/xul/templates/src/nsRuleNetwork.cpp:1045 #24 0x41582411 in TestNode::Propagate(InstantiationSet const&, void*) (this=0x8a4c390, aInstantiations=@0xbfffa130, aClosure=0xbfffa2b0) at /mnt/build/mozilla/content/xul/templates/src/nsRuleNetwork.cpp:1054 #25 0x41582411 in TestNode::Propagate(InstantiationSet const&, void*) (this=0x8a601a0, aInstantiations=@0xbfffa1a0, aClosure=0xbfffa2b0) at /mnt/build/mozilla/content/xul/templates/src/nsRuleNetwork.cpp:1054 #26 0x41582411 in TestNode::Propagate(InstantiationSet const&, void*) (this=0x8a4c4a8, aInstantiations=@0xbfffa320, aClosure=0xbfffa2b0) at /mnt/build/mozilla/content/xul/templates/src/nsRuleNetwork.cpp:1054 #27 0x415819da in RootNode::Propagate(InstantiationSet const&, void*) (this=0x8741d48, aInstantiations=@0xbfffa320, aClosure=0xbfffa2b0) at /mnt/build/mozilla/content/xul/templates/src/nsRuleNetwork.cpp:761 #28 0x41587425 in nsXULContentBuilder::CreateContainerContents(nsIContent*, nsIRDFResource*, int, nsIContent**, int*) (this=0x8741d08, aElement=0x89fe720, aResource=0xbfffa320, aNotify=0, aContainer=0xbfffa480, aNewIndexInContainer=0xbfffa458) at /mnt/build/mozilla/content/xul/templates/src/nsXULContentBuilder.cpp:1227 #29 0x415871bc in nsXULContentBuilder::CreateTemplateAndContainerContents(nsIContent*, nsIContent**, int*) ( this=0x8741d08, aElement=0x89fe720, aContainer=0xbfffa480, aNewIndexInContainer=0xbfffa458) at /mnt/build/mozilla/content/xul/templates/src/nsXULContentBuilder.cpp:1147 #30 0x415896e4 in nsXULContentBuilder::RebuildAll() (this=0x8741d08) at /mnt/build/mozilla/content/xul/templates/src/nsXULContentBuilder.cpp:1965 #31 0x4159bf87 in nsXULTemplateBuilder::Rebuild() (this=0x8741d08) at /mnt/build/mozilla/content/xul/templates/src/nsXULTemplateBuilder.cpp:237 #32 0x4159c127 in nsXULTemplateBuilder::AttributeChanged(nsIDocument*, nsIContent*, int, nsIAtom*, int) ( this=0x8741d08, aDocument=0x8742650, aContent=0x89fe720, aNameSpaceID=0, aAttribute=0x8136798, aModType=2) ---Type <return> to continue, or q <return> to quit---
Assignee: firefox → darin
hm, this is an interesting crash basic: Can you paste the output of running "locale" in this bug?
my locale is as below: LANG=en_SG LC_CTYPE=en_SG LC_NUMERIC=ms_MY LC_TIME=en_SG LC_COLLATE=en_SG LC_MONETARY=ms_MY LC_MESSAGES=en_SG LC_PAPER=ms_MY LC_NAME=ms_MY LC_ADDRESS=ms_MY LC_TELEPHONE=ms_MY LC_MEASUREMENT=ms_MY LC_IDENTIFICATION=ms_MY LC_ALL=
I doubt this has anything to do with my locale as when I set it to en_US I still see the crash.
http://lxr.mozilla.org/seamonkey/source/uriloader/exthandler/unix/nsGNOMERegistry.cpp 291 gchar *commandPath = g_find_program_in_path(nativeCommand); 292 293 g_free(nativeCommand); 294 295 nsCOMPtr<nsILocalFile> appFile; 296 NS_NewNativeLocalFile(nsDependentCString(commandPath), PR_TRUE, 297 getter_AddRefs(appFile)); nsDependentCString can't wrap a NULL buffer, but g_find_program_in_path() returns NULL when the program is not found in the path.
Attached patch proposed fixSplinter Review
I noticed another early return leaked a GnomeVFSMimeApplication object, fixed that too.
Attachment #142258 - Flags: superreview?(bryner)
Attachment #142258 - Flags: review?(cbiesinger)
Comment on attachment 142258 [details] [diff] [review] proposed fix looks good hm... but is this the crash from comment 0? well, this is the right thing in any case.
Attachment #142258 - Flags: review?(cbiesinger) → review+
Comment on attachment 142258 [details] [diff] [review] proposed fix just tested this patch, no more crash.
Summary: selecting "downloads" in "options" cause segfault → selecting "downloads" in "options" cause segfault [@ nsGNOMERegistry::GetFromType]
Attachment #142258 - Flags: superreview?(bryner) → superreview+
Could someone please check this in? I won't be able to in the next few days...
I'll do it in the morning (Sat)
Assignee: darin → chpe
Component: Preferences → File Handling
Product: Firefox → Browser
Version: unspecified → Trunk
I checked this in while I was doing some other checkins Checking in nsGNOMERegistry.cpp; /cvsroot/mozilla/uriloader/exthandler/unix/nsGNOMERegistry.cpp,v <-- nsGNOMERegistry.cpp new revision: 1.8; previous revision: 1.7 done
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: