Closed Bug 287768 Opened 20 years ago Closed 19 years ago

Segmentation fault, possibly related to a few system crashes.

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED EXPIRED

People

(Reporter: paulgrogers, Assigned: bugzilla)

Details

(Keywords: crash) 

User-Agent:       Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.7.6) Gecko/20050306 Firefox/1.0.1
Build Identifier: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.7.6) Gecko/20050306 Firefox/1.0.1

After closing a session I saw this in the screen:
"/usr/local/lib/firefox-1.0.1/run-mozilla.sh: line 72: 306 Segmentation fault
"$prog" ${1+"$@"}

This is a LFS system, so I compiled FF from source.  (kernel-2.4.29,
XFree86-4.2.1, gcc-3.2.1, Glibc-2.3.1)  I saved everything, configure console
log, make & install console logs, source, etc.  Ask for what you need.  (Not
saving core dumps, and didn't compile with debug since I trust you and wouldn't
know what to make of the debug ionfo anyway.)

Had a system crash this morning while in FF.  /var/log/messages:
Mar 25 09:18:40 pod kernel: __alloc_pages: 0-order allocation failed (gfp=0x1d2/0)
Mar 25 09:18:40 pod kernel: VM: killing process X

Reproducible: Sometimes

Steps to Reproduce:
1.Intermittent, not sure what produces it.
2.
3.
Actual Results:  
Two full system crashes so far  with 1.0.1, one seg fault.

Expected Results:  
Reliable operation?  ;-)
Since I compile releases from source, it would really be nice if I could
download a release version 1.0.1 to release version 1.0.2 patch file, rather
than having to download the whole 32MB again over my modem, and then run a 4-5hr
recompile of it all.  That seems like such a waste.  I haven't been able to find
such a file so far.
Sorry, should have mentioned before that I was getting "invalid cast from
GtkSuperWin to GtkWidget" errors with the original firefox-1.0.1 compile, so I
searched for a solution.  I found mozilla-1.7-pluginwarn.patch, below.  That
fixed the Gtk error messages, but maybe it's related to these system crashes and
segmentation error?  Sorry, once it seemed to fix the error messages I went on
to other things and forgot about the patch.

--- mozilla/modules/plugin/base/src/ns4xPluginInstance.cpp.orig	Tue May  4
01:13:44 2004
+++ mozilla/modules/plugin/base/src/ns4xPluginInstance.cpp	Tue Jul 20 00:02:39 2004
@@ -1089,7 +1089,7 @@
 
   gpointer user_data = nsnull;
   gdk_window_get_user_data(win, &user_data);
-  if (user_data) {
+  if (user_data && GTK_IS_WIDGET(user_data)) {
     GtkWidget* widget = GTK_WIDGET(user_data);
 
     if (GTK_IS_SOCKET(widget))
Keywords: crash
I hope I'm not introducing any red-herrings, but I have more "data".  

To check whether the patch could be responsible I archived the patched version
and replaced it with the clean, original 1.0.1.  Then I happened to try to open
my inbox to receive some email online at the "My-Yahoo! Email" and three
straight times in quick succession the system crashed doing that.  Later I used
an old DOS/Win31/NN4.08 system to go there successfully (if not without constant
complaining from the Yahoo! pages ;-) to find two "identical" spam messages with
strange Subject lines.  I deleted them.  This morning I went back to the
My-Yahoo! Email page when there was no mail waiting and the page opened
successfully.  That's a pretty far fetched string of circumstances for a cause
and effect!
I'm sorry to have to write that my last report was still with the patched
version.  I am now back on the distributed 1.0.1 version.  I'm sure of it, this
time.  I sent myself some email to the MyYahoo! email page, with a simple
Subject line, and experienced no issues.  If it's indicative, I had no system
crashes in the two weeks between when I originally installed this 1.0.1 version,
and the one with the Gtk error patch.  Could the patch be faulty?  I'll see how
it goes from here and report any problems.  The error message is annyoing, but
apparently not causing observable instability.

Oh, yes, I've been meaning to add that my local configuration uses Gtk/glib-1.2.10
OK, it happened again with firefox-1.0.1, again trying to open my inbox at my
MyYahoo email page.  Got the same message on messages.  Now I'm going to try it
again, but I wanted to report this first in case it dies again.
Yep, it began down that failure path again.  When I began to open the inbox I
noticed the minute or so of excess disk activity that is indicative of the
failure process.  After a few seconds I "rescued" it with a CTL-ALT-Backspace to
stop X.  The system survived.

I have been using my MyYahoo email since my report on 3/30.  I plan to go use a
Win95/MSIE box to see what email is there.  This site has some advertizing, so
there could be something about that.  I'll report if I find anything indicative.

I do not have J2RE plugin installed, yet.
OK, got someting here.  I'm on Win95 using an official Firefox 1.0.1 binary
release.  The inbox opened and reveals a (spam?) message where the sender is
identified as "Bar?cl?ays".  (Not sure if the ? was translated from some
non-ASCII binary.)
Normally, I would deleted a spam mesage without even looking at it, but in the
interest of debugging this time I looked at it.  It was about "verifying" some
email account, "click on the following link", with every word having a
transposition.  The sender email address was probably forged, a random bunch of
letters at yahoo.com.

But the only thing visible from the inbox index was the senders "name" with the
two "?" in it, and a normal looking subject.  But not only is that crashing
firefox, it does that in an ugly enough way that it crashes my whole
XFree86-4.2.1, Linux 2.4.29 system!  Very uncool!!!
I was browsing a local copy of the Network Administration Guide 2, from
nag-2.0.html.tar.gz, and on entering section 9.6 on old Linux 2.0 firewalls,
firefox-1.0.3 crashed, took down XFree86-4.2.1 with it, and crashed
Linux-2.4.29.  I tried it a second time to check for reproducibility.  If I
press CTL-ALT-Backspace when the page isn't rendered after a few seconds, I can
terminate X and save the system.  This version of firefox was compiled locally,
and patched with the mozilla-1.7-pluginwarn.patch.

So this appears to be another example of the problem I reported earlier with my
Yahoo email, but one which is reproducible on demand.
This is an automated message, with ID "auto-resolve01".

This bug has had no comments for a long time. Statistically, we have found that
bug reports that have not been confirmed by a second user after three months are
highly unlikely to be the source of a fix to the code.

While your input is very important to us, our resources are limited and so we
are asking for your help in focussing our efforts. If you can still reproduce
this problem in the latest version of the product (see below for how to obtain a
copy) or, for feature requests, if it's not present in the latest version and
you still believe we should implement it, please visit the URL of this bug
(given at the top of this mail) and add a comment to that effect, giving more
reproduction information if you have it.

If it is not a problem any longer, you need take no action. If this bug is not
changed in any way in the next two weeks, it will be automatically resolved.
Thank you for your help in this matter.

The latest beta releases can be obtained from:
Firefox:     http://www.mozilla.org/projects/firefox/
Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html
Seamonkey:   http://www.mozilla.org/projects/seamonkey/

This bug has been automatically resolved after a period of inactivity (see above
comment). If anyone thinks this is incorrect, they should feel free to reopen it.
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → EXPIRED
You need to log in before you can comment on or make changes to this bug.