Closed Bug 309557 Opened 19 years ago Closed 15 years ago

Random segmentation violations, apparently in libmozjs.so

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: mozillabugs0002, Unassigned)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a1) Gecko/20050921 Firefox/1.6a1
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a1) Gecko/20050921 Firefox/1.6a1

For the past few days, I've been getting crashes on my Deer Park builds. 
Sometimes when I'm interacting with the browser, sometimes as it's sitting idle.
 It just disappears with a segmentation violation.  I built a new version with
an unstripped binary, and caught a core file.

Note that, when idle, the browser sometimes auto-refreshes pages in some tabs,
so it's actually still doing occasional work.

In the crash with the core dump, I had just created a new tab, and clicked on
the "home" icon to go to my startup page.  Instead, the bookmarks sidebar
started to open, then the binary disappeared.

Reproducible: Sometimes

Steps to Reproduce:
Unknown, it just seems to happen occasionally.



Here's the backtrace, skipping the information messages about loading .so files:

$ gdb /usr/local/firefox/lib/firefox-1.6a1/firefox-bin core.941
[ DELETED ]

This GDB was configured as "i686-pc-linux-gnu"...Using host libthread_db library
"/lib/libthread_db.so.1".

Core was generated by `/usr/local/firefox/lib/firefox-1.6a1/firefox-bin'.
Program terminated with signal 11, Segmentation fault.

warning: current_sos: Can't read pathname for load map: Input/output error

[ DELETED ]

#0  0xffffe410 in ?? ()
(gdb) bt
#0  0xffffe410 in ?? ()
#1  0xbfe7fecc in ?? ()
#2  0x0000000b in ?? ()
#3  0x000003ad in ?? ()
#4  0xb7d91011 in raise () from /lib/libpthread.so.0
#5  0x0805e8ff in nsProfileLock::FatalSignalHandler ()
#6  <signal handler called>
#7  0xb7f090c0 in MarkGCThing ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#8  0xb7f094f7 in js_MarkGCThing ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#9  0xb7edfb58 in JS_MarkGCThing ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#10 0xb7f06bc4 in fun_mark ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#11 0xb7f2666e in js_Mark ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#12 0xb7f090de in MarkGCThing ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#13 0xb7f09165 in MarkGCThing ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#14 0xb7f09165 in MarkGCThing ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#15 0xb7f09165 in MarkGCThing ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#16 0xb7f094f7 in js_MarkGCThing ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#17 0xb7f09546 in gc_root_marker ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#18 0xb7ef4b1b in JS_DHashTableEnumerate ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#19 0xb7f0987b in js_GC ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#20 0xb7f095d6 in js_ForceGC ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#21 0xb7edfba8 in JS_GC ()
   from /usr/local/firefox/lib/firefox-1.6a1/libmozjs.so
#22 0xb6e4ad1c in nsJSContext::Notify ()
   from /usr/local/firefox/lib/firefox-1.6a1/components/libgklayout.so
#23 0xb7e8ee6c in nsTimerImpl::Fire ()
   from /usr/local/firefox/lib/firefox-1.6a1/libxpcom_core.so
#24 0xb7e8ef4d in handleTimerEvent ()
   from /usr/local/firefox/lib/firefox-1.6a1/libxpcom_core.so
#25 0xb7e8a062 in PL_HandleEvent ()
   from /usr/local/firefox/lib/firefox-1.6a1/libxpcom_core.so
#26 0xb7e89f94 in PL_ProcessPendingEvents ()
   from /usr/local/firefox/lib/firefox-1.6a1/libxpcom_core.so
#27 0xb7e8bb7d in nsEventQueueImpl::ProcessPendingEvents ()
   from /usr/local/firefox/lib/firefox-1.6a1/libxpcom_core.so
#28 0xb6f9b6c1 in event_processor_callback ()
   from /usr/local/firefox/lib/firefox-1.6a1/components/libwidget_gtk2.so
#29 0xb793f51f in g_io_unix_dispatch () from /usr/local/lib/libglib-2.0.so.0
#30 0xb7918ba7 in g_main_context_dispatch ()
   from /usr/local/lib/libglib-2.0.so.0
#31 0xb791a55e in g_main_context_iterate ()
   from /usr/local/lib/libglib-2.0.so.0
#32 0xb791a88a in g_main_loop_run () from /usr/local/lib/libglib-2.0.so.0
#33 0xb7bc3e13 in IA__gtk_main () at gtkmain.c:974
#34 0xb6f9bada in nsAppShell::Run ()
   from /usr/local/firefox/lib/firefox-1.6a1/components/libwidget_gtk2.so
#35 0xb672c4a5 in nsAppStartup::Run ()
   from /usr/local/firefox/lib/firefox-1.6a1/components/libtoolkitcomps.so
#36 0x08053c70 in XRE_main ()
#37 0x0804d658 in main ()
(gdb)
Assignee: nobody → general
Component: General → JavaScript Engine
Product: Firefox → Core
QA Contact: general → general
Version: unspecified → Trunk
I also get these. The last time I got it was with Firefox 1.5 nightly 20051017
on Mandriva Linux 2006. You can check the talkback TB10808405M.
Flags: testcase-
Is this happening on trunk?  There's been a lot of GC-safety work in the last few months.
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.