JVM crashes on Mozilla.termEmbedding() invocation

RESOLVED INCOMPLETE

Status

Core Graveyard
Java to XPCOM Bridge
--
critical
RESOLVED INCOMPLETE
12 years ago
4 years ago

People

(Reporter: Vladimir Korenev, Assigned: jhp (no longer active))

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

12 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.5) Gecko/20060802 Firefox/1.5.0.5
Build Identifier: 

The following line in the DestroyXPTCMappingEnum() function in the nsJavaXPCOMBindingUtils.cpp causes JVM crash:

  entry->xptcstub->DeleteStrongRef();

This occures because the nsJavaXPTCStub object has been previously deleted in the nsJavaXPTCStub::ReleaseWeakRef() method and all its data has been overwritten.

BTW, that line has a comment:
  // The XPTC stub will be released by the XPCOM side, if it hasn't been
  // already.  We just need to delete the Java global ref held by the XPTC stub,
  // so the Java garbage collector can handle the Java object when necessary.

Reproducible: Sometimes
(Assignee)

Comment 1

12 years ago
This sounds like bug 338110.  That fix was checked in to the trunk and the 1.8.1 branch.  Since you are on Linux, try this build: ftp://ftp.mozilla.org/pub/mozilla.org/xulrunner/nightly/latest-mozilla1.8/xulrunner-1.8.1b1.en-US.linux-i686.tar.gz, which has the fix.

*** This bug has been marked as a duplicate of 338110 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → DUPLICATE
(Reporter)

Comment 2

12 years ago
I have built XULRunner from 1.8.1 branch sources. I have checked that it contains the patch from bug 338110. That is a different problem.

This bug is reproducible in a quite a big project, but I have not been able to make a small sample yet.
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---
(Reporter)

Comment 3

12 years ago
As a workaround the following line in the nsJavaXPTCStub::ReleaseWeakRef() method can be commented out:

  delete this;

See http://lxr.mozilla.org/mozilla1.8/source/extensions/java/xpcom/nsJavaXPTCStub.cpp#205

Of course this will lead to memory leak.

Comment 4

6 years ago
Is this still reproducible/actual?
Whiteboard: closeme INCO 2012-09-01

Updated

6 years ago
Status: UNCONFIRMED → RESOLVED
Last Resolved: 12 years ago6 years ago
Resolution: --- → INCOMPLETE
Whiteboard: closeme INCO 2012-09-01
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.