Closed
Bug 357828
Opened 19 years ago
Closed 16 years ago
crash [@ nsEventQueueImpl::GetYoungestActive] with corrupted 'this' pointer
Categories
(Core :: XPCOM, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: mozilla-bugs, Unassigned)
References
Details
(Keywords: crash)
Crash Data
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.8.0.7) Gecko/20060929 SeaMonkey/1.0.5
Build Identifier: Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.8.0.7) Gecko/20060929 SeaMonkey/1.0.5
Recursive function nsEventQueueImpl::GetYoungestActive seem to get a corrupt "this" pointer. No specific activity just a random crash that occured whie using by debugging build of SeaMonkey 1.0.5.
#0 0x0000003eca20c22c in raise () from /lib64/libpthread.so.0
(gdb) bt
#0 0x0000003eca20c22c in raise () from /lib64/libpthread.so.0
#1 0x00002aaaac660b5f in nsProfileLock::FatalSignalHandler (signo=11) at nsProfileLock.cpp:206
#2 <signal handler called>
#3 0x00002b3fc2cb112c in nsEventQueueImpl::GetYoungestActive (this=0xfffffffffffffff8, aQueue=0x41000f60) at nsEventQueue.cpp:614
#4 0x00002b3fc2cb116a in nsEventQueueImpl::GetYoungestActive (this=0x607410, aQueue=0x41000fd0) at nsEventQueue.cpp:615
#5 0x00002b3fc2cb3855 in nsEventQueueServiceImpl::GetYoungestEventQueue (this=0x5e1cb0, queue=0x607410, aResult=0x410010a0) at nsEventQueueService.cpp:253
#6 0x00002b3fc2cb305f in nsEventQueueServiceImpl::GetThreadEventQueue (this=0x5e1cb0, aThread=0x54aa20, aResult=0x410010a0) at nsEventQueueService.cpp:389
#7 0x00002b3fc2cb6604 in nsTimerImpl::PostTimerEvent (this=0x2aaabde13bf0) at nsTimerImpl.cpp:516
#8 0x00002b3fc2cb7d70 in TimerThread::Run (this=0x57cb10) at TimerThread.cpp:280
#9 0x00002b3fc2cb4ae2 in nsThread::Main (arg=0x7ac5b0) at nsThread.cpp:118
#10 0x00002b3fc32c0924 in _pt_root (arg=0x7ac6a0) at ptthread.c:220
#11 0x0000003eca20697c in start_thread () from /lib64/libpthread.so.0
#12 0x0000003ec99c992e in clone () from /lib64/libc.so.6
#13 0x0000000000000000 in ?? ()
(gdb) up
#1 0x00002aaaac660b5f in nsProfileLock::FatalSignalHandler (signo=11) at nsProfileLock.cpp:206
206 raise(signo);
(gdb)
#2 <signal handler called>
(gdb)
#3 0x00002b3fc2cb112c in nsEventQueueImpl::GetYoungestActive (this=0xfffffffffffffff8, aQueue=0x41000f60) at nsEventQueue.cpp:614
614 if (mYoungerQueue)
(gdb) p mYoungerQueue
Cannot access memory at address 0xfffffffffffffff8
(gdb) up
#4 0x00002b3fc2cb116a in nsEventQueueImpl::GetYoungestActive (this=0x607410, aQueue=0x41000fd0) at nsEventQueue.cpp:615
615 mYoungerQueue->GetYoungestActive(getter_AddRefs(answer));
(gdb) list
610 nsEventQueueImpl::GetYoungestActive(nsIEventQueue **aQueue)
611 {
612 nsCOMPtr<nsIEventQueue> answer;
613
614 if (mYoungerQueue)
615 mYoungerQueue->GetYoungestActive(getter_AddRefs(answer));
616 if (!answer) {
617 if (mAcceptingEvents && mCouldHaveEvents)
618 answer = NS_STATIC_CAST(nsIEventQueue *, this);
619 }
(gdb) frame
#4 0x00002b3fc2cb116a in nsEventQueueImpl::GetYoungestActive (this=0x607410, aQueue=0x41000fd0) at nsEventQueue.cpp:615
615 mYoungerQueue->GetYoungestActive(getter_AddRefs(answer));
(gdb) p answer
$3 = {mRawPtr = 0x0}
Reproducible: Didn't try
|
||
Updated•19 years ago
|
Assignee: events → nobody
Severity: normal → critical
Component: Event Handling → XPCOM
Keywords: crash
QA Contact: ian → xpcom
Summary: crash at nsEventQueueImpl::GetYoungestActive corrupted 'this' pointer → crash [@ nsEventQueueImpl::GetYoungestActive] with corrupted 'this' pointer
Version: Trunk → 1.8 Branch
|
||
Comment 1•19 years ago
|
||
confirming, see also bug #363281
Status: UNCONFIRMED → NEW
Ever confirmed: true
|
||
Comment 3•16 years ago
|
||
The function GetYoungestActive no longer exists, so I'm guessing this bug no longer exists.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → WORKSFORME
|
Assignee | |
Updated•14 years ago
|
Crash Signature: [@ nsEventQueueImpl::GetYoungestActive]
You need to log in
before you can comment on or make changes to this bug.
Description
•