Closed Bug 41818 Opened 24 years ago Closed 24 years ago

SEGV on first close after creating new prefs

Categories

(SeaMonkey :: General, defect, P3)

Product:
SeaMonkey
Component:
General
Platform:
x86
Linux
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: cesarb, Assigned: asa)

Details

(Keywords: verifyme) 

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.2.14 i586; en-US; m16) Gecko/20000606
BuildID:    2000060608

When I download a new nightly, I erase the ~/.mozilla dir, load the new nightly,
disable the sidebar, edit the prefs, and quit. After quitting (and after the
WEBSHELLS-=0) I have seen a strange Segmentation Fault from the shell with all
nightlies I have downloaded lately.

Reproducible: Always
Steps to Reproduce:
1.Erase ~/.mozilla
2.Load mozilla
3.Disable View/Sidebar
4.Go to preferences and change to suit your tastes
5.Exit the browser via File/Quit

Actual Results:  [...]
WEBSHELL- = 0
.//run-mozilla.sh: line 29:  3862 Segmentation fault      $prog ${1+"$@"}


Expected Results:  Normal exit with no crashes

This only happens the first time it's loaded after clearing ~/.mozilla. It looks
harmless.
Works for me on build 2000060908.  Could you provide a stack trace?

Sure (same version):

[...]
WEBSHELL- = 5
WEBSHELL- = 4
WEBSHELL- = 3
WEBSHELL- = 2
WEBSHELL- = 1
WEBSHELL- = 0
(no debugging symbols found)...
Program received signal SIGSEGV, Segmentation fault.
0x40109f99 in JS_HashTableEnumerateEntries ()
   from /home/cesarb/mozilla/package/libmozjs.so
(gdb) where
#0  0x40109f99 in JS_HashTableEnumerateEntries ()
   from /home/cesarb/mozilla/package/libmozjs.so
#1  0x400f5e3c in js_UnpinPinnedAtoms ()
   from /home/cesarb/mozilla/package/libmozjs.so
#2  0x400f6ebe in js_DestroyContext ()
   from /home/cesarb/mozilla/package/libmozjs.so
#3  0x400eface in JS_DestroyContext ()
   from /home/cesarb/mozilla/package/libmozjs.so
#4  0x40311e2d in svcauthdes_stats ()
   from /home/cesarb/mozilla/package/components/libpref.so
#5  0x40311dba in svcauthdes_stats ()
   from /home/cesarb/mozilla/package/components/libpref.so
#6  0x403151a5 in svcauthdes_stats ()
   from /home/cesarb/mozilla/package/components/libpref.so
#7  0x40314328 in svcauthdes_stats ()
   from /home/cesarb/mozilla/package/components/libpref.so
#8  0x40314f40 in svcauthdes_stats ()
   from /home/cesarb/mozilla/package/components/libpref.so
#9  0x400b83ef in nsCOMPtr_base::~nsCOMPtr_base ()
   from /home/cesarb/mozilla/package/libxpcom.so
#10 0x41044e15 in NSGetModule ()
   from /home/cesarb/mozilla/package/components/libsearch.so
#11 0x41036a8d in NSGetModule ()
---Type <return> to continue, or q <return> to quit---
   from /home/cesarb/mozilla/package/components/libsearch.so
#12 0x4104aec9 in NSGetModule ()
   from /home/cesarb/mozilla/package/components/libsearch.so
#13 0x4000a3d6 in _dl_fini () from /lib/ld-linux.so.2
#14 0x4024fda5 in exit () from /lib/libc.so.6
#15 0x40247a48 in __libc_start_main () from /lib/libc.so.6
(gdb) disassemble
Dump of assembler code for function JS_HashTableEnumerateEntries:
0x40109f6c <JS_HashTableEnumerateEntries>:      push   %ebp
0x40109f6d <JS_HashTableEnumerateEntries+1>:    mov    %esp,%ebp
0x40109f6f <JS_HashTableEnumerateEntries+3>:    sub    $0x10,%esp
0x40109f72 <JS_HashTableEnumerateEntries+6>:    push   %edi
0x40109f73 <JS_HashTableEnumerateEntries+7>:    push   %esi
0x40109f74 <JS_HashTableEnumerateEntries+8>:    push   %ebx
0x40109f75 <JS_HashTableEnumerateEntries+9>:
    call   0x40109f7a <JS_HashTableEnumerateEntries+14>
0x40109f7a <JS_HashTableEnumerateEntries+14>:   pop    %ebx
0x40109f7b <JS_HashTableEnumerateEntries+15>:   add    $0x34dea,%ebx
0x40109f81 <JS_HashTableEnumerateEntries+21>:   movl   $0x0,0xfffffff0(%ebp)
0x40109f88 <JS_HashTableEnumerateEntries+28>:   movl   $0x0,0xfffffffc(%ebp)
0x40109f8f <JS_HashTableEnumerateEntries+35>:   mov    $0x20,%eax
0x40109f94 <JS_HashTableEnumerateEntries+40>:   mov    %eax,%edx
0x40109f96 <JS_HashTableEnumerateEntries+42>:   mov    0x8(%ebp),%ecx
0x40109f99 <JS_HashTableEnumerateEntries+45>:   sub    0x8(%ecx),%edx
0x40109f9c <JS_HashTableEnumerateEntries+48>:   mov    $0x1,%eax
0x40109fa1 <JS_HashTableEnumerateEntries+53>:   mov    %edx,%ecx
0x40109fa3 <JS_HashTableEnumerateEntries+55>:   shl    %cl,%eax
0x40109fa5 <JS_HashTableEnumerateEntries+57>:   mov    %eax,0xfffffff4(%ebp)
0x40109fa8 <JS_HashTableEnumerateEntries+60>:   movl   $0x0,0xfffffff8(%ebp)
0x40109faf <JS_HashTableEnumerateEntries+67>:   cmp    %eax,0xfffffff0(%ebp)
---Type <return> to continue, or q <return> to quit---
Quit
(gdb) info registers
eax            0x20     32
ecx            0x0      0
edx            0x20     32
ebx            0x4013ed64       1075047780
esp            0xbffff648       -1073744312
ebp            0xbffff664       -1073744284
esi            0x80b66f0        134964976
edi            0x8145560        135550304
eip            0x40109f99       1074831257
eflags         0x10212  66066
cs             0x23     35
ss             0x2b     43
ds             0x2b     43
es             0x2b     43
fs             0x0      0
gs             0x0      0
cwd            0xffff037f       -64641
swd            0xffff0127       -65241
twd            0xffffffff       -1
fip            0x401167e5       1074882533
fcs            0x5180023        85458979
fopo           0x8147648        135558728
fos            0xffff002b       -65493

Anything else?
Well, by "same version" I meant 2000060608.
do you crash on first quit without doing these things?

Works for me on 061320. Can you try this build?
Works for me in 2000061408
marking worksforme per reporter's comment
Status: UNCONFIRMED → RESOLVED
Closed: 24 years ago
Resolution: --- → WORKSFORME
**Mass Spam**
Adding verifyme keyword to all non-verified bugs on browser general.
Keywords: verifyme
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.