Closed Bug 444918 Opened 17 years ago Closed 17 years ago

Crash when closing epiphany [@ NS_HasPendingEvents_P] ifndef MOZILLA_INTERNAL_API

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla1.9.2a1

People

(Reporter: sam, Assigned: timeless)

References

Details

Attachments

(1 file, 3 obsolete files)

use comptr locally 17 years ago timeless 1.13 KB, patch	benjamin : review-	Details \| Diff \| Splinter Review
use inline 17 years ago timeless 1.26 KB, patch	benjamin : review+	Details \| Diff \| Splinter Review
patch applied to debian package 17 years ago Mike Hommey [:glandium] 930 bytes, patch	benjamin : review-	Details \| Diff \| Splinter Review
without the typo 17 years ago Mike Hommey [:glandium] 1.07 KB, patch		Details \| Diff \| Splinter Review

sam morris

Reporter

Description

•

17 years ago

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en; rv:1.9) Gecko/20080528 Epiphany/2.22 Build Identifier: xulrunner1 .9 rc2 Epiphany crashes when closed. Distribution: Debian lenny/sid Gnome Release: 2.22.1 2008-04-08 (Debian) BugBuddy Version: 2.22.0 System: Linux 2.6.25-1-amd64 #1 SMP Fri Apr 25 14:38:55 UTC 2008 x86_64 X Vendor: The X.Org Foundation X Vendor Release: 10400090 Selinux: No Accessibility: Disabled GTK+ Theme: Clearlooks Icon Theme: gnome Memory status: size: 393383936 vsize: 393383936 resident: 54853632 share: 27402240 rss: 54853632 rss_rlim: 18446744073709551615 CPU usage: start_time: 1210349746 rtime: 128 utime: 110 stime: 18 cutime:2 cstime: 6 timeout: 0 it_real_value: 0 frequency: 100 Backtrace was generated from '/usr/bin/epiphany-browser' Using host libthread_db library "/lib/libthread_db.so.1". [Thread debugging using libthread_db enabled] [New Thread 0x7f9c662d0780 (LWP 10068)] 0x00007f9c5eec0edf in waitpid () from /lib/libpthread.so.0 #0 0x00007f9c5eec0edf in waitpid () from /lib/libpthread.so.0 #1 0x00007f9c5e6165a6 in IA__g_spawn_sync ( working_directory=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>, flags=<value optimized out>, child_setup=<value optimized out>, user_data=0xffffffff, standard_output=0x0, standard_error=0x0, exit_status=0x0, error=0x7fff6e412358) at /tmp/buildd/glib2.0-2.16.3/glib/gspawn.c:374 #2 0x00007f9c5e6168b8 in IA__g_spawn_command_line_sync ( command_line=<value optimized out>, standard_output=0x0, standard_error=0x0, exit_status=0x0, error=0x7fff6e412358) at /tmp/buildd/glib2.0-2.16.3/glib/gspawn.c:682 #3 0x00007f9c5aa324b3 in ?? () from /usr/lib/gtk-2.0/modules/libgnomebreakpad.so #4 0x00007f9c5458cb16 in nsProfileLock::FatalSignalHandler (signo=11) at nsProfileLock.cpp:216 #5 <signal handler called> #6 0x00007f9c552ddd40 in GkAtoms_info () from /usr/lib/xulrunner-1.9/libxul.so #7 0x00007f9c54c8b600 in NS_HasPendingEvents_P (thread=0x154c5f0) at nsThreadUtils.cpp:207 #8 0x00007f9c54c0f7d4 in nsBaseAppShell::OnProcessNextEvent (this=0x1a7f4a0, thr=0x154c5f0, mayWait=0, recursionDepth=<value optimized out>) at nsBaseAppShell.cpp:288 #9 0x00007f9c54cb62d9 in nsThread::ProcessNextEvent (this=0x154c5f0, mayWait=0, result=0x7fff6e41294c) at nsThread.cpp:497 #10 0x00007f9c54c8b54d in NS_ProcessPendingEvents_P (thread=0x154c5f0, timeout=20) at nsThreadUtils.cpp:180 #11 0x00007f9c54c0f5e4 in nsBaseAppShell::NativeEventCallback (this=0x1a7f4a0) at nsBaseAppShell.cpp:121 #12 0x00007f9c54bfc9da in nsAppShell::EventProcessorCallback ( source=<value optimized out>, condition=<value optimized out>, data=0x1a7f4a0) at nsAppShell.cpp:69 #13 0x00007f9c5e5e30f2 in IA__g_main_context_dispatch (context=0xb01ae0) at /tmp/buildd/glib2.0-2.16.3/glib/gmain.c:2009 #14 0x00007f9c5e5e6396 in g_main_context_iterate (context=0xb01ae0, block=1, dispatch=1, self=<value optimized out>) at /tmp/buildd/glib2.0-2.16.3/glib/gmain.c:2642 #15 0x00007f9c5e5e6657 in IA__g_main_loop_run (loop=0xae1c40) at /tmp/buildd/glib2.0-2.16.3/glib/gmain.c:2850 #16 0x00007f9c6188eb63 in IA__gtk_main () at /build/buildd/gtk+2.0-2.12.9/gtk/gtkmain.c:1163 #17 0x0000000000439fa0 in main (argc=<value optimized out>, argv=0x8) at /scratch/build-area/epiphany-browser-2.22.1.1/src/ephy-main.c:739 Thread 1 (Thread 0x7f9c662d0780 (LWP 10068)): #0 0x00007f9c5eec0edf in waitpid () from /lib/libpthread.so.0 No symbol table info available. #1 0x00007f9c5e6165a6 in IA__g_spawn_sync ( working_directory=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>, flags=<value optimized out>, child_setup=<value optimized out>, user_data=0xffffffff, standard_output=0x0, standard_error=0x0, exit_status=0x0, error=0x7fff6e412358) at /tmp/buildd/glib2.0-2.16.3/glib/gspawn.c:374 outpipe = -1 errpipe = -1 pid = 10093 fds = {__fds_bits = {0, 140309574971314, 8, 16, 16, 1849762648, 16, 0, 20103928, 16817792, 20103904, 140735043150680, 3, 140309574963061, 140735043150080, 140735043150184}} ret = -512 outstr = (GString *) 0x0 errstr = (GString *) 0x0 failed = 0 status = <value optimized out> __PRETTY_FUNCTION__ = "IA__g_spawn_sync" #2 0x00007f9c5e6168b8 in IA__g_spawn_command_line_sync ( command_line=<value optimized out>, standard_output=0x0, standard_error=0x0, exit_status=0x0, error=0x7fff6e412358) at /tmp/buildd/glib2.0-2.16.3/glib/gspawn.c:682 retval = 0 argv = (gchar **) 0x132c2e0 __PRETTY_FUNCTION__ = "IA__g_spawn_command_line_sync" #3 0x00007f9c5aa324b3 in ?? () from /usr/lib/gtk-2.0/modules/libgnomebreakpad.so No symbol table info available. #4 0x00007f9c5458cb16 in nsProfileLock::FatalSignalHandler (signo=11) at nsProfileLock.cpp:216 oldact = (sigaction *) 0x7fff6e4120f0 #5 <signal handler called> No symbol table info available. #6 0x00007f9c552ddd40 in GkAtoms_info () from /usr/lib/xulrunner-1.9/libxul.so No symbol table info available. #7 0x00007f9c54c8b600 in NS_HasPendingEvents_P (thread=0x154c5f0) at nsThreadUtils.cpp:207 val = <value optimized out> #8 0x00007f9c54c0f7d4 in nsBaseAppShell::OnProcessNextEvent (this=0x1a7f4a0, thr=0x154c5f0, mayWait=0, recursionDepth=<value optimized out>) at nsBaseAppShell.cpp:288 start = 3463942710 limit = 20 oldBlockedWait = (PRBool *) 0x0 needEvent = 0 #9 0x00007f9c54cb62d9 in nsThread::ProcessNextEvent (this=0x154c5f0, mayWait=0, result=0x7fff6e41294c) at nsThread.cpp:497 notifyGlobalObserver = <value optimized out> obs = {<nsCOMPtr_base> = {mRawPtr = 0x1a7f4a8}, <No data fields>} event = {<nsCOMPtr_base> = {mRawPtr = 0x1b1a8e0}, <No data fields>} rv = 2147549183 #10 0x00007f9c54c8b54d in NS_ProcessPendingEvents_P (thread=0x154c5f0, timeout=20) at nsThreadUtils.cpp:180 processedEvent = 32668 rv = 27784352 start = 3463942710 #11 0x00007f9c54c0f5e4 in nsBaseAppShell::NativeEventCallback (this=0x1a7f4a0) at nsBaseAppShell.cpp:121 hasPending = <value optimized out> thread = (class nsIThread *) 0x154c5f0 prevVal = nsBaseAppShell::eEventloopNone #12 0x00007f9c54bfc9da in nsAppShell::EventProcessorCallback ( source=<value optimized out>, condition=<value optimized out>, data=0x1a7f4a0) at nsAppShell.cpp:69 self = (nsAppShell *) 0x154c5f0 c = 250 'ú' #13 0x00007f9c5e5e30f2 in IA__g_main_context_dispatch (context=0xb01ae0) at /tmp/buildd/glib2.0-2.16.3/glib/gmain.c:2009 No locals. #14 0x00007f9c5e5e6396 in g_main_context_iterate (context=0xb01ae0, block=1, dispatch=1, self=<value optimized out>) at /tmp/buildd/glib2.0-2.16.3/glib/gmain.c:2642 got_ownership = <value optimized out> max_priority = 0 timeout = 0 some_ready = 1 nfds = <value optimized out> allocated_nfds = <value optimized out> fds = (GPollFD *) 0x1a93b80 __PRETTY_FUNCTION__ = "g_main_context_iterate" #15 0x00007f9c5e5e6657 in IA__g_main_loop_run (loop=0xae1c40) at /tmp/buildd/glib2.0-2.16.3/glib/gmain.c:2850 got_ownership = <value optimized out> self = (GThread *) 0xacb770 __PRETTY_FUNCTION__ = "IA__g_main_loop_run" #16 0x00007f9c6188eb63 in IA__gtk_main () at /build/buildd/gtk+2.0-2.12.9/gtk/gtkmain.c:1163 tmp_list = (GList *) 0xdbdc80 functions = (GList *) 0x0 init = (GtkInitFunction *) 0xb23140 loop = (GMainLoop *) 0xae1c40 #17 0x0000000000439fa0 in main (argc=<value optimized out>, argv=0x8) at /scratch/build-area/epiphany-browser-2.22.1.1/src/ephy-main.c:739 uri = 0xb124f0 "" path = <value optimized out> rpath = "/home/sam/http:\000\2209Af\234\177\000\000ð<Anÿ\177\000\000\000ð-f\234\177\000\000°ä-f\234\177\000\000\000\000\000\000\000\000\000\0008kAf\234\177\000\000°9Anÿ\177\000\000\000\000\000\000\000\000\000\000ï9Anÿ\177\000\0000ûA\000\000\000\000\000\000\000@t\202ÜþÿP\006s", '\0' <repeats 31 times>, " W\202Üþÿ\000\000¶ö@Ì8ÿ@\006s", '\0' <repeats 32 times>, "X\202Üþÿ\000\000¶ö@Ì8ÿ0\006s", '\0' <repeats 31 times>, "`X\202Üþÿ\000\000¶ö@Ì8ÿ \006s", '\0' <repeats 21 times>, "\001\000\000"... i = <value optimized out> program = <value optimized out> option_context = (GOptionContext *) 0xb124f0 option_group = <value optimized out> proxy = <value optimized out> error = (GError *) 0x0 user_time = 52391060 env = <value optimized out> enable_pango = <value optimized out> #0 0x00007f9c5eec0edf in waitpid () from /lib/libpthread.so.0 The program is running. Quit anyway (and detach it)? (y or n) [answered Y; input not from terminal] Reproducible: Sometimes Steps to Reproduce: 1. Close epiphany Actual Results: Crash Expected Results: No Crash Forwarded from <http://bugzilla.gnome.org/show_bug.cgi?id=532370>.

Reinout van Schouwen

Comment 1

•

17 years ago

Adding myself to cc

timeless

Assignee

Comment 2

•

17 years ago

reporter: afaict the report is missing symbols for libxul, which makes it useless. #6 0x00007f9c552ddd40 in GkAtoms_info () from /usr/lib/xulrunner-1.9/libxul.so No symbol table info available. reinout: please don't comment when you add yourself to the cc list.

sam morris

Reporter

Comment 3

•

17 years ago

Hm. Debugging symbols are definitely present--they have been picked up for the other stack frames. Please observe the stack traces of some of the duplicates of this bug (tracked at <http://bugzilla.gnome.org/show_bug.cgi?id=509083>). None of them have symbols for the GKAtoms_info frame, some don't have the frame at all, but are otherwise identical; see these for examples: * http://bugzilla.gnome.org/show_bug.cgi?id=537750 * http://bugzilla.gnome.org/show_bug.cgi?id=538377

timeless

Assignee

Comment 4

•

17 years ago

http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/xpcom/glue/nsThreadUtils.cpp&rev=1.8&mark=191,193,198,199,201,203,204,207#190 the comptr is destroyed and then we try to use the pointer ... :(

Summary: Crash when closing epiphany → Crash when closing epiphany [@ NS_HasPendingEvents_P] ifndef MOZILLA_INTERNAL_API

timeless

Assignee

Comment 5

•

17 years ago

Attached patch use comptr locally (obsolete) — Details — Splinter Review

Assignee: nobody → timeless

Status: UNCONFIRMED → ASSIGNED

Ever confirmed: true

Attachment #329294 - Flags: review?(benjamin)

Benjamin Smedberg

Comment 6

•

17 years ago

Comment on attachment 329294 [details] [diff] [review] use comptr locally The HASPENDINGEVENTS macro is ugly and IMO unnecessary. Use an inline function if you need to.

Attachment #329294 - Flags: review?(benjamin) → review-

timeless

Assignee

Comment 7

•

17 years ago

Attached patch use inline (obsolete) — Details — Splinter Review

i just wanted to make sure people didn't accidentally change just one part

Attachment #329294 - Attachment is obsolete: true

Attachment #330904 - Flags: review?(benjamin)

Benjamin Smedberg

Updated

•

17 years ago

Attachment #330904 - Flags: review?(benjamin) → review+

Mike Hommey [:glandium]

Comment 8

•

17 years ago

Why is the if (!thread) test changed into if (thread) ? It looks wrong.

Mike Hommey [:glandium]

Comment 9

•

17 years ago

Attached patch patch applied to debian package (obsolete) — Details — Splinter Review

FWIW, I applied this patch to the debian xulrunner package, which should also fix this issue.

Reinout van Schouwen

Comment 10

•

17 years ago

Could the patch from comment #9 be reviewed please? Thanks!

Reed Loden [:reed]

Updated

•

17 years ago

Attachment #331701 - Flags: review?(benjamin)

Benjamin Smedberg

Comment 11

•

17 years ago

Comment on attachment 331701 [details] [diff] [review] patch applied to debian package This patch makes no sense. If "current" is non-null, how could "thread" possibly end up null?

Attachment #331701 - Flags: review?(benjamin) → review-

timeless

Assignee

Comment 12

•

17 years ago

i will land my patch (w/ the typo fixed) if i can ever find a green period for the tree.

sam morris

Reporter

Comment 13

•

17 years ago

Mike: I'm still seeing this on Debian systems, with xulrunner-1.9 version 1.9.0.1-1 installed. So the patch does not seem to work.

Reed Loden [:reed]

Comment 14

•

17 years ago

timeless, what's the typo? thread instead of !thread? Would like to get this landed.

Reed Loden [:reed]

Comment 15

•

17 years ago

(In reply to comment #14) > timeless, what's the typo? thread instead of !thread? Would like to get this > landed. timeless e-mailed me with "yeah, that's the typo." For future note, please comment in the bug rather than e-mailing me. E-mail gets lost and forgotten while bug comments are forever.

Mike Hommey [:glandium]

Comment 16

•

17 years ago

Attached patch without the typo — Details — Splinter Review

Fixed patch

Attachment #330904 - Attachment is obsolete: true

Phil Ringnalda (:philor)

Comment 17

•

17 years ago

timeless: attach the patch you want checked in, mark everything else obsolete, add the checkin-needed keyword. kthxbye.

Whiteboard: [timeless: need new patch]

Phil Ringnalda (:philor)

Updated

•

17 years ago

Attachment #331701 - Attachment is obsolete: true

Phil Ringnalda (:philor)

Updated

•

17 years ago

Whiteboard: [timeless: need new patch]

Phil Ringnalda (:philor)

Comment 18

•

17 years ago

http://hg.mozilla.org/mozilla-central/rev/26994892da30

Status: ASSIGNED → RESOLVED

Closed: 17 years ago

Resolution: --- → FIXED

Target Milestone: --- → mozilla1.9.2a1

Launchpad

Updated

•

15 years ago

See Also: → https://launchpad.net/bugs/182465

You need to log in before you can comment on or make changes to this bug.