My SeaMonkey 2.0.3pre nightlies from the last couple of days (latest: 20100203014157) get into a crashing state, where nearly any UI interaction (right-clicking bookmarks, starting bookmark manager, clicking chatzilla tabs, focussing the location bar) will crash them. Searching for the crash signature, I see a whole lot of equivalent Thunderbird nightlies with similar stacks, all on x86_64 linux. 0 libc-2.10.1.so libc-2.10.1.so@0x73708 1 libxpcom_core.so NS_GetXPTCallStub_P 2 thunderbird-bin XPCWrappedNative::CallMethod js/src/xpconnect/src/xpcwrappednative.cpp:2456 3 thunderbird-bin XPC_WN_CallMethod js/src/xpconnect/src/xpcwrappednativejsops.cpp:1590 4 libmozjs.so js_Invoke js/src/jsinterp.cpp:1386 5 libmozjs.so js_Interpret js/src/jsinterp.cpp:5179 6 libmozjs.so js_Invoke js/src/jsinterp.cpp:1394 http://crash-stats.mozilla.com/report/list?product=ALL&query=libc-2.10.1.so%400x73708&process_type=all&do_query=1&signature=libc-2.10.1.so%400x73708
mcsmurf says this probably belongs in xpconnect
With apologies for the spam, additional clarification: This is on 1.9.1; 32-bit mozilla-originated SeaMonkey on Ubuntu with the ia32-libs package installed. It'll take many (4-24) hours for my SeaMonkey to get into this crashing state, but once it is, I can trigger crashes constantly by interacting with virtually any part of the program. (Things which worked fine without crashing before.)
Can you try this to find out what libc-2.10.1.so@0x73708 is: 1. Install libc symbols (probably some package like libc-dev) 2. Launch SeaMonkey 3. Launch gdb, attach it to the SeaMonkey process ("attach PID") 4. When it crashes, get a stack trace with "bt" and paste it into the bug. Originally I wanted to post other instructions, but seems like it's not that easy to find out with gdb what function libc-2.10.1.so@0x73708 is in.
Hmm. The output from that for this crash: http://crash-stats.mozilla.com/report/index/bp-7e8ea4b4-dc26-4ed7-aa8f-c808b2100204 is: #0 0x00007f9ee060fbba in wait4 () from /lib/libc.so.6 #1 0x000000000040e41f in ?? () #2 0x000000000040ec4e in ?? () #3 0x000000000040b319 in ?? () #4 0x000000000040aa64 in ?? () #5 0x0000000000405f02 in ?? () #6 0x0000000000406207 in ?? () #7 0x00007f9ee058aabd in __libc_start_main (main=<value optimized out>, argc=<value optimized out>, ubp_av=<value optimized out>, init=<value optimized out>, fini=<value optimized out>, rtld_fini=<value optimized out>, stack_end=0x7fff7d4fa618) at libc-start.c:220 #8 0x000000000040a431 in ?? () #9 0x00007fff7d4fa618 in ?? () #10 0x000000000000001c in ?? () #11 0x0000000000000002 in ?? () #12 0x00007fff7d4fbb82 in ?? () #13 0x00007fff7d4fbb8a in ?? () #14 0x0000000000000000 in ?? () Which doesn't look exactly useful to me. Should I have attached to the PID of seamonkey-bin rather than seamonkey? Although trying that, my SeaMonkey became completely unresponsive, not even redrawing. Anything else I can do from within gdb to get more useful info at this point? (I'll still have it attached for the next hour or so.)
> Should I have attached to the PID of seamonkey-bin rather than seamonkey? Yes > my SeaMonkey became completely unresponsive Did you enter the "continue" command at the gdb prompt?
Created attachment 425211 [details] gdb stack > Did you enter the "continue" command at the gdb prompt? Thanks, that was the missing hint. Hopefully this output will be more useful. (I hope it's actually the same crash; I'm not seeing libc there at the top, but the way to trigger it was the same...)
Does it crash if you disable Firebug? (and restart)
Yes, I do. Stack is exactly the same.
If you can still get it crashing in gdb, then what may reveal something is doing a: call DumpJSStack() on the gdb command line. If I'm reading your stacks correctly, you're in the middle of js land, so getting a js stack may point to what is being called (or attempted to be called) that is then causing the crash.
Sander, can you still reproduce?
This was happening on a work computer, at a project I long since left. Haven't had access to a x86_64 machine since, so absolutely no way for me to know if it's still happening.