Closed Bug 547673 Opened 14 years ago Closed 14 years ago

valgrind: reading freed memory at Fx startup

Categories

(Toolkit :: Startup and Profile System, defect)

Product:
Toolkit
Component:
Startup and Profile System
Platform:
SGI
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.9.3a3

People

(Reporter: jseward, Assigned: wolfiR)

References

Details

Attachments

(1 file)

patch
1.46 KB, patch
benjamin
: review+
Details | Diff | Splinter Review 
I get a whole bunch of these at startup on Ubuntu 9.10 x86_64.
This is new; wasn't there a week ago.  (on m-c)

Not sure what component to file this against.

Invalid read of size 1
   at 0x4C252D2: strlen (mc_replace_strmem.c:282)
   by 0x9974B91: g_strdup (in /lib/libglib-2.0.so.0.2200.3)
   by 0x1089D87C: ??? (in /usr/lib/libgnomeui-2.so.0.2400.2)
   by 0x1089F1ED: gnome_client_set_restart_command (in /usr/lib/libgnomeui-2.so.0.2400.2)
   by 0x553A55E: nsNativeAppSupportUnix::Start(int*) (nsNativeAppSupportUnix.cpp:444)
   by 0x5532531: XRE_main (nsAppRunner.cpp:3149)
   by 0x400E8B: main (nsBrowserApp.cpp:158)
 Address 0xfe0fcd8 is 8 bytes inside a block of size 69 free'd
   at 0x4C23CDD: free (vg_replace_malloc.c:366)
   by 0x5FFC534: nsStringBuffer::Release() (nsSubstring.cpp:192)
   by 0x5FFD8C5: nsACString_internal::Finalize() (nsSubstring.cpp:117)
   by 0x5FFD8D4: nsACString_internal::~nsACString_internal() (nsTSubstring.cpp:211)
   by 0x5FD470E: nsLocalFile::Release() (nsTString.h:55)
   by 0x5FA7BBD: nsCOMPtr_base::~nsCOMPtr_base() (nsCOMPtr.cpp:81)
   by 0x553A782: nsNativeAppSupportUnix::Start(int*) (nsCOMPtr.h:469)
   by 0x5532531: XRE_main (nsAppRunner.cpp:3149)
   by 0x400E8B: main (nsBrowserApp.cpp:158)
Component: String → Startup and Profile System
Product: Core → Toolkit
QA Contact: string → startup
Almost certainly a regression from bug 508986, per hg log for nsNativeAppSupportUnix.cpp. Wolfgang, can you take a look?
Assignee: nobody → mozilla
Blocks: 508986
I'm looking into it. Looks like path is going out of scope and so goes argv1. Will come up with a patch tomorrow.
Status: NEW → ASSIGNED
Attached patch patchSplinter Review 
This patch should fix the issue. Could you check probably (I couldn't reproduce with it).

(There are quite some possible ways to fix that. If there is another preferred way please let me know.)
(In reply to comment #3)
> Created an attachment (id=428382) [details]

> This patch should fix the issue.

Yes, it does fix it for me.
Attachment #428382 - Flags: review?(benjamin)
Blocks: 549224
Attachment #428382 - Flags: review?(benjamin) → review+
Keywords: checkin-needed
http://hg.mozilla.org/mozilla-central/rev/6f141492d141
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9.3a3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: