Closed
Bug 583582
Opened 14 years ago
Closed 14 years ago
hunspell double buffer w/gcc-4.5*
Categories
(Core :: Spelling checker, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: anarchy, Assigned: anarchy)
References
Details
(Whiteboard: [fixed-in-hunspell-1.2.13])
Attachments
(2 files, 2 obsolete files)
|
905 bytes,
patch
|
smaug
:
review+
benjamin
:
approval2.0+
christian
:
approval1.9.2.13-
|
Details | Diff | Splinter Review |
|
736 bytes,
patch
|
Details | Diff | Splinter Review |
*** buffer overflow detected ***:
/usr/lib64/mozilla-thunderbird/thunderbird-bin terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x7fb804ee9a17]
/lib/libc.so.6(+0xe4830)[0x7fb804ee7830]
/usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0x1dfc7)[0x7fb7fd3a7fc7]
/usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0x1e651)[0x7fb7fd3a8651]
/usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0x1e7af)[0x7fb7fd3a87af]
/usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0x1e9f9)[0x7fb7fd3a89f9]
/usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0xf4a6)[0x7fb7fd3994a6]
/usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0x727b)[0x7fb7fd39127b]
/usr/lib64/mozilla-thunderbird/components/libcomposer.so(+0xd744)[0x7fb7e54f6744]
/usr/lib64/mozilla-thunderbird/components/libcomposer.so(+0xe375)[0x7fb7e54f7375]
/usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0xb50f)[0x7fb7fd39550f]
/usr/lib64/mozilla-thunderbird/components/libgklayout.so(+0x582c85)[0x7fb7f4ed4c85]
/usr/lib64/mozilla-thunderbird/libxpcom_core.so(NS_InvokeByIndex_P+0x249)[0x7fb8051d7c41]
/usr/lib64/mozilla-thunderbird/components/libxpconnect.so(+0x416c0)[0x7fb7fb50f6c0]
/usr/lib64/mozilla-thunderbird/components/libxpconnect.so(+0x475b7)[0x7fb7fb5155b7]
/usr/lib64/mozilla-thunderbird/libmozjs.so(js_Invoke+0x43e)[0x7fb8047085de]
/usr/lib64/mozilla-thunderbird/libmozjs.so(+0x68ed0)[0x7fb8046faed0]
/usr/lib64/mozilla-thunderbird/libmozjs.so(js_Invoke+0x935)[0x7fb804708ad5]
/usr/lib64/mozilla-thunderbird/libmozjs.so(+0x771d6)[0x7fb8047091d6]
/usr/lib64/mozilla-thunderbird/libmozjs.so(+0x877a8)[0x7fb8047197a8]
/usr/lib64/mozilla-thunderbird/libmozjs.so(+0x87fe3)[0x7fb804719fe3]
/usr/lib64/mozilla-thunderbird/libmozjs.so(+0x68130)[0x7fb8046fa130]
/usr/lib64/mozilla-thunderbird/libmozjs.so(js_Invoke+0x935)[0x7fb804708ad5]
/usr/lib64/mozilla-thunderbird/libmozjs.so(+0x7708c)[0x7fb80470908c]
/usr/lib64/mozilla-thunderbird/libmozjs.so(JS_CallFunctionValue+0x1a)[0x7fb8046b41fa]
/usr/lib64/mozilla-thunderbird/components/libgklayout.so(+0x51bcf2)[0x7fb7f4e6dcf2]
/usr/lib64/mozilla-thunderbird/components/libgklayout.so(+0x52e217)[0x7fb7f4e80217]
/usr/lib64/mozilla-thunderbird/components/libgklayout.so(+0x52e4ba)[0x7fb7f4e804ba]
/usr/lib64/mozilla-thunderbird/libxpcom_core.so(+0x6da0b)[0x7fb8051cfa0b]
/usr/lib64/mozilla-thunderbird/libxpcom_core.so(+0x6dbbe)[0x7fb8051cfbbe]
/usr/lib64/mozilla-thunderbird/libxpcom_core.so(+0x6b53a)[0x7fb8051cd53a]
/usr/lib64/mozilla-thunderbird/libxpcom_core.so(_Z21NS_ProcessNextEvent_PP9nsIThreadi+0x2b)[0x7fb8051a218b]
/usr/lib64/mozilla-thunderbird/components/libwidget_gtk2.so(+0x429e1)[0x7fb7fa29a9e1]
/usr/lib64/mozilla-thunderbird/components/libtoolkitcomps.so(+0x8bea)[0x7fb7f8984bea]
/usr/lib64/mozilla-thunderbird/libxul.so(XRE_main+0x2c6d)[0x7fb80543d60b]
/usr/lib64/mozilla-thunderbird/thunderbird-bin[0x401bc0]
/lib/libc.so.6(__libc_start_main+0xfd)[0x7fb804e21b6d]
/usr/lib64/mozilla-thunderbird/thunderbird-bin[0x401989]
======= Memory map: ========
00400000-0040d000 r-xp 00000000 08:01 963253
/usr/lib64/mozilla-thunderbird/thunderbird-bin
0060c000-0060d000 r--p 0000c000 08:01 963253
/usr/lib64/mozilla-thunderbird/thunderbird-bin
0060d000-0060e000 rw-p 0000d000 08:01 963253
/usr/lib64/mozilla-thunderbird/thunderbird-bin
0060e000-0060f000 rw-p 00000000 00:00 0
7fb7e5300000-7fb7e5400000 rw-p 00000000 00:00 0
7fb7e54e9000-7fb7e54fd000 r-xp 00000000 08:01 1161896
/usr/lib64/mozilla-thunderbird/components/libcomposer.so
7fb7e54fd000-7fb7e56fd000 ---p 00014000 08:01 1161896
/usr/lib64/mozilla-thunderbird/components/libcomposer.so
7fb7e56fd000-7fb7e56ff000 r--p 00014000 08:01 1161896
/usr/lib64/mozilla-thunderbird/components/libcomposer.so
7fb7e56ff000-7fb7e5700000 rw-p 00016000 08:01 1161896
/usr/lib64/mozilla-thunderbird/components/libcomposer.so
7fb7e5700000-7fb7e5800000 rw-p 00000000 00:00 0
7fb7e58ff000-7fb7e5900000 ---p 00000000 00:00 0
7fb7e5900000-7fb7e6200000 rw-p 00000000 00:00 0
7fb7e6300000-7fb7e6400000 rw-p 00000000 00:00 0
7fb7e64d1000-7fb7e64fe000 r-xp 00000000 08:01 1161995
/usr/lib64/mozilla-thunderbird/components/libgkplugin.so
7fb7e64fe000-7fb7e66fd000 ---p 0002d000 08:01 1161995
/usr/lib64/mozilla-thunderbird/components/libgkplugin.so
7fb7e66fd000-7fb7e66ff000 r--p 0002c000 08:01 1161995
/usr/lib64/mozilla-thunderbird/components/libgkplugin.so
7fb7e66ff000-7fb7e6700000 rw-p 0002e000 08:01 1161995
/usr/lib64/mozilla-thunderbird/components/libgkplugin.so
7fb7e6700000-7fb7e6800000 rw-p 00000000 00:00 0
7fb7e6900000-7fb7e6a00000 rw-p 00000000 00:00 0
7fb7e6b00000-7fb7e6c00000 rw-p 00000000 00:00 0
7fb7e6cfe000-7fb7e6cff000 ---p 00000000 00:00 0
7fb7e6cff000-7fb7e74ff000 rw-p 00000000 00:00 0
7fb7e74ff000-7fb7e7500000 ---p 00000000 00:00 0
7fb7e7500000-7fb7e7e00000 rw-p 00000000 00:00 0
7fb7e7f00000-7fb7e8000000 rw-p 00000000 00:00 0
7fb7e80cd000-7fb7e80ce000 ---p 00000000 00:00 0
7fb7e80ce000-7fb7e88ce000 rw-p 00000000 00:00 0
7fb7e88ce000-7fb7e88cf000 ---p 00000000 00:00 0
7fb7e88cf000-7fb7e90cf000 rw-p 00000000 00:00 0
7fb7e90cf000-7fb7e90d4000 r-xp 00000000 08:01 1224596
/lib64/libnss_dns-2.11.2.so
7fb7e90d4000-7fb7e92d3000 ---p 00005000 08:01 1224596
/lib64/libnss_dns-2.11.2.so
7fb7e92d3000-7fb7e92d4000 r--p 00004000 08:01 1224596
/lib64/libnss_dns-2.11.2.so
7fb7e92d4000-7fb7e92d5000 rw-p 00005000 08:01 1224596
/lib64/libnss_dns-2.11.2.so
7fb7e92d5000-7fb7e92d6000 ---p 00000000 00:00 0
7fb7e92d6000-7fb7e9ad6000 rw-p 00000000 00:00 0
7fb7e9ad6000-7fb7e9ada000 r-xp 00000000 08:01 1162001
/usr/lib64/mozilla-thunderbird/components/libunixproxy.so
7fb7e9ada000-7fb7e9cd9000 ---p 00004000 08:01 1162001
/usr/lib64/mozilla-thunderbird/components/libunixproxy.so
7fb7e9cd9000-7fb7e9cda000 r--p 00003000 08:01 1162001
/usr/lib64/mozilla-thunderbird/components/libunixproxy.so
7fb7e9cda000-7fb7e9cdb000 rw-p 00004000 08:01 1162001
/usr/lib64/mozilla-thunderbird/components/libunixproxy.so
7fb7e9cdb000-7fb7e9cfe000 r-xp 00000000 08:01 1162528
/usr/lib64/mozilla-thunderbird/components/libmailcomps.so
7fb7e9cfe000-7fb7e9efe000 ---p 00023000 08:01 1162528
/usr/lib64/mozilla-thunderbird/components/libmailcomps.so
7fb7e9efe000-7fb7e9eff000 r--p 00023000 08:01 1162528
/usr/lib64/mozilla-thunderbird/components/libmailcomps.so
7fb7e9eff000-7fb7e9f00000 rw-p 00024000 08:01 1162528
/usr/lib64/mozilla-thunderbird/components/libmailcomps.so
7fb7e9f00000-7fb7ea000000 rw-p 00000000 00:00 0
7fb7ea100000-7fb7ea200000 rw-p 00000000 00:00 0
7fb7ea300000-7fb7ea400000 rw-p 00000000 00:00 0
7fb7ea500000-7fb7ea600000 rw-p 00000000 00:00 0
7fb7ea700000-7fb7ea800000 rw-p 00000000 00:00 0
7fb7ea85b000-7fb7ea85d000 r-xp 00000000 08:01 870969
/usr/lib64/libXinerama.so.1.0.0
7fb7ea85d000-7fb7eaa5c000 ---p 00002000 08:01 870969
/usr/lib64/libXinerama.so.1.0.0
7fb7eaa5c000-7fb7eaa5d000 r--p 00001000 08:01 870969
/usr/lib64/libXinerama.so.1.0.0
7fb7eaa5d000-7fb7eaa5e000 rw-p 00002000 08:01 870969
/usr/lib64/libXinerama.so.1.0.0
7fb7eaa5e000-7fb7eaa65000 r-xp 00000000 08:01 1161853
/usr/lib64/mozilla-thunderbird/components/libmsgsmime.so
7fb7eaa65000-7fb7eac64000 ---p 00007000 08:01 1161853
/usr/lib64/mozilla-thunderbird/components/libmsgsmime.so
7fb7eac64000-7fb7eac65000 r--p 00006000 08:01 1161853
/usr/lib64/mozilla-thunderbird/components/libmsgsmime.so
7fb7eac65000-7fb7eac66000 rw-p 00007000 08:01 1161853
/usr/lib64/mozilla-thunderbird/components/libmsgsmime.so
7fb7eac66000-7fb7eacd3000 r-xp 00000000 08:01 869710
/usr/lib64/libnssckbi.so.12
7fb7eacd3000-7fb7eaed3000 ---p 0006d000 08:01 869710
/usr/lib64/libnssckbi.so.12
7fb7eaed3000-7fb7eaee4000 r--p 0006d000 08:01 869710
/usr/lib64/libnssckbi.so.12
7fb7eaee4000-7fb7eaeee000 rw-p 0007e000 08:01 869710
/usr/lib64/libnssckbi.so.12
7fb7eaeee000-7fb7eaf50000 r-xp 00000000 08:01 869691
/usr/lib64/libfreebl3.so.12
7fb7eaf50000-7fb7eb150000 ---p 00062000 08:01 869691
/usr/lib64/libfreebl3.so.12
7fb7eb150000-7fb7eb151000 r--p 00062000 08:01 869691
/usr/lib64/libfreebl3.so.12
7fb7eb151000-7fb7eb152000 rw-p 00063000 08:01 869691
/usr/lib64/libfreebl3.so.12
7fb7eb152000-7fb7eb156000 rw-p 00000000 00:00 0
7fb7eb156000-7fb7eb17e000 r-xp 00000000 08:01 869390
/usr/lib64/libnssdbm3.so.12
7fb7eb17e000-7fb7eb37e000 ---p 00028000 08:01 869390
/usr/lib64/libnssdbm3.so.12
7fb7eb37e000-7fb7eb37f000 r--p 00028000 08:01 869390
/usr/lib64/libnssdbm3.so.12
7fb7eb37f000-7fb7eb380000 rw-p 00029000 08:01 869390
/usr/lib64/libnssdbm3.so.12
7fb7eb380000-7fb7eb3be000 r-xp 00000000 08:01 869403
/usr/lib64/libsoftokn3.so.12
7fb7eb3be000-7fb7eb5bd000 ---p 0003e000 08:01 869403
/usr/lib64/libsoftokn3.so.12
7fb7eb5bd000-7fb7eb5bf000 r--p 0003d000 08:01 869403
/usr/lib64/libsoftokn3.so.12
7fb7eb5bf000-7fb7eb5c0000 rw-p 0003f000 08:01 869403
/usr/lib64/libsoftokn3.so.12
7fb7eb5c0000-7fb7eb5db000 r-xp 00000000 08:01 869707
/usr/lib64/libnssutil3.so.12
7fb7eb5db000-7fb7eb7da000 ---p 0001b000 08:01 869707
/usr/lib64/libnssutil3.so.12
7fb7eb7da000-7fb7eb7df000 r--p 0001a000 08:01 869707
/usr/lib64/libnssutil3.so.12
7fb7eb7df000-7fb7eb7e0000 rw-p 0001f000 08:01 869707
/usr/lib64/libnssutil3.so.12
7fb7eb7e0000-7fb7eb90c000 r-xp 00000000 08:01 869708
/usr/lib64/libnss3.so.12
7fb7eb90c000-7fb7ebb0b000 ---p 0012c000 08:01 869708
/usr/lib64/libnss3.so.12
7fb7ebb0b000-7fb7ebb10000 r--p 0012b000 08:01 869708
/usr/lib64/libnss3.so.12
7fb7ebb10000-7fb7ebb12000 rw-p 00130000 08:01 869708
/usr/lib64/libnss3.so.12
7fb7ebb12000-7fb7ebb14000 rw-p 00000000 00:00 0
7fb7ebb14000-7fb7ebb3e000 r-xp 00000000 08:01 869701
/usr/lib64/libsmime3.so.12
7fb7ebb3e000-7fb7ebd3e000 ---p 0002a000 08:01 869701
/usr/lib64/libsmime3.so.12
7fb7ebd3e000-7fb7ebd41000 r--p 0002a000 08:01 869701
/usr/lib64/libsmime3.so.12
7fb7ebd41000-7fb7ebd42000 rw-p 0002d000 08:01 869701
/usr/lib64/libsmime3.so.12
7fb7ebd42000-7fb7ebd78000 r-xp 00000000 08:01 869694
/usr/lib64/libssl3.so.12
7fb7ebd78000-7fb7ebf78000 ---p 00036000 08:01 869694
/usr/lib64/libssl3.so.12
7fb7ebf78000-7fb7ebf7a000 r--p 00036000 08:01 869694
/usr/lib64/libssl3.so.12
7fb7ebf7a000-7fb7ebf7b000 rw-p 00038000 08:01 869694
/usr/lib64/libssl3.so.12/usr/lib64/mozilla-thunderbird/run-mozilla.sh: line
131: 30129 Aborted "$prog" ${1+"$@"}
|
||
Updated•14 years ago
|
Attachment #461891 -
Attachment is patch: true
Attachment #461891 -
Attachment mime type: application/octet-stream → text/plain
|
|
||
Updated•14 years ago
|
Assignee: nobody → anarchy
|
|
||
Comment 1•14 years ago
|
||
Does this need to be submitted upstream as well?
|
||
Comment 2•14 years ago
|
||
Yes
|
|
||
Comment 3•14 years ago
|
||
Is cstddef safe to use?
|
Assignee | |
Comment 4•14 years ago
|
||
(In reply to comment #3) > Is cstddef safe to use? Yes it is safe, what concerns do you have with it?
|
|
||
Comment 5•14 years ago
|
||
Not everything from STL is safe for use in the Mozilla tree. See bug 556699
|
|
Assignee | |
Comment 6•14 years ago
|
||
Attachment #461891 -
Attachment is obsolete: true
Attachment #461905 -
Flags: review?(Olli.Pettay)
|
||
Comment 7•14 years ago
|
||
So why is this bug happening? What kind of change has there been in gcc?
|
|
||
Comment 8•14 years ago
|
||
And would something like &(h->word[0]) work?
|
|
||
Comment 9•14 years ago
|
||
Comment on attachment 461905 [details] [diff] [review] fix_hunspell_gcc45_double_buffer (rev 1.1) Jory, any updates here?
Attachment #461905 -
Flags: review?(Olli.Pettay)
|
|
Assignee | |
Comment 10•14 years ago
|
||
Sorry had not had much time to revisit this, will try to make some time for this tonight when I get in.
|
|
Assignee | |
Comment 11•14 years ago
|
||
This will work :) The change in gcc was to fortify sources that actually introduced the double buffer.
Attachment #461905 -
Attachment is obsolete: true
Attachment #472277 -
Flags: review?(Olli.Pettay)
|
|
Assignee | |
Comment 12•14 years ago
|
||
Same fix, only here in case we decide to apply to mozilla-1.9.2
|
|
||
Updated•14 years ago
|
Attachment #472277 -
Flags: review?(Olli.Pettay) → review+
|
|
Assignee | |
Updated•14 years ago
|
Attachment #472277 -
Flags: approval2.0?
|
|
||
Comment 13•14 years ago
|
||
This is probably worth checking in on the 1.9.2 branch if and when Hunspell 1.2.12 lands on it as well. Thanks for reminding me that I still need to make that patch! (Though we won't need a unique 1.9.2 patch for this bug at that point since it will already be in sync with trunk) Also, if this patch does land individually on trunk, please add a note to README.hunspell under the Hunspell version line so that it's not forgotten about. During the last Hunspell trunk update, we nearly reverted a patch that had landed since I'd forgotten it was there. I'm doing better keeping track of them now, but it would still be a useful reminder. I'm sure Caolan will take care of upstreaming this patch on his end.
|
|
||
Updated•14 years ago
|
Whiteboard: [fixed-in-hunspell-1.2.13]
|
||
Comment 14•14 years ago
|
||
bsmedberg, according to gavin, you are the appropriate person to look at this approval request.
Status: NEW → ASSIGNED
|
||
Comment 15•14 years ago
|
||
$ firefox -g
/usr/lib/firefox-3.6.12pre/run-mozilla.sh -g /usr/lib/firefox-3.6.12pre/firefox-bin
MOZILLA_FIVE_HOME=/usr/lib/firefox-3.6.12pre
LD_LIBRARY_PATH=/usr/lib/firefox-3.6.12pre:/usr/lib/firefox-3.6.12pre/plugins:/usr/lib/firefox-3.6.12pre
DISPLAY=:0.0
DYLD_LIBRARY_PATH=/usr/lib/firefox-3.6.12pre:/usr/lib/firefox-3.6.12pre
LIBRARY_PATH=/usr/lib/firefox-3.6.12pre:/usr/lib/firefox-3.6.12pre/components:/usr/lib/firefox-3.6.12pre
SHLIB_PATH=/usr/lib/firefox-3.6.12pre:/usr/lib/firefox-3.6.12pre
LIBPATH=/usr/lib/firefox-3.6.12pre:/usr/lib/firefox-3.6.12pre
ADDON_PATH=/usr/lib/firefox-3.6.12pre
MOZ_PROGRAM=/usr/lib/firefox-3.6.12pre/firefox-bin
MOZ_TOOLKIT=
moz_debug=1
moz_debugger=
/usr/bin/gdb /usr/lib/firefox-3.6.12pre/firefox-bin -x /tmp/mozargs.6Mewva
GNU gdb (GDB) 7.2-ubuntu
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/lib/firefox-3.6.12pre/firefox-bin...Reading symbols from /usr/lib/debug/usr/lib/firefox-3.6.12pre/firefox-bin...done.
done.
(gdb) r
Starting program: /usr/lib/firefox-3.6.12pre/firefox-bin
[Thread debugging using libthread_db enabled]
[New Thread 0x7fffe72ff710 (LWP 18438)]
[New Thread 0x7fffe68fa710 (LWP 18439)]
[New Thread 0x7fffe5cf0710 (LWP 18440)]
[New Thread 0x7fffe54ef710 (LWP 18441)]
[New Thread 0x7fffe4aff710 (LWP 18442)]
[New Thread 0x7fffe40f3710 (LWP 18443)]
ABP timeline: Entered Bootstrap.startup() (first event)
ABP timeline: * done registering URL components (0)
ABP timeline: * started initializing default modules (0)
ABP timeline: * Entered Prefs.startup() (2)
ABP timeline: * * done loading defaults (0)
ABP timeline: * * loading actual pref values (1)
ABP timeline: * * done loading pref values (0)
ABP timeline: * * registering observers (0)
ABP timeline: * Prefs.startup() done (0)
ABP timeline: * Entered FilterStorage.startup() (5)
ABP timeline: * * Entered FilterStorage.loadFromDisk() (0)
ABP timeline: * * * done locating patterns.ini file (1)
ABP timeline: * * * done parsing file (1165)
ABP timeline: * * * load complete, calling observers (0)
ABP timeline: * * FilterStorage.loadFromDisk() done (0)
ABP timeline: * FilterStorage.startup() done (0)
ABP timeline: * Entered ContentPolicy.startup() (4)
ABP timeline: * * done initializing types (1)
ABP timeline: * * registering global stylesheet (0)
ABP timeline: * * done registering stylesheet (2)
ABP timeline: * * registering component (0)
ABP timeline: * ContentPolicy.startup() done (0)
ABP timeline: * Entered ElemHide.startup() (2)
ABP timeline: * * done adding prefs listener (0)
ABP timeline: * * registering component (0)
ABP timeline: * ElemHide.startup() done (0)
ABP timeline: * Entered FilterListener.startup() (1)
ABP timeline: * * Entered ElemHide.apply() (346)
ABP timeline: * * * ElemHide.unapply() finished (0)
ABP timeline: * * * start grouping selectors (0)
ABP timeline: * * * done grouping selectors (17)
ABP timeline: * * * start building CSS data (0)
ABP timeline: * * * done building CSS data (46)
ABP timeline: * * * start inserting stylesheet (0)
ABP timeline: * * * done inserting stylesheet (383)
ABP timeline: * * ElemHide.apply() done (0)
ABP timeline: * * done initializing data structures (0)
ABP timeline: * * adding observers (0)
ABP timeline: * FilterListener.startup() done (0)
ABP timeline: * Entered Synchronizer.startup() (1)
ABP timeline: * Synchronizer.startup() done (1)
ABP timeline: * initializing additional modules (0)
ABP timeline: Bootstrap.startup() done (0)
ABP timeline: Total time elapsed: 1978
[New Thread 0x7fffdd3ff710 (LWP 18446)]
[New Thread 0x7fffdc9ed710 (LWP 18452)]
[New Thread 0x7fffdc1ec710 (LWP 18453)]
[Thread 0x7fffdd3ff710 (LWP 18446) exited]
[Thread 0x7fffdc1ec710 (LWP 18453) exited]
[New Thread 0x7fffdd3ff710 (LWP 18454)]
[New Thread 0x7fffdc1ec710 (LWP 18457)]
[New Thread 0x7fffd7ebc710 (LWP 18458)]
[New Thread 0x7fffd76bb710 (LWP 18459)]
[New Thread 0x7fffd6ab1710 (LWP 18460)]
[New Thread 0x7fffd60ff710 (LWP 18461)]
[New Thread 0x7fffd55ff710 (LWP 18462)]
[New Thread 0x7fffd45ff710 (LWP 18463)]
[New Thread 0x7fffde6ff710 (LWP 18464)]
[Thread 0x7fffde6ff710 (LWP 18464) exited]
[New Thread 0x7fffde6ff710 (LWP 18490)]
*** buffer overflow detected ***: /usr/lib/firefox-3.6.12pre/firefox-bin terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x7ffff1845527]
/lib/libc.so.6(+0xfe3e0)[0x7ffff18443e0]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xcb0d1e)[0x7ffff7072d1e]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xcb13fb)[0x7ffff70733fb]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xcb153f)[0x7ffff707353f]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xcb1799)[0x7ffff7073799]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xca2179)[0x7ffff7064179]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xc9a3da)[0x7ffff705c3da]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xbb9fff)[0x7ffff6f7bfff]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xbbac07)[0x7ffff6f7cc07]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xc9e2fc)[0x7ffff70602fc]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x90fa30)[0x7ffff6cd1a30]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x90e0c1)[0x7ffff6cd00c1]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x6dfd4b)[0x7ffff6aa1d4b]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x6dfe24)[0x7ffff6aa1e24]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x6e0de8)[0x7ffff6aa2de8]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x77e23a)[0x7ffff6b4023a]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x676f45)[0x7ffff6a38f45]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x777bf1)[0x7ffff6b39bf1]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x78ee7c)[0x7ffff6b50e7c]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x711d8a)[0x7ffff6ad3d8a]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x70b726)[0x7ffff6acd726]
/usr/lib/firefox-3.6.12pre/libxul.so(NS_InvokeByIndex_P+0x26b)[0x7ffff7137363]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x520564)[0x7ffff68e2564]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x526582)[0x7ffff68e8582]
/usr/lib/firefox-3.6.12pre/libmozjs.so(js_Invoke+0x445)[0x7ffff6110545]
/usr/lib/firefox-3.6.12pre/libmozjs.so(+0x75050)[0x7ffff6111050]
/usr/lib/firefox-3.6.12pre/libmozjs.so(JS_CallFunctionValue+0x1a)[0x7ffff60bc19a]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x52a5f9)[0x7ffff68ec5f9]
/usr/lib/firefox-3.6.12pre/libmozjs.so(js_Invoke+0x445)[0x7ffff6110545]
/usr/lib/firefox-3.6.12pre/libmozjs.so(+0x670c5)[0x7ffff61030c5]
/usr/lib/firefox-3.6.12pre/libmozjs.so(js_Invoke+0x950)[0x7ffff6110a50]
/usr/lib/firefox-3.6.12pre/libmozjs.so(+0x75050)[0x7ffff6111050]
/usr/lib/firefox-3.6.12pre/libmozjs.so(JS_CallFunctionValue+0x1a)[0x7ffff60bc19a]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x8a91dc)[0x7ffff6c6b1dc]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x8bb2fd)[0x7ffff6c7d2fd]
/usr/lib/firefox-3.6.12pre/libxul.so(+0x8bb5a6)[0x7ffff6c7d5a6]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xd6d29b)[0x7ffff712f29b]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xd6d44e)[0x7ffff712f44e]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xd6ae98)[0x7ffff712ce98]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xd3fef0)[0x7ffff7101ef0]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xcccf6d)[0x7ffff708ef6d]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xd158b9)[0x7ffff70d78b9]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xc3afdd)[0x7ffff6ffcfdd]
/usr/lib/firefox-3.6.12pre/libxul.so(+0xb21c7a)[0x7ffff6ee3c7a]
/usr/lib/firefox-3.6.12pre/libxul.so(XRE_main+0x33be)[0x7ffff68b097f]
/usr/lib/firefox-3.6.12pre/firefox-bin(+0x1fbc)[0x7ffff7ff3fbc]
/lib/libc.so.6(__libc_start_main+0xfe)[0x7ffff1764d8e]
/usr/lib/firefox-3.6.12pre/firefox-bin(+0x1c89)[0x7ffff7ff3c89]
======= Memory map: ========
7fffce5a2000-7fffced00000 r--p 00000000 00:10 2393485 /usr/share/icons/hicolor/icon-theme.cache
7fffced00000-7fffd0b00000 rw-p 00000000 00:00 0
7fffd0e00000-7fffd3d00000 rw-p 00000000 00:00 0
7fffd3dff000-7fffd3e00000 ---p 00000000 00:00 0
7fffd3e00000-7fffd4d00000 rw-p 00000000 00:00 0
7fffd4dff000-7fffd4e00000 ---p 00000000 00:00 0
7fffd4e00000-7fffd5800000 rw-p 00000000 00:00 0
7fffd58ff000-7fffd5900000 ---p 00000000 00:00 0
7fffd5900000-7fffd6200000 rw-p 00000000 00:00 0
7fffd62b1000-7fffd62b2000 ---p 00000000 00:00 0
7fffd62b2000-7fffd6ab2000 rw-p 00000000 00:00 0
7fffd6ab2000-7fffd6ab7000 r-xp 00000000 00:10 2272267 /lib/libnss_dns-2.12.1.so
7fffd6ab7000-7fffd6cb6000 ---p 00005000 00:10 2272267 /lib/libnss_dns-2.12.1.so
7fffd6cb6000-7fffd6cb7000 r--p 00004000 00:10 2272267 /lib/libnss_dns-2.12.1.so
7fffd6cb7000-7fffd6cb8000 rw-p 00005000 00:10 2272267 /lib/libnss_dns-2.12.1.so
7fffd6cb8000-7fffd6cba000 r-xp 00000000 00:10 3222 /lib/libnss_mdns4_minimal.so.2
7fffd6cba000-7fffd6eb9000 ---p 00002000 00:10 3222 /lib/libnss_mdns4_minimal.so.2
7fffd6eb9000-7fffd6eba000 r--p 00001000 00:10 3222 /lib/libnss_mdns4_minimal.so.2
7fffd6eba000-7fffd6ebb000 rw-p 00002000 00:10 3222 /lib/libnss_mdns4_minimal.so.2
7fffd6ebb000-7fffd6ebc000 ---p 00000000 00:00 0
7fffd6ebc000-7fffd76bc000 rw-p 00000000 00:00 0
7fffd76bc000-7fffd76bd000 ---p 00000000 00:00 0
7fffd76bd000-7fffd7ebd000 rw-p 00000000 00:00 0
7fffd7ebd000-7fffd7f22000 r-xp 00000000 00:10 2392966 /usr/lib/firefox-3.6.12pre/libnssckbi.so
7fffd7f22000-7fffd8122000 ---p 00065000 00:10 2392966 /usr/lib/firefox-3.6.12pre/libnssckbi.so
7fffd8122000-7fffd8131000 r--p 00065000 00:10 2392966 /usr/lib/firefox-3.6.12pre/libnssckbi.so
7fffd8131000-7fffd813b000 rw-p 00074000 00:10 2392966 /usr/lib/firefox-3.6.12pre/libnssckbi.so
7fffd813b000-7fffd819c000 r-xp 00000000 00:10 2392989 /usr/lib/firefox-3.6.12pre/libfreebl3.so
7fffd819c000-7fffd839b000 ---p 00061000 00:10 2392989 /usr/lib/firefox-3.6.12pre/libfreebl3.so
7fffd839b000-7fffd839d000 r--p 00060000 00:10 2392989 /usr/lib/firefox-3.6.12pre/libfreebl3.so
7fffd839d000-7fffd839e000 rw-p 00062000 00:10 2392989 /usr/lib/firefox-3.6.12pre/libfreebl3.so
7fffd839e000-7fffd83a2000 rw-p 00000000 00:00 0
7fffd83a2000-7fffd83c5000 r-xp 00000000 00:10 2392865 /usr/lib/firefox-3.6.12pre/libnssdbm3.so
7fffd83c5000-7fffd85c5000 ---p 00023000 00:10 2392865 /usr/lib/firefox-3.6.12pre/libnssdbm3.so
7fffd85c5000-7fffd85c6000 r--p 00023000 00:10 2392865 /usr/lib/firefox-3.6.12pre/libnssdbm3.so
7fffd85c6000-7fffd85c7000 rw-p 00024000 00:10 2392865 /usr/lib/firefox-3.6.12pre/libnssdbm3.so
7fffd85c7000-7fffd85fe000 r-xp 00000000 00:10 2392867 /usr/lib/firefox-3.6.12pre/libsoftokn3.so
7fffd85fe000-7fffd87fd000 ---p 00037000 00:10 2392867 /usr/lib/firefox-3.6.12pre/libsoftokn3.so
7fffd87fd000-7fffd87ff000 r--p 00036000 00:10 2392867 /usr/lib/firefox-3.6.12pre/libsoftokn3.so
7fffd87ff000-7fffd8800000 rw-p 00038000 00:10 2392867 /usr/lib/firefox-3.6.12pre/libsoftokn3.so
7fffd8800000-7fffd8900000 rw-p 00000000 00:00 0
7fffd89b7000-7fffd89f7000 r-xp 00000000 00:10 11587 /usr/lib/libibus.so.2.0.0
7fffd89f7000-7fffd8bf7000 ---p 00040000 00:10 11587 /usr/lib/libibus.so.2.0.0
7fffd8bf7000-7fffd8bf8000 r--p 00040000 00:10 11587 /usr/lib/libibus.so.2.0.0
7fffd8bf8000-7fffd8bf9000 rw-p 00041000 00:10 11587 /usr/lib/libibus.so.2.0.0
7fffd8bf9000-7fffd8bfa000 rw-p 00000000 00:00 0
7fffd8bfa000-7fffd8bff000 r-xp 00000000 00:10 15168 /usr/lib/gtk-2.0/2.10.0/immodules/im-ibus.so
7fffd8bff000-7fffd8dfe000 ---p 00005000 00:10 15168 /usr/lib/gtk-2.0/2.10.0/immodules/im-ibus.so
7fffd8dfe000-7fffd8dff000 r--p 00004000 00:10 15168 /usr/lib/gtk-2.0/2.10.0/immodules/im-ibus.so
7fffd8dff000-7fffd8e00000 rw-p 00005000 00:10 15168 /usr/lib/gtk-2.0/2.10.0/immodules/im-ibus.so
7fffd8e00000-7fffd9300000 rw-p 00000000 00:00 0
7fffd93e3000-7fffd9419000 r-xp 00000000 00:10 11227 /usr/lib/libcroco-0.6.so.3.0.1
7fffd9419000-7fffd9618000 ---p 00036000 00:10 11227 /usr/lib/libcroco-0.6.so.3.0.1
7fffd9618000-7fffd9619000 r--p 00035000 00:10 11227 /usr/lib/libcroco-0.6.so.3.0.1
7fffd9619000-7fffd961c000 rw-p 00036000 00:10 11227 /usr/lib/libcroco-0.6.so.3.0.1
7fffd961c000-7fffd964f000 r-xp 00000000 00:10 1478878 /usr/lib/librsvg-2.so.2.32.0
7fffd964f000-7fffd984f000 ---p 00033000 00:10 1478878 /usr/lib/librsvg-2.so.2.32.0
7fffd984f000-7fffd9850000 r--p 00033000 00:10 1478878 /usr/lib/librsvg-2.so.2.32.0
7fffd9850000-7fffd9851000 rw-p 00034000 00:10 1478878 /usr/lib/librsvg-2.so.2.32.0
7fffd9851000-7fffd9853000 r-xp 00000000 00:10 1478846 /usr/lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
7fffd9853000-7fffd9a52000 ---p 00002000 00:10 1478846 /usr/lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
7fffd9a52000-7fffd9a53000 r--p 00001000 00:10 1478846 /usr/lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
7fffd9a53000-7fffd9a54000 rw-p 00002000 00:10 1478846 /usr/lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
7fffd9a54000-7fffd9a60000 r-xp 00000000 00:10 2006803 /lib/libudev.so.0.9.1
7fffd9a60000-7fffd9c5f000 ---p 0000c000 00:10 2006803 /lib/libudev.so.0.9.1
Program received signal SIGABRT, Aborted.
0x00007ffff1779ba5 in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
in ../nptl/sysdeps/unix/sysv/linux/raise.c
(gdb) bt full
#0 0x00007ffff1779ba5 in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
pid = <value optimized out>
selftid = <value optimized out>
#1 0x00007ffff177d6b0 in abort () at abort.c:92
act = {__sigaction_handler = {sa_handler = 0x7fffffffaa30, sa_sigaction = 0x7fffffffaa30}, sa_mask = {__val = {140737488333552, 140737488347979,
38, 140737245663134, 1, 140737245667467, 3, 140737488333548, 4, 140737245663160, 1, 140737245672146, 3, 140737488333556, 12,
140737245672150}}, sa_flags = 2, sa_restorer = 0x7ffff188f2d6}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007ffff17b343b in __libc_message (do_abort=<value optimized out>, fmt=<value optimized out>) at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
ap = {{gp_offset = 32, fp_offset = 48, overflow_arg_area = 0x7fffffffb3f0, reg_save_area = 0x7fffffffb300}}
ap_copy = {{gp_offset = 16, fp_offset = 48, overflow_arg_area = 0x7fffffffb3f0, reg_save_area = 0x7fffffffb300}}
fd = 104
on_2 = <value optimized out>
list = <value optimized out>
nlist = 1024
cp = <value optimized out>
written = false
#3 0x00007ffff1845527 in __fortify_fail (msg=0x7ffff188f210 "buffer overflow detected") at fortify_fail.c:32
No locals.
#4 0x00007ffff18443e0 in __chk_fail () at chk_fail.c:29
No locals.
#5 0x00007ffff7072d1e in strcpy (this=0x7fffdda46780, word=0x7fffd0e02010 "0", wbl=1, wcl=1, aff=0x7fffcf3b30e0, al=2, desc=<value optimized out>,
onlyupcase=false) at /usr/include/bits/string3.h:107
No locals.
#6 HashMgr::add_word (this=0x7fffdda46780, word=0x7fffd0e02010 "0", wbl=1, wcl=1, aff=0x7fffcf3b30e0, al=2, desc=<value optimized out>, onlyupcase=false)
at hashmgr.cpp:191
descl = <value optimized out>
hp = 0x7fffdfa76b20
hpw = 0x7fffdfa76b41 "0/res"
i = <value optimized out>
dp = <value optimized out>
upcasehomonym = false
#7 0x00007ffff70733fb in HashMgr::load_tables (this=0x7fffdda46780, tpath=<value optimized out>, key=<value optimized out>) at hashmgr.cpp:527
captype = 0
wcl = 1
dp = 0x0
flags = 0x7fffcf3b30e0
---Type <return> to continue, or q <return> to quit---
dict = 0x7fffd0e02000
al = 2
ap = <value optimized out>
dp2 = 0x0
ts = <value optimized out>
#8 0x00007ffff707353f in HashMgr::HashMgr (this=0x7fffdda46780, tpath=0x7fffffffb640 "/usr/lib/firefox-3.6.12pre/dictionaries/en_US.dic",
apath=<value optimized out>, key=0x0) at hashmgr.cpp:105
ec = <value optimized out>
#9 0x00007ffff7073799 in Hunspell::Hunspell (this=0x7fffcee73990, affpath=0x7fffd11f1228 "/usr/lib/firefox-3.6.12pre/dictionaries/en_US.aff",
dpath=0x7fffffffb640 "/usr/lib/firefox-3.6.12pre/dictionaries/en_US.dic", key=0x0) at hunspell.cpp:87
try_string = <value optimized out>
#10 0x00007ffff7064179 in mozHunspell::SetDictionary (this=0x7fffd12dc420, aDictionary=<value optimized out>) at mozHunspell.cpp:168
affFile = <value optimized out>
rv = 0
ccm = {<nsCOMPtr_base> = {mRawPtr = 0x7fffd12dc420}, <No data fields>}
dictFileName = {<nsFixedCString> = {<nsCString> = {<nsACString_internal> = {
mData = 0x7fffffffb640 "/usr/lib/firefox-3.6.12pre/dictionaries/en_US.dic", mLength = 49, mFlags = 65553}, <No data fields>},
mFixedCapacity = 63, mFixedBuf = 0x7fffffffb640 "/usr/lib/firefox-3.6.12pre/dictionaries/en_US.dic"},
mStorage = "/usr/lib/firefox-3.6.12pre/dictionaries/en_US.dic\000\304\366\377\177\000\000\026\350\017\367\377\177\000"}
affFileName = {<nsFixedCString> = {<nsCString> = {<nsACString_internal> = {
mData = 0x7fffd11f1228 "/usr/lib/firefox-3.6.12pre/dictionaries/en_US.aff", mLength = 49, mFlags = 65541}, <No data fields>},
mFixedCapacity = 63, mFixedBuf = 0x7fffffffb5e0 ""},
mStorage = "\000\247:\347\377\177\000\000\220\217\022\367\377\177\000\000\000\000\000\000\377\177\000\000`\341\065\347\377\177\000\000 {\361\354\377\177\000\000\000\000\000\000\377\177\000\000\370\006\273\367\377\177\000\000\270\303\006\322\377\177\000"}
dotPos = <value optimized out>
pos = <value optimized out>
#11 0x00007ffff705c3da in mozSpellChecker::SetCurrentDictionary (this=0x7fffd12631f0, aDictionary=...) at mozSpellChecker.cpp:385
rv = 0
language = {<nsString> = {<nsAString_internal> = {mData = 0x7fff00000000, mLength = 4147492448,
mFlags = 32767}, <No data fields>}, <No data fields>}
serv = {<nsCOMPtr_base> = {mRawPtr = 0x7fffe73db400}, <No data fields>}
contractId = 0x7fffd11ad370
res = <value optimized out>
#12 0x00007ffff6f7bfff in nsEditorSpellCheck::SetCurrentDictionary (this=<value optimized out>, aDictionary=<value optimized out>)
at nsEditorSpellCheck.cpp:464
No locals.
#13 0x00007ffff6f7cc07 in nsEditorSpellCheck::InitSpellChecker (this=0x7fffdea3a700, aEditor=<value optimized out>,
---Type <return> to continue, or q <return> to quit---
aEnableSelectionChecking=<value optimized out>) at nsEditorSpellCheck.cpp:222
rv = 0
tsDoc = {<nsCOMPtr_base> = {mRawPtr = 0x7fffdda46700}, <No data fields>}
dictName = {<nsString> = {<nsAString_internal> = {mData = 0x7fffd11a3ae8, mLength = 5, mFlags = 5}, <No data fields>}, <No data fields>}
prefBranch = {<nsCOMPtr_base> = {mRawPtr = 0x7fffe73db410}, <No data fields>}
setDictionary = 0
#14 0x00007ffff70602fc in mozInlineSpellChecker::SetEnableRealTimeSpell (this=0x7fffd1262110, aEnabled=<value optimized out>)
at mozInlineSpellChecker.cpp:733
filter = {<nsCOMPtr_base> = {mRawPtr = 0x7fffdda46680}, <No data fields>}
editor = {<nsCOMPtr_base> = {mRawPtr = 0x7fffd206c2c0}, <No data fields>}
tsDoc = {<nsCOMPtr_base> = {mRawPtr = 0x1}, <No data fields>}
res = 0
spellchecker = {<nsCOMPtr_base> = {mRawPtr = 0x7fffdea3a700}, <No data fields>}
#15 0x00007ffff6cd1a30 in nsEditor::SyncRealTimeSpell (this=0x7fffd206c2c0) at nsEditor.cpp:1383
enable = 1
spellChecker = {<nsCOMPtr_base> = {mRawPtr = 0x7fffd1262110}, <No data fields>}
#16 0x00007ffff6cd00c1 in nsEditor::PostCreate (this=0x7fffd206c2c0) at nsEditor.cpp:292
rv = <value optimized out>
#17 0x00007ffff6aa1d4b in nsTextControlFrame::InitEditor (this=0x7fffd11bcc28) at nsTextControlFrame.cpp:1585
rv = 0
presContext = 0x7fffd206c2c0
domdoc = {<nsCOMPtr_base> = {mRawPtr = 0x7fffd2c1f908}, <No data fields>}
textEditor = {<nsCOMPtr_base> = {mRawPtr = 0x7fffd206c420}, <No data fields>}
defaultValue = {<nsFixedString> = {<nsString> = {<nsAString_internal> = {mData = 0x7ffff7bb0b10, mLength = 0, mFlags = 65537}, <No data fields>},
mFixedCapacity = 63, mFixedBuf = 0x7fffffffbb00}, mStorage = {0, 65535, 0 <repeats 46 times>, 32944, 59192, 32767, 0, 0, 0, 0, 0, 1, 0, 0, 0,
0, 0, 0, 0}}
transMgr = {<nsCOMPtr_base> = {mRawPtr = 0x7fffcf57bf20}, <No data fields>}
editorFlags = 513
shell = 0x7ffff6cc9d3e
#18 0x00007ffff6aa1e24 in nsTextControlFrame::DelayedEditorInit (this=0x7fffd11bcc28) at nsTextControlFrame.cpp:1358
doc = 0x7fffd2c1f800
weakFrame = {mPrev = 0x7fffdfa76260, mFrame = 0x7fffd11bcc28}
pusher = {mScx = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}, mScriptIsRunning = 0, mPushedSomething = 1}
#19 0x00007ffff6aa2de8 in nsTextControlFrame::EditorInitializer::Run (this=0x7fffdfa76130) at nsTextControlFrame.h:232
shell = {<nsCOMPtr_base> = {mRawPtr = 0x7fffddac6400}, <No data fields>}
#20 0x00007ffff6b4023a in nsContentUtils::RemoveScriptBlocker () at nsContentUtils.cpp:4495
runnable = {<nsCOMPtr_base> = {mRawPtr = 0x7fffdfa76130}, <No data fields>}
---Type <return> to continue, or q <return> to quit---
firstBlocker = 0
lastBlocker = 2
#21 0x00007ffff6a38f45 in PresShell::InitialReflow (this=0x7fffddac6400, aWidth=76800, aHeight=38220) at nsPresShell.cpp:2647
reflowNotifier = {mShell = 0x7fffddac6400}
kungFuDeathGrip = {<nsCOMPtr_base> = {mRawPtr = 0x7fffddac6400}, <No data fields>}
rootFrame = 0x7fffd117b8d0
root = <value optimized out>
#22 0x00007ffff6b39bf1 in nsContentSink::StartLayout (this=0x7fffd2c20000, aIgnorePendingSheets=<value optimized out>) at nsContentSink.cpp:1327
r = {x = 0, y = 0, width = 76800, height = 38220}
shellGrip = {<nsCOMPtr_base> = {mRawPtr = 0x7fffddac6400}, <No data fields>}
rv = <value optimized out>
iter = {<nsAutoTObserverArray<nsIPresShell*, 0u>::ForwardIterator> = {<nsAutoTObserverArray<nsIPresShell*, 0u>::Iterator> = {<nsTObserverArray_base::Iterator_base> = {mPosition = 1, mNext = 0x0}, mArray = @0x7fffd2c1f8d8}, <No data fields>}, mDoc = {<nsCOMPtr_base> = {
mRawPtr = 0x7fffd2c1f800}, <No data fields>}}
shell = {<nsCOMPtr_base> = {mRawPtr = 0x7fffddac6400}, <No data fields>}
#23 0x00007ffff6b50e7c in nsDocument::FlushPendingNotifications (this=0x7fffd2c1f800, aType=Flush_Layout) at nsDocument.cpp:6435
sink = {<nsCOMPtr_base> = {mRawPtr = 0x7fffd2c20100}, <No data fields>}
iter = {<nsAutoTObserverArray<nsIPresShell*, 0u>::ForwardIterator> = {<nsAutoTObserverArray<nsIPresShell*, 0u>::Iterator> = {<nsTObserverArray_base::Iterator_base> = {mPosition = 2147746065, mNext = 0x7fffffffbf20}, mArray = @0xffffffff}, <No data fields>}, mDoc = {<nsCOMPtr_base> = {
mRawPtr = 0x7fffffffc670}, <No data fields>}}
shell = {<nsCOMPtr_base> = {mRawPtr = 0x1}, <No data fields>}
#24 0x00007ffff6ad3d8a in nsComputedDOMStyle::GetPropertyCSSValue (this=0x7fffd1178970, aPropertyName=<value optimized out>, aReturn=0x7fffffffbfd0)
at nsComputedDOMStyle.cpp:400
document = {<nsCOMPtr_base> = {mRawPtr = 0x7fffd2c1f800}, <No data fields>}
prop = <value optimized out>
propEntry = 0x7ffff7a32350
rv = <value optimized out>
#25 0x00007ffff6acd726 in nsComputedDOMStyle::GetPropertyValue (this=0x7fffd1178970, aPropertyName=..., aReturn=...) at nsComputedDOMStyle.cpp:305
val = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}
rv = <value optimized out>
#26 0x00007ffff7137363 in NS_InvokeByIndex_P (that=0x7fffd1178970, methodIndex=5, paramCount=2, params=<value optimized out>)
at xptcinvoke_x86_64_unix.cpp:208
nr_stack = <value optimized out>
gpregs = {393312, 140737488340592, 140737488340080, 140736938115616, 0, 140737330796074}
d0 = <value optimized out>
d5 = <value optimized out>
result = <value optimized out>
---Type <return> to continue, or q <return> to quit---
nr_gpr = 3
d1 = <value optimized out>
d6 = <value optimized out>
nr_fpr = 0
d2 = <value optimized out>
d7 = <value optimized out>
methodAddress = <value optimized out>
stack = <value optimized out>
fpregs = {6.9533288127017451e-310, 6.9533558070468708e-310, 6.9533288127017451e-310, 6.9533479753276874e-310, 6.9533288127015475e-310,
2.6031072727240714e-314, 6.9533558070974631e-310, 6.9533558070895581e-310}
d3 = <value optimized out>
d4 = <value optimized out>
#27 0x00007ffff68e2564 in XPCWrappedNative::CallMethod (ccx=..., mode=<value optimized out>) at xpcwrappednative.cpp:2722
req = {mCX = 0x0, mDepth = -15504}
rv = <value optimized out>
retval = 0
paramCount = <value optimized out>
err = <value optimized out>
tls = 0x47fb
secAction = <value optimized out>
methodInfo = 0x7fffe4b47560
src = 140736941967748
foundDependentParam = 0
argc = 1
i = 2 '\002'
argv = 0x7fffffffc2a0
secFlag = <value optimized out>
autoStringUsed = 1
invokeResult = <value optimized out>
param_iid = {m0 = 3737430248, m1 = 32767, m2 = 0, m3 = "i\271\v\366\377\177\000"}
paramBuffer = {{<nsXPTCMiniVariant> = {val = {i8 = 112 'p', i16 = -14736, i32 = -14736, i64 = 140737488340592, u8 = 112 'p', u16 = 50800,
u32 = 4294952560, u64 = 140737488340592, f = -nan(0x7fc670), d = 6.9533558071069492e-310, b = -14736, c = 112 'p', wc = 50800,
p = 0x7fffffffc670}}, ptr = 0x7fffdec4a800, type = {<XPTTypeDescriptorPrefix> = {flags = 175 '\257'}, <No data fields>},
flags = 16 '\020'}, {<nsXPTCMiniVariant> = {val = {i8 = 112 'p', i16 = -15248, i32 = -15248, i64 = 140737488340080, u8 = 112 'p', u16 = 50288,
u32 = 4294952048, u64 = 140737488340080, f = -nan(0x7fc470), d = 6.953355807081653e-310, b = -15248, c = 112 'p', wc = 50288,
p = 0x7fffffffc470}}, ptr = 0x7fffecf10040, type = {<XPTTypeDescriptorPrefix> = {flags = 175 '\257'}, <No data fields>}, flags = 0 '\000'},
{<nsXPTCMiniVariant> = {val = {i8 = 112 'p', i16 = -30352, i32 = -786986640, i64 = 140736701368688, u8 = 112 'p', u16 = 35184, u32 = 3507980656,
---Type <return> to continue, or q <return> to quit---
u64 = 140736701368688, f = -4.06778675e+10, d = 6.9533169255287483e-310, b = -786986640, c = 112 'p', wc = 35184, p = 0x7fffd1178970}},
ptr = 0x7fffffffc1e0, type = {<XPTTypeDescriptorPrefix> = {flags = 146 '\222'}, <No data fields>}, flags = 5 '\005'}, {<nsXPTCMiniVariant> = {
val = {i8 = -123 '\205', i16 = 27525, i32 = -158569595, i64 = 140737329785733, u8 = 133 '\205', u16 = 27525, u32 = 4136397701,
u64 = 140737329785733, f = -1.42402796e+33, d = 6.9533479734560679e-310, b = -158569595, c = -123 '\205', wc = 27525, p = 0x7ffff68c6b85}},
ptr = 0x0, type = {<XPTTypeDescriptorPrefix> = {flags = 112 'p'}, <No data fields>}, flags = 195 '\303'}, {<nsXPTCMiniVariant> = {val = {
i8 = 0 '\000', i16 = 0, i32 = 0, i64 = 0, u8 = 0 '\000', u16 = 0, u32 = 0, u64 = 0, f = 0, d = 0, b = 0, c = 0 '\000', wc = 0, p = 0x0}},
ptr = 0x7ffff68c770f, type = {<XPTTypeDescriptorPrefix> = {flags = 224 '\340'}, <No data fields>}, flags = 235 '\353'}, {<nsXPTCMiniVariant> = {
val = {i8 = 32 ' ', i16 = -14048, i32 = -14048, i64 = 140737488341280, u8 = 32 ' ', u16 = 51488, u32 = 4294953248, u64 = 140737488341280,
f = -nan(0x7fc920), d = 6.9533558071409409e-310, b = -14048, c = 32 ' ', wc = 51488, p = 0x7fffffffc920}}, ptr = 0x0,
type = {<XPTTypeDescriptorPrefix> = {flags = 64 '@'}, <No data fields>}, flags = 194 '\302'}, {<nsXPTCMiniVariant> = {val = {i8 = 0 '\000',
i16 = 0, i32 = 0, i64 = 0, u8 = 0 '\000', u16 = 0, u32 = 0, u64 = 0, f = 0, d = 0, b = 0, c = 0 '\000', wc = 0, p = 0x0}},
ptr = 0x7fffffffc268, type = {<XPTTypeDescriptorPrefix> = {flags = 6 '\006'}, <No data fields>}, flags = 0 '\000'}, {<nsXPTCMiniVariant> = {
val = {i8 = -16 '\360', i16 = 24560, i32 = -148807696, i64 = 140737339547632, u8 = 240 '\360', u16 = 24560, u32 = 4146159600,
u64 = 140737339547632, f = -3.2730689e+33, d = 6.9533484557579613e-310, b = -148807696, c = -16 '\360', wc = 24560, p = 0x7ffff7215ff0}},
ptr = 0xaf0080, type = {<XPTTypeDescriptorPrefix> = {flags = 71 'G'}, <No data fields>}, flags = 1 '\001'}}
autoString = "\020\v\273\367\377\177\000\000\000\000\000\000\001\000\001\000?\000\000\000\377\177\000\000\220\304\377\377\377\177", '\000' <repeats 18 times>"\200, \226\027\321\377\177\000\000Yw\214\366\377\177\000\000\060#\362\354\377\177\000\000t\000\000\000\001\000\000\000\200\236\366\345\377\177\000\000\000\250\304\336\377\177\000\000\f\306\377\377\377\177\000\000\000\250\304\336\377\177\000\000\300\225\027\321\377\177\000\000\000\000\000\000\000\000\000\000\260\305\377\377\377\177\000\000\200\226\027\321\377\177\000\000\240\305\377\377\377\177\000\000\250\305\377\377\377\177\000"
dispatchParams = 0x7fffffffc1b0
requiredArgs = <value optimized out>
sm = <value optimized out>
rt = 0x7fffe73cac00
callee = 0x7fffd1178970
vtblIndex = 5
name = 140736669292600
#28 0x00007ffff68e8582 in XPC_WN_CallMethod (cx=0x7fffdec4a800, obj=0x7fffd11795c0, argc=1, argv=0x7fffcf2e1828, vp=<value optimized out>)
at xpcwrappednativejsops.cpp:1740
funobj = 0x7fffd1179680
wrapper = 0x0
member = 0x7fffde87cf38
ccx = {<nsAXPCNativeCallContext> = {_vptr.nsAXPCNativeCallContext = 0x7ffff79ef0a0}, mState = XPCCallContext::READY_TO_CALL, mXPC = 0x7fffe7341c90,
mThreadData = 0x7fffe73245e0, mXPCContext = 0x7fffe10b7140, mJSContext = 0x7fffdec4a800, mContextPopRequired = 0,
mDestroyJSContextInDestructor = 0, mCallerLanguage = XPCContext::LANG_JS, mPrevCallerLanguage = XPCContext::LANG_UNKNOWN, mPrevCallContext = 0x0,
mOperandJSObject = 0x7fffd11795c0, mCurrentJSObject = 0x7fffd1179580, mFlattenedJSObject = 0x7fffd1179580, mWrapper = 0x7fffd117a100,
mTearOff = 0x7fffd117a138, mScriptableInfo = 0x7fffdede7700, mSet = 0x7fffdf35a9d0, mInterface = 0x7fffde87cef0, mMember = 0x7fffde87cf38,
mName = 140736998666468, mStaticMemberIsLocal = 0, mArgc = 1, mArgv = 0x7fffcf2e1828, mRetVal = 0x7fffffffc798, mReturnValueWasSet = 0,
---Type <return> to continue, or q <return> to quit---
mMethodIndex = 5, mCallee = 0x0,
mStringWrapperData = "\220\r\243\337\377\177\000\000\023\000\000\000\001\000\000\000\001\000\000\000\000\000\000\000\240\306\377\377\377\177\000\000\200\061\326\342\377\177\000\000\000\000\000\000\377\177\000"}
iface = 0x7fffde87cef0
#29 0x00007ffff6110545 in js_Invoke (cx=0x7fffdec4a800, argc=<value optimized out>, vp=0x7fffcf2e1818, flags=<value optimized out>) at jsinterp.cpp:1360
frame = {regs = 0x0, imacpc = 0x0, slots = 0x0, callobj = 0x0, argsobj = 0, varobj = 0x7fffd10f0a80, script = 0x0, fun = 0x7fffd61cad20,
thisp = 0x7fffd11795c0, argc = 1, argv = 0x7fffcf2e1828, rval = 22, down = 0x7fffffffcb30, annotation = 0x0, scopeChain = 0x7fffd10f0a80,
blockChain = 0x0, sharpDepth = 0, sharpArray = 0x0, flags = 34, dormantNext = 0x0, displaySave = 0x0}
argv = 0x7fffcf2e1828
funobj = <value optimized out>
ok = -1
clasp = 0x0
i = <value optimized out>
mark = 0x7fffcf2e1830
sp = <value optimized out>
newvp = <value optimized out>
v = 140736701372032
ops = <value optimized out>
hookData = 0x0
parent = 0x7fffd1179580
fun = <value optimized out>
rootedArgsFlag = 32
native = 0x7ffff68e8498 <XPC_WN_CallMethod(JSContext*, JSObject*, uintN, jsval*, jsval*)>
script = <value optimized out>
nslots = <value optimized out>
hook = <value optimized out>
#30 0x00007ffff6111050 in js_InternalInvoke (cx=0x7fffdec4a800, obj=0x7fffd1179580, fval=140736701372032, flags=0, argc=1, argv=<value optimized out>,
rval=0x7fffffffc978) at jsinterp.cpp:1423
invokevp = 0x7fffcf2e1818
mark = <value optimized out>
ok = <value optimized out>
#31 0x00007ffff60bc19a in JS_CallFunctionValue (cx=0x7fffdec4a800, obj=<value optimized out>, fval=<value optimized out>, argc=<value optimized out>,
argv=<value optimized out>, rval=<value optimized out>) at jsapi.cpp:5114
ok = <value optimized out>
#32 0x00007ffff68ec5f9 in XPC_NW_FunctionWrapper (cx=0x7fffdec4a800, obj=0x7fffd11795c0, argc=1, argv=0x7fffcf2e17d8, rval=0x7fffffffcb88)
at XPCNativeWrapper.cpp:537
funObj = 0x7fffd1175a10
---Type <return> to continue, or q <return> to quit---
isAllAccess = 14
_val_544 = {mVal = 140736941967748, mValPtr = 0x7fffffffc960}
wrappedNative = 0x7fffd117a100
v = <value optimized out>
ccx = {<nsAXPCNativeCallContext> = {_vptr.nsAXPCNativeCallContext = 0x7ffff79ef0a0}, mState = XPCCallContext::HAVE_OBJECT, mXPC = 0x0,
mThreadData = 0x7fffe73245e0, mXPCContext = 0x7fffe10b7140, mJSContext = 0x7fffdec4a800, mContextPopRequired = 0,
mDestroyJSContextInDestructor = 0, mCallerLanguage = XPCContext::LANG_JS, mPrevCallerLanguage = XPCContext::LANG_UNKNOWN, mPrevCallContext = 0x0,
mOperandJSObject = 0x7fffd11795c0, mCurrentJSObject = 0x7fffd1179580, mFlattenedJSObject = 0x7fffd1179580, mWrapper = 0x7fffd117a100,
mTearOff = 0x0, mScriptableInfo = 0x7fffdede7700, mSet = 0x7ffff68eaf33, mInterface = 0x7fff00000000, mMember = 0x7fffdec4a800, mName = 0,
mStaticMemberIsLocal = 0, mArgc = 32767, mArgv = 0x7fffe2cff0e4, mRetVal = 0x3bb55fff3a0ab600, mReturnValueWasSet = 1, mMethodIndex = 57005,
mCallee = 0x0,
mStringWrapperData = "\001\000\000\000\000\000\000\000\262\327\r\366\377\177\000\000\000\000\000\000\377\177\000\000@\306\f\366\377\177\000\000\002", '\000' <repeats 11 times>"\377, \177\000"}
_automarker_544 = {<AutoMarkingPtr> = {_vptr.AutoMarkingPtr = 0x7ffff79eebe0, mNext = 0x0, mTLS = 0x0}, mPtr = 0x7fffffffc960}
#33 0x00007ffff6110545 in js_Invoke (cx=0x7fffdec4a800, argc=<value optimized out>, vp=0x7fffcf2e17c8, flags=<value optimized out>) at jsinterp.cpp:1360
frame = {regs = 0x0, imacpc = 0x0, slots = 0x0, callobj = 0x0, argsobj = 0, varobj = 0x7fffd10f0a80, script = 0x0, fun = 0x7fffd1175a10,
thisp = 0x7fffd11795c0, argc = 1, argv = 0x7fffcf2e17d8, rval = 22, down = 0x7fffcf2e1618, annotation = 0x0, scopeChain = 0x7fffd10f0a80,
blockChain = 0x0, sharpDepth = 0, sharpArray = 0x0, flags = 34, dormantNext = 0x0, displaySave = 0x0}
argv = 0x7fffcf2e17d8
funobj = <value optimized out>
ok = 1
clasp = 0x0
i = <value optimized out>
mark = 0x7fffcf2e1808
sp = <value optimized out>
newvp = <value optimized out>
v = 140736701356560
ops = <value optimized out>
hookData = 0x0
parent = 0x7fffd1179680
fun = <value optimized out>
rootedArgsFlag = 32
native = 0x7ffff68ec41f <XPC_NW_FunctionWrapper(JSContext*, JSObject*, uintN, jsval*, jsval*)>
script = <value optimized out>
nslots = <value optimized out>
hook = <value optimized out>
#34 0x00007ffff61030c5 in js_Interpret (cx=0x7fffdec4a800) at jsops.cpp:2240
---Type <return> to continue, or q <return> to quit---
getter = 0
op = JSOP_CALL
prop = 0x7fffd1fd6a58
npairs = 6
obj = 0x7fffd1175a10
fp = 0x7fffcf2e1618
inlineCallCount = 5
regs = {pc = 0x7fffe2aaa822 ":", sp = 0x7fffcf2e17e0}
rt = 0x7fffe73d0000
script = 0x7fffe2aaa000
originalVersion = 8192
obj2 = 0x7fffd11795c0
cond = 1
id = 140737072993652
normalJumpTable = {0x7ffff6104867, 0x7ffff6103b83, 0x7ffff610205e, 0x7ffff61076c4, 0x7ffff6107f02, 0x7ffff61052bc, 0x7ffff61020fa, 0x7ffff61033ea,
0x7ffff61061b8, 0x7ffff6107e49, 0x7ffff6107ea6, 0x7ffff6104540, 0x7ffff6103e33, 0x7ffff6103e79, 0x7ffff6103f85, 0x7ffff61075d6, 0x7ffff610764d,
0x7ffff61032ea, 0x7ffff6104d79, 0x7ffff610376b, 0x7ffff6106a69, 0x7ffff610620f, 0x7ffff610770c, 0x7ffff6104e7d, 0x7ffff6105ec5, 0x7ffff6105e48,
0x7ffff6107bea, 0x7ffff6106852, 0x7ffff61080cc, 0x7ffff610816c, 0x7ffff61058c2, 0x7ffff61083af, 0x7ffff6107f36, 0x7ffff6103bed, 0x7ffff61036e3,
0x7ffff6107c66, 0x7ffff6107afa, 0x7ffff6104182, 0x7ffff610422c, 0x7ffff6102568, 0x7ffff6104ae2, 0x7ffff61046ba, 0x7ffff6104c1b, 0x7ffff61047ca,
0x7ffff61046bf, 0x7ffff6104add, 0x7ffff61047cf, 0x7ffff6101ac4, 0x7ffff6101b9b, 0x7ffff6101941, 0x7ffff6101ac4, 0x7ffff6101b9b, 0x7ffff6101941,
0x7ffff61025c5, 0x7ffff610221d, 0x7ffff6104407, 0x7ffff6105626, 0x7ffff610237f, 0x7ffff6104f1d, 0x7ffff610237f, 0x7ffff61024e4, 0x7ffff61024e4,
0x7ffff6106d30, 0x7ffff61038c8, 0x7ffff6103906, 0x7ffff610356e, 0x7ffff6103944, 0x7ffff6104f22, 0x7ffff610824a, 0x7ffff6107887, 0x7ffff6104f60,
0x7ffff61051dc, 0x7ffff6105a8b, 0x7ffff610597c, 0x7ffff6103982, 0x7ffff6107ce0, 0x7ffff6107d5c, 0x7ffff610699e, 0x7ffff6101bd2, 0x7ffff6103ecf,
0x7ffff61042cc, 0x7ffff6103bc1, 0x7ffff6105388, 0x7ffff61070d8, 0x7ffff61021b8, 0x7ffff61044e5, 0x7ffff6104662, 0x7ffff610843e, 0x7ffff6106af9,
0x7ffff6106ec8, 0x7ffff6105330, 0x7ffff6106f58, 0x7ffff6106d6e, 0x7ffff6106e22, 0x7ffff6103c45, 0x7ffff6104f0d, 0x7ffff6107ef3, 0x7ffff6104d29,
0x7ffff6107a4f, 0x7ffff6104d5c, 0x7ffff6104c20, 0x7ffff6104d6c, 0x7ffff6104cba, 0x7ffff6107f8d, 0x7ffff610458d, 0x7ffff6103d52, 0x7ffff6103ded,
0x7ffff610820c, 0x7ffff61040bf, 0x7ffff610221d, 0x7ffff6106a2f, 0x7ffff61052dd, 0x7ffff610648c, 0x7ffff61064e0, 0x7ffff6103cee, 0x7ffff6106bcf,
0x7ffff6105d61, 0x7ffff6103b60, 0x7ffff6104b8f, 0x7ffff61059f1, 0x7ffff61020f1, 0x7ffff6101bd2, 0x7ffff6105db3, 0x7ffff6102eb6, 0x7ffff6102eb6,
0x7ffff61073d2, 0x7ffff6102b07, 0x7ffff6102b07, 0x7ffff6104a1b, 0x7ffff610644a, 0x7ffff610386c, 0x7ffff6103f1a, 0x7ffff6104bb2, 0x7ffff6106d03,
0x7ffff6102c03, 0x7ffff6102c03, 0x7ffff6106134, 0x7ffff61057a7, 0x7ffff6105fc5, 0x7ffff61020a6, 0x7ffff610804d, 0x7ffff6107f9f, 0x7ffff6107ff6,
0x7ffff6103361, 0x7ffff6106b51, 0x7ffff6105213, 0x7ffff610209d, 0x7ffff610501d, 0x7ffff61050f9, 0x7ffff610798b, 0x7ffff6106589, 0x7ffff61069e6,
0x7ffff610205e, 0x7ffff6101fc6, 0x7ffff6102e0e, 0x7ffff6107281, 0x7ffff6104b78, 0x7ffff6104b15, 0x7ffff6107dea, 0x7ffff6104b62, 0x7ffff6106c1d,
0x7ffff6106536, 0x7ffff6107902, 0x7ffff6105b00, 0x7ffff6105b55, 0x7ffff6105bd4, 0x7ffff610585f, 0x7ffff6107990, 0x7ffff610289a, 0x7ffff610289a,
0x7ffff61063cd, 0x7ffff6107a5e, 0x7ffff61027fb, 0x7ffff610275c, 0x7ffff6105c40, 0x7ffff6105c8f, 0x7ffff6105d05, 0x7ffff610362f, 0x7ffff610368b,
0x7ffff610779c, 0x7ffff61047d5, 0x7ffff610488a, 0x7ffff610490b, 0x7ffff610498c, 0x7ffff6105447, 0x7ffff6102136, 0x7ffff6102136, 0x7ffff610275c,
0x7ffff61079ee, 0x7ffff6103af8, 0x7ffff6102539, 0x7ffff6102539, 0x7ffff6104bf8, 0x7ffff6103b3d, 0x7ffff6105700, 0x7ffff6101fc6, 0x7ffff61025c5,
0x7ffff61027fb, 0x7ffff6102568, 0x7ffff610629f...}
---Type <return> to continue, or q <return> to quit---
rval = 140736701356560
setter = 0x3a
attrs = 5
atoms = 0x7fffe2aaa070
slot = 13
type = JSTYPE_VOID
interruptJumpTable = {0x7ffff61046c4 <repeats 235 times>}
rtmp = 4
#35 0x00007ffff6110a50 in js_Invoke (cx=0x7fffdec4a800, argc=<value optimized out>, vp=0x7fffcf2e1038, flags=<value optimized out>) at jsinterp.cpp:1368
frame = {regs = 0x7fffcf2e1108, imacpc = 0x0, slots = 0x7fffcf2e1050, callobj = 0x0, argsobj = 0, varobj = 0x0, script = 0x7fffdf322f20,
fun = 0x7fffdf37c5b0, thisp = 0x7fffe17182c0, argc = 1, argv = 0x7fffcf2e1048, rval = 22, down = 0x0, annotation = 0x0,
scopeChain = 0x7fffe13fff40, blockChain = 0x0, sharpDepth = 0, sharpArray = 0x0, flags = 32, dormantNext = 0x0, displaySave = 0x0}
argv = 0x7fffcf2e1048
funobj = <value optimized out>
ok = -557430176
clasp = 0x0
i = <value optimized out>
mark = 0x7fffcf2e1050
sp = <value optimized out>
newvp = <value optimized out>
v = 140736716861696
ops = <value optimized out>
hookData = 0x0
parent = 0x7fffe13fff40
fun = <value optimized out>
rootedArgsFlag = 32
native = 0
script = <value optimized out>
nslots = <value optimized out>
hook = <value optimized out>
#36 0x00007ffff6111050 in js_InternalInvoke (cx=0x7fffdec4a800, obj=0x7fffe17182c0, fval=140736716861696, flags=0, argc=1, argv=<value optimized out>,
rval=0x7fffffffd160) at jsinterp.cpp:1423
invokevp = 0x7fffcf2e1038
mark = <value optimized out>
ok = <value optimized out>
#37 0x00007ffff60bc19a in JS_CallFunctionValue (cx=0x7fffdec4a800, obj=<value optimized out>, fval=<value optimized out>, argc=<value optimized out>,
argv=<value optimized out>, rval=<value optimized out>) at jsapi.cpp:5114
---Type <return> to continue, or q <return> to quit---
ok = <value optimized out>
#38 0x00007ffff6c6b1dc in nsJSContext::CallEventHandler (this=0x7fffdec64520, aTarget=<value optimized out>, aScope=<value optimized out>,
aHandler=0x7fffd203f100, aargv=<value optimized out>, arv=0x7fffffffd2c0) at nsJSEnvironment.cpp:2197
argv = 0x7fffe12fe250
ok = <value optimized out>
mark = 0x0
argc = 1
stackGuard = {mContext = 0x7fffdec4a800, mStack = 0x0}
rv = 0
holder = {mContext = 0x7fffdec64520, mTerminations = 0x0}
targetVal = 140736975700672
tvr = {mContext = 0x7fffdec4a800, mTvr = {down = 0x0, count = 1, u = {value = 140737488343408, object = 0x7fffffffd170, xml = 0x7fffffffd170,
trace = 0x7fffffffd170, sprop = 0x7fffffffd170, weakRoots = 0x7fffffffd170, compiler = 0x7fffffffd170, script = 0x7fffffffd170,
array = 0x7fffffffd170}}}
target = 0x7fffe17182c0
rval = 22
stack = {<nsCOMPtr_base> = {mRawPtr = 0x7fffe7341cc8}, <No data fields>}
#39 0x00007ffff6c7d2fd in nsGlobalWindow::RunTimeout (this=0x7fffdec4b800, aTimeout=0x7fffcf6f4220) at nsGlobalWindow.cpp:8181
lateness = <value optimized out>
dummy = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}
me = {<nsCOMPtr_base> = {mRawPtr = 0x7fffdec4b800}, <No data fields>}
last_running_timeout = 0x0
scriptObject = <value optimized out>
scx = {<nsCOMPtr_base> = {mRawPtr = 0x7fffdec64520}, <No data fields>}
handler = {<nsCOMPtr_base> = {mRawPtr = 0x7fffcf4c1ce0}, <No data fields>}
timeout_was_cleared = <value optimized out>
isInterval = <value optimized out>
timeout = 0x7fffcf6f4220
last_expired_timeout = <value optimized out>
deadline = <value optimized out>
last_insertion_point = 0x0
dummy_timeout = {<PRCListStr> = {next = 0x7fffd611e520, prev = 0x7fffcf6f4220}, static _cycleCollectorGlobal = {<nsCycleCollectionParticipant> = {
_vptr.nsCycleCollectionParticipant = 0x7ffff7a9f000}, <No data fields>}, mWindow = {mRawPtr = 0x0}, mTimer = {<nsCOMPtr_base> = {
mRawPtr = 0x0}, <No data fields>}, mCleared = 0 '\000', mRunning = 0 '\000', mPublicId = 0, mInterval = 0, mWhen = 0,
mPrincipal = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}, mFiringDepth = 1, mPopupState = openAllowed,
mScriptHandler = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}, mRefCnt = {mValue = 2}}
firingDepth = 1
---Type <return> to continue, or q <return> to quit---
windowKungFuDeathGrip = {<nsCOMPtr_base> = {mRawPtr = 0x7fffdec4b858}, <No data fields>}
now = 1288045456910045
#40 0x00007ffff6c7d5a6 in nsGlobalWindow::TimerCallback (aTimer=<value optimized out>, aClosure=<value optimized out>) at nsGlobalWindow.cpp:8515
timeout = 0x7fffcf6f4220
#41 0x00007ffff712f29b in nsTimerImpl::Fire (this=0x7fffcf4c1d30) at nsTimerImpl.cpp:427
now = <value optimized out>
timeout = <value optimized out>
callbackType = 2
#42 0x00007ffff712f44e in nsTimerEvent::Run (this=<value optimized out>) at nsTimerImpl.cpp:519
timer = {mRawPtr = 0x7fffcf4c1d30}
#43 0x00007ffff712ce98 in nsThread::ProcessNextEvent (this=0x7fffecf2faf0, mayWait=1, result=0x7fffffffd41c) at nsThread.cpp:527
event = {<nsCOMPtr_base> = {mRawPtr = 0x7fffd10f1160}, <No data fields>}
notifyGlobalObserver = 1
obs = {<nsCOMPtr_base> = {mRawPtr = 0x7fffe3525948}, <No data fields>}
rv = 0
#44 0x00007ffff7101ef0 in NS_ProcessNextEvent_P (thread=<value optimized out>, mayWait=<value optimized out>) at nsThreadUtils.cpp:250
val = 1
#45 0x00007ffff708ef6d in mozilla::ipc::MessagePump::Run (this=0x7fffe73143c0, aDelegate=0x7fffecfba360) at MessagePump.cpp:134
did_work = <value optimized out>
#46 0x00007ffff70d78b9 in MessageLoop::Run (this=0x7fffecfba360) at ./src/base/message_loop.cc:173
save_state = {<MessageLoop::RunState> = {run_depth = 1, quit_received = false}, loop_ = 0x7fffecfba360, previous_state_ = 0x0}
#47 0x00007ffff6ffcfdd in nsBaseAppShell::Run (this=0x7fffe3525940) at nsBaseAppShell.cpp:174
thread = 0x7fffecf2faf0
#48 0x00007ffff6ee3c7a in nsAppStartup::Run (this=0x7fffe35bd1c0) at nsAppStartup.cpp:183
rv = <value optimized out>
#49 0x00007ffff68b097f in XRE_main (argc=<value optimized out>, argv=<value optimized out>, aAppData=<value optimized out>) at nsAppRunner.cpp:3483
remoteService = {<nsCOMPtr_base> = {mRawPtr = 0x7fffdecd4e80}, <No data fields>}
appStartup = {<nsCOMPtr_base> = {mRawPtr = 0x7fffe35bd1c0}, <No data fields>}
shuttingDown = 0
cmdLine = {<nsCOMPtr_base> = {mRawPtr = 0x7fffe0e2ab00}, <No data fields>}
workingDir = {<nsCOMPtr_base> = {mRawPtr = 0x7fffdeb8a140}, <No data fields>}
xpcom = {mServiceManager = 0x7fffe735e168}
prefs = {<nsCOMPtr_base> = {mRawPtr = 0x7fffe73db400}, <No data fields>}
desktopStartupIDEnv = <value optimized out>
profLD = {<nsCOMPtr_base> = {mRawPtr = 0x7fffecfb2700}, <No data fields>}
dirProvider = {<nsIDirectoryServiceProvider2> = {<nsIDirectoryServiceProvider> = {<nsISupports> = {
_vptr.nsISupports = 0x7ffff79edbd0}, <No data fields>}, <No data fields>}, <nsIProfileStartup> = {<nsISupports> = {
---Type <return> to continue, or q <return> to quit---
_vptr.nsISupports = 0x7ffff79edc18}, <No data fields>}, mAppProvider = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>},
mGREDir = {<nsCOMPtr_base> = {mRawPtr = 0x7fffecf1c300}, <No data fields>}, mXULAppDir = {<nsCOMPtr_base> = {
mRawPtr = 0x7fffecf1c180}, <No data fields>}, mProfileDir = {<nsCOMPtr_base> = {mRawPtr = 0x7fffecfb2640}, <No data fields>},
mProfileLocalDir = {<nsCOMPtr_base> = {mRawPtr = 0x7fffecfb2700}, <No data fields>}, mProfileNotified = 1 '\001', mExtensionsLoaded = 1 '\001',
mAppBundleDirectories = {<nsCOMArray_base> = {mArray = {mImpl = 0x0}}, <No data fields>}, mExtensionDirectories = {<nsCOMArray_base> = {mArray = {
mImpl = 0x7fffecfa3700}}, <No data fields>}, mThemeDirectories = {<nsCOMArray_base> = {mArray = {
mImpl = 0x7fffe7336290}}, <No data fields>}}
desktopStartupIDPtr = <value optimized out>
nativeApp = {<nsCOMPtr_base> = {mRawPtr = 0x7fffecf7b310}, <No data fields>}
startOffline = <value optimized out>
profileName = {<nsFixedCString> = {<nsCString> = {<nsACString_internal> = {mData = 0x7fffe7323218 "3.6SSD", mLength = 6,
mFlags = 65541}, <No data fields>}, mFixedCapacity = 63, mFixedBuf = 0x7fffffffddf0 ""},
mStorage = "\000\336\377\377\377\177\000\000/\336\377\377\377\177\000\000b\360\361\354\377\177\000\000\353J\022\367\377\177\000\000H\360\361\354\377\177\000\000\032\000\000\000\001\000\000\000\060\336\377\377\377\177\000\000\000\000\000\000\000\000\000"}
upgraded = <value optimized out>
versionOK = -556970368
appInitiatedRestart = 0
desktopStartupID = {<nsFixedCString> = {<nsCString> = {<nsACString_internal> = {mData = 0x7fffffffde50 "", mLength = 0,
mFlags = 65553}, <No data fields>}, mFixedCapacity = 63, mFixedBuf = 0x7fffffffde50 ""},
mStorage = "\000\336\377\377\377\177\000\000\220\336\377\377\377\177\000\000\300\300\361\354\377\177\000\000\357D\213\366\377\177\000\000\300\300\361\354\377\177\000\000\000\000\000\000\377\177\000\000\220\336\377\377\377\177\000\000\312\350w\361\377\177\000"}
display_name = <value optimized out>
xremotearg = <value optimized out>
_g_set_application_name = <value optimized out>
canRun = 1
profileLock = {<nsCOMPtr_base> = {mRawPtr = 0x7fffe7336060}, <No data fields>}
profD = {<nsCOMPtr_base> = {mRawPtr = 0x7fffecfb2640}, <No data fields>}
version = {<nsFixedCString> = {<nsCString> = {<nsACString_internal> = {mData = 0x7fffffffdd90 "3.6.12pre_20101024042454/20101024042454",
mLength = 39, mFlags = 65553}, <No data fields>}, mFixedCapacity = 63,
mFixedBuf = 0x7fffffffdd90 "3.6.12pre_20101024042454/20101024042454"},
mStorage = "3.6.12pre_20101024042454/20101024042454\000\000\266\n:\377_\265;\200\301\361\354\377\177\000\000\020\336\377\377\377\177\000"}
needsRestart = 0
display = 0x7fffecf72190
_gtk_window_set_auto_startup_notification = <value optimized out>
osABI = {<nsCString> = {<nsACString_internal> = {mData = 0x7ffff7216f9a "Linux_x86_64-gcc3", mLength = 17,
mFlags = 1}, <No data fields>}, <No data fields>}
rv = 0
---Type <return> to continue, or q <return> to quit---
gtkModules = <value optimized out>
appData = {<nsXREAppData> = {size = 112, directory = 0x7fffecf1c180, vendor = 0x7fffecf030b8 "Mozilla", name = 0x7fffecf030c0 "Firefox",
version = 0x7fffecf190f0 "3.6.12pre", buildID = 0x7fffecf19100 "20101024042454", ID = 0x7fffecf18250 "{ec8030f7-c20a-464f-9b0e-13a3a9e97384}",
copyright = 0x7fffecf18280 "Copyright (c) 1998 - 2010 mozilla.org", flags = 14, xreDirectory = 0x7fffecf1c300,
minVersion = 0x7fffecf19110 "1.9.2.12pre", maxVersion = 0x7fffecf19120 "1.9.2.12pre",
crashReporterURL = 0x7fffecf182b0 "https://crash-reports.mozilla.com/submit", profile = 0x0}, <No data fields>}
localIniFile = {<nsCOMPtr_base> = {mRawPtr = 0x7fffecf1c240}, <No data fields>}
parser = {
mSections = {<nsBaseHashtable<nsDepCharHashKey, nsAutoPtr<nsINIParser_internal::INIValue>, nsINIParser_internal::INIValue*>> = {<nsTHashtable<nsBaseHashtableET<nsDepCharHashKey, nsAutoPtr<nsINIParser_internal::INIValue> > >> = {mTable = {ops = 0x7ffff7b92ba0, data = 0x0, hashShift = 28,
maxAlphaFrac = 192 '\300', minAlphaFrac = 64 '@', entrySize = 24, entryCount = 1, removedCount = 0, generation = 0,
entryStore = 0x7fffecf28180 ""}}, <No data fields>}, <No data fields>}, mFileContents = {mRawPtr = 0x7fffecf0f400 "[Build"}}
ar = <value optimized out>
override = 0x0
iniFile = {<nsCOMPtr_base> = {mRawPtr = 0x7fffecf1c240}, <No data fields>}
crashreporterEnv = <value optimized out>
i = <value optimized out>
#50 0x00007ffff7ff3fbc in main (argc=1, argv=0x7fffffffe048) at nsBrowserApp.cpp:158
rv = <value optimized out>
appEnv = 0x0
appDataFile = <value optimized out>
appData = 0x7fffecf20080
appini = {<nsCOMPtr_base> = {mRawPtr = 0x7fffecf1c0c0}, <No data fields>}
result = <value optimized out>
(gdb)
Installed: 3.6.12~hg20101023r34698+nobinonly-0ubuntu1~umd1
|
||
Updated•14 years ago
|
Attachment #472277 -
Flags: approval2.0? → approval2.0+
|
|
Assignee | |
Updated•14 years ago
|
Keywords: checkin-needed
|
|
||
Comment 16•14 years ago
|
||
Pushed on trunk: http://hg.mozilla.org/mozilla-central/rev/9ca441f29257 Keeping open in case of we want that fix to go on branch (or open a follow-up?)
Keywords: checkin-needed
|
|
||
Comment 17•14 years ago
|
||
Mark it FIXED when on trunk. Branch work is taken care of with flags.
Status: ASSIGNED → RESOLVED
blocking1.9.2: --- → ?
Closed: 14 years ago
status1.9.2:
--- → ?
Resolution: --- → FIXED
|
||
Comment 18•14 years ago
|
||
According to README.hunspell the 1.9.2 branch has hunspell version 1.2.8, but it does have the #define changed in this patch. Not sure we need to block since comment 13 seems to imply only hunspell 1.2.12 is affected, but if you want to land it anyway please request approval1.9.2.x? Jory and BUGabundo: please use attachments for huge dumps like those stack traces! Putting them in-line makes the bug really hard to read.
blocking1.9.2: ? → -
|
|
Assignee | |
Comment 19•14 years ago
|
||
Comment on attachment 472277 [details] [diff] [review] Use Olli Pettay suggestion &(h->word[0]) I am not sure how comment 13 implies that it is not effected, only thing I have gathered from the comment is he is hoping to update hunspell on 1.9.2 branch then same patch would be used. Either way this is need on 1.9.2
Attachment #472277 -
Flags: approval1.9.2.13?
|
|
||
Comment 20•14 years ago
|
||
I'm about to post a 1.2.12 rollup patch for the 3.6 branch to bug 579649. I included the fix for this bug in it. Once that patch is checked in, I will close this one out. Thanks again for the patch.
|
|
||
Comment 21•14 years ago
|
||
not sure how to attach a log here :( http://paste.ubuntu.com/529629/ $ apt-cache policy firefox Installed: 3.6.13~hg20101108r34732+nobinonly-0ubuntu1~umd1
|
|
||
Comment 22•14 years ago
|
||
This hasn't been fixed on the 3.6.x branch yet. When the 3.6 branch patch in bug 579649 gets approved and checked in, it will bring the fix for this bug with it.
|
||
Comment 23•14 years ago
|
||
Comment on attachment 472277 [details] [diff] [review] Use Olli Pettay suggestion &(h->word[0]) We're going to track picking up bug 579649, which will fix this bug. Denying approval.
Attachment #472277 -
Flags: approval1.9.2.13? → approval1.9.2.13-
|
|
||
Updated•14 years ago
|
Depends on: hunspell-1.3.2
|
|
||
Comment 24•14 years ago
|
||
This landed with the Hunspell 1.2.12 roll-up patch in bug 579649. http://hg.mozilla.org/releases/mozilla-1.9.2/rev/afadbba2ae5f
You need to log in
before you can comment on or make changes to this bug.
Description
•