Closed Bug 885863 Opened 12 years ago Closed 12 years ago

possible race condition

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Version:
21 Branch
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 767815

People

(Reporter: egeektronic, Unassigned)

Details

when open new window Program received signal SIGPIPE, Broken pipe. [Switching to Thread 0x7ffff7fbb780 (LWP 6144)] [----------------------------------registers-----------------------------------] RAX: 0xffffffffffffffe0 RBX: 0x7fffffffc430 ("VENDOR\nIntel Open Source Technology Center\nRENDERER\nMesa DRI Intel(R) Sandybridge Mobile \nVERSION\n3.0 Mesa 9.1.2\nTFP\nTRUE\n") RCX: 0xffffffffffffffff RDX: 0x7a ('z') RSI: 0x7fffffffc430 ("VENDOR\nIntel Open Source Technology Center\nRENDERER\nMesa DRI Intel(R) Sandybridge Mobile \nVERSION\n3.0 Mesa 9.1.2\nTFP\nTRUE\n") RDI: 0x8 RBP: 0x7ffff6ca4000 --> 0x7fffe9282000 RSP: 0x7fffffffc348 --> 0x7ffff333c54e (add rsp,0x4e8) RIP: 0x7ffff7bca720 (<__write_nocancel+7>: cmp rax,0xfffffffffffff001) R8 : 0x0 R9 : 0x1800 R10: 0x7fffffffc110 --> 0x0 R11: 0x246 R12: 0x7ffff6cf30b0 --> 0x0 R13: 0x7a ('z') R14: 0x7ffff6ccd000 --> 0x0 R15: 0x1c00002 EFLAGS: 0x246 (carry PARITY adjust ZERO sign trap INTERRUPT direction overflow) [-------------------------------------code-------------------------------------] 0x7ffff7bca717 <write+7>: jne 0x7ffff7bca729 <write+25> 0x7ffff7bca719 <__write_nocancel>: mov eax,0x1 0x7ffff7bca71e <__write_nocancel+5>: syscall => 0x7ffff7bca720 <__write_nocancel+7>: cmp rax,0xfffffffffffff001 0x7ffff7bca726 <__write_nocancel+13>: jae 0x7ffff7bca759 <write+73> 0x7ffff7bca728 <__write_nocancel+15>: ret 0x7ffff7bca729 <write+25>: sub rsp,0x8 0x7ffff7bca72d <write+29>: call 0x7ffff7bca3b0 <__pthread_enable_asynccancel> [------------------------------------stack-------------------------------------] 0000| 0x7fffffffc348 --> 0x7ffff333c54e (add rsp,0x4e8) 0008| 0x7fffffffc350 --> 0x7ffff43cebc4 --> 0x4c41460045555254 ('TRUE') 0016| 0x7fffffffc358 --> 0x7fff00000018 0024| 0x7fffffffc360 --> 0x1 0032| 0x7fffffffc368 --> 0x7ffff6c050a8 --> 0x0 0040| 0x7fffffffc370 --> 0x2008 0048| 0x7fffffffc378 --> 0x7fffffffc3c0 --> 0x100000000 0056| 0x7fffffffc380 --> 0x7fffe929e640 [------------------------------------------------------------------------------] 0x00007ffff7bca720 in __write_nocancel () from /lib64/libpthread.so.0 $ x/i 0x7ffff7fbb780 0x7ffff7fbb780: xor BYTE PTR [rdi+0x7ffff7fb],0x0 next [----------------------------------registers-----------------------------------] RAX: 0xffffffffffffffe0 RBX: 0x7fffffffc430 ("VENDOR\nIntel Open Source Technology Center\nRENDERER\nMesa DRI Intel(R) Sandybridge Mobile \nVERSION\n3.0 Mesa 9.1.2\nTFP\nTRUE\n") RCX: 0xffffffffffffffff RDX: 0x7a ('z') RSI: 0x7fffffffc430 ("VENDOR\nIntel Open Source Technology Center\nRENDERER\nMesa DRI Intel(R) Sandybridge Mobile \nVERSION\n3.0 Mesa 9.1.2\nTFP\nTRUE\n") RDI: 0x8 RBP: 0x7ffff6ca4000 --> 0x7fffe9282000 RSP: 0x7fffffffc348 --> 0x7ffff333c54e (add rsp,0x4e8) RIP: 0x7ffff7bca726 (<__write_nocancel+13>: jae 0x7ffff7bca759 <write+73>) R8 : 0x0 R9 : 0x1800 R10: 0x7fffffffc110 --> 0x0 R11: 0x246 R12: 0x7ffff6cf30b0 --> 0x0 R13: 0x7a ('z') R14: 0x7ffff6ccd000 --> 0x0 R15: 0x1c00002 EFLAGS: 0x212 (carry parity ADJUST zero sign trap INTERRUPT direction overflow) [-------------------------------------code-------------------------------------] 0x7ffff7bca719 <__write_nocancel>: mov eax,0x1 0x7ffff7bca71e <__write_nocancel+5>: syscall 0x7ffff7bca720 <__write_nocancel+7>: cmp rax,0xfffffffffffff001 => 0x7ffff7bca726 <__write_nocancel+13>: jae 0x7ffff7bca759 <write+73> | 0x7ffff7bca728 <__write_nocancel+15>: ret | 0x7ffff7bca729 <write+25>: sub rsp,0x8 | 0x7ffff7bca72d <write+29>: call 0x7ffff7bca3b0 <__pthread_enable_asynccancel> | 0x7ffff7bca732 <write+34>: mov QWORD PTR [rsp],rax |-> 0x7ffff7bca759 <write+73>: mov rcx,QWORD PTR [rip+0x209848] # 0x7ffff7dd3fa8 0x7ffff7bca760 <write+80>: neg eax 0x7ffff7bca762 <write+82>: mov DWORD PTR fs:[rcx],eax 0x7ffff7bca765 <write+85>: or rax,0xffffffffffffffff JUMP is taken [------------------------------------stack-------------------------------------] 0000| 0x7fffffffc348 --> 0x7ffff333c54e (add rsp,0x4e8) 0008| 0x7fffffffc350 --> 0x7ffff43cebc4 --> 0x4c41460045555254 ('TRUE') 0016| 0x7fffffffc358 --> 0x7fff00000018 0024| 0x7fffffffc360 --> 0x1 0032| 0x7fffffffc368 --> 0x7ffff6c050a8 --> 0x0 0040| 0x7fffffffc370 --> 0x2008 0048| 0x7fffffffc378 --> 0x7fffffffc3c0 --> 0x100000000 0056| 0x7fffffffc380 --> 0x7fffe929e640 [------------------------------------------------------------------------------] 0x00007ffff7bca726 in __write_nocancel () from /lib64/libpthread.so.0
Any idea what you were doing at the time? What page you were visiting (the one from which you opened the new window)?
Flags: needinfo?(info)
Unfortunately we don't know where to start with this one. If you are able to gather more information in the future please reopen the bug or mail security@mozilla.org and have us do it. Thanks.
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → INCOMPLETE
Flags: needinfo?(info)
Group: core-security
Resolution: INCOMPLETE → DUPLICATE
You need to log in before you can comment on or make changes to this bug.