Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Description of problem: New FF 60ESR segfault at start Version-Release number of selected component (if applicable): firefox-60.0-4.el7_5 How reproducible: 100% Steps to Reproduce: 1. start firefox 2. 3. Actual results: segfault Expected results: Additional info: Starting program: /usr/lib64/firefox/firefox [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Detaching after fork from child process 4213. Program received signal SIGSEGV, Segmentation fault. SetColor (aColor=Red, this=<synthetic pointer>) at /usr/src/debug/firefox-60.0/memory/build/rb.h:203 203 MOZ_RELEASE_ASSERT(mNode); Thread 1 (Thread 0x3fffb7ff5760 (LWP 4210)): #0 SetColor (aColor=Red, this=<synthetic pointer>) at /usr/src/debug/firefox-60.0/memory/build/rb.h:203 No locals. #1 RedBlackTree<arena_chunk_map_t, ArenaAvailTreeTrait>::MoveRedRight ( this=<optimized out>, aNode=...) at /usr/src/debug/firefox-60.0/memory/build/rb.h:668 node = {mNode = 0x0} rbp_mrr_t = <optimized out> #2 0x000000010001182c in RedBlackTree<arena_chunk_map_t, ArenaAvailTreeTrait>::Remove (this=0x3fffb7800080, aNode=...) at /usr/src/debug/firefox-60.0/memory/build/rb.h:562 rbp_r_s = {u = { mBytes = "\000\000?\377\264p\001\270", '\000' <repeats 15 times>, mDummy = 70367476449720}} rbp_r_p = {mNode = 0x3fffb47001b8} rbp_r_c = {mNode = 0x3fffb4800110} rbp_r_xp = {mNode = 0x0} rbp_r_t = {mNode = 0x0} rbp_r_u = <optimized out> rbp_r_cmp = <optimized out> #3 0x0000000100013180 in Remove (aNode=0x3fffb4800038, this=0x3fffb7800080) at /usr/src/debug/firefox-60.0/memory/build/rb.h:144 No locals. #4 arena_t::SplitRun (this=this@entry=0x3fffb7800000, aRun=aRun@entry=0x3fffb4810000, aSize=aSize@entry=524288, aLarge=aLarge@entry=false, aZero=<optimized out>) at /usr/src/debug/firefox-60.0/memory/build/mozjemalloc.cpp:2368 old_ndirty = 0 run_ind = 1 total_pages = 1073722497 need_pages = 8 rem_pages = 1073722489 i = <optimized out> #5 0x0000000100013458 in arena_t::AllocRun (this=0x3fffb7800000, aSize=524288, aLarge=aLarge@entry=false, aZero=aZero@entry=false) at /usr/src/debug/firefox-60.0/memory/build/mozjemalloc.cpp:2546 run = 0x3fffb4810000 key = {link = {mLeft = <optimized out>, mRightAndColor = <optimized out>}, bits = 524304} #6 0x0000000100015770 in arena_t::GetNonFullBinRun (this=<optimized out>, aBin=0x3fffb7800868) at /usr/src/debug/firefox-60.0/memory/build/mozjemalloc.cpp:2796 run = <optimized out> i = <optimized out> remainder = <optimized out> aBin = 0x3fffb7800868 #7 0x000000010001780c in MallocSmall (aZero=true, aSize=<optimized out>, this=0x3fffb7800000) at /usr/src/debug/firefox-60.0/memory/build/mozjemalloc.cpp:2942 bin = 0x3fffb7800868 run = <optimized out> sizeClass = {mType = SizeClass::SubPage, mSize = 8192} #8 Malloc (aZero=true, aSize=<optimized out>, this=0x3fffb7800000) at /usr/src/debug/firefox-60.0/memory/build/mozjemalloc.cpp:2999 No locals. #9 calloc (aSize=<optimized out>, aNum=<optimized out>, this=<synthetic pointer>) at /usr/src/debug/firefox-60.0/memory/build/mozjemalloc.cpp:4178 arena = 0x3fffb7800000 checkedSize = {mValue = <optimized out>, mIsValid = false} ret = 0x1248 #10 calloc (arg2=<optimized out>, arg1=<optimized out>) at /usr/src/debug/firefox-60.0/memory/build/malloc_decls.h:38 No locals. #11 calloc (arg1=<optimized out>, arg2=<optimized out>) at /usr/src/debug/firefox-60.0/memory/build/malloc_decls.h:38 No locals. #12 0x00003fffb6936e48 in XOpenDisplay (display=0x3fffffffffda ":1") at OpenDis.c:115 dpy = <optimized out> i = <optimized out> j = <optimized out> k = <optimized out> display_name = 0x3fffffffffda ":1" setup = 0x0 iscreen = 1 prefix = <optimized out> vendorlen = <optimized out> u = <optimized out> setuplength = <optimized out> usedbytes = 0 mask = <optimized out> conn_buf_size = <optimized out> xlib_buffer_size = <optimized out> #13 0x00003fffb6b2bc30 in _gdk_x11_display_open (display_name=<optimized out>) at gdkdisplay-x11.c:1562 xdisplay = <optimized out> display = <optimized out> display_x11 = <optimized out> attr = {title = 0x3fffb7744000 "", event_mask = 16383, x = -12000, y = 16383, width = -38, height = 16383, wclass = (unknown: 3065402796), visual = 0x3fffb5f97d00, window_type = 16383, cursor = 0x3fffb6bf7900, wmclass_name = 0x3fffffffd120 "", wmclass_class = 0x0, override_redirect = 16383, type_hint = 3051801976} argc = <optimized out> argv = {0x3fffffffd560 ""} class_hint = <optimized out> pid = 70368744165664 ignore = 0 maj = 1 min = 16383 __FUNCTION__ = "_gdk_x11_display_open" #14 0x00003fffb6ae9698 in gdk_display_manager_open_display ( manager=<optimized out>, name=0x3fffffffffda ":1") at gdkdisplaymanager.c:472 backend = 0x3fffb48104f0 "*" any = 1 backend_list = <optimized out> display = 0x0 backends = 0x3fffb7770940 i = <optimized out> allow_any = <optimized out> __FUNCTION__ = "gdk_display_manager_open_display" #15 0x00003fffb6ae6a34 in gdk_display_open (display_name=0x3fffffffffda ":1") at gdkdisplay.c:1966 No locals. #16 0x00003fffb21e6a58 in XREMain::XRE_mainStartup ( this=this@entry=0x3fffffffd638, aExitFlag=aExitFlag@entry=0x3fffffffd560) at /usr/src/debug/firefox-60.0/toolkit/xre/nsAppRunner.cpp:4076 display_name = <optimized out> saveDisplayArg = false rv = <optimized out> desktopStartupIDEnv = <optimized out> useXI2 = <optimized out> newInstance = <optimized out> canRun = false version = {<nsTString<char>> = {<nsTSubstring<char>> = {<mozilla::detail::nsTStringRepr<char>> = {mData = 0x3fffb54a0628 "", mLength = 16383, mDataFlags = (mozilla::detail::TERMINATED | mozilla::detail::VOIDED | mozilla::detail::SHARED | mozilla::detail::OWNED | mozilla::detail::LITERAL | unknown: 45824), mClassFlags = (unknown: 24832)}, static kMaxCapacity = 2147483637}, <No data fields>}, static kStorageSize = 64, mInlineCapacity = 8, mStorage = "\000!\000\002\000\000?\377\377\377\324 \000\273[\340Vǣ\033\000\000?\377\263\062Q\240\000\000\000\001\000!\000\002\000\000?\377\377\377\326\070\000\000?\377\263\266?\000\000\000?\377\265J\006@\000\000?\377"} osABI = {<mozilla::detail::nsTStringRepr<char>> = { mData = 0x100057f00 "", mLength = 16383, mDataFlags = (mozilla::detail::TERMINATED | mozilla::detail::VOIDED | mozilla::detail::SHARED | mozilla::detail::OWNED | mozilla::detail::INLINE | mozilla::detail::LITERAL | unknown: 65472), mClassFlags = (unknown: 54256)}, <No data fields>} flagFile = {<nsCOMPtr_base> = { mRawPtr = 0xbb5be056c7a31b}, <No data fields>} cachesOK = <optimized out> startupCacheValid = <optimized out> #17 0x00003fffb21eb328 in XRE_mainStartup (aExitFlag=0x3fffffffd560, this=0x3fffffffd638) at /usr/src/debug/firefox-60.0/toolkit/xre/nsAppRunner.cpp:4941 No locals. #18 XREMain::XRE_main (this=this@entry=0x3fffffffd638, argc=argc@entry=1, argv=argv@entry=0x3fffffffee28, aConfig=...) at /usr/src/debug/firefox-60.0/toolkit/xre/nsAppRunner.cpp:4955 rv = <optimized out> binFile = {<nsCOMPtr_base> = { mRawPtr = 0x3fffb54a04c0}, <No data fields>} exit = false result = <optimized out> appInitiatedRestart = <optimized out> #19 0x00003fffb21ebd00 in XRE_main (argc=<optimized out>, argv=0x3fffffffee28, aConfig=...) at /usr/src/debug/firefox-60.0/toolkit/xre/nsAppRunner.cpp:5062 main = {mNativeApp = {<nsCOMPtr_base> = { mRawPtr = 0x0}, <No data fields>}, mProfileSvc = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}, mProfD = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}, mProfLD = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}, mProfileLock = {<nsCOMPtr_base> = { mRawPtr = 0x0}, <No data fields>}, mRemoteService = {<nsCOMPtr_base> = { mRawPtr = 0x0}, <No data fields>}, mRemoteLock = {<PRCListStr> = {next = 0x3fffffffd668, prev = 0x3fffffffd668}, mHaveLock = false, mReplacedLockTime = 0, mLockFile = {<nsCOMPtr_base> = { mRawPtr = 0x0}, <No data fields>}, static mPidLockList = { next = 0x3fffb4694138 <nsProfileLock::mPidLockList>, prev = 0x3fffb4694138 <nsProfileLock::mPidLockList>}, mPidLockFileName = 0x0, mLockFileDesc = -1}, mRemoteLockDir = {<nsCOMPtr_base> = { mRawPtr = 0x0}, <No data fields>}, mScopedXPCOM = { mTuple = {<mozilla::detail::PairHelper<ScopedXPCOMStartup*, mozilla::DefaultDelete<ScopedXPCOMStartup>, (mozilla::detail::StorageType)1, (mozilla::detail::StorageType)0>> = {<mozilla::DefaultDelete<ScopedXPCOMStartup>> = {<No data fields>}, mFirstA = 0x0}, <No data fields>}}, mAppData = { mTuple = {<mozilla::detail::PairHelper<mozilla::XREAppData*, mozilla::DefaultDelete<mozilla::XREAppData>, (mozilla::detail::StorageType)1, (mozilla::detail::StorageType)0>> = {<mozilla::DefaultDelete<mozilla::XREAppData>> = {<No data fields>}, mFirstA = 0x3fffb5490500}, <No data fields>}}, mDirProvider = {<nsIDirectoryServiceProvider2> = {<nsIDirectoryServiceProvider> = {<nsISupports> = { _vptr.nsISupports = 0x3fffb36fbdf8 <vtable for nsXREDirProvider+16>}, <No data fields>}, <No data fields>}, <nsIProfileStartup> = {<nsISupports> = { _vptr.nsISupports = 0x3fffb36fbe40 <vtable for nsXREDirProvider+88>}, <No data fields>}, mAppProvider = {<nsCOMPtr_base> = { mRawPtr = 0x0}, <No data fields>}, mGREDir = {<nsCOMPtr_base> = { mRawPtr = 0x3fffb54a0640}, <No data fields>}, mGREBinDir = {<nsCOMPtr_base> = { mRawPtr = 0x3fffb54a0700}, <No data fields>}, mXULAppDir = {<nsCOMPtr_base> = { mRawPtr = 0x3fffb54a0580}, <No data fields>}, mProfileDir = {<nsCOMPtr_base> = { mRawPtr = 0x0}, <No data fields>}, mProfileLocalDir = {<nsCOMPtr_base> = { mRawPtr = 0x0}, <No data fields>}, mProfileNotified = false, mPrefsInitialized = false, mAppBundleDirectories = {<nsCOMArray_base> = { mArray = {<nsTArray_Impl<nsISupports*, nsTArrayInfallibleAllocator>> = {<nsTArray_base<nsTArrayInfallibleAllocator, nsTArray_CopyWithMemutils>> = { mHdr = 0x3fffb46a1f08 <nsTArrayHeader::sEmptyHdr>}, <nsTArray_TypedBase<nsISupports*, nsTArray_Impl<nsISupports*, nsTArrayInfallibleAllocator> >> = {<nsTArray_SafeElementAtHelper<nsISupports*, nsTArray_Impl<nsISupports*, nsTArrayInfallibleAllocator> >> = {<No data fields>}, <No data fields>}, static NoIndex = <optimized out>}, <No data fields>}}, <No data fields>}}, mProfileName = {<nsTString<char>> = {<nsTSubstring<char>> = {<mozilla::detail::nsTStringRepr<char>> = {mData = 0x3fffffffd71c "", mLength = 0, mDataFlags = (mozilla::detail::TERMINATED | mozilla::detail::INLINE), mClassFlags = (mozilla::detail::INLINE | mozilla::detail::NULL_TERMINATED)}, static kMaxCapacity = 2147483637}, <No data fields>}, static kStorageSize = 64, mInlineCapacity = 63, mStorage = '\000' <repeats 62 times>, "?\377"}, mDesktopStartupID = {<nsTString<char>> = {<nsTSubstring<char>> = {<mozilla::detail::nsTStringRepr<char>> = {mData = 0x3fffffffd774 "", mLength = 0, mDataFlags = (mozilla::detail::TERMINATED | mozilla::detail::INLINE), mClassFlags = (mozilla::detail::INLINE | mozilla::detail::NULL_TERMINATED)}, static kMaxCapacity = 2147483637}, <No data fields>}, static kStorageSize = 64, mInlineCapacity = 63, mStorage = "\000\377\327\360", '\000' <repeats 11 times>, "\001\000\001a\350", '\000' <repeats 16 times>, "libxul.so\000\000o\000\000so", '\000' <repeats 11 times>}, mStartOffline = false, mShuttingDown = false, mDisableRemote = false, mGdkDisplay = 0x0} result = <optimized out> #20 0x00003fffb21edb6c in mozilla::BootstrapImpl::XRE_main ( this=<optimized out>, argc=<optimized out>, argv=<optimized out>, aConfig=...) at /usr/src/debug/firefox-60.0/toolkit/xre/Bootstrap.cpp:49 No locals. #21 0x000000010000a6c8 in do_main (argc=<optimized out>, argc@entry=1, argv=argv@entry=0x3fffffffee28, envp=envp@entry=0x3fffffffee38) at /usr/src/debug/firefox-60.0/browser/app/nsBrowserApp.cpp:231 appDataFile = 0x0 config = {appData = 0x10004dcc0 <sAppData>, appDataPath = 0x100039800 "browser"} #22 0x0000000100009d40 in main (argc=<optimized out>, argv=0x3fffffffee28, envp=0x3fffffffee38) at /usr/src/debug/firefox-60.0/browser/app/nsBrowserApp.cpp:304 start = <optimized out> rv = <optimized out> result = <optimized out> $1 = void A debugging session is active. Inferior 1 [process 4210] will be killed. Quit anyway? (y or n)