+++ This bug was initially created as a clone of Bug #776940 +++ This is the crash that was taking down the master process. See the STR in that bug, they're 100% reliable for me. Program received signal SIGSEGV, Segmentation fault. 0x415e2050 in mozilla::dom::TabChild::BrowserFrameProvideWindow (this=0xdf1268, aOpener=0xff58a8, aURI=0x0, aName=..., aFeatures=..., aWindowIsNew=0xbebd1327, aReturn=0xbebd12d4) at /home/cjones/mozilla/inbound/dom/ipc/TabChild.cpp:388 (gdb) p aURI $1 = (nsIURI *) 0x0 (gdb) bt #0 0x415e2050 in mozilla::dom::TabChild::BrowserFrameProvideWindow (this=0xdf1268, aOpener=0xff58a8, aURI=0x0, aName=..., aFeatures=..., aWindowIsNew=0xbebd1327, aReturn=0xbebd12d4) at /home/cjones/mozilla/inbound/dom/ipc/TabChild.cpp:388 #1 0x415e1f4c in mozilla::dom::TabChild::ProvideWindow (this=0xdf1268, aParent=0xff58a8, aChromeFlags=4094, aCalledFromJS=false, aPositionSpecified=false, aSizeSpecified=false, aURI=0x0, aName=..., aFeatures=..., aWindowIsNew=0xbebd1327, aReturn=0xbebd12d4) at /home/cjones/mozilla/inbound/dom/ipc/TabChild.cpp:357 #2 0x4127feb0 in nsWindowWatcher::OpenWindowJSInternal (this=0xfcbf18, aParent=0xff58a8, aUrl=0x0, aName=0xbebd153c "_blank", aFeatures=0x0, aDialog=false, argv=0x0, aCalledFromJS=false, _retval=0xbebd15ec) at /home/cjones/mozilla/inbound/embedding/components/windowwatcher/src/nsWindowWatcher.cpp:595 #3 0x4127f546 in nsWindowWatcher::OpenWindow (this=0xfcbf18, aParent=0xff58a8, aUrl=0x0, aName=0xbebd153c "_blank", aFeatures=0x0, aArguments=0x0, _retval=0xbebd15ec) at /home/cjones/mozilla/inbound/embedding/components/windowwatcher/src/nsWindowWatcher.cpp:381 #4 0x40c7566a in nsGlobalWindow::OpenInternal (this=0xff58a8, aUrl=..., aName=..., aOptions=..., aDialog=false, aContentModal=false, aCalledNoScript=true, aDoJSFixups=false, argv=0x0, aExtraArgument=0x0, aCalleePrincipal=0x110e548, aJSCallerContext=0x0, aReturn=0xbebd18b4) at /home/cjones/mozilla/inbound/dom/base/nsGlobalWindow.cpp:9237 #5 0x40c6a23a in nsGlobalWindow::Open (this=0xff58a8, aUrl=..., aName=..., aOptions=..., _retval=0xbebd18b4) at /home/cjones/mozilla/inbound/dom/base/nsGlobalWindow.cpp:5872 #6 0x41238674 in nsDocShell::InternalLoad (this=0xff4688, aURI=0x1ab8f68, aReferrer=0x1198f20, aOwner=0x110e548, aFlags=0, aWindowTarget=0xbebd1ad4, aTypeHint=0xbebd1c84 "", aPostData=0x0, aHeadersData=0x0, aLoadType=2097153, aSHEntry=0x0, aFirstParty=true, aDocShell=0x0, aRequest=0x0) at /home/cjones/mozilla/inbound/docshell/base/nsDocShell.cpp:8319 #7 0x41243ad6 in nsDocShell::OnLinkClickSync (this=0xff4688, aContent=0x1101610, aURI=0x1ad3660, aTargetSpec=0x16e2548, aPostDataStream=0x0, aHeadersDataStream=0x0, aDocShell=0x0, aRequest=0x0) at /home/cjones/mozilla/inbound/docshell/base/nsDocShell.cpp:11778 #8 0x41243266 in OnLinkClickEvent::Run (this=0x1ad3720) at /home/cjones/mozilla/inbound/docshell/base/nsDocShell.cpp:11582 #9 0x4180e31e in nsThread::ProcessNextEvent (this=0xdee1a8, mayWait=false, result=0xbebd1dcf) at /home/cjones/mozilla/inbound/xpcom/threads/nsThread.cpp:624 Null pointer seems to be coming from #4 0x40c7566a in nsGlobalWindow::OpenInternal (this=0xff58a8, aUrl=..., aName=..., aOptions=..., aDialog=false, aContentModal=false, aCalledNoScript=true, aDoJSFixups=false, argv=0x0, aExtraArgument=0x0, aCalleePrincipal=0x110e548, aJSCallerContext=0x0, aReturn=0xbebd18b4) at /home/cjones/mozilla/inbound/dom/base/nsGlobalWindow.cpp:9237 rv = wwatch->OpenWindow(this, url.get(), name_ptr, options_ptr, aExtraArgument, getter_AddRefs(domReturn)); (gdb) p url $5 = warning: can't find linker symbol for virtual table for `nsXPIDLCString' value warning: found `EmptyString()::sEmpty' instead warning: can't find linker symbol for virtual table for `nsXPIDLCString' value warning: found `EmptyString()::sEmpty' instead { <nsCString> = { <nsACString_internal> = { mData = 0x42dee8b8 "", mLength = 0, mFlags = 3 }, <No data fields>}, <No data fields>}

I've been trying unsuccessfully to land bug 769254 for almost two weeks now. I'm currently blocked on bug 776801. We may just disable the test, although that's not too appealing to me.