Summary: | www-client/firefox(-bin)-(15|16).0.1 segfaults a lot in different situations | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Jakub Caban <kuba.iluvatar> |
Component: | Current packages | Assignee: | Mozilla Gentoo Team <mozilla> |
Status: | RESOLVED TEST-REQUEST | ||
Severity: | normal | CC: | gentoo |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
version symbols in spidermonkey
version js symbols in firefox emerge_info.txt |
Description
Jakub Caban
2012-10-22 13:54:00 UTC
http://www.gentoo.org/proj/en/qa/backtraces.xml please see url for how to get a meaningful bt, without the symbols noone can assist you. Thank you for directing me. I've compiled firefox with -ggdb. Backtrace from 100% repetitive segfault when using Firebug (run by just pressing "DOM" tab in element inspector anytime): Program received signal SIGSEGV, Segmentation fault. 0x00007fffe9a7f280 in ?? () (gdb) bt #0 0x00007fffe9a7f280 in ?? () #1 0x00007ffff5b08d88 in js::LooselyEqual (cx=cx@entry=0x7fffe2466400, lval=..., rval=..., result=result@entry=0x7fffffff8b10) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:573 #2 0x00007ffff5b0f70c in js::Interpret (cx=0x7fffe2466400, entryFrame=0x7fffe93ffa88, interpMode=js::JSINTERP_NORMAL) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:1932 #3 0x00007ffff5cecf1c in UncachedInlineCall (f=..., initial=<optimized out>, pret=0x7fffffff9328, unjittable=0x7fffffff9330, argc=argc@entry=3) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/methodjit/InvokeHelpers.cpp:327 #4 0x00007ffff5cef594 in js::mjit::stubs::UncachedCallHelper (f=..., argc=3, lowered=<optimized out>, ucr=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/methodjit/InvokeHelpers.cpp:410 #5 0x00007ffff5cef8be in js::mjit::stubs::UncachedCall (f=..., argc=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/methodjit/InvokeHelpers.cpp:367 #6 0x00007fffeae0a520 in ?? () #7 0x00007fffeae0a000 in ?? () #8 0x000000000000010f in ?? () #9 0x0000000000000000 in ?? () I will try to collect more backtraces from different situations soon. If more debug information (from different packages) are needed just let me know what to rebuild with -ggdb. This one is 100% repetitive on trying to select element within IFRAME with Firebug: Program received signal SIGSEGV, Segmentation fault. 0x00007fffe997f280 in ?? () (gdb) bt #0 0x00007fffe997f280 in ?? () #1 0x00007ffff5d3ec11 in StubEqualityOp<true> (f=...) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/methodjit/StubCalls.cpp:508 #2 js::mjit::stubs::Equal (f=...) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/methodjit/StubCalls.cpp:561 #3 0x00007fffec753348 in ?? () #4 0x00007fffec750248 in ?? () #5 0x0000000000000115 in ?? () #6 0x00007fffffffa810 in ?? () #7 0x0000000000000000 in ?? () I put there Firebug related ones as they are easily reproducable. Others occurs at random and I will surely put when any happens. Both also happens on clean profile with only Firebug installed. Completely random crash on opening website with no Firebux even open: Program received signal SIGPIPE, Broken pipe. [Switching to Thread 0x7fffec4ff700 (LWP 6987)] 0x00007ffff7bce0e7 in send () from /lib64/libpthread.so.0 (gdb) bt #0 0x00007ffff7bce0e7 in send () from /lib64/libpthread.so.0 #1 0x0000003e11e2772b in pt_Send () from /usr/lib64/libnspr4.so #2 0x00007ffff4687c6c in ssl_DefSend () from /usr/lib64/libssl3.so #3 0x00007ffff467a3d8 in ssl3_SendRecord () from /usr/lib64/libssl3.so #4 0x00007ffff467a946 in SSL3_SendAlert () from /usr/lib64/libssl3.so #5 0x00007ffff468cda6 in ssl_SecureClose () from /usr/lib64/libssl3.so #6 0x00007ffff56f2c2b in nsNSSSocketInfo::CloseSocketAndDestroy (this=0x7fffbd17a380) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/security/manager/ssl/src/nsNSSIOLayer.cpp:678 #7 0x00007ffff56f2c80 in nsSSLIOLayerClose (fd=0x7fffb1dfb8b0) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/security/manager/ssl/src/nsNSSIOLayer.cpp:668 #8 0x00007ffff4f52762 in ReleaseFD_Locked (this=0x7fffa9561b80, fd=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/netwerk/base/src/nsSocketTransport2.cpp:1405 #9 nsSocketTransport::ReleaseFD_Locked (this=0x7fffa9561b80, fd=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/netwerk/base/src/nsSocketTransport2.cpp:1399 #10 0x00007ffff4f545b4 in nsSocketTransport::OnSocketDetached (this=0x7fffa9561b80, fd=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/netwerk/base/src/nsSocketTransport2.cpp:1648 #11 0x00007ffff4f54c33 in nsSocketTransportService::DetachSocket (this=this@entry=0x7fffee5b3980, listHead=0x7fffc29c7000, sock=0x7fffc29c7078) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/netwerk/base/src/nsSocketTransportService2.cpp:181 #12 0x00007ffff4f554a6 in nsSocketTransportService::DoPollIteration (this=this@entry=0x7fffee5b3980, wait=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/netwerk/base/src/nsSocketTransportService2.cpp:754 #13 0x00007ffff4f55610 in nsSocketTransportService::Run (this=0x7fffee5b3980) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/netwerk/base/src/nsSocketTransportService2.cpp:614 #14 0x00007ffff59231e3 in nsThread::ProcessNextEvent (this=0x7ffff6c28a60, mayWait=<optimized out>, result=0x7fffec4feebf) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/xpcom/threads/nsThread.cpp:624 #15 0x00007ffff58f9fd7 in NS_ProcessNextEvent_P (thread=<optimized out>, mayWait=true) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/obj-x86_64-unknown-linux-gnu/xpcom/build/nsThreadUtils.cpp:217 #16 0x00007ffff59239b6 in nsThread::ThreadFunc (arg=0x7ffff6c28a60) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/xpcom/threads/nsThread.cpp:257 #17 0x0000003e11e2a713 in _pt_root () from /usr/lib64/libnspr4.so #18 0x00007ffff7bc6f4a in start_thread () from /lib64/libpthread.so.0 #19 0x00007ffff7104e6d in clone () from /lib64/libc.so.6 Unless you test with a completely clean profile no addon at all, we will be unable to assist you, even if firebug is installed and disabled it can still cause a segfault within the browser through js engine. I am doing my best collecting data, but I mainly use many add-ons for work, so it's not easy task getting bt from crash on clean profile. Anyway this one is particularly interesting, as it occurs on closing Firefox (completely clean profile - wiped .mozilla): Program received signal SIGSEGV, Segmentation fault. 0x00007fffe9a7f280 in ?? () (gdb) bt #0 0x00007fffe9a7f280 in ?? () #1 0x00007ffff5b08d88 in js::LooselyEqual (cx=cx@entry=0x7fffeadbff80, lval=..., rval=..., result=result@entry=0x7fffffff8560) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:573 #2 0x00007ffff5b0f70c in js::Interpret (cx=cx@entry=0x7fffeadbff80, entryFrame=entryFrame@entry=0x7fffe93ff3e0, interpMode=interpMode@entry=js::JSINTERP_NORMAL) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:1932 #3 0x00007ffff5b181ed in js::RunScript (cx=cx@entry=0x7fffeadbff80, script=<optimized out>, fp=0x7fffe93ff3e0) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:301 #4 0x00007ffff5b18aed in js::InvokeKernel (cx=0x7fffeadbff80, args=..., construct=js::NO_CONSTRUCT) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:355 #5 0x00007ffff5aace96 in Invoke (args=..., cx=0x7fffeadbff80, construct=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.h:119 #6 array_filter (cx=0x7fffeadbff80, argc=<optimized out>, vp=0x7fffe93ff388) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsarray.cpp:3405 #7 0x00007ffff5b18a2c in CallJSNative (args=..., native=<optimized out>, cx=0x7fffeadbff80) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jscntxtinlines.h:382 #8 js::InvokeKernel (cx=cx@entry=0x7fffeadbff80, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:344 #9 0x00007ffff5b0a1bd in js::Interpret (cx=cx@entry=0x7fffeadbff80, entryFrame=entryFrame@entry=0x7fffe93ff310, interpMode=interpMode@entry=js::JSINTERP_NORMAL) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:2442 #10 0x00007ffff5b181ed in js::RunScript (cx=cx@entry=0x7fffeadbff80, script=<optimized out>, fp=0x7fffe93ff310) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:301 #11 0x00007ffff5b18aed in js::InvokeKernel (cx=cx@entry=0x7fffeadbff80, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:355 #12 0x00007ffff5b19047 in Invoke (construct=js::NO_CONSTRUCT, args=..., cx=0x7fffeadbff80) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.h:119 #13 js::Invoke (cx=0x7fffeadbff80, thisv=..., fval=..., argc=2, argv=<optimized out>, rval=0x7fffffff9938) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:387 #14 0x00007ffff5b5759e in js::IndirectProxyHandler::call (this=<optimized out>, cx=0x7fffeadbff80, proxy=0x7fffcf885160, argc=2, vp=0x7fffe93ff258) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsproxy.cpp:442 #15 0x00007ffff5bc0905 in call (vp=0x7fffe93ff258, argc=2, wrapper=0x7fffcf885160, cx=0x7fffeadbff80, this=0x7ffff69e4d40 <js::CrossCompartmentWrapper::singleton>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jswrapper.cpp:383 #16 js::DirectWrapper::call (this=0x7ffff69e4d40 <js::CrossCompartmentWrapper::singleton>, cx=0x7fffeadbff80, wrapper=0x7fffcf885160, argc=2, vp=0x7fffe93ff258) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jswrapper.cpp:379 #17 0x00007ffff5bc2077 in js::CrossCompartmentWrapper::call (this=0x7ffff69e4d40 <js::CrossCompartmentWrapper::singleton>, cx=0x7fffeadbff80, wrapper_=0x7fffcf885160, argc=2, vp=0x7fffe93ff258) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jswrapper.cpp:777 ---Type <return> to continue, or q <return> to quit--- #18 0x00007ffff5b5946e in call (vp=<optimized out>, argc=<optimized out>, proxy=<optimized out>, cx=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsproxy.cpp:1143 #19 proxy_Call (cx=<optimized out>, argc=<optimized out>, vp=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsproxy.cpp:1666 #20 0x00007ffff5b18b57 in CallJSNative (args=..., native=<optimized out>, cx=0x7fffeadbff80) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jscntxtinlines.h:382 #21 js::InvokeKernel (cx=cx@entry=0x7fffeadbff80, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:337 #22 0x00007ffff5b0a1bd in js::Interpret (cx=cx@entry=0x7fffeadbff80, entryFrame=entryFrame@entry=0x7fffe93ff1e8, interpMode=interpMode@entry=js::JSINTERP_NORMAL) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:2442 #23 0x00007ffff5b181ed in js::RunScript (cx=cx@entry=0x7fffeadbff80, script=<optimized out>, fp=0x7fffe93ff1e8) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:301 #24 0x00007ffff5b18aed in js::InvokeKernel (cx=cx@entry=0x7fffeadbff80, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:355 #25 0x00007ffff5b19047 in Invoke (construct=js::NO_CONSTRUCT, args=..., cx=0x7fffeadbff80) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.h:119 #26 js::Invoke (cx=0x7fffeadbff80, thisv=..., fval=..., argc=2, argv=<optimized out>, rval=0x7fffffffa518) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:387 #27 0x00007ffff5b5759e in js::IndirectProxyHandler::call (this=<optimized out>, cx=0x7fffeadbff80, proxy=0x7fffcf854220, argc=2, vp=0x7fffe93ff128) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsproxy.cpp:442 #28 0x00007ffff5bc0905 in call (vp=0x7fffe93ff128, argc=2, wrapper=0x7fffcf854220, cx=0x7fffeadbff80, this=0x7ffff69e4d40 <js::CrossCompartmentWrapper::singleton>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jswrapper.cpp:383 #29 js::DirectWrapper::call (this=0x7ffff69e4d40 <js::CrossCompartmentWrapper::singleton>, cx=0x7fffeadbff80, wrapper=0x7fffcf854220, argc=2, vp=0x7fffe93ff128) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jswrapper.cpp:379 #30 0x00007ffff5bc2077 in js::CrossCompartmentWrapper::call (this=0x7ffff69e4d40 <js::CrossCompartmentWrapper::singleton>, cx=0x7fffeadbff80, wrapper_=0x7fffcf854220, argc=2, vp=0x7fffe93ff128) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jswrapper.cpp:777 #31 0x00007ffff5b5946e in call (vp=<optimized out>, argc=<optimized out>, proxy=<optimized out>, cx=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsproxy.cpp:1143 #32 proxy_Call (cx=<optimized out>, argc=<optimized out>, vp=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsproxy.cpp:1666 #33 0x00007ffff5b18b57 in CallJSNative (args=..., native=<optimized out>, cx=0x7fffeadbff80) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jscntxtinlines.h:382 #34 js::InvokeKernel (cx=cx@entry=0x7fffeadbff80, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:337 #35 0x00007ffff5b0a1bd in js::Interpret (cx=cx@entry=0x7fffeadbff80, entryFrame=entryFrame@entry=0x7fffe93ff0b8, ---Type <return> to continue, or q <return> to quit--- interpMode=interpMode@entry=js::JSINTERP_NORMAL) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:2442 #36 0x00007ffff5b181ed in js::RunScript (cx=cx@entry=0x7fffeadbff80, script=<optimized out>, fp=0x7fffe93ff0b8) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:301 #37 0x00007ffff5b18aed in js::InvokeKernel (cx=cx@entry=0x7fffeadbff80, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:355 #38 0x00007ffff5b19047 in Invoke (construct=js::NO_CONSTRUCT, args=..., cx=0x7fffeadbff80) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.h:119 #39 js::Invoke (cx=0x7fffeadbff80, thisv=..., fval=..., argc=3, argv=<optimized out>, rval=0x7fffffffb1e0) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsinterp.cpp:387 #40 0x00007ffff5a99b34 in JS_CallFunctionValue (cx=0x7fffeadbff80, obj=<optimized out>, fval=..., argc=<optimized out>, argv=<optimized out>, rval=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/src/jsapi.cpp:5604 #41 0x00007ffff55d14ca in nsXPCWrappedJSClass::CallMethod (this=0x7fffe864f180, wrapper=<optimized out>, methodIndex=3, info=0x7fffec56a100, nativeParams=0x7fffffffb690) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/xpconnect/src/XPCWrappedJSClass.cpp:1436 #42 0x00007ffff55ccdcf in nsXPCWrappedJS::CallMethod (this=0x7fffd0b95c80, methodIndex=3, info=0x7fffec56a100, params=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/js/xpconnect/src/XPCWrappedJS.cpp:580 #43 0x00007ffff59317df in PrepareAndDispatch (self=0x7fffcfbf2120, methodIndex=<optimized out>, args=<optimized out>, gpregs=0x7fffffffb750, fpregs=0x7fffffffb780) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/xpcom/reflect/xptcall/src/md/unix/xptcstubs_x86_64_linux.cpp:121 #44 0x00007ffff5930cdb in SharedStub () from /usr/lib64/firefox/libxul.so #45 0x00007ffff5907530 in nsObserverList::NotifyObservers (this=<optimized out>, aSubject=0x7ffff6c77e08, aTopic=0x7ffff5d6efb3 "xpcom-shutdown", someData=0x0) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/xpcom/ds/nsObserverList.cpp:99 #46 0x00007ffff59078b4 in NotifyObservers (someData=0x0, aTopic=0x7ffff5d6efb3 "xpcom-shutdown", aSubject=0x7ffff6c77e08, this=0x7fffee5e9e00) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/xpcom/ds/nsObserverService.cpp:149 #47 nsObserverService::NotifyObservers (this=0x7fffee5e9e00, aSubject=0x7ffff6c77e08, aTopic=0x7ffff5d6efb3 "xpcom-shutdown", someData=0x0) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/xpcom/ds/nsObserverService.cpp:138 #48 0x00007ffff58fd7ce in mozilla::ShutdownXPCOM (servMgr=0x7ffff6c77e08) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/xpcom/build/nsXPComInit.cpp:581 #49 0x00007ffff4f2a6cf in ScopedXPCOMStartup::~ScopedXPCOMStartup (this=0x7ffff6c7e330, __in_chrg=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:1105 #50 0x00007ffff4f2e214 in XREMain::XRE_main (this=this@entry=0x7fffffffb908, argc=argc@entry=1, argv=argv@entry=0x7fffffffdc58, aAppData=aAppData@entry=0x6247e0 <sAppData>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:3893 #51 0x00007ffff4f2e3f1 in XRE_main (argc=1, argv=0x7fffffffdc58, aAppData=0x6247e0 <sAppData>, aFlags=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:3947 #52 0x0000000000402e12 in do_main (argv=0x7fffffffdc58, argc=1) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/browser/app/nsBrowserApp.cpp:160 ---Type <return> to continue, or q <return> to quit--- #53 main (argc=<optimized out>, argv=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.1/work/mozilla-release/browser/app/nsBrowserApp.cpp:265 After a lot of debugging, I've found the reason for my crash. Short story: oxygen-gtk loads libmozjs185.so from seamonkey package during initialization. When the library is loaded, it corrupts JavaScript internals inside of libxul.so from Firefox build. Removing libmozjs185.so works around the bug. Long story: In the backtraces I provided previously, all crashes were during an attempt to invoke js::FunctionProxyClass.ext.equality. It's supposed to be always NULL, but it was modified in runtime. Setting a watch point gave me following backtrace: Hardware watchpoint 2: js::FunctionProxyClass.ext.equality Old value = (JSEqualityOp) 0x0 New value = (JSEqualityOp) 0x7fffe29b4280 <fun_hasInstance(JSContext*, JSObject*, js::Value const*, int*)> 0x00007fffe294cb80 in _GLOBAL__sub_I_jsproxy.cpp () from /usr/lib64/libmozjs185.so.1.0 (gdb) bt #0 0x00007fffe294cb80 in _GLOBAL__sub_I_jsproxy.cpp () from /usr/lib64/libmozjs185.so.1.0 #1 0x00007ffff7de9876 in call_init () from /lib64/ld-linux-x86-64.so.2 #2 0x00007ffff7de995a in _dl_init_internal () from /lib64/ld-linux-x86-64.so.2 #3 0x00007ffff7dedb42 in dl_open_worker () from /lib64/ld-linux-x86-64.so.2 #4 0x00007ffff7de96b6 in _dl_catch_error () from /lib64/ld-linux-x86-64.so.2 #5 0x00007ffff7ded38c in _dl_open () from /lib64/ld-linux-x86-64.so.2 #6 0x00007ffff79bb1d6 in dlopen_doit () from /lib64/libdl.so.2 #7 0x00007ffff7de96b6 in _dl_catch_error () from /lib64/ld-linux-x86-64.so.2 #8 0x00007ffff79bb78c in _dlerror_run () from /lib64/libdl.so.2 #9 0x00007ffff79bb271 in dlopen@@GLIBC_2.2.5 () from /lib64/libdl.so.2 #10 0x00007fffec08ba21 in g_module_open () from /usr/lib64/libgmodule-2.0.so.0 #11 0x00007fffef64197b in g_io_module_load_module () from /usr/lib64/libgio-2.0.so.0 #12 0x00007ffff123fca1 in g_type_module_use () from /usr/lib64/libgobject-2.0.so.0 #13 0x00007fffef642168 in g_io_modules_scan_all_in_directory_with_scope () from /usr/lib64/libgio-2.0.so.0 #14 0x00007fffef64248c in _g_io_modules_ensure_loaded () from /usr/lib64/libgio-2.0.so.0 #15 0x00007fffef6427b3 in _g_io_module_get_default () from /usr/lib64/libgio-2.0.so.0 #16 0x00007fffef62f6fe in g_file_new_for_path () from /usr/lib64/libgio-2.0.so.0 #17 0x00007fffe333b2da in Oxygen::QtSettings::monitorFile (this=this@entry=0x7fffe5534018, filename="/usr/share/themes/oxygen-gtk/gtk-2.0/kdeglobals") at /var/tmp/paludis/x11-themes-oxygen-gtk-1.3.1/work/oxygen-gtk2-1.3.1/src/oxygenqtsettings.cpp:1133 #18 0x00007fffe333df1c in Oxygen::QtSettings::loadKdeGlobals (this=this@entry=0x7fffe5534018) at /var/tmp/paludis/x11-themes-oxygen-gtk-1.3.1/work/oxygen-gtk2-1.3.1/src/oxygenqtsettings.cpp:217 #19 0x00007fffe333e133 in Oxygen::QtSettings::initialize (this=0x7fffe5534018, flags=63) at /var/tmp/paludis/x11-themes-oxygen-gtk-1.3.1/work/oxygen-gtk2-1.3.1/src/oxygenqtsettings.cpp:137 #20 0x00007fffe334f615 in Oxygen::Style::initialize (this=this@entry=0x7fffe5534000, flags=flags@entry=63) at /var/tmp/paludis/x11-themes-oxygen-gtk-1.3.1/work/oxygen-gtk2-1.3.1/src/oxygenstyle.cpp:63 #21 0x00007fffe334fa05 in Oxygen::Style::instance () at /var/tmp/paludis/x11-themes-oxygen-gtk-1.3.1/work/oxygen-gtk2-1.3.1/src/oxygenstyle.cpp:49 #22 0x00007fffe3397536 in theme_init (module=0x7fffe54f6f80) at /var/tmp/paludis/x11-themes-oxygen-gtk-1.3.1/work/oxygen-gtk2-1.3.1/src/oxygentheme.cpp:53 #23 0x00007fffefd4f436 in gtk_theme_engine_load () from /usr/lib64/libgtk-x11-2.0.so.0 #24 0x00007ffff123fca1 in g_type_module_use () from /usr/lib64/libgobject-2.0.so.0 #25 0x00007fffefd4f545 in gtk_theme_engine_get () from /usr/lib64/libgtk-x11-2.0.so.0 #26 0x00007fffefcd942b in gtk_rc_parse_any () from /usr/lib64/libgtk-x11-2.0.so.0 #27 0x00007fffefcda175 in gtk_rc_context_parse_one_file () from /usr/lib64/libgtk-x11-2.0.so.0 #28 0x00007fffefcd8ea2 in gtk_rc_parse_any () from /usr/lib64/libgtk-x11-2.0.so.0 #29 0x00007fffefcda175 in gtk_rc_context_parse_one_file () from /usr/lib64/libgtk-x11-2.0.so.0 #30 0x00007fffefcda94f in gtk_rc_reparse_all_for_settings () from /usr/lib64/libgtk-x11-2.0.so.0 #31 0x00007fffefcf7405 in gtk_settings_get_for_screen () from /usr/lib64/libgtk-x11-2.0.so.0 #32 0x00007fffefd0bce9 in gtk_style_init () from /usr/lib64/libgtk-x11-2.0.so.0 #33 0x00007ffff123cda7 in g_type_create_instance () from /usr/lib64/libgobject-2.0.so.0 #34 0x00007ffff1222498 in g_object_constructor () from /usr/lib64/libgobject-2.0.so.0 #35 0x00007ffff1223f19 in g_object_newv () from /usr/lib64/libgobject-2.0.so.0 #36 0x00007ffff122455c in g_object_new () from /usr/lib64/libgobject-2.0.so.0 #37 0x00007fffefda5789 in gtk_widget_get_default_style () from /usr/lib64/libgtk-x11-2.0.so.0 #38 0x00007fffefda5835 in gtk_widget_init () from /usr/lib64/libgtk-x11-2.0.so.0 #39 0x00007ffff123cd58 in g_type_create_instance () from /usr/lib64/libgobject-2.0.so.0 #40 0x00007ffff1222498 in g_object_constructor () from /usr/lib64/libgobject-2.0.so.0 #41 0x00007fffefc7ad4b in gtk_invisible_constructor () from /usr/lib64/libgtk-x11-2.0.so.0 #42 0x00007ffff1223f19 in g_object_newv () from /usr/lib64/libgobject-2.0.so.0 #43 0x00007ffff122455c in g_object_new () from /usr/lib64/libgobject-2.0.so.0 #44 0x00007ffff57b5482 in nsLookAndFeel::InitWidget (this=0x7ffff6c4ef00) at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/widget/gtk2/nsLookAndFeel.cpp:980 #45 0x00007ffff57b557a in nsLookAndFeel::nsLookAndFeel (this=0x7ffff6c4ef00) at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/widget/gtk2/nsLookAndFeel.cpp:64 #46 0x00007ffff57cdb2c in GetInstance () at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/widget/xpwidgets/nsXPLookAndFeel.cpp:234 #47 nsXPLookAndFeel::GetInstance () at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/widget/xpwidgets/nsXPLookAndFeel.cpp:226 #48 0x00007ffff57ce2e4 in mozilla::LookAndFeel::GetInt (aID=mozilla::LookAndFeel::eIntID_UseAccessibilityTheme, aResult=0x7fffffffb744) at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/widget/xpwidgets/nsXPLookAndFeel.cpp:700 #49 0x00007ffff58e89c6 in GetInt (aDefault=0, aID=mozilla::LookAndFeel::eIntID_UseAccessibilityTheme) at ../../dist/include/mozilla/LookAndFeel.h:469 #50 nsChromeRegistryChrome::CheckForOSAccessibility (this=0x7ffff6c4a2c0) at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/chrome/src/nsChromeRegistryChrome.cpp:177 #51 0x00007ffff4f0f9d6 in ScopedXPCOMStartup::SetWindowCreator (this=<optimized out>, native=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:1238 #52 0x00007ffff4f138f8 in XREMain::XRE_mainRun (this=this@entry=0x7fffffffb908) at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:3568 #53 0x00007ffff4f14224 in XREMain::XRE_main (this=this@entry=0x7fffffffb908, argc=argc@entry=1, argv=argv@entry=0x7fffffffdc58, aAppData=aAppData@entry=0x6247e0 <sAppData>) at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:3871 #54 0x00007ffff4f14431 in XRE_main (argc=1, argv=0x7fffffffdc58, aAppData=0x6247e0 <sAppData>, aFlags=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:3947 ---Type <return> to continue, or q <return> to quit--- #55 0x0000000000402e12 in do_main (argv=0x7fffffffdc58, argc=1) at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/browser/app/nsBrowserApp.cpp:160 #56 main (argc=<optimized out>, argv=<optimized out>) at /var/tmp/paludis/www-client-firefox-16.0.2/work/mozilla-release/browser/app/nsBrowserApp.cpp:265 I'm not sure how to proceed further. Loading an external instance of libmozjs185.so shouldn't have caused this. I guess it's loaded in a really strange way. Complicated dependences of this bug explain why it's so hard to reproduce. Hi, I have the exact same problem: * crash of firefox (16.0.1 and 16.0.2 at least) when javascript is activated * no crash of firefox when javascript is disabled * crash of thunderbird (16.0.1) * no crash of firefox AFAICT (16.0.1-r1) when libmozjs185.so.1.0.0 from spidermonkey package is moved (making libmozjs185.so a dead link) This seems similar to the openSuse issue : https://bugzilla.novell.com/show_bug.cgi?id=759123 Sounds like this might be linked to the same problem as bug 439148 Seems very likely as for me crashes also happened on exit (100% reproducible). Created attachment 328684 [details, diff] version symbols in spidermonkey After discussing with mozilla dev's, it seems to be that the way to fix issues like these is to ensure the symbols in libxul for FF, TB, etc, and the external libs like libmozjs185 , each have distinct versions so that they can't conflict with one-another. I've got a patch for spidermonkey and another one (to be attached later) for firefox-16.0.2 (should be generic enough to apply to all future versions), which accomplishes this. Preliminary testing on my system shows it works; taking the example from bug 439148 , firefox no longer crashes with libproxy is linked against spidemronkey. I'm a bit weary to just commit these to the tree, though; so if they could be tested more I'd appreciate it. Fortunately both FF16 and SM185 ebuilds have 'epatch_user' support, which means user testing of these patches is doable without having to overlay the ebuilds. Created attachment 328686 [details, diff]
version js symbols in firefox
I patched spidermonkey, firefox and thunderbird (with the firefox patch modified) with no luck. After each of them rebuild, thunderbird still segfault at start (100% reproducible), firefox still segfault after 1 minute browsing on different sites. Thunderbird segfault in libxul, but firefox segfault moved to libssl3 and libnspr4. (In reply to comment #13) > I patched spidermonkey, firefox and thunderbird (with the firefox patch > modified) with no luck. > After each of them rebuild, thunderbird still segfault at start (100% > reproducible), firefox still segfault after 1 minute browsing on different > sites. > > Thunderbird segfault in libxul, but firefox segfault moved to libssl3 and > libnspr4. Hi Vincent -- since I don't see any info about your system on this bug, could you attach your emerge --info and the build.log for firefox, thunderbird, and spidermonkey please? Also, could you run: LD_DEBUG="bindings" firefox &>/tmp/bindings.log ..and attach that logfile as well? I have a sneaking suspicion that there might be a similar conflict between firefox and nspr. Created attachment 329194 [details]
emerge_info.txt
> Hi Vincent -- since I don't see any info about your system on this bug, > could you attach your emerge --info and the build.log for firefox, > thunderbird, and spidermonkey please? > > Also, could you run: > > LD_DEBUG="bindings" firefox &>/tmp/bindings.log > > ..and attach that logfile as well? I have a sneaking suspicion that there > might be a similar conflict between firefox and nspr. Hi, I attached emerge --info. About bindings they are too big (6.5M for firefox to reproduce, 1.9M for thunderbird). I've uploaded them both : - http://vincent.leligeour.free.fr/bindings_firefox.log - http://vincent.leligeour.free.fr/bindings_thunderbird.log About build log, should I redirect output of a build, or is there a way not to destroy the build.log on successful build ? mail-client/thunderbird-10.0.9 just works perfectly and does not segfault at start. (In reply to comment #17) > mail-client/thunderbird-10.0.9 just works perfectly and does not segfault at > start. That is most likely because (In reply to comment #16) > > Hi Vincent -- since I don't see any info about your system on this bug, > > could you attach your emerge --info and the build.log for firefox, > > thunderbird, and spidermonkey please? > > > > Also, could you run: > > > > LD_DEBUG="bindings" firefox &>/tmp/bindings.log > > > > ..and attach that logfile as well? I have a sneaking suspicion that there > > might be a similar conflict between firefox and nspr. > > Hi, I attached emerge --info. > About bindings they are too big (6.5M for firefox to reproduce, 1.9M for > thunderbird). > > I've uploaded them both : > - http://vincent.leligeour.free.fr/bindings_firefox.log > - http://vincent.leligeour.free.fr/bindings_thunderbird.log > > About build log, should I redirect output of a build, or is there a way not > to destroy the build.log on successful build ? FEATURES="keeptemp" should do it. I'm not sure what's going on with Firefox. For Thunderbird, though, I believe the issue has to do with the following: binding file /usr/lib64/thunderbird/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/libcalbasecomps.so [0] to /usr/lib64/thunderbird/libxul.so [0]: normal symbol `_Z14js_DateIsValidP9JSContextP8JSObject' ..which I expect is a calendar extension? Perhaps if that can be disabled or removed, Thunderbird will start acting normally again? If you can duplicate with current 17.0.x stable versions please reopen and update with updated information |