Closed Bug 313399 Opened 19 years ago Closed 19 years ago

Unoptimized debug build crashes with a misaligned stack on Intel

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Platform:
PowerPC
macOS
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED DUPLICATE of bug 313398

People

(Reporter: eric, Unassigned)

Details

User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en) AppleWebKit/417.2 (KHTML, like Gecko) Safari/417.1
Build Identifier: Trunk

On build 8F1099 of Mac OS X on Intel, an unoptimized debug build of Firefox crashes on launch in 
XPTC_InvokeByIndex with a misaligned stack.  The misalignment happens within XPTC_InvokeByIndex 
itself, which doesn't appear to be properly aligning the first call in the inline asm.

Program received signal EXC_BAD_INSTRUCTION, Illegal instruction/operand.
0x8fe12ee4 in __dyld_stub_binding_helper_interface ()
2: /x $esp = 0xbfffd8b8
1: x/i $pc  0x8fe12ee4 <__dyld_stub_binding_helper_interface+18>:       movdqa %xmm0,32(%esp)
(gdb) bt
#0  0x8fe12ee4 in __dyld_stub_binding_helper_interface ()
#1  0x01008000 in ?? ()
#2  0x0108e45d in XPTC_InvokeByIndex (that=0x1c3b690, methodIndex=3, paramCount=1, 
params=0xbfffdb4c) at xptcinvoke_unixish_x86.cpp:147
#3  0x2b1bf00f in XPCWrappedNative::CallMethod (ccx=@0xbfffdd74, mode=CALL_GETTER) at 
xpcwrappednative.cpp:2139
#4  0x2b1e6297 in XPCWrappedNative::GetAttribute (ccx=@0xbfffdd74) at xpcwrappednativejsops.cpp:
1925
#5  0x2b1c6263 in XPC_WN_GetterSetter (cx=0x1c32280, obj=0x204b068, argc=0, argv=0x1c439c8, 
vp=0xbfffdec4) at xpcwrappednativejsops.cpp:1476
#6  0x0054da41 in js_Invoke (cx=0x1c32280, argc=0, flags=2) at jsinterp.c:1177
#7  0x0054de69 in js_InternalInvoke (cx=0x1c32280, obj=0x204b068, fval=33862752, flags=0, 
argc=0, argv=0x0, rval=0xbfffe9bc) at jsinterp.c:1274
#8  0x0054e149 in js_InternalGetOrSet (cx=0x1c32280, obj=0x204b068, id=29580784, 
fval=33862752, mode=JSACC_READ, argc=0, argv=0x0, rval=0xbfffe9bc) at jsinterp.c:1317
#9  0x0057a70e in js_GetProperty (cx=0x1c32280, obj=0x204b068, id=29580784, vp=0xbfffe9bc) at 
jsobj.c:2931
#10 0x0055e1a0 in js_Interpret (cx=0x1c32280, pc=0x1c434ad "5", result=0xbfffed80) at jsinterp.c:
3327
#11 0x0054e526 in js_Execute (cx=0x1c32280, chain=0x204af98, script=0x1c43450, down=0x0, 
flags=0, result=0xbfffef10) at jsinterp.c:1407
#12 0x00512e20 in JS_ExecuteScript (cx=0x1c32280, obj=0x204af98, script=0x1c43450, 
rval=0xbfffef10) at jsapi.c:4009
#13 0x2b1d35a2 in mozJSComponentLoader::GlobalForLocation (this=0x1c314d0, 
aLocation=0x1c30f60 "rel:jsconsole-clhandler.js", aComponent=0x1c31600, aGlobal=0xbffff090) at 
mozJSComponentLoader.cpp:1567
#14 0x2b1d3803 in mozJSComponentLoader::ModuleForLocation (this=0x1c314d0, 
registryLocation=0x1c30f60 "rel:jsconsole-clhandler.js", component=0x1c31600, status=<incomplete 
type>) at mozJSComponentLoader.cpp:917
#15 0x2b1d42be in mozJSComponentLoader::AttemptRegistration (this=0x1c314d0, 
component=0x1c31600, deferred=0) at mozJSComponentLoader.cpp:755
#16 0x2b1d488b in mozJSComponentLoader::AutoRegisterComponent (this=0x1c314d0, when=0, 
component=0x1c31600, registered=0xbffff304) at mozJSComponentLoader.cpp:682
#17 0x2b1d11f2 in mozJSComponentLoader::RegisterComponentsInDir (this=0x1c314d0, when=0, 
dir=0x1c0e110) at mozJSComponentLoader.cpp:590
#18 0x2b1d128b in mozJSComponentLoader::AutoRegisterComponents (this=0x1c314d0, when=0, 
aDirectory=0x1c0e110) at mozJSComponentLoader.cpp:546
#19 0x01062178 in nsComponentManagerImpl::AutoRegisterNonNativeComponents (this=0x1c0c910, 
spec=0x1c0e110) at nsComponentManager.cpp:3262
#20 0x010647cf in nsComponentManagerImpl::AutoRegisterImpl (this=0x1c0c910, when=0, 
inDirSpec=0x0, fileIsCompDir=1) at nsComponentManager.cpp:3232
#21 0x01064882 in nsComponentManagerImpl::AutoRegister (this=0x1c0c910, aSpec=0x0) at 
nsComponentManager.cpp:3404
#22 0x01010d3c in NS_InitXPCOM3_P (result=0xbffff738, binDirectory=0x1c0c3a0, 
appFileLocationProvider=0xbffff768, staticComponents=0x54ab0, componentCount=1) at 
nsXPComInit.cpp:616
#23 0x00003433 in ScopedXPCOMStartup::Initialize (this=0xbffff738) at nsAppRunner.cpp:595
#24 0x00009259 in XRE_main (argc=1, argv=0xbffff8d4, aAppData=0x549e0) at nsAppRunner.cpp:
2141
#25 0x000024aa in main (argc=1, argv=0xbffff8d4) at nsBrowserApp.cpp:61
(gdb) 


Reproducible: Always

Steps to Reproduce:
1) Build Firefox with --disable-optimize, --enable-debug, and --disable-tests.
2) Run.
Actual Results:  
Firefox crashes.

Expected Results:  
Not crashing is often considered to be proper behavior.

*** This bug has been marked as a duplicate of 313398 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.