320063 - Seg fault encountered when running Mozilla Firefox 1.5 on FreeBSD6.0-RELEASE on the sparc64 architecture [@ reloc_jmpslot]

Status: RESOLVED INVALID

(Core :: XPCOM, defect)

Description

[mdh]

User-Agent:       Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.12) Gecko/20051010
Build Identifier: Firefox 1.5

Mozilla Firefox 1.5 built from source crashes upon execution.  GDB data from core is as follows:

(mdh@dolor) [~]: gdb /usr/local/lib/firefox-1.5/firefox-bin ~mdh/firefox-bin.core

GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "sparc64-marcel-freebsd"...(no debugging symbols found)...
Core was generated by `firefox-bin'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/local/lib/firefox-1.5/libmozjs.so...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/firefox-1.5/libmozjs.so
Reading symbols from /usr/local/lib/firefox-1.5/libxpcom.so...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/firefox-1.5/libxpcom.so
Reading symbols from /usr/local/lib/firefox-1.5/libxpcom_core.so...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/firefox-1.5/libxpcom_core.so
Reading symbols from /usr/local/lib/firefox-1.5/libplds4.so...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/firefox-1.5/libplds4.so
Reading symbols from /usr/local/lib/firefox-1.5/libplc4.so...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/firefox-1.5/libplc4.so
Reading symbols from /usr/local/lib/firefox-1.5/libnspr4.so...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/firefox-1.5/libnspr4.so
Reading symbols from /usr/X11R6/lib/libgtk-x11-2.0.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libgtk-x11-2.0.so.0
Reading symbols from /usr/X11R6/lib/libX11.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libX11.so.6
Reading symbols from /usr/lib/libstdc++.so.5...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libstdc++.so.5
Reading symbols from /lib/libm.so.4...(no debugging symbols found)...done.
Loaded symbols for /lib/libm.so.4
Reading symbols from /usr/lib/libc_r.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libc_r.so.6
Reading symbols from /lib/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /usr/X11R6/lib/libgdk-x11-2.0.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libgdk-x11-2.0.so.0
Reading symbols from /usr/X11R6/lib/libgdk_pixbuf-2.0.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libgdk_pixbuf-2.0.so.0
Reading symbols from /usr/X11R6/lib/libXrandr.so.2...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libXrandr.so.2
Reading symbols from /usr/X11R6/lib/libXrender.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libXrender.so.1
Reading symbols from /usr/X11R6/lib/libXi.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libXi.so.6
Reading symbols from /usr/X11R6/lib/libXinerama.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libXinerama.so.1
Reading symbols from /usr/X11R6/lib/libXext.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libXext.so.6
Reading symbols from /usr/local/lib/libgmodule-2.0.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/libgmodule-2.0.so.0
Reading symbols from /usr/local/lib/libgobject-2.0.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/libgobject-2.0.so.0
Reading symbols from /usr/X11R6/lib/libpango-1.0.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libpango-1.0.so.0
Reading symbols from /usr/X11R6/lib/libpangocairo-1.0.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libpangocairo-1.0.so.0
Reading symbols from /usr/X11R6/lib/libfontconfig.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libfontconfig.so.1
Reading symbols from /usr/local/lib/libfreetype.so.9...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/libfreetype.so.9
Reading symbols from /usr/lib/libz.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libz.so
Reading symbols from /usr/local/lib/libatk-1.0.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/libatk-1.0.so.0
Reading symbols from /usr/local/lib/libcairo.so.2...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/libcairo.so.2
Reading symbols from /usr/X11R6/lib/libXcursor.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libXcursor.so.1
Reading symbols from /usr/X11R6/lib/libXfixes.so.3...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libXfixes.so.3
Reading symbols from /usr/local/lib/libintl.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/libintl.so.6
Reading symbols from /usr/local/lib/libglib-2.0.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/libglib-2.0.so.0
Reading symbols from /usr/local/lib/libiconv.so.3...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/libiconv.so.3
Reading symbols from /usr/X11R6/lib/libpangoft2-1.0.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/libpangoft2-1.0.so.0
Reading symbols from /lib/libz.so.3...(no debugging symbols found)...done.
Loaded symbols for /lib/libz.so.3
Reading symbols from /usr/local/lib/libexpat.so.5...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/libexpat.so.5
Reading symbols from /usr/local/lib/libpng.so.5...(no debugging symbols found)...done.
Loaded symbols for /usr/local/lib/libpng.so.5
Reading symbols from /usr/X11R6/lib/X11/locale/lib/common/xlcDef.so.2...(no debugging symbols found)...done.
Loaded symbols for /usr/X11R6/lib/X11/locale/lib/common/xlcDef.so.2
Reading symbols from /libexec/ld-elf.so.1...(no debugging symbols found)...done.
Loaded symbols for /libexec/ld-elf.so.1
#0  0x000000004022b9d8 in reloc_jmpslot () from /libexec/ld-elf.so.1
(gdb) 


It looks like it's connecting to the X server prior to crashing.  When I run firefox without an X server to connect to, it **** out saying it cannot connect to X server, rather than SEGV'ing.  
If you can think of any other useful information, please feel free to ask.  

Some system information included below:

Firefox compiled with: gcc (GCC) 3.4.4 [FreeBSD] 20050518

System information:
FreeBSD 6.0-RELEASE #1: Sun Dec 11 15:16:22 EST 2005    root@dolor:/usr/src/sys/sparc64/compile/DOLOR
Timecounter "tick" frequency 167002671 Hz quality 1000
real memory  = 134217728 (128 MB)
avail memory = 109330432 (104 MB)
cpu0: Sun Microsystems UltraSparc-I Processor (167.00 MHz CPU)


Reproducible: Always

Steps to Reproduce:
1.Executing firefox-bin (almost) immediately returns segmentation violation
2.
3.

Actual Results:  
firefox-bin exits without doing anything else which would be visible.  That is, no window is ever opened, and no other information is provided by firefox-bin prior to seg faulting and dying.


Expected Results:  
Displayed window and operated normally.

This has occured for me on a fresh build using the stable Firefox 1.5 source downloaded via the links proided on www.mozilla.org.  I believe the tarball was downloaded from ftp.mozilla.org, but I don't remember with 100% certainty.  

It has also been reported on the freebsd sparc64 bug system that firefox is behaving in this same manner when built via the FreeBSD ports system.  I also use Firefox 1.5 on FreeBSD systems running on the i386 platform with no such problems, so I'm going out on a limb and going to guess that this is an issue specific to the FreeBSD/SPARC64 platform.  

Information from the user trying to build via FreeBSD ports on sparc64 is available at this url: http://www.freebsd.org/cgi/query-pr.cgi?pr=89486sparc64

Note that his bug report also indicates that this problem affects thunderbird.  I cannot corroborate this, as the only application I have built/attempted to use on FreeBSD/SPARC64 is the "browser" (firefox 1.5) application.

Comment 1

[timeless]

can you run: |bt| from gdb?

also, can you run ./run-mozilla.sh ./xpcshell?

if you're building static, please try not building static.

can you visit irc.mozilla.org?

Comment 2

[mdh]

As per timeless request, GDB backtrace:

(gdb) bt
#0  0x000000004022b9d8 in reloc_jmpslot () from /libexec/ld-elf.so.1
#1  0x000000004022dc88 in _rtld_bind () from /libexec/ld-elf.so.1
#2  0x000000004022b560 in _rtld_bind_start_1 () from /libexec/ld-elf.so.1
#3  0x000000004022b560 in _rtld_bind_start_1 () from /libexec/ld-elf.so.1
Previous frame identical to this frame (corrupt stack?)
(gdb)

Comment 3

[timeless]

freaky from freenode ##freebsd mentioned http://lists.freebsd.org/mailman/htdig/freebsd-sparc64/2005-November/003611.html

oh for reference... the link from comment 0 includes a bt full

Comment 4

[Andrew Belashov]

Full backtrace:

(gdb) bt full
#0  0x0000000040244450 in reloc_jmpslot (wherep=0x0, target=0, obj=0x4026e000, 
    refobj=0x4026e000, rel=0x113780)
    at /usr/src/libexec/rtld-elf/sparc64/reloc.c:535
        rela = (const Elf_Rela *) 0x113780
        offset = 0
        where = (Elf_Half *) 0x0
#1  0x00000000402455e4 in _rtld_bind (obj=0x4026e000, reloff=12768)
    at /usr/src/libexec/rtld-elf/rtld.c:485
        rel = (const Elf_Rel *) 0x113780
        def = (const Elf_Sym *) 0x101770
        defobj = (const Obj_Entry *) 0x4026e000
        where = (Elf_Addr *) 0x0
        target = 0
        lockstate = 1
#2  0x0000000040243a20 in _rtld_bind_start_1 ()
    at /usr/src/libexec/rtld-elf/sparc64/rtld_start.S:166
No locals.
#3  0x0000000040243a20 in _rtld_bind_start_1 ()
    at /usr/src/libexec/rtld-elf/sparc64/rtld_start.S:166
No locals.
Previous frame identical to this frame (corrupt stack?)

The problem in bogus relocations in the PLT (The 3 R_SPARC_NONE *ABS* relocs).
$ objdump -RC firefox-bin

firefox-bin:     file format elf64-sparc

DYNAMIC RELOCATION RECORDS
OFFSET           TYPE              VALUE 
[...]
0000000000224cc0 R_SPARC_JMP_SLOT  nsACString_internal::Assign(char const*)
0000000000224ce0 R_SPARC_JMP_SLOT  nsCOMPtr<nsIToolkitChromeRegistry>::operator-
>() const
0000000000000000 R_SPARC_NONE      *ABS*
0000000000224d20 R_SPARC_JMP_SLOT  nsCOMPtr<nsILocalFile>::StartAssignment()
0000000000224d40 R_SPARC_JMP_SLOT  gdk_rgb_set_install
[...]
00000000002257a0 R_SPARC_JMP_SLOT  nsCOMPtr<nsIObserverService>::nsCOMPtr(nsGetS
erviceByContractID)
00000000002257c0 R_SPARC_JMP_SLOT  nsCOMPtr<nsIAppStartup>::nsCOMPtr(nsGetServic
eByContractID)
0000000000000000 R_SPARC_NONE      *ABS*
0000000000225800 R_SPARC_JMP_SLOT  XGrabServer
0000000000225820 R_SPARC_JMP_SLOT  nsCOMPtr<nsIFile>::StartAssignment()
[...]
00000000002261e0 R_SPARC_JMP_SLOT  nsCOMPtr<nsIAppStartup>::operator nsDerivedSa
fe<nsIAppStartup>*() const
0000000000226200 R_SPARC_JMP_SLOT  nsCOMTypeInfo<nsIProperties>::GetIID()
0000000000000000 R_SPARC_NONE      *ABS*
0000000000226240 R_SPARC_JMP_SLOT  nsProfileLock::LockWithSymlink(nsACString_int
ernal const&, int)
0000000000226260 R_SPARC_JMP_SLOT  nsGetterAddRefs<nsINativeAppSupport> getter_A
ddRefs<nsINativeAppSupport>(nsCOMPtr<nsINativeAppSupport>&)

What further? How to determine not referenced symbols?

Also, I can run xpcshell:
$ ./run-mozilla.sh ./xpcshell
js> ^D
$

I can visit irc.mozilla.org/#firefox or other channel.

Comment 5

[Andrew Belashov]

I have received the message, that in NetBSD same problem is solved.

http://sourceware.org/ml/binutils/2005-12/msg00278.html

Comment 6

[Adam Guthrie]

INVALID since it wasn't our problem to begin with. Thanks for the help, Andrew!