firefox 3.6b2 crashes on some websites when compiled with -D_FORTIFY_SOURCE

RESOLVED DUPLICATE of bug 500607

Status

()

Core
General
--
critical
RESOLVED DUPLICATE of bug 500607
8 years ago
8 years ago

People

(Reporter: Hicham, Unassigned)

Tracking

({crash})

1.9.2 Branch
x86
Linux
crash
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(3 attachments)

(Reporter)

Description

8 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.5) Gecko/20091105 Fedora/3.5.5-1.fc12 Firefox/3.5.5
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.5) Gecko/20091105 Fedora/3.5.5-1.fc12 Firefox/3.5.5

I compiled firefox 3.6b2 on Fedora 12, here is my buildconfig :
Build platform
target
i686-pc-linux-gnu

Build tools
Compiler 	Version 	Compiler flags
gcc 	gcc version 4.4.2 20091027 (Red Hat 4.4.2-7) (GCC) 	-Wall -W -Wno-unused -Wpointer-arith -Wcast-align -W -Wno-long-long -pedantic -O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -fno-strict-aliasing -pthread -pipe -DNDEBUG -DTRIMMED -Os -freorder-blocks -fno-reorder-functions
c++ 	gcc version 4.4.2 20091027 (Red Hat 4.4.2-7) (GCC) 	-fno-rtti -fno-exceptions -Wall -Wpointer-arith -Woverloaded-virtual -Wsynth -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor -Wcast-align -Wno-invalid-offsetof -Wno-long-long -pedantic -O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -fno-strict-aliasing -fshort-wchar -pthread -pipe -DNDEBUG -DTRIMMED -Os -freorder-blocks -fno-reorder-functions

Configure arguments
--enable-application=xulrunner --prefix=/usr --libdir=/usr/lib --with-system-nspr --with-system-nss --with-system-jpeg --with-system-zlib --with-system-bz2 --enable-system-hunspell --enable-system-sqlite --enable-system-cairo --with-pthreads --disable-strip --disable-tests --disable-mochitest --disable-installer --disable-debug --enable-optimize --enable-default-toolkit=cairo-gtk2 --enable-pango --enable-svg --enable-canvas --disable-javaxpcom --disable-crashreporter --enable-safe-browsing --enable-extensions=default,python/xpcom --enable-libnotify 

it crashes on some bugzilla website (example http://bugs.gentoo.org/show_bug.cgi?id=292808) reporting that a buffer overflow have been detected and that fortify source failed.

Reproducible: Always

Steps to Reproduce:
1.Compile Firefox-3.6b2 the Fedora way
2.Open http://bugs.gentoo.org/show_bug.cgi?id=292808
3.See the crash
Actual Results:  
crash

Expected Results:  
no crash

I didn't test a build without _D_FORTIFY_SOURCE, but I know it is the cause since it has created some problems on other packages, plus the first line in the backtrace.
What's the backtrace look like?
Component: Build Config → General
Product: Firefox → Core
QA Contact: build.config → general
Version: unspecified → Trunk
Version: Trunk → 1.9.2 Branch
(Reporter)

Comment 2

8 years ago
Created attachment 411972 [details]
crash backtrace
Attachment #411972 - Attachment mime type: application/octet-stream → text/plain
(Reporter)

Comment 3

8 years ago
Created attachment 411974 [details]
patches used for compilation
(Reporter)

Comment 4

8 years ago
should i debug it in gdb ?
That's not super useful, did you strip your binaries?
(Reporter)

Comment 6

8 years ago
yes, I did, I am gonna install the debuginfo package and resend the backtrace again
(Reporter)

Comment 7

8 years ago
Created attachment 411984 [details]
backtrace obtained with gdb
(Reporter)

Comment 8

8 years ago
and by the way, it crashes on this page too
Attachment #411984 - Attachment mime type: application/octet-stream → text/plain
Can you reproduce this compiling without optimization? Also, I note that it's crashing in hunspell, and you've --enable-system-hunspell.

Comment 10

8 years ago
i'd also suggest --disable-optimize while chasing problems (unless the problem goes away when you use it...)
(Reporter)

Comment 11

8 years ago
i m sorry, but in fact, it is a hunspell issue.
once i disable spell checking in firefox, the issue is gone.
in fact I was using mozilla's hunspell, but symlinking to the system dictionaries.
i am gonna try a build with the system hunspell and let u know then

Updated

8 years ago
Severity: normal → critical
Keywords: crash
(Reporter)

Comment 12

8 years ago
well, I would like to express my sincere apologies for reporting a wrong issue.

I just recompiled xulrunner with system hunspell and enable-optimize and everything works now.

but i still have a minor issue, could anyone point me to a better patch than the one i am using (nsFrame.patch, included in the patches tarball ) ? without that patch, i can't compile xulrunner
(Reporter)

Comment 13

8 years ago
I ve written this message from Firefox-3.6b2 on Fedora 12.

Here is the buildconfig :

Build platform
target
i686-pc-linux-gnu

Build tools
Compiler 	Version 	Compiler flags
gcc 	gcc version 4.4.2 20091027 (Red Hat 4.4.2-7) (GCC) 	-Wall -W -Wno-unused -Wpointer-arith -Wcast-align -W -Wno-long-long -pedantic -O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -fno-strict-aliasing -pthread -pipe -DNDEBUG -DTRIMMED -Os -freorder-blocks -fno-reorder-functions
c++ 	gcc version 4.4.2 20091027 (Red Hat 4.4.2-7) (GCC) 	-fno-rtti -fno-exceptions -Wall -Wpointer-arith -Woverloaded-virtual -Wsynth -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor -Wcast-align -Wno-invalid-offsetof -Wno-long-long -pedantic -O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -fno-strict-aliasing -fshort-wchar -pthread -pipe -DNDEBUG -DTRIMMED -Os -freorder-blocks -fno-reorder-functions

Configure arguments
--enable-application=xulrunner --enable-application=xulrunner --prefix=/usr --libdir=/usr/lib --with-system-nspr --with-system-nss --with-system-jpeg --with-system-zlib --with-system-bz2 --enable-system-hunspell --enable-system-sqlite --enable-system-cairo --with-pthreads --disable-strip --disable-tests --disable-mochitest --disable-installer --disable-debug --enable-optimize --enable-default-toolkit=cairo-gtk2 --enable-pango --enable-svg --enable-canvas --disable-javaxpcom --disable-crashreporter --enable-safe-browsing --enable-extensions=default 



about:

Build identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2b2) Gecko/20091112 Fedora/3.6-0.2.beta2.fc12 Firefox/3.6b2
If you can reproduce this with the in-tree copy of hunspell, then it's a valid bug and it's important! That's code that we are shipping to users.

Comment 15

8 years ago
Thanks for reporting this, but someone beat you to it :)
Status: UNCONFIRMED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 500607
You need to log in before you can comment on or make changes to this bug.