Closed Bug 528204 Opened 15 years ago Closed 14 years ago

firefox 3.6b2 crashes on some websites when compiled with -D_FORTIFY_SOURCE

Categories

(Core :: General, defect)

Product:
Core
Component:
General
Version:
1.9.2 Branch
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 500607

People

(Reporter: hicham.haouari, Unassigned)

Details

(Keywords: crash)

Attachments

(3 files)

crash backtrace
9.33 KB, text/plain
Details
patches used for compilation
3.05 KB, application/x-bzip
Details
backtrace obtained with gdb
8.46 KB, text/plain
Details 
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.5) Gecko/20091105 Fedora/3.5.5-1.fc12 Firefox/3.5.5
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.5) Gecko/20091105 Fedora/3.5.5-1.fc12 Firefox/3.5.5

I compiled firefox 3.6b2 on Fedora 12, here is my buildconfig :
Build platform
target
i686-pc-linux-gnu

Build tools
Compiler 	Version 	Compiler flags
gcc 	gcc version 4.4.2 20091027 (Red Hat 4.4.2-7) (GCC) 	-Wall -W -Wno-unused -Wpointer-arith -Wcast-align -W -Wno-long-long -pedantic -O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -fno-strict-aliasing -pthread -pipe -DNDEBUG -DTRIMMED -Os -freorder-blocks -fno-reorder-functions
c++ 	gcc version 4.4.2 20091027 (Red Hat 4.4.2-7) (GCC) 	-fno-rtti -fno-exceptions -Wall -Wpointer-arith -Woverloaded-virtual -Wsynth -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor -Wcast-align -Wno-invalid-offsetof -Wno-long-long -pedantic -O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -fno-strict-aliasing -fshort-wchar -pthread -pipe -DNDEBUG -DTRIMMED -Os -freorder-blocks -fno-reorder-functions

Configure arguments
--enable-application=xulrunner --prefix=/usr --libdir=/usr/lib --with-system-nspr --with-system-nss --with-system-jpeg --with-system-zlib --with-system-bz2 --enable-system-hunspell --enable-system-sqlite --enable-system-cairo --with-pthreads --disable-strip --disable-tests --disable-mochitest --disable-installer --disable-debug --enable-optimize --enable-default-toolkit=cairo-gtk2 --enable-pango --enable-svg --enable-canvas --disable-javaxpcom --disable-crashreporter --enable-safe-browsing --enable-extensions=default,python/xpcom --enable-libnotify 

it crashes on some bugzilla website (example http://bugs.gentoo.org/show_bug.cgi?id=292808) reporting that a buffer overflow have been detected and that fortify source failed.

Reproducible: Always

Steps to Reproduce:
1.Compile Firefox-3.6b2 the Fedora way
2.Open http://bugs.gentoo.org/show_bug.cgi?id=292808
3.See the crash
Actual Results:  
crash

Expected Results:  
no crash

I didn't test a build without _D_FORTIFY_SOURCE, but I know it is the cause since it has created some problems on other packages, plus the first line in the backtrace.
What's the backtrace look like?
Component: Build Config → General
Product: Firefox → Core
QA Contact: build.config → general
Version: unspecified → Trunk
Version: Trunk → 1.9.2 Branch
Attached file crash backtrace 

        Attachment #411972 -
        Attachment mime type: application/octet-stream → text/plain

    
    

    
  


  

    
    

    
  
should i debug it in gdb ?

    
    

    
  
That's not super useful, did you strip your binaries?

    
    

    
  
yes, I did, I am gonna install the debuginfo package and resend the backtrace again

    
    

    
  


  

    
    

    
  
and by the way, it crashes on this page too

        Attachment #411984 -
        Attachment mime type: application/octet-stream → text/plain

    
    

    
  
Can you reproduce this compiling without optimization? Also, I note that it's crashing in hunspell, and you've --enable-system-hunspell.

    
    

    
  
i'd also suggest --disable-optimize while chasing problems (unless the problem goes away when you use it...)

    
    

    
  
i m sorry, but in fact, it is a hunspell issue.
once i disable spell checking in firefox, the issue is gone.
in fact I was using mozilla's hunspell, but symlinking to the system dictionaries.
i am gonna try a build with the system hunspell and let u know then

    
  
Severity: normal → critical
Keywords: crash

    
    

    
  
well, I would like to express my sincere apologies for reporting a wrong issue.

I just recompiled xulrunner with system hunspell and enable-optimize and everything works now.

but i still have a minor issue, could anyone point me to a better patch than the one i am using (nsFrame.patch, included in the patches tarball ) ? without that patch, i can't compile xulrunner

    
    

    
  
I ve written this message from Firefox-3.6b2 on Fedora 12.

Here is the buildconfig :

Build platform
target
i686-pc-linux-gnu

Build tools
Compiler 	Version 	Compiler flags
gcc 	gcc version 4.4.2 20091027 (Red Hat 4.4.2-7) (GCC) 	-Wall -W -Wno-unused -Wpointer-arith -Wcast-align -W -Wno-long-long -pedantic -O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -fno-strict-aliasing -pthread -pipe -DNDEBUG -DTRIMMED -Os -freorder-blocks -fno-reorder-functions
c++ 	gcc version 4.4.2 20091027 (Red Hat 4.4.2-7) (GCC) 	-fno-rtti -fno-exceptions -Wall -Wpointer-arith -Woverloaded-virtual -Wsynth -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor -Wcast-align -Wno-invalid-offsetof -Wno-long-long -pedantic -O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -fno-strict-aliasing -fshort-wchar -pthread -pipe -DNDEBUG -DTRIMMED -Os -freorder-blocks -fno-reorder-functions

Configure arguments
--enable-application=xulrunner --enable-application=xulrunner --prefix=/usr --libdir=/usr/lib --with-system-nspr --with-system-nss --with-system-jpeg --with-system-zlib --with-system-bz2 --enable-system-hunspell --enable-system-sqlite --enable-system-cairo --with-pthreads --disable-strip --disable-tests --disable-mochitest --disable-installer --disable-debug --enable-optimize --enable-default-toolkit=cairo-gtk2 --enable-pango --enable-svg --enable-canvas --disable-javaxpcom --disable-crashreporter --enable-safe-browsing --enable-extensions=default 



about:

Build identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2b2) Gecko/20091112 Fedora/3.6-0.2.beta2.fc12 Firefox/3.6b2

    
    

    
  
If you can reproduce this with the in-tree copy of hunspell, then it's a valid bug and it's important! That's code that we are shipping to users.

    
    

    
  
Thanks for reporting this, but someone beat you to it :)
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: