[Bug c++/52762] Firefox 11 segfault with gcc 4.7 (-O3 -march=corei7-avx)
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52762 Paolo Carlini paolo.carlini at oracle dot com changed: What|Removed |Added Status|WAITING |RESOLVED Resolution|--- |INVALID --- Comment #10 from Paolo Carlini paolo.carlini at oracle dot com --- Feedback not forthcoming.
[Bug c++/52762] Firefox 11 segfault with gcc 4.7 (-O3 -march=corei7-avx)
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52762 Jason Merrill jason at gcc dot gnu.org changed: What|Removed |Added Status|UNCONFIRMED |WAITING Last reconfirmed||2012-04-04 CC||jason at gcc dot gnu.org Ever Confirmed|0 |1 --- Comment #9 from Jason Merrill jason at gcc dot gnu.org 2012-04-04 15:51:18 UTC --- I'll put it in Waiting until we have a testcase smaller than Firefox.
[Bug c++/52762] Firefox 11 segfault with gcc 4.7 (-O3 -march=corei7-avx)
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52762 Andi Kleen andi-gcc at firstfloor dot org changed: What|Removed |Added CC||andi-gcc at firstfloor dot ||org --- Comment #7 from Andi Kleen andi-gcc at firstfloor dot org 2012-03-30 19:21:19 UTC --- Happens in java script, which does JITed code. My guess is that one of the transition points between JITed code and C code does not save AVX registers correctly or something like that. I would file it with mozilla.org, it's more likely their bug.
[Bug c++/52762] Firefox 11 segfault with gcc 4.7 (-O3 -march=corei7-avx)
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52762 --- Comment #8 from Dâniel Fraga fragabr at gmail dot com 2012-03-30 19:54:47 UTC --- (In reply to comment #7) Happens in java script, which does JITed code. My guess is that one of the transition points between JITed code and C code does not save AVX registers correctly or something like that. I would file it with mozilla.org, it's more likely their bug. Thanks Andi. I already had filled a bug in mozilla bugzilla. But unfortunatelly nobody answered. I'll wait. Thanks. Ps: should I mark this bug as invalid?
[Bug c++/52762] Firefox 11 segfault with gcc 4.7 (-O3 -march=corei7-avx)
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52762 Markus Trippelsdorf markus at trippelsdorf dot de changed: What|Removed |Added CC||markus at trippelsdorf dot ||de --- Comment #1 from Markus Trippelsdorf markus at trippelsdorf dot de 2012-03-29 08:02:54 UTC --- The first thing you should do is to build Firefox with debugging symbols, so that you get a meaningful backtrace.
[Bug c++/52762] Firefox 11 segfault with gcc 4.7 (-O3 -march=corei7-avx)
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52762 --- Comment #2 from Dâniel Fraga fragabr at gmail dot com 2012-03-29 17:38:48 UTC --- Hi Marcus, here it's the backtrace with --enable-debug. If you need more testing, just ask: [New Thread 139808722073408 (LWP 23395)] nsStringStats = mAllocCount: 1 = mReallocCount:0 = mFreeCount: 1 = mShareCount: 0 = mAdoptCount: 0 = mAdoptFreeCount: 0 [New Thread 139808524986112 (LWP 23399)] [New Thread 139808508339968 (LWP 23400)] [New Thread 139808499947264 (LWP 23401)] [New Thread 139808487765760 (LWP 23403)] [New Thread 139808461412096 (LWP 23404)] [New Thread 139808450914048 (LWP 23405)] [New Thread 139808442521344 (LWP 23406)] WARNING: 1 sort operation has occurred for the SQL statement '0x7f27c0166010'. See https://developer.mozilla.org/En/Storage/Warnings details.: file /home/fraga/src/mozilla/storage/src/mozStoragePrivateHelpers.cpp, line 144 [New Thread 139808411809536 (LWP 23407)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 139808722073408 (LWP 23395)] 0x7f27bd707fc9 in JSRuntime::onOwnerThread () from /usr/local/lib/firefox-11.0/libxul.so (gdb) bt #0 0x7f27bd707fc9 in JSRuntime::onOwnerThread () from /usr/local/lib/firefox-11.0/libxul.so #1 0x7f27bd71412e in JS_ValueToObject () from /usr/local/lib/firefox-11.0/libxul.so #2 0x7f27bd08de23 in ?? () from /usr/local/lib/firefox-11.0/libxul.so #3 0x7f27bd545abc in NS_InvokeByIndex_P () from /usr/local/lib/firefox-11.0/libxul.so #4 0x7f27bd0b1036 in ?? () from /usr/local/lib/firefox-11.0/libxul.so #5 0x7f27bd0b618f in ?? () from /usr/local/lib/firefox-11.0/libxul.so #6 0x7f27bd0b67e3 in ?? () from /usr/local/lib/firefox-11.0/libxul.so #7 0x7f27bd0bab60 in ?? () from /usr/local/lib/firefox-11.0/libxul.so #8 0x7f27bd82826a in ?? () from /usr/local/lib/firefox-11.0/libxul.so #9 0x7f27bd8262d9 in ?? () from /usr/local/lib/firefox-11.0/libxul.so #10 0x7f27bd812b69 in ?? () from /usr/local/lib/firefox-11.0/libxul.so #11 0x7f27bd826483 in ?? () from /usr/local/lib/firefox-11.0/libxul.so #12 0x in ?? ()
[Bug c++/52762] Firefox 11 segfault with gcc 4.7 (-O3 -march=corei7-avx)
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52762 Dâniel Fraga fragabr at gmail dot com changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution||INVALID --- Comment #3 from Dâniel Fraga fragabr at gmail dot com 2012-03-29 17:56:25 UTC --- Well, nevermind. I tested some more and discovered the culprit: checkCompatibility 1.3 extension... I disabled that and everything is back to normal. Thanks and sorry about the wrong bug report.
[Bug c++/52762] Firefox 11 segfault with gcc 4.7 (-O3 -march=corei7-avx)
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52762 Dâniel Fraga fragabr at gmail dot com changed: What|Removed |Added Status|RESOLVED|UNCONFIRMED Resolution|INVALID | --- Comment #4 from Dâniel Fraga fragabr at gmail dot com 2012-03-29 19:02:34 UTC --- (In reply to comment #3) Well, nevermind. I tested some more and discovered the culprit: checkCompatibility 1.3 extension... I disabled that and everything is back to normal. Thanks and sorry about the wrong bug report. Well, I replied too soon... it keeps crashing. The problem is that it will segfault only when I compile WITHOUT --enable-debug... Now it sometimes gives the following error: ACR (Component): component init isalloc_validate called with invalid pointer. Crashing... Segmentation fault *** I'm unable to get this with --enable-debug, so it's a problem... I'll try with firefox 12 beta...
[Bug c++/52762] Firefox 11 segfault with gcc 4.7 (-O3 -march=corei7-avx)
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52762 --- Comment #5 from Markus Trippelsdorf markus at trippelsdorf dot de 2012-03-29 19:12:51 UTC --- In the future you should add: ac_add_options --disable-install-strip --disable-strip to your .mozconfig file, because otherwise the debug binaries will be stripped (which results in your broken Comment 2 backtrace).
[Bug c++/52762] Firefox 11 segfault with gcc 4.7 (-O3 -march=corei7-avx)
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52762
--- Comment #6 from Dâniel Fraga fragabr at gmail dot com 2012-03-29 20:13:23
UTC ---
(In reply to comment #5)
In the future you should add:
ac_add_options --disable-install-strip --disable-strip
to your .mozconfig file, because otherwise the debug binaries will
be stripped (which results in your broken Comment 2 backtrace).
Ok, I did that... now a complete and decent backtrace:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 140149652981568 (LWP 28284)]
0x7f771e8156f9 in JSRuntime::onOwnerThread (this=0x1a0080) at
/home/fraga/src/mozilla/js/src/jsval.h:852
852 JS_ASSERT((objBits JSVAL_TAG_SHIFT) == 0);
(gdb) bt
#0 0x7f771e8156f9 in JSRuntime::onOwnerThread (this=0x1a0080) at
/home/fraga/src/mozilla/js/src/jsval.h:852
#1 0x7f771e82185e in JS_ValueToObject (cx=0x7fffad2c7630, v=
{data = {asBits = 18445617585292306240, debugView = {payload47 =
140148977952576, tag = JSVAL_TAG_OBJECT}, s = {payload = {i32 = -99883200, u32
= 4195084096, why = 4195084096}}, asDouble = -nan(0xbff76fa0be740), asPtr =
0xfffbff76fa0be740, asWord = 18445617585292306240}}, objp=0x7fffad2c7538) at
/home/fraga/src/mozilla/js/src/jsval.h:852
#2 0x7f771e19dd83 in nsXPCComponents_Utils::EvalInSandbox (this=Unhandled
dwarf expression opcode 0xf3
) at /home/fraga/src/mozilla/js/xpconnect/src/xpcprivate.h:4165
#3 0x7f771e652fea in NS_InvokeByIndex_P (that=Unhandled dwarf expression
opcode 0xf3
) at
/home/fraga/src/mozilla/xpcom/reflect/xptcall/src/md/unix/xptcinvoke_x86_64_unix.cpp:195
#4 0x7f771e1c0f78 in CallMethodHelper::Invoke (this=0x7fffad2c77e8) from
/usr/local/lib/firefox-11.0/libxul.so
#5 0x7f771e1c60d1 in CallMethodHelper::Call (this=0x7fffad2c77e8) from
/usr/local/lib/firefox-11.0/libxul.so
#6 0x7f771e1c6725 in XPCWrappedNative::CallMethod (ccx=@0x7fffad2c7960,
mode=Unhandled dwarf expression opcode 0xf3
) from /usr/local/lib/firefox-11.0/libxul.so
#7 0x7f771e1caaa2 in XPC_WN_CallMethod (cx=0x7f77212aea30, argc=2,
vp=Unhandled dwarf expression opcode 0x9f
) at /home/fraga/src/mozilla/js/xpconnect/src/xpcprivate.h:4165
#8 0x7f771e93555a in js::CallJSNative (cx=0x7f77212aea30,
native=0x7f771e1ca956 XPC_WN_CallMethod(JSContext*, unsigned int,
JS::Value*), args=@0x7fffad2c7c00)
at ./../../dist/include/js/HashTable.h:129
#9 0x7f771e9335c9 in js::InvokeKernel (cx=0x7f77212aea30,
args={js::CallReceiver = {usedRval_ = false, argv_ = 0x7f7710dd9208}, argc_ =
2}, construct=js::NO_CONSTRUCT)
at /home/fraga/src/mozilla/js/src/jsval.h:771
#10 0x7f771e91fe59 in js::Interpret (cx=0x7f77212aea30,
entryFrame=0x7f7710dd9038, interpMode=value optimized out) at
/home/fraga/src/mozilla/js/src/jsval.h:771
#11 0x7f771e933773 in js::InvokeKernel (cx=0x7f77212aea30,
args={js::CallReceiver = {usedRval_ = false, argv_ = 0x7f7710dd9030}, argc_ =
1}, construct=Unhandled dwarf expression opcode 0xf3
)
at /home/fraga/src/mozilla/js/src/jsval.h:771
#12 0x in ?? ()
