From owner-freebsd-ports-bugs@freebsd.org Thu Jan 4 22:04:20 2018 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E620DEBAE5B for ; Thu, 4 Jan 2018 22:04:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CA8B06376A for ; Thu, 4 Jan 2018 22:04:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w04M4Kim022990 for ; Thu, 4 Jan 2018 22:04:20 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w04M4K2e022989 for freebsd-ports-bugs@FreeBSD.org; Thu, 4 Jan 2018 22:04:20 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 224917] www/firefox: bus error on stable/10 with 57.0.3,1 Date: Thu, 04 Jan 2018 22:04:19 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: jilles@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: gecko@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jan 2018 22:04:21 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224917 Bug ID: 224917 Summary: www/firefox: bus error on stable/10 with 57.0.3,1 Product: Ports & Packages Version: Latest Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: gecko@FreeBSD.org Reporter: jilles@FreeBSD.org Flags: maintainer-feedback?(gecko@FreeBSD.org) Assignee: gecko@FreeBSD.org Created attachment 189422 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D189422&action= =3Dedit gdb output After upgrading firefox from 57.0.2_1,1 to 57.0.3,1 it started crashing with bus error frequently (in particular on the about:sessionrestore page but al= so elsewhere). This is stable/10 amd64 with packages from pkg.freebsd.org. The machine also uses nvidia-driver 384.98. What happens is that clang has decided to combine two 64-bit stores in mozilla::ipc::MessageChannel::Clear() in libxul.so into one aligned 128-bit store (movaps). However, the object is actually not 128-bit aligned and a general protection fault occurs in the main firefox process. Some gdb outpu= t is in an attachment. As a result, various child processes crash in mozilla::ipc::MessageChannel::OnChannelErrorFromLink(). I think these crash= es are a direct result of the original crash, and not interesting by themselve= s. The insufficient alignment could be because of a disagreement between vario= us pieces of code about what the alignment should be or because the pointer is bogus. Assuming it is the former, I have modified one byte in /usr/local/lib/firefox/libxul.so to change the movaps instruction to movups= so it will work with any alignment. With this change, firefox runs stably again for me (note that, on this machine, I have many tabs open but I do not leave firefox running for more than a day). More details about the workaround: --- /tmp/zshXpplPs 2018-01-03 23:47:31.929337000 +0100 +++ /tmp/zshxVT4SU 2018-01-03 23:47:31.929702000 +0100 @@ -1,5 +1,5 @@ -/usr/local/lib/firefox/libxul.so: file format elf64-x86-64-freebsd +libxul.so.fixed: file format elf64-x86-64-freebsd Disassembly of section .init: @@ -1231701,7 +1231701,7 @@ cebf90: e8 8b bf 00 00 callq cf7f20 <_ZNSt3__16__treeINS_12__value_typeImN7mozilla3ipc14MessageChannel13Promise= HolderEEENS_19__map_value_compareImS6_NS_4lessImEELb1EEENS_9allocatorIS6_EE= E7destroyEPNS_11__tree_nodeIS6_PvEE> cebf95: 4d 89 be 08 01 00 00 mov %r15,0x108(%r14) cebf9c: 0f 57 c0 xorps %xmm0,%xmm0 - cebf9f: 41 0f 29 86 10 01 00 movaps %xmm0,0x110(%r14) + cebf9f: 41 0f 11 86 10 01 00 movups %xmm0,0x110(%r14) cebfa6: 00=20 cebfa7: 49 c7 46 38 00 00 00 movq $0x0,0x38(%r14) cebfae: 00=20 root@lion /home/jilles# cmp -l /root/libxul.so.orig /usr/local/lib/firefox/libxul.so 13549474 51 21 --=20 You are receiving this mail because: You are the assignee for the bug.=