Ubuntu
firefox package

Firefox 3.0.1 segfaults in xulrunner/libmozjs.so

Bug #263326 reported by Mason D.
4
Affects Status Importance Assigned to Milestone
firefox (Ubuntu)
Invalid
Undecided
Unassigned
firefox-3.0 (Ubuntu)
Invalid
Medium
Unassigned

Bug Description

Binary package hint: firefox

I've recently been getting incredibly frequent crashes with Firefox 3.0.1 (to the point that I had to write this report in opera), making it unusable. I removed the flash plugin, figuring that was a probable cause, but the crashes continued. It seems to be an issue with javascript, as javascript/ajax-heavy pages seem to crash it. Firefox crashes even with --safe-mode, as well.
xulrunner doesn't seem to have any debug information associated with it, though, so I'm not sure what steps to take next.

GDB Backtrace (from safe mode):

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb7c816c0 (LWP 15563)]
0xb7bacd88 in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
(gdb) bt full
#0 0xb7bacd88 in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#1 0xb7bb1d7a in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#2 0xb7bb16d5 in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#3 0xb7bb16d5 in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#4 0xb7bb1837 in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#5 0xb7bafe9c in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#6 0xb7be7d3d in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#7 0xb7bd51e0 in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#8 0xb7bc9172 in js_Invoke () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#9 0xb7bbc0ec in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#10 0xb7bc91c1 in js_Invoke () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#11 0xb7bb740a in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#12 0xb7bbe158 in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#13 0xb7bc91c1 in js_Invoke () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#14 0xb7bc94bd in ?? () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#15 0xb7b93e49 in JS_CallFunctionValue () from /usr/lib/xulrunner-1.9.0.1/libmozjs.so
No symbol table info available.
#16 0xb7486bfd in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#17 0xb7496bac in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#18 0xb7496fe2 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#19 0xb7891247 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#20 0xb78917ff in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#21 0xb788ed32 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#22 0xb785e31f in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#23 0xb77df75e in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#24 0xb766f122 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#25 0xb70c3a88 in XRE_main () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#26 0x08049033 in ?? ()
No symbol table info available.
#27 0xb7c99450 in __libc_start_main () from /lib/tls/i686/cmov/libc.so.6
No symbol table info available.
#28 0x08048cc1 in ?? ()
No symbol table info available.

I'm on Ubuntu 8.04.1.

Revision history for this message
Mason D. (masond) wrote :
Download full text (12.0 KiB)

It goes longer without segfaulting if I only have the one tab open in safemode (I've been using 'the new' facebook (facebook.com) to crash it as it's the most css/javascript heavy thing I know of).
Is there currently an xulrunner and a firefox built with debug symbols in the repositories? I was trying to follow the instructions at https://wiki.ubuntu.com/MozillaTeam/Bugs?action=show&redirect=DebuggingFirefox#Crashes
The backtrace there also looks different:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb7c946c0 (LWP 15619)]
0x0a760dfe in ?? ()
(gdb) bt full
#0 0x0a760dfe in ?? ()
No symbol table info available.
#1 0xb72fcd4d in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#2 0xb7301419 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#3 0xb73022fe in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#4 0xb730345e in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#5 0xb730475e in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#6 0xb7301330 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#7 0xb73022fe in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#8 0xb730345e in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#9 0xb730475e in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#10 0xb7301330 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#11 0xb73022fe in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#12 0xb730236f in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#13 0xb7304ace in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#14 0xb7259d06 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#15 0xb721f328 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#16 0xb7223d45 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#17 0xb721bd2a in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#18 0xb721c0bf in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#19 0xb721c47c in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#20 0xb721f2f2 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#21 0xb7223c1e in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#22 0xb721bd2a in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#23 0xb721c0bf in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#24 0xb721c47c in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#25 0xb721f2f2 in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#26 0xb7223c1e in ?? () from /usr/lib/xulrunner-1.9.0.1/libxul.so
No symbol table info available.
#...

Revision history for this message
Andreas Moog (ampelbein) wrote : Reassigning issue to firefox-3

Thank you for your bugreport. Since this seems to be an issue with
version 3 of the firefox browser, I'm reassigning the package.

 affects ubuntu/firefox
 status invalid

 affects ubuntu/firefox-3.0
 status new

Changed in firefox:
status: New → Invalid
Revision history for this message
Pedro Villavicencio (pedro) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. You reported this bug a while ago and there hasn't been any activity in it recently. We were wondering is this still an issue for you? Thanks in advance.

Changed in firefox-3.0:
importance: Undecided → Medium
status: New → Incomplete
Revision history for this message
Ian Phillips (ianfp) wrote :

Hello,

I can confirm this bug. I'm running Ubuntu 8.10 and firefox 3.0.7. The crash happens both in regular and safe mode (ie, all plugins disabled). I've attached a backtrace from gdb. Please contact me if you need more information.

- Ian

Revision history for this message
Amitay Dobo (amitayhd) wrote :

Can confirm it on Ubuntu 9.04 and firefox 3.0.11. (3.0.11+build2+nobinonly-0ubuntu0.9.04.1).
The Segfaults happen quite randomly (can use fire fox for hours with no errors and then it crashes multiple times within minutes). I see no pattern of when and in what sites it crashes.
It also happens in safe mode, with no addons, plugins, etc enabled.
Unfortunately I cannot find any debug symbols for the packages, so i only have the backtrace. I only have the last backtrace, but previous one i had when running gdb were also on libmozjs.so.

Below is the information from the debugger. Please instruct me if I can provide any further details.

(gdb) info stack
#0 0x0000006b in ?? ()
#1 0xb7cc01e9 in ?? () from /usr/lib/xulrunner-1.9.0.11/libmozjs.so
#2 0xb7caa091 in ?? () from /usr/lib/xulrunner-1.9.0.11/libmozjs.so
#3 0xb7c86708 in JS_GC () from /usr/lib/xulrunner-1.9.0.11/libmozjs.so
#4 0xb71c3864 in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#5 0xb797c7ee in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#6 0xb797c92d in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#7 0xb757504e in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#8 0xb75754f6 in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#9 0xb794b798 in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#10 0xb794ba66 in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#11 0xb749d96c in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#12 0xb7973922 in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#13 0xb7973997 in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#14 0xb797144c in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#15 0xb7941cd8 in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#16 0xb78c4c28 in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#17 0xb77590ec in ?? () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#18 0xb71b841b in XRE_main () from /usr/lib/xulrunner-1.9.0.11/libxul.so
#19 0x080491ab in ?? ()
#20 0xb7d23775 in __libc_start_main () from /lib/tls/i686/cmov/libc.so.6
#21 0x08048d11 in ?? ()

(gdb) info program
 Using the running image of child Thread 0xb7d0b6d0 (LWP 12523).
Program stopped at 0x6b.
It stopped with signal SIGSEGV, Segmentation fault.

Revision history for this message
Amitay Dobo (amitayhd) wrote :

I've installed the debug symbols for firefox 3.0.11 and reproduced a crash. Attaching the full backtrace.

Revision history for this message
Amitay Dobo (amitayhd) wrote :

And another one, this one caused a freeze, and I had to kill the process. Both errors seem related to the javascript engine (and the error seems to be "file not found" (or is this some gdb information?). It'd be great if someone could shed some light on this or instruct me how to continue investigating it, since I'm not familiar with firefox code base and debugging.

Revision history for this message
Amitay Dobo (amitayhd) wrote :

Sorry, Cut out the actual crash on Firefox_crash_bt_1.txt:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb7c3e6d0 (LWP 28651)]
Resize (ht=0xcf1f570, newshift=13) at jshash.c:229
229 jshash.c: No such file or directory.
 in jshash.c

Revision history for this message
Amitay Dobo (amitayhd) wrote :

Since it seemed like the segfaults happened in memory allocations, I tested my RAM with memtest86 for a long period (I did before, for a few hours), and did get some failed test. So a hardware failure is likely to be the reason in my case for the errors, and may and may not be related to the other reports.

xteejx (xteejx)
Changed in firefox-3.0 (Ubuntu):
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.