Mike Hommey wrote: > That's fixed in 47.5.0esr-3. Can you check if you still get crashes with > that version?
Thanks Mike for looking into this. Indeed firefox-esr doesn't segfault in jemalloc anymore. However, I get a new crash - I assume Aaro will get the same. Looking at http://sources.debian.net/src/firefox-esr/45.7.0esr-1/js/src/jit/none/AtomicOperations-none.h/ AtomicOperations-ppc.h appears to include correct and portable implementation (assuming gcc 4.6+). It's not clear to me what is the value of the *-none.h file that only crashes. Using the -ppc.h instead can't make things worse. New backtrace: Thread 35 "DOM Worker" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7f9edff1e0 (LWP 4093)] 0x0000007fb6341d14 in js::jit::AtomicOperations::loadSafeWhenRacy<unsigned char> (addr=<optimized out>) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/jit/none/AtomicOperations-none.h:97 97 /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/jit/none/AtomicOperations-none.h: No such file or directory. (gdb) bt #0 0x0000007fb6341d14 in js::jit::AtomicOperations::loadSafeWhenRacy<unsigned char> (addr=<optimized out>) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/jit/none/AtomicOperations-none.h:97 #1 0x0000007fb6348e14 in js::jit::AtomicOperations::loadSafeWhenRacy<unsigned char> (addr=...) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/jit/AtomicOperations.h:219 #2 (anonymous namespace)::TypedArrayObjectTemplate<unsigned char>::getIndex ( obj=0x7f9eb07680, index=0) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/TypedArrayObject.cpp:684 #3 (anonymous namespace)::TypedArrayObjectTemplate<unsigned char>::getIndexValue (tarray=0x7f9eb07680, index=0) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/TypedArrayObject.cpp:960 #4 js::TypedArrayObject::getElement (this=this@entry=0x7f9eb07680, index=index@entry=0) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/TypedArrayObject.cpp:1783 #5 0x0000007fb62b3c18 in js::NativeObject::getDenseOrTypedArrayElement ( idx=0, this=0x7f9eb07680) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/NativeObject-inl.h:240 #6 NativeGetPropertyInline<(js::AllowGC)0> (vp=..., nameLookup=NotNameLookup, id=..., receiver=..., obj=0x7f9eb07680, cx=0x7f9efc0000) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/NativeObject.cpp:1931 #7 js::NativeGetPropertyNoGC (cx=0x7f9efc0000, obj=<optimized out>, receiver=..., id=..., vp=0x7f9ef7d468) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/NativeObject.cpp:1975 #8 0x0000007fb451fa50 in js::GetPropertyNoGC (vp=<optimized out>, id=..., receiver=..., obj=<optimized out>, cx=<optimized out>) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/NativeObject.h:1479 #9 js::GetElementNoGC (cx=<optimized out>, obj=<optimized out>, receiver=..., index=<optimized out>, vp=<optimized out>) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/jsobjinlines.h:210 #10 0x0000007fb62c8a4c in js::GetElementNoGC (vp=<optimized out>, index=<optimized out>, receiver=..., obj=<optimized out>, cx=<optimized out>) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/Interpreter.cpp:2295 #11 js::GetElementNoGC (vp=<optimized out>, index=<optimized out>, receiver=<optimized out>, obj=<optimized out>, cx=<optimized out>) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/jsobjinlines.h:216 #12 js::GetObjectElementOperation (res=..., key=..., receiver=..., obj=..., op=<optimized out>, cx=<optimized out>) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/Interpreter-inl.h:424 #13 js::GetElementOperation (res=..., rref=..., lref=..., op=<optimized out>, cx=<optimized out>) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/Interpreter-inl.h:556 #14 Interpret (cx=0x7f9efc0000, state=...) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/Interpreter.cpp:2608 #15 0x0000007fb62cd094 in js::RunScript (cx=cx@entry=0x7f9efc0000, state=...) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/Interpreter.cpp:391 #16 0x0000007fb62cd3e8 in js::Invoke (cx=cx@entry=0x7f9efc0000, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/Interpreter.cpp:462 #17 0x0000007fb62d3210 in js::SpreadCallOperation (cx=0x7f9efc0000, script=..., pc=0x7f9eea7271 ")\005\231\rΐ\210\004\326\210\025\317\070\"\357\210\t", thisv=..., callee=..., arr=..., newTarget=..., res=...) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/Interpreter.cpp:4549 #18 0x0000007fb62c2a94 in Interpret (cx=0x7f9efc0000, state=...) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/Interpreter.cpp:2720 #19 0x0000007fb62cd094 in js::RunScript (cx=cx@entry=0x7f9efc0000, state=...) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/Interpreter.cpp:391 #20 0x0000007fb62cd3e8 in js::Invoke (cx=cx@entry=0x7f9efc0000, args=..., construct=construct@entry=js::NO_CONSTRUCT) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/Interpreter.cpp:462 #21 0x0000007fb62cdd00 in js::Invoke (cx=0x7f9efc0000, thisv=..., fval=..., argc=<optimized out>, argv=<optimized out>, rval=...) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/vm/Interpreter.cpp:496 #22 0x0000007fb619e000 in JS::Call (cx=<optimized out>, thisv=..., thisv@entry=..., fval=..., fval@entry=..., args=..., rval=..., rval@entry=...) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/js/src/jsapi.cpp:2837 #23 0x0000007fb52177c8 in mozilla::dom::EventListener::HandleEvent ( this=this@entry=0x7f9e84a220, cx=<optimized out>, aThisVal=..., aThisVal@entry=..., event=..., aRv=...) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/build-browser/dom/bindings/EventListenerBinding.cpp:47 #24 0x0000007fb53a7dbc in mozilla::dom::EventListener::HandleEvent<mozilla::dom::EventTarget*> (this=this@entry=0x7f9e84a220, thisVal=@0x7f9edfdbf8: 0x7f9f907480, event=..., aRv=..., aExecutionReason=0x7fb6697a8d "EventListener.handleEvent", aExecutionReason@entry=0x0, aExceptionHandling=aExceptionHandling@entry=mozilla::dom::CallbackObject::eReportExceptions, aCompartment=aCompartment@entry=0x0) at ../../dist/include/mozilla/dom/EventListenerBinding.h:54 #25 0x0000007fb53a989c in mozilla::EventListenerManager::HandleEventSubType ( this=this@entry=0x7f9e93ee00, aListener=<optimized out>, aListener@entry=0x7f9e93ee28, aDOMEvent=0x7f99f675c0, aCurrentTarget=<optimized out>, aCurrentTarget@entry=0x7f9f907480) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/dom/events/EventListenerManager.cpp:1025 #26 0x0000007fb53a9ad8 in mozilla::EventListenerManager::HandleEventInternal ( this=0x7f9e93ee00, aPresContext=<optimized out>, aEvent=0x7f99089660, aDOMEvent=0x7f9edfdf18, aCurrentTarget=0x7f9f907480, aEventStatus=<optimized out>) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/dom/events/EventListenerManager.cpp:1155 #27 0x0000007fb5393134 in mozilla::EventTargetChainItem::HandleEventTargetChain (aChain=..., aVisitor=..., aCallback=aCallback@entry=0x0, aCd=...) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/dom/events/EventDispatcher.cpp:315 #28 0x0000007fb5397bd8 in mozilla::EventDispatcher::Dispatch ( aTarget=<optimized out>, aPresContext=0x0, aEvent=0x7f99089660, aDOMEvent=<optimized out>, aEventStatus=0x7f9edfe0b8, aCallback=<optimized out>, aTargets=0x0) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/dom/events/EventDispatche---Type <return> to continue, or q <return> to quit--- r.cpp:654 #29 0x0000007fb5397dbc in mozilla::EventDispatcher::DispatchDOMEvent ( aTarget=<optimized out>, aEvent=<optimized out>, aDOMEvent=0x7f99f675c0, aPresContext=0x0, aEventStatus=<optimized out>) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/dom/events/EventDispatcher.cpp:723 #30 0x0000007fb571a600 in (anonymous namespace)::MessageEventRunnable::DispatchDOMEvent (this=<optimized out>, aCx=<optimized out>, aTarget=0x7f9f907480, aIsMainThread=<optimized out>, aWorkerPrivate=0x7f9f937800) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/dom/workers/WorkerPrivate.cpp:733 #31 0x0000007fb571a7ac in (anonymous namespace)::MessageEventRunnable::WorkerRun (this=<optimized out>, aCx=<optimized out>, aWorkerPrivate=0x7f9f937800) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/dom/workers/WorkerPrivate.cpp:757 #32 0x0000007fb57009e8 in mozilla::dom::workers::WorkerRunnable::Run ( this=0x7f99089580) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/dom/workers/WorkerRunnable.cpp:360 #33 0x0000007fb459f770 in nsThread::ProcessNextEvent (this=0x7f9f916f10, aMayWait=false, aResult=0x7f9edfe407) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/xpcom/threads/nsThread.cpp:972 #34 0x0000007fb45bc238 in NS_ProcessNextEvent (aThread=<optimized out>, aMayWait=aMayWait@entry=false) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/xpcom/glue/nsThreadUtils.cpp:297 #35 0x0000007fb5711bc0 in mozilla::dom::workers::WorkerPrivate::DoRunLoop ( this=0x7f9f937800, aCx=aCx@entry=0x7f9efc0000) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/dom/workers/WorkerPrivate.cpp:4549 #36 0x0000007fb56dd8b4 in (anonymous namespace)::WorkerThreadPrimaryRunnable::Run (this=0x7f9f9f9310) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/dom/workers/RuntimeService.cpp:2722 #37 0x0000007fb459f770 in nsThread::ProcessNextEvent (this=0x7f9f916f10, aMayWait=true, aResult=0x7f9edfe877) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/xpcom/threads/nsThread.cpp:972 #38 0x0000007fb45bc238 in NS_ProcessNextEvent (aThread=<optimized out>, aMayWait=aMayWait@entry=true) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/xpcom/glue/nsThreadUtils.cpp:297 #39 0x0000007fb47b8448 in mozilla::ipc::MessagePumpForNonMainThreads::Run ( this=0x7fa14779c0, aDelegate=0x7fa103d9c0) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/ipc/glue/MessagePump.cpp:355 #40 0x0000007fb47a6d84 in MessageLoop::RunHandler (this=0x7fa103d9c0) at /build/firefox-esr-CmvRIX/firefox-esr-45.7.0esr/ipc/chromium/src/base/message_loop.cc:227
