Bug#751358: iceweasel: Immediate segfault visiting any page that uses WebGL
Christopher Wellons
wellons at nullprogram.com
Thu Jun 12 04:01:10 UTC 2014
Package: iceweasel
Version: 30.0-1
Severity: important
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
After updating to this latest release, visiting any page that creates
a WebGL context causes an immediate segmentation fault in Iceweasel.
Here's an example of such a website:
* http://nullprogram.com/fun-liquid/webgl/
Attached is the gdb backtrace. The segfault still occurs with all
plugins and addons disabled in a fresh profile.
- -- Package-specific info:
- -- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.14-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages iceweasel depends on:
ii debianutils 4.4
ii fontconfig 2.11.0-5
ii libasound2 1.0.27.2-4
ii libatk1.0-0 2.12.0-1
ii libc6 2.19-1
ii libcairo2 1.12.16-2
ii libdbus-1-3 1.8.4-1
ii libdbus-glib-1-2 0.102-1
ii libevent-2.0-5 2.0.21-stable-1
ii libffi6 3.1-2
ii libfontconfig1 2.11.0-5
ii libfreetype6 2.5.2-1
ii libgcc1 1:4.9.0-6
ii libgdk-pixbuf2.0-0 2.30.7-1
ii libglib2.0-0 2.40.0-3
ii libgtk2.0-0 2.24.23-1
ii libhunspell-1.3-0 1.3.3-1
ii libnspr4 2:4.10.6-1
ii libnss3 2:3.16.1-1
ii libpango-1.0-0 1.36.3-1
ii libsqlite3-0 3.8.4.3-3
ii libstartup-notification0 0.12-3
ii libstdc++6 4.9.0-6
ii libvpx1 1.3.0-2
ii libx11-6 2:1.6.2-2
ii libxext6 2:1.3.2-1
ii libxrender1 1:0.9.8-1
ii libxt6 1:1.1.4-1
ii procps 1:3.3.9-5
ii zlib1g 1:1.2.8.dfsg-1
iceweasel recommends no packages.
Versions of packages iceweasel suggests:
ii fonts-mathjax 2.3-1
ii fonts-oflb-asana-math 000.907-6
ii fonts-stix [otf-stix] 1.1.1-1
ii libcanberra0 0.30-2
ii libgnomeui-0 2.24.5-3
ii libgssapi-krb5-2 1.12.1+dfsg-2
pn mozplugger <none>
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJTmSYGAAoJEGEzgsVIsrhBlRgH/2L72ETZseY70nr51zd1H0Wa
RHcDpMXiE3M2KaEIm2greBSRA7Vk43k4qyW/alXXUFpBZF+6tmOWWlFAY8PN97YP
JAGGINSz2vevNYLAxIla0ySVTLOA+k2m7FsgcKD3XBjd/J0uZiuiSe0UYBO9+aVO
cO4wIle4g4OeaaN5e+qBALPQlqWtXf9sLgcBzxiwpF7L56tNwre1/yEanHfT9Jk2
8Zn9shSvHLDB2eWHQLbillbbBePrGh0twesFiyW+QaLSjCdEAHU/7yP5UgUQq8UV
trN/DDO6MJcGf23JdhZchhqEyiKPdD5wpS+IpSMhbus4ZbM3iP71X+5PM4T0VVo=
=pk06
-----END PGP SIGNATURE-----
-------------- next part --------------
Starting program: /usr/bin/iceweasel -P http://nullprogram.com/fun-liquid/webgl/
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe7190700 (LWP 6816)]
[Thread 0x7fffe7190700 (LWP 6816) exited]
[New Thread 0x7fffe7190700 (LWP 6819)]
[New Thread 0x7fffe07ff700 (LWP 6820)]
[New Thread 0x7fffdf7eb700 (LWP 6821)]
[New Thread 0x7fffdefea700 (LWP 6822)]
[New Thread 0x7fffde3ff700 (LWP 6823)]
[New Thread 0x7fffd5ced700 (LWP 6824)]
[New Thread 0x7fffd54ec700 (LWP 6825)]
[New Thread 0x7fffd4aff700 (LWP 6826)]
[New Thread 0x7fffd42fe700 (LWP 6827)]
[New Thread 0x7fffe09ad700 (LWP 6828)]
[New Thread 0x7fffdfffe700 (LWP 6829)]
[New Thread 0x7fffd34ff700 (LWP 6830)]
[New Thread 0x7fffd24ff700 (LWP 6834)]
[Thread 0x7fffe07ff700 (LWP 6820) exited]
[Thread 0x7fffd4aff700 (LWP 6826) exited]
[Thread 0x7fffd34ff700 (LWP 6830) exited]
[Thread 0x7fffd42fe700 (LWP 6827) exited]
[Thread 0x7fffd54ec700 (LWP 6825) exited]
[Thread 0x7fffd24ff700 (LWP 6834) exited]
[Thread 0x7fffe09ad700 (LWP 6828) exited]
[Thread 0x7fffdfffe700 (LWP 6829) exited]
[Thread 0x7fffe7190700 (LWP 6819) exited]
[Thread 0x7fffde3ff700 (LWP 6823) exited]
[Thread 0x7fffd5ced700 (LWP 6824) exited]
[Thread 0x7fffdefea700 (LWP 6822) exited]
[Thread 0x7fffdf7eb700 (LWP 6821) exited]
process 6807 is executing new program: /usr/lib/iceweasel/iceweasel
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe7190700 (LWP 6842)]
[Thread 0x7fffe7190700 (LWP 6842) exited]
[New Thread 0x7fffe7190700 (LWP 6844)]
[New Thread 0x7fffe07ff700 (LWP 6845)]
[New Thread 0x7fffdf7eb700 (LWP 6846)]
[New Thread 0x7fffdefea700 (LWP 6847)]
[New Thread 0x7fffde3ff700 (LWP 6848)]
[New Thread 0x7ffff6d76700 (LWP 6849)]
[New Thread 0x7fffdd4ff700 (LWP 6850)]
[New Thread 0x7fffdbf75700 (LWP 6852)]
[New Thread 0x7fffdb774700 (LWP 6853)]
[New Thread 0x7fffdadff700 (LWP 6854)]
[New Thread 0x7fffd2558700 (LWP 6855)]
[New Thread 0x7fffd1bff700 (LWP 6856)]
[New Thread 0x7fffd13fe700 (LWP 6857)]
[New Thread 0x7fffd0cff700 (LWP 6858)]
[New Thread 0x7fffd00ff700 (LWP 6859)]
[New Thread 0x7fffcf6ff700 (LWP 6860)]
[New Thread 0x7fffcedff700 (LWP 6861)]
[New Thread 0x7fffce9ff700 (LWP 6862)]
[New Thread 0x7fffcddff700 (LWP 6863)]
[New Thread 0x7fffcd5fe700 (LWP 6864)]
[New Thread 0x7fffccdfd700 (LWP 6865)]
[New Thread 0x7fffdfffe700 (LWP 6866)]
[New Thread 0x7fffde7e9700 (LWP 6867)]
[Thread 0x7fffdadff700 (LWP 6854) exited]
[Thread 0x7fffcd5fe700 (LWP 6864) exited]
[Thread 0x7fffccdfd700 (LWP 6865) exited]
[New Thread 0x7fffcc1ff700 (LWP 6868)]
[New Thread 0x7fffdadff700 (LWP 6869)]
[New Thread 0x7fffcd5fe700 (LWP 6870)]
[New Thread 0x7fffccdfd700 (LWP 6871)]
[Thread 0x7fffcddff700 (LWP 6863) exited]
[Thread 0x7fffdadff700 (LWP 6869) exited]
[Thread 0x7fffcd5fe700 (LWP 6870) exited]
[New Thread 0x7fffdadff700 (LWP 6872)]
[Thread 0x7fffccdfd700 (LWP 6871) exited]
[New Thread 0x7fffccdfd700 (LWP 6873)]
[Thread 0x7fffdadff700 (LWP 6872) exited]
[New Thread 0x7fffdadff700 (LWP 6874)]
[New Thread 0x7fffcd5fe700 (LWP 6875)]
[New Thread 0x7fffcddff700 (LWP 6876)]
[New Thread 0x7fffc92ff700 (LWP 6877)]
[New Thread 0x7fffc82ff700 (LWP 6878)]
[New Thread 0x7fffc78ff700 (LWP 6879)]
[New Thread 0x7fffddb48700 (LWP 6880)]
[New Thread 0x7fffc6dff700 (LWP 6881)]
[New Thread 0x7fffc65fe700 (LWP 6882)]
[New Thread 0x7fffc5bff700 (LWP 6883)]
[New Thread 0x7fffc51ff700 (LWP 6884)]
[New Thread 0x7fffc47ff700 (LWP 6885)]
[New Thread 0x7fffc3dff700 (LWP 6886)]
[New Thread 0x7fffc30ff700 (LWP 6887)]
[New Thread 0x7fffc26ff700 (LWP 6889)]
[New Thread 0x7fffc1aff700 (LWP 6890)]
[New Thread 0x7fffc12fe700 (LWP 6891)]
Program received signal SIGSEGV, Segmentation fault.
0x00007fffda5d5941 in ?? ()
#0 0x00007fffda5d5941 in ?? ()
No symbol table info available.
#1 0x00000000000000d7 in ?? ()
No symbol table info available.
#2 0x00007ffff4a8a6bf in js::frontend::Parser<js::frontend::FullParseHandler>::identifierName (this=0x89f) at /tmp/buildd/iceweasel-30.0/js/src/frontend/Parser.cpp:6886
name = {<js::RootedBase<js::PropertyName*>> = {<No data fields>}, stack = 0x0, prev = 0x4700000048, ptr = 0x7fff00001000}
#3 0x00007fffc1d0d800 in ?? ()
No symbol table info available.
#4 0x0000000000000001 in ?? ()
No symbol table info available.
#5 0x00007ffff478ec2c in CallAsmJS (cx=0x7fffffffa610, cx at entry=0x7fffca618080, argc=<optimized out>, vp=0x7fffffffa590) at /tmp/buildd/iceweasel-30.0/js/src/jit/AsmJSLink.cpp:396
activation = {<js::Activation> = {cx_ = 0x7fffca618080, compartment_ = 0x7fffc9b64c00, prev_ = 0x7fffffffb0f0, savedFrameChain_ = 0, hideScriptedCallerCount_ = 0, kind_ = js::Activation::AsmJS}, module_ = @0x7fffd2c53a80, prevAsmJS_ = 0x0, errorRejoinSP_ = 0x7fffffffa478, profiler_ = 0x0, resumePC_ = 0x0, exportIndex_ = 224}
jitActivation = {<js::Activation> = {cx_ = 0x7fffca618080, compartment_ = 0x7fffc9b64c00, prev_ = 0x7fffffffa590, savedFrameChain_ = 0, hideScriptedCallerCount_ = 0, kind_ = js::Activation::Jit}, prevIonTop_ = 0x0, prevJitJSContext_ = 0x0, firstFrameIsConstructing_ = false, active_ = false}
callee = {<js::RootedBase<JSFunction*>> = {<No data fields>}, stack = 0x7fffca618098, prev = 0x7fffffffb1a0, ptr = 0x7fffc0969880}
moduleObj = {<js::RootedBase<JSObject*>> = {<No data fields>}, stack = 0x7fffca618098, prev = 0x7fffffffa4e0, ptr = 0x7fffcb5c7100}
callArgs = <optimized out>
exportIndex = 224
coercedArgs = {<mozilla::VectorBase<unsigned long, 8ul, js::TempAllocPolicy, js::Vector<unsigned long, 8ul, js::TempAllocPolicy> >> = {<js::TempAllocPolicy> = {cx_ = 0x7fffca618080}, static sElemIsPod = true, static sMaxInlineBytes = 1024, static sInlineCapacity = 8, static sInlineBytes = 64, mBegin = 0x7fffffffa610, mLength = 1, mCapacity = 8, storage = {u = {bytes = "\020\000\000\000\000\000\000\000KPy\364\377\177\000\000\000\267\377\377\377\177\000\000\262s\262\277\377\177\000\000h\246\377\377\377\177\000\000\023\tq\364\377\177\000\000\000\000\000\000\377\177\000\000\001\000\000\000\000\000\000", _ = 16}}, static sMaxInlineStorage = <optimized out>}, <No data fields>}
v = {<js::RootedBase<JS::Value>> = {<js::MutableValueOperations<JS::Rooted<JS::Value> >> = {<js::ValueOperations<JS::Rooted<JS::Value> >> = {<No data fields>}, <No data fields>}, <No data fields>}, stack = 0x7fffca6180e0, prev = 0x7fffffffad10, ptr = {data = {asBits = 18444633011384221712, debugView = {payload47 = 16, tag = JSVAL_TAG_INT32}, s = {payload = {i32 = 16, u32 = 16, why = JS_GENERIC_MAGIC}}, asDouble = -nan(0x8800000000010), asPtr = 0xfff8800000000010, asWord = 18444633011384221712, asUIntPtr = 18444633011384221712}}}
#6 0x00007ffff49dfb61 in CallJSNative (args=..., native=0x7ffff478e810 <CallAsmJS(JSContext*, unsigned int, JS::Value*)>, cx=0x7fffca618080) at /tmp/buildd/iceweasel-30.0/js/src/jscntxtinlines.h:239
ok = <optimized out>
#7 js::Invoke (cx=cx at entry=0x7fffca618080, args=..., construct=construct at entry=js::NO_CONSTRUCT) at /tmp/buildd/iceweasel-30.0/js/src/vm/Interpreter.cpp:476
gcIfNeeded = {cx_ = 0x7fffca618080}
state = {<js::RunState> = {_vptr.RunState = 0x7fffca618080, kind_ = (js::RunState::Invoke | js::RunState::Generator | unknown: 4101591112), script_ = {<js::RootedBase<JSScript*>> = {<No data fields>}, stack = 0x54, prev = 0x7ffff479504b <js::jit::ICStubCompiler::getStubCode()+59>, ptr = 0xd500000051}}, args_ = @0x7ffff479504b, initial_ = (unknown: 3395387520), useNewType_ = 255}
ok = <optimized out>
initial = js::INITIAL_NONE
#8 0x00007ffff49dffc1 in js::Invoke (cx=cx at entry=0x7fffca618080, thisv=..., fval=..., argc=argc at entry=1, argv=<optimized out>, rval=..., rval at entry=...) at /tmp/buildd/iceweasel-30.0/js/src/vm/Interpreter.cpp:532
args = {<JS::CallArgs> = {<JS::detail::CallArgsBase<(JS::detail::UsedRval)0>> = {<JS::CallReceiver> = {<JS::detail::CallReceiverBase<(JS::detail::UsedRval)0>> = {<JS::detail::UsedRvalBase<(JS::detail::UsedRval)1>> = {<No data fields>}, argv_ = 0x7fffffffabd8}, <No data fields>}, argc_ = 1}, <No data fields>}, v_ = {<JS::AutoVectorRooter<JS::Value>> = {<JS::AutoGCRooter> = {down = 0x7fffffffae50, tag_ = -10, stackTop = 0x7fffca618108}, vector = {<mozilla::VectorBase<JS::Value, 8ul, js::TempAllocPolicy, js::Vector<JS::Value, 8ul, js::TempAllocPolicy> >> = {<js::TempAllocPolicy> = {cx_ = 0x7fffca618080}, static sElemIsPod = false, static sMaxInlineBytes = 1024, static sInlineCapacity = 8, static sInlineBytes = 64, mBegin = 0x7fffffffabc8, mLength = 3, mCapacity = 8, storage = {u = {bytes = "\200\230\226\300\377\377\373\377 ?\300\377\377\373\377\020\000\000\000\000\200\370\377\000\000\000\000\000\000\000\000\000\a\230?6\256~\210\272\231\300\377\177\000\000\200\256\377\377\377\177\000\000\356\000\000\000\000\000\000", _ = 18445618172738836608}}, static sMaxInlineStorage = <optimized out>}, <No data fields>}, vectorRoot = {<No data fields>}}, <No data fields>}}
#9 0x00007ffff47a1daa in js::jit::DoCallFallback (cx=0x7fffca618080, frame=0x7fffffffb010, stub=0x7fffc33e5ac8, argc=1, vp=0x7fffffffaf90, res=...) at /tmp/buildd/iceweasel-30.0/js/src/jit/BaselineIC.cpp:8138
vpRoot = {<JS::AutoGCRooter> = {down = 0x7fffffffb1e0, tag_ = 3, stackTop = 0x7fffca618108}, array = 0x7fffffffaf90, skip = {<No data fields>}}
constructing = <optimized out>
script = {<js::RootedBase<JSScript*>> = {<No data fields>}, stack = 0x7fffca6180c8, prev = 0x7fffffffb320, ptr = 0x7fffc9ea2700}
op = <optimized out>
callee = {<js::RootedBase<JS::Value>> = {<js::MutableValueOperations<JS::Rooted<JS::Value> >> = {<js::ValueOperations<JS::Rooted<JS::Value> >> = {<No data fields>}, <No data fields>}, <No data fields>}, stack = 0x7fffca6180e0, prev = 0x7fffffffb1b8, ptr = {data = {asBits = 18445618172738836608, debugView = {payload47 = 140736424482944, tag = JSVAL_TAG_OBJECT}, s = {payload = {i32 = -1063872384, u32 = 3231094912, why = 3231094912}}, asDouble = -nan(0xbffffc0969880), asPtr = 0xfffbffffc0969880, asWord = 18445618172738836608, asUIntPtr = 18445618172738836608}}}
thisv = {<js::RootedBase<JS::Value>> = {<js::MutableValueOperations<JS::Rooted<JS::Value> >> = {<js::ValueOperations<JS::Rooted<JS::Value> >> = {<No data fields>}, <No data fields>}, <No data fields>}, stack = 0x7fffca6180e0, prev = 0x7fffffffacf0, ptr = {data = {asBits = 18445618172739045408, debugView = {payload47 = 140736424691744, tag = JSVAL_TAG_OBJECT}, s = {payload = {i32 = -1063663584, u32 = 3231303712, why = 3231303712}}, asDouble = -nan(0xbffffc099c820), asPtr = 0xfffbffffc099c820, asWord = 18445618172739045408, asUIntPtr = 18445618172739045408}}}
args = 0x7fffffffafa0
newType = <optimized out>
#10 0x00007ffff7fe8e88 in ?? ()
No symbol table info available.
#11 0x00007fff00000501 in ?? ()
No symbol table info available.
#12 0x00007fffffffaf48 in ?? ()
No symbol table info available.
#13 0x00007fffffffb050 in ?? ()
No symbol table info available.
#14 0xfff9000000000000 in ?? ()
No symbol table info available.
#15 0x00007ffff6943c00 in js::jit::CreateThisInfoBaseline () from /usr/lib/iceweasel/libxul.so
No symbol table info available.
#16 0x00007fffde638ca0 in ?? ()
No symbol table info available.
#17 0x00007ffff6d4f69f in ?? ()
No symbol table info available.
#18 0x0000000000000482 in ?? ()
No symbol table info available.
#19 0x00007fffffffb010 in ?? ()
No symbol table info available.
#20 0x00007fffc33e5ac8 in ?? ()
No symbol table info available.
#21 0x0000000000000001 in ?? ()
No symbol table info available.
#22 0x00007fffffffaf90 in ?? ()
No symbol table info available.
#23 0xfffbffffc0969880 in ?? ()
No symbol table info available.
#24 0xfffbffffc099c820 in ?? ()
No symbol table info available.
#25 0xfff8800000000010 in ?? ()
No symbol table info available.
#26 0x00007fffffffb050 in ?? ()
No symbol table info available.
#27 0x00007fffc33e5ac8 in ?? ()
No symbol table info available.
#28 0x00007ffff6d4fc8c in ?? ()
No symbol table info available.
#29 0x0000000000000901 in ?? ()
No symbol table info available.
#30 0xfff8800000000010 in ?? ()
No symbol table info available.
#31 0xfffbffffc099c820 in ?? ()
No symbol table info available.
#32 0xfffbffffc0969880 in ?? ()
No symbol table info available.
#33 0xfff9000000000000 in ?? ()
No symbol table info available.
#34 0xfff9000000000000 in ?? ()
No symbol table info available.
#35 0xfff9000000000000 in ?? ()
No symbol table info available.
#36 0xfffaffffdd8164a0 in ?? ()
No symbol table info available.
#37 0xfff8800000000010 in ?? ()
No symbol table info available.
#38 0xfff9800000000000 in ?? ()
No symbol table info available.
#39 0x00007fffffffb0d0 in ?? ()
No symbol table info available.
#40 0x00007ffff47954e0 in js::jit::ICStubCompiler::getStubCode (this=<optimized out>) at /tmp/buildd/iceweasel-30.0/js/src/jit/BaselineIC.cpp:612
stubKey = 4294946728
ictx = {cx = 0x7fffffffb1c8, temp = 0x7fffca618080, runtime = 0x7ffff7fe15d0, compartment = 0xffff, prev_ = 0x7fffffffb0f0, assemblerCount_ = -20112}
masm = {<js::jit::MacroAssemblerX64> = {<js::jit::MacroAssemblerX86Shared> = {<js::jit::Assembler> = {<js::jit::AssemblerX86Shared> = {codeLabels_ = {<mozilla::VectorBase<js::jit::CodeLabel, 0ul, js::SystemAllocPolicy, js::Vector<js::jit::CodeLabel, 0ul, js::SystemAllocPolicy> >> = {<js::SystemAllocPolicy> = {<No data fields>}, static sElemIsPod = false, static sMaxInlineBytes = 1024, static sInlineCapacity = 0, static sInlineBytes = 1, mBegin = 0x7fffca618080, mLength = 140737294556022, mCapacity = 4101591115, storage = {u = {bytes = <incomplete sequence \310>, _ = 140737488335304}}, static sMaxInlineStorage = <optimized out>}, <No data fields>}, jumps_ = {<mozilla::VectorBase<js::jit::AssemblerX86Shared::RelativePatch, 8ul, js::SystemAllocPolicy, js::Vector<js::jit::AssemblerX86Shared::RelativePatch, 8ul, js::SystemAllocPolicy> >> = {<js::SystemAllocPolicy> = {<No data fields>}, static sElemIsPod = false, static sMaxInlineBytes = 1024, static sInlineCapacity = 8, static sInlineBytes = 192, mBegin = 0x7fffca618080, mLength = 140736577555456, mCapacity = 140737488338304, storage = {u = {bytes = '\000' <repeats 16 times>, "\001\000\000\000\000\000\000\000\240\273\377\377\377\177\000\000\200\200a\312\377\177\000\000\000\001\000\000\377\177\000\000\200\200a\312\377\177\000\000\200\200a\312\377\177\000\000\340\261\377\377\377\177\000\000\200_]\313\377\177\000\000\020\263\377\377\377\177\000\000\001\000\000\000\000\000\000\000[\332u\364\377\177\000\000\340\367\324\366\377\177\000\000\000\000\000\000\000\000\000\000\200_]\313\377\177\000\000\030\262\377\377\377\177\000\000\005\000\000\000\003\000\000\000KPy\364\377\177\000\000\230\200a\312\377\177\000\000P\276\377\377\377\177\000\000\000\000\000\000\000\000\000\000\340\200a\312\377\177\000\000P\271\377\377\377\177\000", _ = 0}}, static sMaxInlineStorage = <optimized out>}, <No data fields>}, asmJSAbsoluteLinks_ = {<mozilla::VectorBase<js::jit::AsmJSAbsoluteLink, 0ul, js::SystemAllocPolicy, js::Vector<js::jit::AsmJSAbsoluteLink, 0ul, js::SystemAllocPolicy> >> = {<js::SystemAllocPolicy> = {<No data fields>}, static sElemIsPod = false, static sMaxInlineBytes = 1024, static sInlineCapacity = 0, static sInlineBytes = 1, mBegin = 0xfff8800000000003, mLength = 140736588775424, mCapacity = 140737488335440, storage = {u = {bytes = <incomplete sequence \320>, _ = 140737488336848}}, static sMaxInlineStorage = <optimized out>}, <No data fields>}, jumpRelocations_ = {buffer_ = {<mozilla::VectorBase<unsigned char, 32ul, js::SystemAllocPolicy, js::Vector<unsigned char, 32ul, js::SystemAllocPolicy> >> = {<js::SystemAllocPolicy> = {<No data fields>}, static sElemIsPod = true, static sMaxInlineBytes = 1024, static sInlineCapacity = 32, static sInlineBytes = 32, mBegin = 0xfffffffffffffff6 <error: Cannot access memory at address 0xfffffffffffffff6>, mLength = 140736588775688, mCapacity = 140736588775552, storage = {u = {bytes = "\030\262\377\377\377\177\000\000\005\000\000\000\000\000\000\000\b", '\000' <repeats 13 times>, "\371\377", _ = 140737488335384}}, static sMaxInlineStorage = <optimized out>}, <No data fields>}, enoughMemory_ = 112}, dataRelocations_ = {buffer_ = {<mozilla::VectorBase<unsigned char, 32ul, js::SystemAllocPolicy, js::Vector<unsigned char, 32ul, js::SystemAllocPolicy> >> = {<js::SystemAllocPolicy> = {<No data fields>}, static sElemIsPod = true, static sMaxInlineBytes = 1024, static sInlineCapacity = 32, static sInlineBytes = 32, mBegin = 0xfffaffffdd8164a0 <error: Cannot access memory at address 0xfffaffffdd8164a0>, mLength = 18444633011384221696, mCapacity = 18444773748872577024, storage = {u = {bytes = "\255\002\231\300\377\177\000\000\000\000\000\000\000\000\000\000?a\312\377\177\000\000 \263\377\377\377\177\000", _ = 140736424641197}}, static sMaxInlineStorage = <optimized out>}, <No data fields>}, enoughMemory_ = 200}, preBarriers_ = {buffer_ = {<mozilla::VectorBase<unsigned char, 32ul, js::SystemAllocPolicy, js::Vector<unsigned char, 32ul, js::SystemAllocPolicy> >> = {<js::SystemAllocPolicy> = {<No data fields>}, static sElemIsPod = true, static sMaxInlineBytes = 1024, static sInlineCapacity = 32, static sInlineBytes = 32, mBegin = 0x7eae36aec4980700 <error: Cannot access memory at address 0x7eae36aec4980700>, mLength = 140736588775552, mCapacity = 140737488335632, storage = {u = {bytes = "\200_]\313\377\177\000\000\000'\352\311\377\177\000\000\004\000\000\000\000\000\000\000\270\367\235\364\377\177\000", _ = 140736605282176}}, static sMaxInlineStorage = <optimized out>}, <No data fields>}, enoughMemory_ = false}, enoughMemory_ = true, masm = {<JSC::GenericAssembler> = {printer = 0x7fffca618080, isOOLPath = 16}, m_formatter = {static maxInstructionSize = 16, static noBase = JSC::X86Registers::ebp, static hasSib = JSC::X86Registers::esp, static noIndex = JSC::X86Registers::esp, static noBase2 = JSC::X86Registers::r13, static hasSib2 = JSC::X86Registers::r12, m_buffer = {static inlineCapacity = 256, m_inlineBuffer = "@\271\377\377\377\177\000\000\003\000\000\000\000\000\000\000`\271\377\377\377\177\000\000[\372\235\364\377\177\000\000\177\000\000I!\336I\213F\bI\273\000\341c\366\377\177\000\000L9\030\017\205\031\000\000\000M\213v\030\270\377\377\377\177\000\000\003\000\000\000\377\177\000\000\220\206d\366\377\177\000\000\001\000\000\000I\203\303\b?a\312\377\177\000\000\020\271\377\377\377\177\000\000\000'\352\311\377\177\000\000\000\263\377\377\377\177\000\000\000\000\000\000\000\333\017\204\016\000\000\000\377\066H\203\306\b\203\353\001\351\352\377\377\377[I\276\377\377\377\377\377\177\000\000I!\336H\211\352H\203\302\020H)\342H\301\342\004H\203\312\002QAVRE\017\267v D9\361\017\203\020"..., m_buffer = 0x7fffc0654c00 'Z' <repeats 200 times>..., m_capacity = 512, m_size = 366, m_allocSize = 0, m_oom = false}}}, static DoubleConditionBitInvert = 16, static DoubleConditionBitSpecial = 32, static DoubleConditionBits = 48}, static SizeOfExtendedJump = 16, static SizeOfJumpTableEntry = 16, extendedJumpTable_ = 0}, framePushed_ = 24}, inCall_ = false, args_ = 2302744646, passedIntArgs_ = 2017019103, passedFloatArgs_ = 528879604, stackForCall_ = 1308622849, dynamicAlignment_ = 139, enoughMemory_ = true, doubles_ = {<mozilla::VectorBase<js::jit::MacroAssemblerX64::Double, 0ul, js::SystemAllocPolicy, js::Vector<js::jit::MacroAssemblerX64::Double, 0ul, js::SystemAllocPolicy> >> = {<js::SystemAllocPolicy> = {<No data fields>}, static sElemIsPod = false, static sMaxInlineBytes = 1024, static sInlineCapacity = 0, static sInlineBytes = 1, mBegin = 0x7fffffffb420, mLength = 0, mCapacity = 0, storage = {u = {bytes = "\377", _ = 2882031630431037439}}, static sMaxInlineStorage = <optimized out>}, <No data fields>}, doubleMap_ = {impl = {<js::SystemAllocPolicy> = {<No data fields>}, hashShift = 32, entryCount = 0, gen = 0, removedCount = 0, table = 0x0, entered = {<No data fields>}, mutationCount = {<No data fields>}, static sMinCapacityLog2 = <optimized out>, static sMinCapacity = <optimized out>, static sMaxInit = <optimized out>, static sMaxCapacity = <optimized out>, static sHashBits = <optimized out>, static sAlphaDenominator = <optimized out>, static sMinAlphaNumerator = <optimized out>, static sMaxAlphaNumerator = <optimized out>, static sFreeKey = <optimized out>, static sRemovedKey = <optimized out>, static sCollisionBit = <optimized out>}}, floats_ = {<mozilla::VectorBase<js::jit::MacroAssemblerX64::Float, 0ul, js::SystemAllocPolicy, js::Vector<js::jit::MacroAssemblerX64::Float, 0ul, js::SystemAllocPolicy> >> = {<js::SystemAllocPolicy> = {<No data fields>}, static sElemIsPod = false, static sMaxInlineBytes = 1024, static sInlineCapacity = 0, static sInlineBytes = 1, mBegin = 0x7fffffffb460, mLength = 0, mCapacity = 0, storage = {u = {bytes = "S", _ = 6416373037536445523}}, static sMaxInlineStorage = <optimized out>}, <No data fields>}, floatMap_ = {impl = {<js::SystemAllocPolicy> = {<No data fields>}, hashShift = 32, entryCount = 0, gen = 0, removedCount = 0, table = 0x0, entered = {<No data fields>}, mutationCount = {<No data fields>}, static sMinCapacityLog2 = <optimized out>, static sMinCapacity = <optimized out>, static sMaxInit = <optimized out>, static sMaxCapacity = <optimized out>, static sHashBits = <optimized out>, static sAlphaDenominator = <optimized out>, static sMinAlphaNumerator = <optimized out>, static sMaxAlphaNumerator = <optimized out>, static sFreeKey = <optimized out>, static sRemovedKey = <optimized out>, static sCollisionBit = <optimized out>}}, moveResolver_ = {orderedMoves_ = {<mozilla::VectorBase<js::jit::MoveOp, 16ul, js::SystemAllocPolicy, js::Vector<js::jit::MoveOp, 16ul, js::SystemAllocPolicy> >> = {<js::SystemAllocPolicy> = {<No data fields>}, static sElemIsPod = false, static sMaxInlineBytes = 1024, static sInlineCapacity = 16, static sInlineBytes = 576, mBegin = 0x7fffffffb4a0, mLength = 0, mCapacity = 16, storage = {u = {bytes = "I\211\313I\301\353/A\201\373\367\377\001\000\017\205\377\377\377\377I\211\333I\301\353/A\201\373\361\377\001\000\017\205\024\000\000\000I\276\377\377\377\377\377\177\000\000I!\316H\213G(I9\006\017\205(\000\000\000^QSVH\213G0I9F\b\017\205\377\377\377\377H\213L$\030WH\213\177\030\377\027_\203\373\001\017\204S\000\000\000^I\211\353I\203\303\bI)\343D\211]\320I\301\343\004I\203\313\001ASVWUH\211\345H\213\\$(QSWH\213M\000H\203\351 at QI\211\353I\203\303\020I)\343I\301\343\004h~\347\311\377\177\000\000\000\000\000H\211\354]_^H\211\064$^[YVI\276\377\377\377\377\377"..., _ = 4697232151770007881}}, static sMaxInlineStorage = <optimized out>}, <No data fields>}, hasCycles_ = false, movePool_ = {alloc_ = 0x7fffffffb770, freed_ = {<js::InlineForwardListNode<js::jit::MoveResolver::PendingMove>> = {next = 0x0}, tail_ = 0x7fffffffb6f0}}, pending_ = {<js::InlineListNode<js::jit::MoveResolver::PendingMove>> = {<js::InlineForwardListNode<js::jit::MoveResolver::PendingMove>> = {next = 0x7fffffffb700}, prev = 0x7fffffffb700}, <No data fields>}}}, autoRooter_ = {storage = {u = {bytes = "\220\272\377\377\377\177\000\000\355\377\377\377\377\377\377\377\b\201a\312\377\177\000\000?\377\377\377\177\000", _ = 140737488337552}}, constructed = true}, ionContext_ = {storage = {u = {bytes = "\200\200a\312\377\177\000\000\000\341c\366\377\177\000\000\000\a\230?6\256~\230\200a\312\377\177\000\000\370\273\377\377\377\177\000\000\300\267\377\377\377\177\000", _ = 140736588775552}}, constructed = 64}, alloc_ = {storage = {u = {bytes = "\003\000\000\000\000\000\000\000\301\377\235\364\377\177\000\000\210\273\377\377\377\177\000\000\001~\347\311\377\177\000\000\030\270\377\377\377\177\000\000\003\000\000\000\377\177\000\000\000\000\000\000\000\000\000", _ = 3}}, constructed = true}, enoughMemory_ = true, embedsNurseryPointers_ = false, spsInstrumentation_ = {storage = {u = {bytes = "\001\350@\000\000\000\000\000\030\270\377\377\377\177\000\000\003\000\000\000\377\177\000\000\220\272\377\377\377\177\000\000\366\377\377\377\377\377\377\377\b\201a\312\377\177\000\000\200\200a\312\377\177\000\000\b\270\377\377\377\177\000", _ = 4253697}}, constructed = 5}, spsPc_ = 0x8 <error: Cannot access memory at address 0x8>, sps_ = 0xfffbffffcb5d5f80, sequentialFailureLabel_ = {<js::jit::Label> = {<js::jit::LabelBase> = {offset_ = 0, bound_ = false, static INVALID_OFFSET = -1}, <No data fields>}, <No data fields>}, parallelFailureLabel_ = {<js::jit::Label> = {<js::jit::LabelBase> = {offset_ = -458752, bound_ = true, static INVALID_OFFSET = -1}, <No data fields>}, <No data fields>}, exitCodePatch_ = {offset_ = 18445618172895110000}}
newStubCode = {<js::RootedBase<js::jit::JitCode*>> = {<No data fields>}, stack = 0x7fffffffb0d0, prev = 0x7ffff7fe16d8, ptr = 0x383}
linker = {masm = @0x7fffffffb0d0}
afc = {start_ = 3, stop_ = 18444773748872577024, name_ = 0xfffbffffc9e72370 <error: Cannot access memory at address 0xfffbffffc9e72370>, inhibit_ = 160, prev_ = 0xfff8800000000000}
#41 0x00007fffca618080 in ?? ()
No symbol table info available.
#42 0x00007fffffffbbd0 in ?? ()
No symbol table info available.
#43 0x00007fffffffbcb0 in ?? ()
No symbol table info available.
#44 0x0000000000000003 in ?? ()
No symbol table info available.
#45 0x00007fffc5248750 in ?? ()
No symbol table info available.
#46 0x00007fffc525c570 in ?? ()
No symbol table info available.
#47 0x00007ffff47a1daa in js::jit::DoCallFallback (cx=0x7fffffffbac0, frame=0x7fffc5248788, stub=0x7eae36aec4980700, argc=3, vp=0x567, res=...) at /tmp/buildd/iceweasel-30.0/js/src/jit/BaselineIC.cpp:8138
vpRoot = {<JS::AutoGCRooter> = {down = 0x0, tag_ = 5, stackTop = 0x7fffca618108}, array = 0x7fffffffbbd0, skip = {<No data fields>}}
constructing = <optimized out>
script = {<js::RootedBase<JSScript*>> = {<No data fields>}, stack = 0x7fffca6180c8, prev = 0x7fffffffc520, ptr = 0x7fffc9ea2c40}
op = <optimized out>
callee = {<js::RootedBase<JS::Value>> = {<js::MutableValueOperations<JS::Rooted<JS::Value> >> = {<js::ValueOperations<JS::Rooted<JS::Value> >> = {<No data fields>}, <No data fields>}, <No data fields>}, stack = 0x7fffca6180e0, prev = 0x7fffffffbe00, ptr = {data = {asBits = 18445618172919635840, debugView = {payload47 = 140736605282176, tag = JSVAL_TAG_OBJECT}, s = {payload = {i32 = -883073152, u32 = 3411894144, why = 3411894144}}, asDouble = -nan(0xbffffcb5d5f80), asPtr = 0xfffbffffcb5d5f80, asWord = 18445618172919635840, asUIntPtr = 18445618172919635840}}}
thisv = {<js::RootedBase<JS::Value>> = {<js::MutableValueOperations<JS::Rooted<JS::Value> >> = {<js::ValueOperations<JS::Rooted<JS::Value> >> = {<No data fields>}, <No data fields>}, <No data fields>}, stack = 0x7fffca6180e0, prev = 0x7fffffffb930, ptr = {data = {asBits = 18444773748872577024, debugView = {payload47 = 0, tag = JSVAL_TAG_UNDEFINED}, s = {payload = {i32 = 0, u32 = 0, why = JS_ELEMENTS_HOLE}}, asDouble = -nan(0x9000000000000), asPtr = 0xfff9000000000000, asWord = 18444773748872577024, asUIntPtr = 18444773748872577024}}}
args = 0x577
newType = <optimized out>
#48 0x00007ffff7fe8e88 in ?? ()
No symbol table info available.
#49 0x00007fffffffbb20 in ?? ()
No symbol table info available.
#50 0x00007fffffffbb88 in ?? ()
No symbol table info available.
#51 0x00007fffffffbcf0 in ?? ()
No symbol table info available.
#52 0xfff9000000000000 in ?? ()
No symbol table info available.
#53 0x00007ffff6943c00 in js::jit::CreateThisInfoBaseline () from /usr/lib/iceweasel/libxul.so
No symbol table info available.
#54 0x00007fffde638ca0 in ?? ()
No symbol table info available.
#55 0x00007ffff6d4f69f in ?? ()
No symbol table info available.
#56 0x0000000000000582 in ?? ()
No symbol table info available.
#57 0x00007fffffffbcb0 in ?? ()
No symbol table info available.
#58 0x00007fffc5248750 in ?? ()
No symbol table info available.
#59 0x0000000000000003 in ?? ()
No symbol table info available.
#60 0x00007fffffffbbd0 in ?? ()
No symbol table info available.
#61 0xfffbffffcb5d5f80 in ?? ()
No symbol table info available.
#62 0xfff9000000000000 in ?? ()
No symbol table info available.
#63 0xfffbffffc9e72370 in ?? ()
No symbol table info available.
#64 0xfffaffffdd8164a0 in ?? ()
No symbol table info available.
#65 0xfff8800000000000 in ?? ()
No symbol table info available.
#66 0x00007fffffffbcf0 in ?? ()
No symbol table info available.
#67 0x00007fffc5248750 in ?? ()
No symbol table info available.
#68 0x00007ffff6d55ae4 in ?? ()
No symbol table info available.
#69 0x0000000000000e01 in ?? ()
No symbol table info available.
#70 0xfff8800000000000 in ?? ()
No symbol table info available.
#71 0xfffaffffdd8164a0 in ?? ()
No symbol table info available.
#72 0xfffbffffc9e72370 in ?? ()
No symbol table info available.
#73 0xfff9000000000000 in ?? ()
No symbol table info available.
#74 0xfffbffffcb5d5f80 in ?? ()
No symbol table info available.
#75 0xfffbffffc099dc40 in ?? ()
No symbol table info available.
#76 0xfff9000000000000 in ?? ()
No symbol table info available.
#77 0xfffbffffcb5d5f80 in ?? ()
No symbol table info available.
#78 0xfff9000000000000 in ?? ()
No symbol table info available.
#79 0xfffbffffc099d7c0 in ?? ()
No symbol table info available.
#80 0xfffbffffc099d740 in ?? ()
No symbol table info available.
#81 0xfff9000000000000 in ?? ()
No symbol table info available.
#82 0xfff9800000000000 in ?? ()
No symbol table info available.
#83 0xfff9800000000000 in ?? ()
No symbol table info available.
#84 0xfff8800000005b0c in ?? ()
No symbol table info available.
#85 0xfffbffffc099d540 in ?? ()
No symbol table info available.
#86 0xfffbffffc099d840 in ?? ()
No symbol table info available.
#87 0xfff9000000000000 in ?? ()
No symbol table info available.
#88 0xfff9000000000000 in ?? ()
No symbol table info available.
#89 0xfffbffffc9e79780 in ?? ()
No symbol table info available.
#90 0x0000000000000000 in ?? ()
No symbol table info available.
A debugging session is active.
Inferior 1 [process 6807] will be killed.
Quit anyway? (y or n)
More information about the pkg-mozilla-maintainers
mailing list