bin/187103: clang 3.4 miscompiles nsAppRunner.cpp from firefox firefox-27.0.1, 1 in i386

Don Lewis Wed, 26 Feb 2014 16:20:21 -0800

>Number:         187103
>Category:       bin
>Synopsis:       clang 3.4 miscompiles nsAppRunner.cpp from firefox 
>firefox-27.0.1,1 in i386
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Feb 27 00:20:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator:     Don Lewis
>Release:        FreeBSD 11.0-CURRENT i386
>Organization:
FreeBSD project
>Environment:
System: FreeBSD scratch.catspoiler.org 11.0-CURRENT FreeBSD 11.0-CURRENT #70 
r262340M: Sat Feb 22 15:58:39 PST 2014     
d...@scratch.catspoiler.org:/usr/obj/usr/src/sys/GENERICSMB  i386


FreeBSD clang version 3.4 (tags/RELEASE_34/final 197956) 20140216
Target: i386-unknown-freebsd11.0
Thread model: posix

Ports tree revision 345674.

>Description:

I ran into a problem when I tried to update www/firefox.  Building
the port succeeded, but it failed during the install phase.

Executing 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin/xpcshell
 -g 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin/
 -a 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin/
 -f ../../../toolkit/mozapps/installer/precompile_cache.js -e 
precompile_startupcache("resource://gre/");
Traceback (most recent call last):
File "../../../toolkit/mozapps/installer/packager.py", line 375, in <module>
main()
File "../../../toolkit/mozapps/installer/packager.py", line 367, in main
args.source, gre_path, base)
File "../../../toolkit/mozapps/installer/packager.py", line 148, in 
precompile_cache
errors.fatal('Error while running startup cache precompilation')
File 
"/usr/ports/www/firefox/work/mozilla-release/python/mozbuild/mozpack/errors.py",
 line 101, in fatal
self._handle(self.FATAL, msg)
File 
"/usr/ports/www/firefox/work/mozilla-release/python/mozbuild/mozpack/errors.py",
 line 96, in _handle
raise ErrorMessage(msg)
mozpack.errors.ErrorMessage: Error: Error while running startup cache 
precompilation
gmake[4]: *** [stage-package] Error 1


I duplicated the runtime environment and ran xpcshell on its own to debug
the problem and found that it core dumped.

env MOZ_STARTUP_CACHE=/tmp/cache.zip 
LD_LIBRARY_PATH=/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin/
 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin/xpcshell
 -g 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin/
 -a 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin/
 -f ../../../toolkit/mozapps/installer/precompile_cache.js -e 
'precompile_startupcache("resource://gre/");'
Illegal instruction (core dumped)

I got this stack backtrace in gdb:

(gdb) bt
#0 0x8833308d in XRE_GetBinaryPath ()
from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin//libxul.so
#1 0x88332fe5 in XRE_GetBinaryPath ()
from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin//libxul.so
#2 0x88e20515 in XRE_XPCShellMain ()
from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin//libxul.so
#3 0x0804a5ba in _start ()
#4 0x00000009 in ?? ()
#5 0xbfbfd9bc in ?? ()
#6 0xbfbfd9e4 in ?? ()
#7 0xbfbfd9e4 in ?? ()
#8 0xbfbfd9b8 in ?? ()
#9 0x00000000 in ?? ()


I then single-stepped through the code and found that it was trying to
execute an illegal instruction:

x8965ade0 in mozilla::services::_external_GetHistoryService ()
from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin//libxul.so
(gdb)
0x8965ade1 in mozilla::services::_external_GetHistoryService ()
from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin//libxul.so
(gdb)
0x8965ade2 in mozilla::services::_external_GetHistoryService ()
from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin//libxul.so
(gdb)
0x8833308d in XRE_GetBinaryPath ()
from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin//libxul.so
(gdb)

Program received signal SIGILL, Illegal instruction.
0x8833308d in XRE_GetBinaryPath ()
from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/dist/bin//libxul.so
(gdb) 


The fact that the problem is an actual illegal instruction and not a jump
to nonsense is confirmed by disassembling the code:

If I disassemble the offending bit of code, I see this:

0x88333083 <XRE_GetBinaryPath+195>: mov %ecx,(%eax)
0x88333085 <XRE_GetBinaryPath+197>: mov (%ecx),%eax
0x88333087 <XRE_GetBinaryPath+199>: mov %ecx,(%esp)
0x8833308a <XRE_GetBinaryPath+202>: call *0x4(%eax)
0x8833308d <XRE_GetBinaryPath+205>: ud2a
0x8833308f <XRE_GetBinaryPath+207>: nop
0x88333090 <XRE_GetBinaryPath+208>: push %ebp
0x88333091 <XRE_GetBinaryPath+209>: mov %esp,%ebp
0x88333093 <XRE_GetBinaryPath+211>: push %ebx


Compilation the file results in a lot of warnings:

# /usr/bin/clang++ -o nsAppRunner.o -c -fvisibility=hidden -DUSE_GLX_TEST 
-DMOZ_APP_NAME='"firefox"' -DMOZ_APP_VERSION='"27.0.1"' -DOS_POSIX=1 
-DOS_FREEBSD=1 -DOS_BSD=1 -DMOZ_GLUE_IN_PROGRAM -DMOZILLA_INTERNAL_API 
-DIMPL_LIBXUL -DSTATIC_EXPORTABLE_JS_API -DNO_NSPR_10_SUPPORT 
-DOS_TARGET=\"FreeBSD\" -DMOZ_WIDGET_TOOLKIT=\"gtk2\" 
-DTARGET_XPCOM_ABI=\"x86-gcc3\" -DTARGET_OS_ABI=\"FreeBSD_x86-gcc3\" 
-DTOOLKIT_EM_VERSION=\"27.0.1\" -DGRE_MILESTONE=27.0.1 
-DGRE_BUILDID=20140225233802 -DAPP_VERSION=27.0.1 -DAPP_I 
D="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}" -I../../../widget/xremoteclient 
-I../../../ipc/chromium/src -I../../../ipc/glue 
-I/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders
 -I../../../testing/gtest/mozilla -I../../../toolkit/xre/../profile 
-I../../../dom/ipc -I../../../toolkit/crashreporter -I../../../dom/base 
-I../../../xpcom/build -I../../../config -I../../../toolkit/xre -I. 
-I../../dist/include -I/usr/local/include/nspr -I/!
 u!
sr/local/include/nss -I/usr/local/include/nss/nss -I/usr/local/include 
-I/usr/local/include -fPIC -Qunused-arguments -isystem/usr/local/include 
-DLIBICONV_PLUG -I/usr/local/include -DMOZILLA_CLIENT -include 
../../mozilla-config.h -MD -MP -MF .deps/nsAppRunner.o.pp -Qunused-arguments 
-isystem/usr/local/include -DLIBICONV_PLUG -I/usr/local/include 
-Qunused-arguments -Wall -Wpointer-arith -Woverloaded-virtual 
-Werror=return-type -Wtype-limits -Wempty-body -Wsign-compare 
-Wno-invalid-offsetof -Wno-c++0x-exten sions -Wno-extended-offsetof 
-Wno-unknown-warning-option -Wno-return-type-c-linkage -Wno-mismatched-tags -O2 
-pipe -march=athlon64 -DLIBICONV_PLUG -fno-strict-aliasing -DLIBICONV_PLUG 
-fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections 
-fdata-sections -fno-exceptions -fno-math-errno -std=gnu++0x -pipe -DNDEBUG 
-DTRIMMED -fno-omit-frame-pointer -I../../../widget/gtk/compat 
-I/usr/local/include/gtk-unix-print-2.0 -I/usr/local/include/atk-1.0 
-I/usr/local/includ!
e/harfbuzz -I/usr/local/include/gtk-2.0 -I/usr/local/include/pango-1.0
-I/usr/local/include/gio-unix-2.0/ -I/usr/local/include/gdk-pixbuf-2.0 -pthread 
-I/usr/local/include/cairo -I/usr/local/include/glib-2.0 
-I/usr/local/include/pixman-1 -I/usr/local/include/freetype2 
-I/usr/local/include/libpng15 -D_THREAD_SAFE -I/usr/local/include 
-I/usr/local/include/dbus-1.0 -I/usr/local/include/dbus-1.0/include 
-I/usr/local/include/dbus-1.0 -I/usr/local/include/dbus-1.0/include 
-I/usr/local/include/glib-2.0 -I/usr/local/include 
-I/usr/local/include/harfbuzz -I/usr/local/include/pango-1. 0 -pthread 
-I/usr/local/include/cairo -I/usr/local/include/glib-2.0 
-I/usr/local/include/pixman-1 -I/usr/local/include/freetype2 
-I/usr/local/include/libpng15 -D_THREAD_SAFE -I/usr/local/include 
-I/usr/local/include -I/usr/local/include/freetype2 
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp
In file included from 
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:21:
In file included from ../../dist/include/mozilla/dom/ContentParent.h:10:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContentParent.h:9:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContent.h:12:
In file included from ../../dist/include/ipc/IPCMessageUtils.h:10:
In file included from ../../../ipc/chromium/src/base/process_util.h:11:
In file included from ../../../ipc/chromium/src/base/basictypes.h:252:
In file included from ../../dist/include/nscore.h:19:
../../dist/include/mozilla/mozalloc.h:198:21: warning: replacement function
'operator new' cannot be declared 'inline' [-Winline-new-delete]
MOZALLOC_EXPORT_NEW MOZALLOC_INLINE
^
../../dist/include/mozilla/mozalloc.h:44:27: note: expanded from macro
'MOZALLOC_INLINE'
# define MOZALLOC_INLINE MOZ_ALWAYS_INLINE_EVEN_DEBUG
^
../../dist/include/mozilla/Attributes.h:27:75: note: expanded from macro
'MOZ_ALWAYS_INLINE_EVEN_DEBUG'
# define MOZ_ALWAYS_INLINE_EVEN_DEBUG __attribute__((always_inline)) inline
^
In file included from 
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:21:
In file included from ../../dist/include/mozilla/dom/ContentParent.h:10:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContentParent.h:9:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContent.h:12:
In file included from ../../dist/include/ipc/IPCMessageUtils.h:10:
In file included from ../../../ipc/chromium/src/base/process_util.h:11:
In file included from ../../../ipc/chromium/src/base/basictypes.h:252:
In file included from ../../dist/include/nscore.h:19:
../../dist/include/mozilla/mozalloc.h:204:21: warning: replacement function
'operator new' cannot be declared 'inline' [-Winline-new-delete]
MOZALLOC_EXPORT_NEW MOZALLOC_INLINE
^
../../dist/include/mozilla/mozalloc.h:44:27: note: expanded from macro
'MOZALLOC_INLINE'
# define MOZALLOC_INLINE MOZ_ALWAYS_INLINE_EVEN_DEBUG
^
../../dist/include/mozilla/Attributes.h:27:75: note: expanded from macro
'MOZ_ALWAYS_INLINE_EVEN_DEBUG'
# define MOZ_ALWAYS_INLINE_EVEN_DEBUG __attribute__((always_inline)) inline
^
In file included from 
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:21:
In file included from ../../dist/include/mozilla/dom/ContentParent.h:10:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContentParent.h:9:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContent.h:12:
In file included from ../../dist/include/ipc/IPCMessageUtils.h:10:
In file included from ../../../ipc/chromium/src/base/process_util.h:11:
In file included from ../../../ipc/chromium/src/base/basictypes.h:252:
In file included from ../../dist/include/nscore.h:19:
../../dist/include/mozilla/mozalloc.h:210:21: warning: replacement function
'operator new[]' cannot be declared 'inline' [-Winline-new-delete]
MOZALLOC_EXPORT_NEW MOZALLOC_INLINE
^
../../dist/include/mozilla/mozalloc.h:44:27: note: expanded from macro
'MOZALLOC_INLINE'
# define MOZALLOC_INLINE MOZ_ALWAYS_INLINE_EVEN_DEBUG
^
../../dist/include/mozilla/Attributes.h:27:75: note: expanded from macro
'MOZ_ALWAYS_INLINE_EVEN_DEBUG'
# define MOZ_ALWAYS_INLINE_EVEN_DEBUG __attribute__((always_inline)) inline
^
In file included from 
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:21:
In file included from ../../dist/include/mozilla/dom/ContentParent.h:10:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContentParent.h:9:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContent.h:12:
In file included from ../../dist/include/ipc/IPCMessageUtils.h:10:
In file included from ../../../ipc/chromium/src/base/process_util.h:11:
In file included from ../../../ipc/chromium/src/base/basictypes.h:252:
In file included from ../../dist/include/nscore.h:19:
../../dist/include/mozilla/mozalloc.h:216:21: warning: replacement function
'operator new[]' cannot be declared 'inline' [-Winline-new-delete]
MOZALLOC_EXPORT_NEW MOZALLOC_INLINE
^
../../dist/include/mozilla/mozalloc.h:44:27: note: expanded from macro
'MOZALLOC_INLINE'
# define MOZALLOC_INLINE MOZ_ALWAYS_INLINE_EVEN_DEBUG
^
../../dist/include/mozilla/Attributes.h:27:75: note: expanded from macro
'MOZ_ALWAYS_INLINE_EVEN_DEBUG'
# define MOZ_ALWAYS_INLINE_EVEN_DEBUG __attribute__((always_inline)) inline
^
In file included from 
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:21:
In file included from ../../dist/include/mozilla/dom/ContentParent.h:10:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContentParent.h:9:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContent.h:12:
In file included from ../../dist/include/ipc/IPCMessageUtils.h:10:
In file included from ../../../ipc/chromium/src/base/process_util.h:11:
In file included from ../../../ipc/chromium/src/base/basictypes.h:252:
In file included from ../../dist/include/nscore.h:19:
../../dist/include/mozilla/mozalloc.h:222:21: warning: replacement function
'operator delete' cannot be declared 'inline' [-Winline-new-delete]
MOZALLOC_EXPORT_NEW MOZALLOC_INLINE
^
../../dist/include/mozilla/mozalloc.h:44:27: note: expanded from macro
'MOZALLOC_INLINE'
# define MOZALLOC_INLINE MOZ_ALWAYS_INLINE_EVEN_DEBUG
^
../../dist/include/mozilla/Attributes.h:27:75: note: expanded from macro
'MOZ_ALWAYS_INLINE_EVEN_DEBUG'
# define MOZ_ALWAYS_INLINE_EVEN_DEBUG __attribute__((always_inline)) inline
^
In file included from 
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:21:
In file included from ../../dist/include/mozilla/dom/ContentParent.h:10:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContentParent.h:9:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContent.h:12:
In file included from ../../dist/include/ipc/IPCMessageUtils.h:10:
In file included from ../../../ipc/chromium/src/base/process_util.h:11:
In file included from ../../../ipc/chromium/src/base/basictypes.h:252:
In file included from ../../dist/include/nscore.h:19:
../../dist/include/mozilla/mozalloc.h:228:21: warning: replacement function
'operator delete' cannot be declared 'inline' [-Winline-new-delete]
MOZALLOC_EXPORT_NEW MOZALLOC_INLINE
^
../../dist/include/mozilla/mozalloc.h:44:27: note: expanded from macro
'MOZALLOC_INLINE'
# define MOZALLOC_INLINE MOZ_ALWAYS_INLINE_EVEN_DEBUG
^
../../dist/include/mozilla/Attributes.h:27:75: note: expanded from macro
'MOZ_ALWAYS_INLINE_EVEN_DEBUG'
# define MOZ_ALWAYS_INLINE_EVEN_DEBUG __attribute__((always_inline)) inline
^
In file included from 
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:21:
In file included from ../../dist/include/mozilla/dom/ContentParent.h:10:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContentParent.h:9:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContent.h:12:
In file included from ../../dist/include/ipc/IPCMessageUtils.h:10:
In file included from ../../../ipc/chromium/src/base/process_util.h:11:
In file included from ../../../ipc/chromium/src/base/basictypes.h:252:
In file included from ../../dist/include/nscore.h:19:
../../dist/include/mozilla/mozalloc.h:234:21: warning: replacement function
'operator delete[]' cannot be declared 'inline' [-Winline-new-delete]
MOZALLOC_EXPORT_NEW MOZALLOC_INLINE
^
../../dist/include/mozilla/mozalloc.h:44:27: note: expanded from macro
'MOZALLOC_INLINE'
# define MOZALLOC_INLINE MOZ_ALWAYS_INLINE_EVEN_DEBUG
^
../../dist/include/mozilla/Attributes.h:27:75: note: expanded from macro
'MOZ_ALWAYS_INLINE_EVEN_DEBUG'
# define MOZ_ALWAYS_INLINE_EVEN_DEBUG __attribute__((always_inline)) inline
^
In file included from 
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:21:
In file included from ../../dist/include/mozilla/dom/ContentParent.h:10:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContentParent.h:9:
In file included from 
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0/ipc/ipdl/_ipdlheaders/mozilla/dom/PContent.h:12:
In file included from ../../dist/include/ipc/IPCMessageUtils.h:10:
In file included from ../../../ipc/chromium/src/base/process_util.h:11:
In file included from ../../../ipc/chromium/src/base/basictypes.h:252:
In file included from ../../dist/include/nscore.h:19:
../../dist/include/mozilla/mozalloc.h:240:21: warning: replacement function
'operator delete[]' cannot be declared 'inline' [-Winline-new-delete]
MOZALLOC_EXPORT_NEW MOZALLOC_INLINE
^
../../dist/include/mozilla/mozalloc.h:44:27: note: expanded from macro
'MOZALLOC_INLINE'
# define MOZALLOC_INLINE MOZ_ALWAYS_INLINE_EVEN_DEBUG
^
../../dist/include/mozilla/Attributes.h:27:75: note: expanded from macro
'MOZ_ALWAYS_INLINE_EVEN_DEBUG'
# define MOZ_ALWAYS_INLINE_EVEN_DEBUG __attribute__((always_inline)) inline
^
In file included from 
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:233:
In file included from /usr/local/include/gtk-2.0/gtk/gtk.h:33:
In file included from /usr/local/include/gtk-2.0/gtk/gtkaboutdialog.h:32:
In file included from ../../../widget/gtk/compat/gtk/gtkdialog.h:4:
In file included from /usr/local/include/gtk-2.0/gtk/gtkdialog.h:35:
In file included from ../../../widget/gtk/compat/gtk/gtkwindow.h:9:
In file included from /usr/local/include/gtk-2.0/gtk/gtkwindow.h:36:
In file included from /usr/local/include/gtk-2.0/gtk/gtkbin.h:35:
In file included from /usr/local/include/gtk-2.0/gtk/gtkcontainer.h:35:
In file included from ../../../widget/gtk/compat/gtk/gtkwidget.h:12:
In file included from /usr/local/include/gtk-2.0/gtk/gtkwidget.h:40:
In file included from /usr/local/include/atk-1.0/atk/atk.h:53:
/usr/local/include/atk-1.0/atk/atkversion.h:39:9: warning: 'ATK_MAJOR_VERSION'
macro redefined
#define ATK_MAJOR_VERSION (2)
^
../../mozilla-config.h:10:9: note: previous definition is here
#define ATK_MAJOR_VERSION 2
^
In file included from 
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:233:
In file included from /usr/local/include/gtk-2.0/gtk/gtk.h:33:
In file included from /usr/local/include/gtk-2.0/gtk/gtkaboutdialog.h:32:
In file included from ../../../widget/gtk/compat/gtk/gtkdialog.h:4:
In file included from /usr/local/include/gtk-2.0/gtk/gtkdialog.h:35:
In file included from ../../../widget/gtk/compat/gtk/gtkwindow.h:9:
In file included from /usr/local/include/gtk-2.0/gtk/gtkwindow.h:36:
In file included from /usr/local/include/gtk-2.0/gtk/gtkbin.h:35:
In file included from /usr/local/include/gtk-2.0/gtk/gtkcontainer.h:35:
In file included from ../../../widget/gtk/compat/gtk/gtkwidget.h:12:
In file included from /usr/local/include/gtk-2.0/gtk/gtkwidget.h:40:
In file included from /usr/local/include/atk-1.0/atk/atk.h:53:
/usr/local/include/atk-1.0/atk/atkversion.h:50:9: warning: 'ATK_MINOR_VERSION'
macro redefined
#define ATK_MINOR_VERSION (8)
^
../../mozilla-config.h:11:9: note: previous definition is here
#define ATK_MINOR_VERSION 8
^
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:4017:3: 
warning:
'g_slice_set_config' is deprecated [-Wdeprecated-declarations]
g_slice_set_config(G_SLICE_CONFIG_ALWAYS_MALLOC, 1);
^
/usr/local/include/glib-2.0/glib/gslice.h:87:10: note: 'g_slice_set_config'
declared here
void g_slice_set_config (GSliceConfig ckey, gint64 value);
^
/usr/ports/www/firefox/work/mozilla-release/toolkit/xre/nsAppRunner.cpp:4019:3: 
warning:
'g_thread_init' is deprecated [-Wdeprecated-declarations]
g_thread_init(nullptr);
^
/usr/local/include/glib-2.0/glib/deprecated/gthread.h:261:10: note:
'g_thread_init' declared here
void g_thread_init (gpointer vtable);
^
12 warnings generated.




I then compiled the offending source file to assembly language using
the all the same command line flags.  The presence of the illegal
instruction is confirmed.  Here is the offending function:

If I compile the file to assembler, this is what I see for
XRE_GetBinaryPath():

        .section        .text.XRE_GetBinaryPath,"ax",@progbits
        .globl  XRE_GetBinaryPath
        .align  16, 0x90
        .type   XRE_GetBinaryPath,@function
XRE_GetBinaryPath:                      # @XRE_GetBinaryPath
# BB#0:                                 # %entry
        pushl   %ebp
        movl    %esp, %ebp
        pushl   %ebx
        subl    $8, %esp
        calll   .L50$pb
.L50$pb:
        popl    %ebx
.Ltmp92:
        addl    $_GLOBAL_OFFSET_TABLE_+(.Ltmp92-.L50$pb), %ebx
        movl    8(%ebp), %eax
        movl    12(%ebp), %ecx
        movl    %ecx, 4(%esp)
        movl    %eax, (%esp)
        calll   _ZN7mozilla10BinaryPath7GetFileEPKcPP7nsIFile
.Ltmp93:
        .size   XRE_GetBinaryPath, .Ltmp93-XRE_GetBinaryPath

        .section        
.text._ZN7mozilla10BinaryPath7GetFileEPKcPP7nsIFile,"axG",@progbits,_ZN7mozilla10BinaryPath7GetFileEPKcPP7nsIFile,comdat
        .hidden _ZN7mozilla10BinaryPath7GetFileEPKcPP7nsIFile
        .weak   _ZN7mozilla10BinaryPath7GetFileEPKcPP7nsIFile
        .align  16, 0x90
        .type   _ZN7mozilla10BinaryPath7GetFileEPKcPP7nsIFile,@function
_ZN7mozilla10BinaryPath7GetFileEPKcPP7nsIFile: # 
@_ZN7mozilla10BinaryPath7GetFileEPKcPP7nsIFile
# BB#0:                                 # %entry
        pushl   %ebp
        movl    %esp, %ebp
        pushl   %ebx
        pushl   %edi
        pushl   %esi
        andl    $-8, %esp
        subl    $1064, %esp             # imm = 0x428
        calll   .L51$pb
.L51$pb:
        popl    %ebx
.Ltmp94:
        addl    $_GLOBAL_OFFSET_TABLE_+(.Ltmp94-.L51$pb), %ebx
        movl    8(%ebp), %eax
        movl    $0, 1056(%esp)
        leal    32(%esp), %esi
        movl    %esi, 4(%esp)
        movl    %eax, (%esp)
        calll   _ZN7mozilla10BinaryPath3GetEPKcPc
        testl   %eax, %eax
        js      .LBB51_3
# BB#1:                                 # %if.end
        movl    %esi, (%esp)
        calll   strlen@PLT
        movl    %esi, 16(%esp)
        movl    %eax, 20(%esp)
        movl    $1, 24(%esp)
        leal    1056(%esp), %eax
        calll   _ZN13nsCOMPtr_base16begin_assignmentEv@PLT
        movl    %eax, 8(%esp)
        leal    16(%esp), %esi
        movl    %esi, (%esp)
        movl    $1, 4(%esp)
        calll   NS_NewNativeLocalFile@PLT
        movl    %eax, %edi
        movl    %esi, %eax
        calll   _ZN19nsACString_internal8FinalizeEv@PLT
        testl   %edi, %edi
        js      .LBB51_3
# BB#2:                                 # %if.end16
        movl    12(%ebp), %eax
        movl    1056(%esp), %ecx
        movl    %ecx, (%eax)
        movl    (%ecx), %eax
        movl    %ecx, (%esp)
        calll   *4(%eax)
.LBB51_3:                               # %cleanup
        ud2
.Ltmp95:
        .size   _ZN7mozilla10BinaryPath7GetFileEPKcPP7nsIFile, 
.Ltmp95-_ZN7mozilla10BinaryPath7GetFileEPKcPP7nsIFile



The this is not the only function in this file with the problem.  There
are a total of 14 ud2 instructions in the assembly code output.


>How-To-Repeat:

Attempt to build and install www/firefox on i386 with clang 3.4.

Then recompile nsAppRunner.cpp in the
/usr/ports/www/firefox/work/mozilla-release/obj-i386-portbld-freebsd11.0
directory with the command line abovel, but just generate assembly
language output.  Look for ud2 instructions in the output.

I've attempted to generate a smaller test case, but haven't had success so
far.

>Fix:

        


>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

bin/187103: clang 3.4 miscompiles nsAppRunner.cpp from firefox firefox-27.0.1, 1 in i386

Reply via email to