On 03/18/21 21:03, Joshua M. Clulow via openindiana-discuss wrote:
(if I'm reading it correctly, it trapped in strlen()).

It does look that way.  If you add a "-v" to ::findstack you might see
arguments, which can be helpful.  If there aren't arguments this
program may need to be built with -msave-args.
No arguments in the firefox code, but we do have them in libc and that lets us get the siginfo_t and ucontext_t out of sigacthandler()/call_user_handler():

[ 00007fffa8fee070 libc.so.1`_lwp_kill+0xa() ]
  00007fffa8fee0a0 libc.so.1`raise+0x1e(b)
  00007fffa8fee0f0 libxul.so`nsProfileLock::FatalSignalHandler+0xcb()
  00007fffa8fee180 libxul.so`WasmTrapHandler+0xf2()
  00007fffa8fee190 libc.so.1`__sighndlr+6()
00007fffa8fee230 libc.so.1`call_user_handler+0x1db(b, 7fffa8fee608, 7fffa8fee2a0) 00007fffa8fee280 libc.so.1`sigacthandler+0xee(b, 7fffa8fee608, 7fffa8fee2a0)
  00007fffa8fee7f0 libc.so.1`strlen+0x30()
  00007fffa8fee860 libspeechd.so.2.6.0`spd_list_synthesis_voices+0x1d()
00007fffa8feeb80 libxul.so`mozilla::dom::SpeechDispatcherService::Setup+0xc8() 00007fffa8feeb90 libxul.so`mozilla::detail::RunnableMethodImpl<mozilla::dom::SpeechDispatcherService*, void +0x27()
  00007fffa8feec90 libxul.so`nsThread::ProcessNextEvent+0x63a()
  00007fffa8feecc0 libxul.so`NS_ProcessNextEvent+0x2d()
00007fffa8feed00 libxul.so`mozilla::ipc::MessagePumpForNonMainThreads::Run+0x116()
  00007fffa8feed10 libxul.so`MessageLoop::RunInternal+0x13()
  00007fffa8feed60 libxul.so`MessageLoop::Run+0x37()
  00007fffa8feef70 libxul.so`nsThread::ThreadFunc+0xd8()
  00007fffa8feefb0 libnspr4.so`_pt_root+0xcb()
  00007fffa8feefe0 libc.so.1`_thrp_setup+0x6c(7fffab768a40)
  00007fffa8feeff0 libc.so.1`_lwp_start()

> 7fffa8fee608::siginfo
  signal    11 (SEGV)
  code       1 (from kernel)
  errno      0 (Error 0)
  fault address = 0x0
  trapno = 0
  instruction address = 0x0
> 7fffa8fee2a0::ucontext
  flags    = 0xf <UC_SIGMASK,UC_STACK,UC_CPU,UC_FPU>
  link     = 0x0
  sigmask  = 0x00000000 0x00000000 0x00000000 0x00000000
  stack    = sp 0x7fffa8faf000 size 0x40000 flags 0
  mcontext = 0x7fffa8fee2e0
> 7fffa8fee2a0::regs -u
%rax = 0x00007fffa8fee7b8       %r8  = 0x0000000000000017
%rbx = 0x00007fff9d1eed00       %r9  = 0x000000004543494f
%rcx = 0x0000000000000000       %r10 = 0x0000000000000d53
%rdx = 0x0000000001000000       %r11 = 0x000000000000000a
%rsi = 0x0000000000000000       %r12 = 0x0000000000000000
%rdi = 0x0000000000000000       %r13 = 0x00007fff9d1eed00
                                %r14 = 0x00000000124d8e00
                                %r15 = 0x0000000000000000

%cs = 0x0053    %fs = 0x0000    %gs = 0x0000
%ds = 0x004b    %es = 0x004b    %ss = 0x004b

%rip = 0x00007fffaf35bab0 libc.so.1`strlen+0x30
%rbp = 0x00007fffa8fee7f0
%rsp = 0x00007fffa8fee788

%rflags = 0x00010246
  id=0 vip=0 vif=0 ac=0 vm=0 rf=1 nt=0 iopl=0x0
  status=<of,df,IF,tf,sf,ZF,af,PF,cf>

%gsbase = 0x0000000000000000
%fsbase = 0x00007fffab768a40
%trapno = 0xe
   %err = 0x4

Faulting instruction is:
libc.so.1`strlen+0x30:          pcmpeqb (%rsi),%xmm0

%rsi is 0

my read: spd_list_synthesis_voices() is most likely calling strlen(NULL).

_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
https://openindiana.org/mailman/listinfo/openindiana-discuss

Reply via email to