MantisBT - NetSurf
View Issue Details
0002657NetSurfCore-specificpublic2019-05-30 11:412019-07-19 08:29
ReporterAchim Pankalla 
Assigned ToDaniel Silverstone 
PrioritynormalSeveritycrashReproducibilityalways
StatusclosedResolutionfixed 
PlatformSam440flexOSAmigaOSOS Version4.1FE
Product Version3.9 
Target Version3.9Fixed in Version3.9 
Fixed in CI build #4651
Reported in CI build #4640
URL of problem pagewww.dict.cc
Summary0002657: Crash with 4640 development release
Descriptionthe netsurf 4640 release is crashing when some special pages are called.
a grim reaper is accour.
Steps To Reproducecall the page www.dict.cc for example, also some other pages.
then a command windows is opened and the netsurf is crashing after a little time.
Additional Informationthe development version 4569 is display the page without problem.
part of the crash-log:
Stack trace:
    [content/hlcache.c:729] Programme:NetSurf/NetSurf:hlcache_handle_get_content()+0x8 (section 1 @ 0x15D6CC)
    [content/content.c:1164] Programme:NetSurf/NetSurf:content_get_status()+0x10 (section 1 @ 0xB1268)
    [content/handlers/html/html_script.c:208] Programme:NetSurf/NetSurf:convert_script_async_cb()+0x130 (section 1 @ 0xE80AC)
    [content/hlcache.c:298] Programme:NetSurf/NetSurf:hlcache_migrate_ctx()+0x454 (section 1 @ 0x15CCB4)
    [content/hlcache.c:435] Programme:NetSurf/NetSurf:hlcache_llcache_callback()+0x29c (section 1 @ 0x15CF8C)
    [content/llcache.c:3102] Programme:NetSurf/NetSurf:llcache_object_notify_users()+0xd0 (section 1 @ 0x15F5F8)
    [content/llcache.c:3617] Programme:NetSurf/NetSurf:llcache_catch_up_all_users()+0x38 (section 1 @ 0x15F96C)
    [frontends/amiga/schedule.c:268] Programme:NetSurf/NetSurf:ami_schedule_handle()+0xf0 (section 1 @ 0x1E8BA8)
    [frontends/amiga/gui.c:3279] Programme:NetSurf/NetSurf:ami_get_msg()+0x970 (section 1 @ 0x1C23B4)
    [frontends/amiga/gui.c:6260] Programme:NetSurf/NetSurf:main()+0x1274 (section 1 @ 0x1CA8AC)
TagsNo tags attached.
Attached Fileslog ns.log (233,679) 2019-05-30 11:41
https://bugs.netsurf-browser.org/mantis/file_download.php?file_id=587&type=bug

Notes
(0001925)
Vincent Sanders   
2019-06-01 10:44   
$ gdb ./nsgtk
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./nsgtk...done.
(gdb) set args https://www.dict.cc
(gdb) run
Starting program: /home/vince/dev-netsurf/workspace/netsurf/nsgtk https://www.dict.cc
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe67d1700 (LWP 2174)]
[New Thread 0x7fffe5fd0700 (LWP 2175)]
[New Thread 0x7fffe576f700 (LWP 2176)]
[New Thread 0x7fffe4f6e700 (LWP 2177)]
[Thread 0x7fffe4f6e700 (LWP 2177) exited]
[Thread 0x7fffe576f700 (LWP 2176) exited]
[New Thread 0x7fffe576f700 (LWP 2178)]
[New Thread 0x7fffe4f6e700 (LWP 2179)]
[New Thread 0x7fffd7fff700 (LWP 2180)]
[New Thread 0x7fffd77fe700 (LWP 2181)]
[Thread 0x7fffe4f6e700 (LWP 2179) exited]
[Thread 0x7fffd7fff700 (LWP 2180) exited]
[Thread 0x7fffd77fe700 (LWP 2181) exited]
[Thread 0x7fffe576f700 (LWP 2178) exited]
[New Thread 0x7fffd7fff700 (LWP 2182)]
[Thread 0x7fffd7fff700 (LWP 2182) exited]
[New Thread 0x7fffd7fff700 (LWP 2183)]
[New Thread 0x7fffe576f700 (LWP 2184)]
[Thread 0x7fffd7fff700 (LWP 2183) exited]
[Thread 0x7fffe576f700 (LWP 2184) exited]

Thread 1 "nsgtk" received signal SIGSEGV, Segmentation fault.
duk_hobject_refcount_finalize_norz (h=h@entry=0x555556c36a90, heap=<optimized out>)
    at content/handlers/javascript/duktape/duktape.c:50743
50743 DUK_HSTRING_DECREF_NORZ(thr, key);
(gdb) bt
#0 duk_hobject_refcount_finalize_norz (h=h@entry=0x555556c36a90, heap=<optimized out>)
    at content/handlers/javascript/duktape/duktape.c:50743
#1 0x00005555556ba51f in duk__refcount_free_pending (heap=heap@entry=0x555555e92630)
    at content/handlers/javascript/duktape/duktape.c:50986
0000002 0x00005555556b9f21 in duk__refcount_refzero_hobject (skip_free_pending=0, obj=0x555556bf6f20,
    heap=0x555555e92630) at content/handlers/javascript/duktape/duktape.c:51086
#3 duk__heaphdr_refzero_helper (skip_free_pending=0, h=0x555556bf6f20, thr=<optimized out>)
    at content/handlers/javascript/duktape/duktape.c:51304
#4 duk_heaphdr_refzero (h=0x555556bf6f20, thr=<optimized out>)
    at content/handlers/javascript/duktape/duktape.c:51320
#5 0x00005555556b45ad in duk_hobject_putprop (thr=thr@entry=0x55555604a730, tv_obj=0x7fffffffb5d0,
    tv_key=0x7fffffffb5e0, tv_key@entry=0x555556c7e6e0, tv_val=0x7fffffffb5f0, throw_flag=0)
    at content/handlers/javascript/duktape/duktape.c:58039
#6 0x00005555555dee90 in duk__js_execute_bytecode_inner (entry_act=entry_act@entry=0x5555565d9790,
    entry_thread=<optimized out>) at content/handlers/javascript/duktape/duktape.c:77252
#7 0x00005555556b1596 in duk_js_execute_bytecode (exec_thr=exec_thr@entry=0x55555604a730)
    at content/handlers/javascript/duktape/duktape.c:75946
#8 0x00005555556b23b4 in duk__handle_call_raw (thr=thr@entry=0x55555604a730,
    idx_func=idx_func@entry=0, call_flags=0) at content/handlers/javascript/duktape/duktape.c:64240
#9 0x00005555556d7181 in duk_handle_call_unprotected (call_flags=<optimized out>,
    idx_func=<optimized out>, thr=0x55555604a730) at content/handlers/javascript/duktape/duktape.c:64422
#10 duk__pcall_raw (thr=thr@entry=0x55555604a730, udata=udata@entry=0x7fffffffbb28)
    at content/handlers/javascript/duktape/duktape.c:14323
#11 0x00005555556b98f0 in duk__handle_safe_call_inner (num_stack_rets=1, idx_retbase=0,
    entry_thread_state=1 '\001', entry_curr_thread=0x0, udata=0x7fffffffbb28,
    func=0x5555556d7140 <duk__pcall_raw>, thr=0x55555604a730)
    at content/handlers/javascript/duktape/duktape.c:64475
#12 duk_handle_safe_call (thr=0x55555604a730, func=0x5555556d7140 <duk__pcall_raw>,
    udata=0x7fffffffbb28, num_stack_args=<optimized out>, num_stack_rets=1)
    at content/handlers/javascript/duktape/duktape.c:64720
#13 0x00005555556c8d6e in duk_pcall (thr=<optimized out>, nargs=nargs@entry=0)
---Type <return> to continue, or q <return> to quit---
    at content/handlers/javascript/duktape/duktape.c:14342
#14 0x00005555556a9d8d in js_exec (ctx=0x555555e91640,
    txt=txt@entry=0x555556ac4ad0 "var snhb = snhb || {};\nsnhb.globalSettings = { \n currencyConversionEURTo: {\n // http://sdw.ecb.europa.eu/quickview.do?SERIES_KEY=120.EXR.M.USD.EUR.SP00.A\n USD: { year: 2019, month: 1"..., txtlen=10052,
    name=0x555556837518 "http://static.h-bid.com/snhb/snhbGlobalSettings.js")
    at content/handlers/javascript/duktape/dukky.c:816
#15 0x0000555555695a3f in html_script_exec (c=c@entry=0x55555604a170,
    allow_defer=allow_defer@entry=false) at content/handlers/html/html_script.c:97
#16 0x0000555555695bb2 in convert_script_async_cb (script=<optimized out>, event=<optimized out>,
    pw=0x55555604a170) at content/handlers/html/html_script.c:208
#17 0x00005555556e5456 in hlcache_find_content (effective_type=0x555555dbb970, ctx=0x555556a5b450)
    at content/hlcache.c:314
#18 hlcache_migrate_ctx (ctx=ctx@entry=0x555556a5b450, effective_type=0x555555dbb970)
    at content/hlcache.c:350
#19 0x00005555556e572d in hlcache_llcache_callback (handle=<optimized out>, event=<optimized out>,
    pw=0x555556a5b450) at content/hlcache.c:435
#20 0x00005555556e71b9 in llcache_object_notify_users (object=object@entry=0x55555682d100)
    at content/llcache.c:3102
#21 0x00005555556e7450 in llcache_catch_up_all_users (ignored=<optimized out>) at content/llcache.c:3617
#22 0x000055555572726a in schedule_run () at frontends/gtk/schedule.c:132
#23 0x0000555555719770 in nsgtk_main () at frontends/gtk/gui.c:429
#24 0x00005555555dd3a3 in main (argc=<optimized out>, argv=<optimized out>) at frontends/gtk/gui.c:1206
(0001926)
Daniel Silverstone   
2019-06-01 12:28   
We were failing to reacquire the script pointer after running a script which could have caused us to run off into the reeds when processing further scripts.

I've fixed this in 4651
(0002006)
Vincent Sanders   
2019-07-19 08:29   
we believe this issue has been resolved in NetSurf 3.9

Issue History
2019-05-30 11:41Achim PankallaNew Issue
2019-05-30 11:41Achim PankallaFile Added: ns.log
2019-06-01 10:44Vincent SandersNote Added: 0001925
2019-06-01 10:45Vincent SandersStatusnew => confirmed
2019-06-01 10:45Vincent SandersProduct Version => 3.9
2019-06-01 12:28Daniel SilverstoneAssigned To => Daniel Silverstone
2019-06-01 12:28Daniel SilverstoneStatusconfirmed => resolved
2019-06-01 12:28Daniel SilverstoneResolutionopen => fixed
2019-06-01 12:28Daniel SilverstoneFixed in Version => 3.9
2019-06-01 12:28Daniel SilverstoneTarget Version => 3.9
2019-06-01 12:28Daniel SilverstoneFixed in CI build # => 4651
2019-06-01 12:28Daniel SilverstoneNote Added: 0001926
2019-07-19 08:29Vincent SandersStatusresolved => closed
2019-07-19 08:29Vincent SandersNote Added: 0002006