MantisBT - NetSurf | |||||
View Issue Details | |||||
ID | Project | Category | View Status | Date Submitted | Last Update |
0002680 | NetSurf | Javascript | public | 2019-07-08 08:58 | 2019-07-19 09:22 |
Reporter | Vincent Sanders | ||||
---|---|---|---|---|---|
Assigned To | Vincent Sanders | ||||
Priority | normal | Severity | crash | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Platform | OS | OS Version | |||
Product Version | 3.9 | ||||
Target Version | 3.9 | Fixed in Version | 3.9 | ||
Fixed in CI build # | 4716 | ||||
Reported in CI build # | |||||
URL of problem page | |||||
Summary | 0002680: SIGSEGV, Segmentation fault. when running popular site parallel test | ||||
Description | when running the popular site parallel test nsmonkey exits with segmentation fault while closing windows | ||||
Steps To Reproduce | run test with ./test/monkey_driver.py -m ./nsmonkey -t ../netsurf-test/monkey-test/popular-sites-parallel.yaml -w 'gdbserver :12345' use gdb: target remote localhost:12345 and continue execution | ||||
Additional Information | Thread 1 "nsmonkey" received signal SIGSEGV, Segmentation fault. 0x0000555562967e10 in ?? () (gdb) bt #0 0x0000555562967e10 in ?? () #1 0x000055555566266a in duk_heap_mem_alloc (heap=0x555555beb270, size=66) at content/handlers/javascript/duktape/duktape.c:50191 0000002 0x00005555556629bf in duk__strtable_alloc_hstring (extdata=0x0, strhash=297939073, blen=33, str=0x555555761a58 "\377\377NETSURF_DUKTAPE_WindowCallbacks", heap=0x555555beb270) at content/handlers/javascript/duktape/duktape.c:52441 #3 duk__strtable_do_intern (strhash=297939073, blen=33, str=0x555555761a58 "\377\377NETSURF_DUKTAPE_WindowCallbacks", heap=0x555555beb270) at content/handlers/javascript/duktape/duktape.c:52441 #4 duk_heap_strtable_intern (heap=0x555555beb270, str=0x555555761a58 "\377\377NETSURF_DUKTAPE_WindowCallbacks", blen=<optimized out>) at content/handlers/javascript/duktape/duktape.c:52579 #5 0x0000555555663cfd in duk_heap_strtable_intern_checked (thr=0x5555618826d0, str=<optimized out>, blen=<optimized out>) at content/handlers/javascript/duktape/duktape.c:52625 #6 0x0000555555663d3c in duk_push_lstring (thr=0x5555618826d0, str=<optimized out>, len=<optimized out>) at content/handlers/javascript/duktape/duktape.c:21996 #7 0x0000555555674dbc in duk_get_prop_string (thr=thr@entry=0x5555618826d0, obj_idx=1, obj_idx@entry=-1, key=key@entry=0x555555761a58 "\377\377NETSURF_DUKTAPE_WindowCallbacks") at content/handlers/javascript/duktape/duktape.c:16572 #8 0x0000555555601854 in window_call_callback (clear_entry=true, handle=784, ctx=0x5555618826d0) at build/Linux-monkey/duktape/window.c:87 #9 window_schedule_callback (p=0x55555785b250) at build/Linux-monkey/duktape/window.c:132 #10 0x00005555556bcda5 in monkey_schedule_run () at frontends/monkey/schedule.c:165 #11 0x0000555555588d64 in monkey_run () at frontends/monkey/main.c:277 #12 main (argc=<optimized out>, argv=<optimized out>) at frontends/monkey/main.c:408 (gdb) up #1 0x000055555566266a in duk_heap_mem_alloc (heap=0x555555beb270, size=66) at content/handlers/javascript/duktape/duktape.c:50191 50191 res = heap->alloc_func(heap->heap_udata, size); (gdb) p heap $1 = (duk_heap *) 0x555555beb270 (gdb) p *heap $2 = {flags = 1796561840, alloc_func = 0x555562967e10, realloc_func = 0x0, free_func = 0x0, heap_udata = 0x555555a1af90, fatal_func = 0x555555585eb8 <duk_default_fatal_handler>, heap_allocated = 0x55555782ae60, refzero_list = 0x0, finalize_list = 0x0, activation_free = 0x0, catcher_free = 0x0, ms_trigger_counter = 705016, ms_recursion_depth = 0, ms_base_flags = 0, ms_running = 0, ms_prevent_count = 1, pf_prevent_count = 1, pf_skip_finalizers = 1, creating_error = 0, augmenting_error = 0, lj = {jmpbuf_ptr = 0x0, type = 0, iserror = 0, value1 = {t = 2, v_extra = 0, v = {d = 4.6355940598961254e-310, i = 1907732976, fi = 93825468314096, voidptr = 0x555571b5b1f0, hstring = 0x555571b5b1f0, hobject = 0x555571b5b1f0, hcompfunc = 0x555571b5b1f0, hnatfunc = 0x555571b5b1f0, hthread = 0x555571b5b1f0, hbuffer = 0x555571b5b1f0, heaphdr = 0x555571b5b1f0, lightfunc = 0x555571b5b1f0}}, value2 = {t = 2, v_extra = 0, v = {d = 0, i = 0, fi = 0, voidptr = 0x0, hstring = 0x0, hobject = 0x0, hcompfunc = 0x0, hnatfunc = 0x0, hthread = 0x0, hbuffer = 0x0, heaphdr = 0x0, lightfunc = 0x0}}}, heap_thread = 0x555555bf5290, curr_thread = 0x0, heap_object = 0x555555c09f50, call_recursion_depth = 0, call_recursion_limit = 1000, hash_seed = 1438558069, rnd_state = { 15748112546035340805, 8073118506461634612}, sym_counter = {0, 0}, strtable = 0x55556af890c0, st_mask = 8191, st_size = 8192, st_count = 4650, st_resizing = 0, strcache = {{h = 0x0, bidx = 0, cidx = 0}, {h = 0x0, bidx = 0, cidx = 0}, {h = 0x0, bidx = 0, cidx = 0}, {h = 0x0, bidx = 0, cidx = 0}}, litcache = {{addr = 0x0, h = 0x0} <repeats 83 times>, {addr = 0x0, h = 0x55555f538270}, {addr = 0x0, h = 0x0} <repeats 59 times>, {addr = 0x0, h = 0x55556ac65800}, {addr = 0x0, h = 0x0} <repeats 58 times>, {addr = 0x0, h = 0x5555629b7380}, {addr = 0x0, h = 0x0} <repeats 53 times>}, strs = {0x555555bec8f0, 0x555555bec930, 0x555555bec960, 0x555555bec990, 0x555555bec9d0, 0x555555beca00, 0x555555beca40, 0x555555beca70, 0x555555becaa0, 0x555555becad0, 0x555555becb00, 0x555555bf31c0, 0x555555bf31f0, 0x555555bf3220, 0x555555bf3250, 0x555555bf3280, 0x555555bf32b0, 0x555555bf32f0, 0x555555bf3330, 0x555555bf3370, 0x555555bf33b0, 0x555555bf33f0, 0x555555bf3430, 0x555555bf3470, 0x555555bf34b0, 0x555555bf34f0, 0x555555bf3530, 0x555555bf3570, 0x555555bf35a0, 0x555555bf35d0, 0x555555bf3600, 0x555555bf3630, 0x555555bf3660, 0x555555bf3690, 0x555555bf36c0, 0x555555bf36f0, 0x555555bf3730, 0x555555bf3770, 0x555555bf37b0, 0x555555bf37e0, 0x555555bf3820, 0x555555bf3850, 0x555555bf3890, 0x555555bf38d0, 0x555555bf3910, 0x555555bf3940, 0x555555bf3980, 0x555555bf39c0, 0x555555bf3a00, 0x555555bf3a30, 0x555555bf3a60, 0x555555bf3aa0, 0x555555bf3ae0, 0x555555bf3b10, 0x555555bf3b40, 0x555555bf3b70, 0x555555bf3ba0, 0x555555bf3bd0, 0x555555bf3c00, 0x555555bf3c40, 0x555555bf3c70, 0x555555bf3cb0, 0x555555bf3cf0, 0x555555bf3d20, 0x555555bf3d50, 0x555555bf3d80, --Type <RET> for more, q to quit, c to continue without paging-- 0x555555bf3db0, 0x555555bf3df0, 0x555555bf3e30, 0x555555bf3e60, 0x555555bf3e90, 0x555555bf3ec0, 0x555555bf3f00, 0x555555bf3f40, 0x555555bf3f70, 0x555555bf3fa0, 0x555555bf3fd0, 0x555555bf4010, 0x555555bf4050, 0x555555bf4090, 0x555555bf40e0, 0x555555bf4120, 0x555555bf4160, 0x555555bf41a0, 0x555555bf41d0, 0x555555bf4200, 0x555555bf4230, 0x555555bf4260, 0x555555bf4290, 0x555555bf42c0, 0x555555bf42f0, 0x555555bf4330, 0x555555bf4370, 0x555555bf43a0, 0x555555bf43e0, 0x555555bf4410, 0x555555bf4440, 0x555555bf4470, 0x555555bf44b0, 0x555555bf44f0, 0x555555bf4520, 0x555555bf4550, 0x555555bf4590, 0x555555bf45c0, 0x555555bf45f0, 0x555555bf4630, 0x555555bf4660, 0x555555bf4690, 0x555555bf46c0, 0x555555bf4700, 0x555555bf4740, 0x555555bf4770, 0x555555bf47a0, 0x555555bf47d0, 0x555555bf4800, 0x555555bf4830, 0x555555bf4870, 0x555555bf48b0, 0x555555bf48f0, 0x555555bf4930, 0x555555bf4970, 0x555555bf49b0, 0x555555bf49e0, 0x555555bf4a10, 0x555555bf4a40, 0x555555bf4a80, 0x555555bf4ac0, 0x555555bf4af0, 0x555555bf4b20, 0x555555bf4b50, 0x555555bf4b80, 0x555555bf4bb0, 0x555555bf4be0, 0x555555bf4c20, 0x555555bf4c50, 0x555555bf4c80, 0x555555bf4cc0, 0x555555bf4cf0, 0x555555bf4d20, 0x555555bf4d50, 0x555555bf4d80, 0x555555bf4db0, 0x555555bf4de0, 0x555555bf4e10, 0x555555bf4e40, 0x555555bf4e70, 0x555555bf4ea0, 0x555555bf4ed0, 0x555555bf4f00, 0x555555bf4f30, 0x555555bf4f60, 0x555555bf4f90, 0x555555bf4fc0, 0x555555bf4ff0, 0x555555bf5020, 0x555555bf5050, 0x555555bf5080, 0x555555bf50b0, 0x555555bf50f0, 0x555555bf5130, 0x555555bf5160, 0x555555bf5190, 0x555555bf51c0, 0x555555bf5200, 0x555555bf5230, 0x555555bf5260}} (gdb) list 50186 res = NULL; 50187 DUK_UNREF(res); 50188 goto skip_attempt; 50189 } 50190 #endif 50191 res = heap->alloc_func(heap->heap_udata, size); 50192 if (DUK_LIKELY(res || size == 0)) { 50193 /* For zero size allocations NULL is allowed. */ 50194 return res; 50195 } (gdb) p heap->heap_udata $3 = (void *) 0x555555a1af90 (gdb) p size $4 = 66 (gdb) p res $5 = <optimized out> (gdb) | ||||
Tags | No tags attached. | ||||
Relationships | |||||
Attached Files |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
Issue History | |||||
Date Modified | Username | Field | Change | ||
---|---|---|---|---|---|
2019-07-08 08:58 | Vincent Sanders | New Issue | |||
2019-07-12 13:47 | Vincent Sanders | Assigned To | => Vincent Sanders | ||
2019-07-12 13:47 | Vincent Sanders | Status | new => resolved | ||
2019-07-12 13:47 | Vincent Sanders | Resolution | open => fixed | ||
2019-07-12 13:47 | Vincent Sanders | Fixed in Version | => 3.9 | ||
2019-07-12 13:47 | Vincent Sanders | Target Version | => 3.9 | ||
2019-07-12 13:47 | Vincent Sanders | Fixed in CI build # | => 4716 | ||
2019-07-12 13:47 | Vincent Sanders | Note Added: 0001985 | |||
2019-07-19 09:22 | Vincent Sanders | Status | resolved => closed | ||
2019-07-19 09:22 | Vincent Sanders | Note Added: 0001989 |