jslint segfaults in v0.11.7

[placeybordeaux]

Starting from scratch I compiled node and npm both from the truck and then from v0.11.7 and tried installing and running jslint.

It simply segfaults and doesn't provide any other information.

[bnoordhuis]

Can you try this?

$ make -j8 -C out BUILDTYPE=Debug
$ gdb --args out/Debug/node path/to/jslint.js <arguments>
$ set pagination off
$ set print pretty
$ run
# wait
$ thread apply all backtrace full

Can you post the backtrace here?

[placeybordeaux]

Sorry, this is a bit late, but here you go.

Thread 6 (Thread 0x7ffff7faf700 (LWP 31217)):
#0  0x00007ffff6fa0f80 in sem_wait () from /lib/x86_64-linux-gnu/libpthread.so.0
No symbol table info available.
#1  0x0000000000dc9cab in v8::internal::LinuxSemaphore::Wait (this=0x14cca00) at ../deps/v8/src/platform-linux.cc:702
        result = 32767
#2  0x0000000000cd61e9 in v8::internal::SweeperThread::Run (this=0x14cc730) at ../deps/v8/src/sweeper-thread.cc:64
        no_allocation = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffe40008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)0, false>: 
          old_state_ = true
        }
        no_handles = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffe40008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)1, false>: 
          old_state_ = true
        }
        no_deref = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffe40008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)2, false>: 
          old_state_ = true
        }
#3  0x0000000000dca577 in v8::internal::Thread::NotifyStartedAndRun (this=0x14cc730) at ../deps/v8/src/platform.h:702
No locals.
#4  0x0000000000dcb491 in v8::internal::ThreadEntry (arg=0x14cc730) at ../deps/v8/src/platform-posix.cc:590
        thread = 0x14cc730
#5  0x00007ffff6f9af8e in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
No symbol table info available.
#6  0x00007ffff6cc4e1d in clone () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.

Thread 5 (Thread 0x7ffff7fc0700 (LWP 31216)):
#0  0x00007ffff6fa0f80 in sem_wait () from /lib/x86_64-linux-gnu/libpthread.so.0
No symbol table info available.
#1  0x0000000000dc9cab in v8::internal::LinuxSemaphore::Wait (this=0x14cc170) at ../deps/v8/src/platform-linux.cc:702
        result = 32767
#2  0x0000000000cd61e9 in v8::internal::SweeperThread::Run (this=0x14cbea0) at ../deps/v8/src/sweeper-thread.cc:64
        no_allocation = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffe00008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)0, false>: 
          old_state_ = true
        }
        no_handles = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffe00008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)1, false>: 
          old_state_ = true
        }
        no_deref = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffe00008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)2, false>: 
          old_state_ = true
        }
#3  0x0000000000dca577 in v8::internal::Thread::NotifyStartedAndRun (this=0x14cbea0) at ../deps/v8/src/platform.h:702
No locals.
#4  0x0000000000dcb491 in v8::internal::ThreadEntry (arg=0x14cbea0) at ../deps/v8/src/platform-posix.cc:590
        thread = 0x14cbea0
#5  0x00007ffff6f9af8e in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
No symbol table info available.
#6  0x00007ffff6cc4e1d in clone () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.

Thread 4 (Thread 0x7ffff7fd1700 (LWP 31215)):
#0  0x00007ffff6fa0f80 in sem_wait () from /lib/x86_64-linux-gnu/libpthread.so.0
No symbol table info available.
#1  0x0000000000dc9cab in v8::internal::LinuxSemaphore::Wait (this=0x14cb8e0) at ../deps/v8/src/platform-linux.cc:702
        result = 32767
#2  0x0000000000cd61e9 in v8::internal::SweeperThread::Run (this=0x14cb610) at ../deps/v8/src/sweeper-thread.cc:64
        no_allocation = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffec0008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)0, false>: 
          old_state_ = true
        }
        no_handles = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffec0008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)1, false>: 
          old_state_ = true
        }
        no_deref = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffec0008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)2, false>: 
          old_state_ = true
        }
#3  0x0000000000dca577 in v8::internal::Thread::NotifyStartedAndRun (this=0x14cb610) at ../deps/v8/src/platform.h:702
No locals.
#4  0x0000000000dcb491 in v8::internal::ThreadEntry (arg=0x14cb610) at ../deps/v8/src/platform-posix.cc:590
        thread = 0x14cb610
#5  0x00007ffff6f9af8e in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
No symbol table info available.
#6  0x00007ffff6cc4e1d in clone () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.

Thread 3 (Thread 0x7ffff7ff7700 (LWP 31214)):
#0  0x00007ffff6fa0f80 in sem_wait () from /lib/x86_64-linux-gnu/libpthread.so.0
No symbol table info available.
#1  0x0000000000dc9cab in v8::internal::LinuxSemaphore::Wait (this=0x14cb050) at ../deps/v8/src/platform-linux.cc:702
        result = 32767
#2  0x0000000000cd61e9 in v8::internal::SweeperThread::Run (this=0x14cad80) at ../deps/v8/src/sweeper-thread.cc:64
        no_allocation = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffe80008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)0, false>: 
          old_state_ = true
        }
        no_handles = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffe80008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)1, false>: 
          old_state_ = true
        }
        no_deref = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7fffe80008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)2, false>: 
          old_state_ = true
        }
#3  0x0000000000dca577 in v8::internal::Thread::NotifyStartedAndRun (this=0x14cad80) at ../deps/v8/src/platform.h:702
No locals.
#4  0x0000000000dcb491 in v8::internal::ThreadEntry (arg=0x14cad80) at ../deps/v8/src/platform-posix.cc:590
        thread = 0x14cad80
#5  0x00007ffff6f9af8e in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
No symbol table info available.
#6  0x00007ffff6cc4e1d in clone () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.

Thread 2 (Thread 0x7ffff6bca700 (LWP 31213)):
#0  0x00007ffff6fa0f80 in sem_wait () from /lib/x86_64-linux-gnu/libpthread.so.0
No symbol table info available.
#1  0x0000000000dc9cab in v8::internal::LinuxSemaphore::Wait (this=0x1485aa0) at ../deps/v8/src/platform-linux.cc:702
        result = 32767
#2  0x0000000000bd838a in v8::internal::OptimizingCompilerThread::Run (this=0x14858b0) at ../deps/v8/src/optimizing-compiler-thread.cc:55
        timer = {
          static v8_recompile_synchronous = 0xfa1bd0 "V8.RecompileSynchronous", 
          static v8_recompile_parallel = 0xfa1be8 "V8.RecompileParallel", 
          static v8_compile_full_code = 0xfa1bfd "V8.CompileFullCode", 
          static v8_execute = 0xfa1c10 "V8.Execute", 
          static v8_external = 0xfa1c1b "V8.External", 
          isolate_ = 0x2, 
          name_ = 0x14858c0 "OptimizingCompi"
        }
        compiling_start = 140737332984000
        no_allocation = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7ffff00008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)0, false>: 
          old_state_ = true
        }
        no_handles = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7ffff00008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)1, false>: 
          old_state_ = true
        }
        no_deref = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x7ffff00008c0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)2, false>: 
          old_state_ = true
        }
        epoch = 0
#3  0x0000000000dca577 in v8::internal::Thread::NotifyStartedAndRun (this=0x14858b0) at ../deps/v8/src/platform.h:702
No locals.
#4  0x0000000000dcb491 in v8::internal::ThreadEntry (arg=0x14858b0) at ../deps/v8/src/platform-posix.cc:590
        thread = 0x14858b0
#5  0x00007ffff6f9af8e in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
No symbol table info available.
#6  0x00007ffff6cc4e1d in clone () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.

Thread 1 (Thread 0x7ffff7fd3740 (LWP 31209)):
#0  v8::internal::OS::DebugBreak () at ../deps/v8/src/platform-posix.cc:252
No locals.
#1  0x0000000000dca90a in v8::internal::OS::Abort () at ../deps/v8/src/platform-posix.cc:230
No locals.
#2  0x00000000009ad3cd in V8_Fatal (file=0xf680b0 "../deps/v8/src/global-handles.cc", line=273, format=0xf67cd6 "CHECK(%s) failed") at ../deps/v8/src/checks.cc:61
        allow_deref = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x14c0ed0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)2, true>: 
          old_state_ = true
        }
        allow_deferred_deref = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x14c0ed0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)3, true>: 
          old_state_ = true
        }
#3  0x0000000000a4955a in v8::internal::GlobalHandles::Node::PostGarbageCollectionProcessing (this=0x14d12c0, isolate=0x147d070) at ../deps/v8/src/global-handles.cc:273
        par = 0x14c04e0
        object = 0x14d12c0
#4  0x0000000000a4a75d in v8::internal::GlobalHandles::PostGarbageCollectionProcessing (this=0x14951a0, collector=v8::internal::SCAVENGER, tracer=0x7fffffffd2d0) at ../deps/v8/src/global-handles.cc:651
        node = 0x14d12c0
        i = 13
        initial_post_gc_processing_count = 2
        next_gc_likely_to_collect_more = true
        last = 0
#5  0x0000000000a7a2d1 in v8::internal::Heap::PerformGarbageCollection (this=0x147d080, collector=v8::internal::SCAVENGER, tracer=0x7fffffffd2d0) at ../deps/v8/src/heap.cc:1023
        allow_allocation = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x14c0ed0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)0, true>: 
          old_state_ = false
        }
        scope = {
          <v8::internal::Embedded> = {<No data fields>}, 
          members of v8::internal::GCTracer::Scope: 
          tracer_ = 0x7fffffffd2d0, 
          scope_ = v8::internal::GCTracer::Scope::EXTERNAL, 
          start_time_ = 1379089756648.105
        }
        next_gc_likely_to_collect_more = false
        gc_type = v8::kGCTypeScavenge
        start_new_space_size = 1031824
#6  0x0000000000a79339 in v8::internal::Heap::CollectGarbage (this=0x147d080, space=v8::internal::NEW_SPACE, collector=v8::internal::SCAVENGER, gc_reason=0xfcd532 "Runtime::PerformGC", collector_reason=0x0) at ../deps/v8/src/heap.cc:687
        histogram_timer_scope = {
          <v8::internal::Embedded> = {<No data fields>}, 
          members of v8::internal::HistogramTimerScope: 
          timer_ = 0x1486930
        }
        tracer = {
          <v8::internal::Embedded> = {<No data fields>}, 
          members of v8::internal::GCTracer: 
          start_time_ = 0, 
          start_object_size_ = 0, 
          start_memory_size_ = 0, 
          collector_ = v8::internal::SCAVENGER, 
          gc_count_ = 2, 
          full_gc_count_ = 0, 
          scopes_ = {0.0009765625, 4.3288714135691555e-312, 1.0614332424146005e-316, 6.9533558072690027e-310, 4.0059249984778416e-312, 6.9533558072690027e-310, 4.7966718953762426e-317, 4.0059301785782746e-312, 4.0059249984778416e-312, 6.9533558072713742e-310, 4.0059249984778416e-312, 6.9533558072713742e-310, 5.405760470160144e-317, 6.9533558072721647e-310}, 
          in_free_list_or_wasted_before_gc_ = 21485704, 
          allocated_since_last_gc_ = 0, 
          spent_in_mutator_ = 0, 
          promoted_objects_size_ = 566264, 
          nodes_died_in_new_space_ = 0, 
          nodes_copied_in_new_space_ = 0, 
          nodes_promoted_ = 0, 
          steps_count_ = 0, 
          steps_took_ = 2.1219957909652723e-314, 
          longest_step_ = 6.9533558072769078e-310, 
          steps_count_since_last_gc_ = 10974702, 
          steps_took_since_last_gc_ = 6.9533558072769078e-310, 
          heap_ = 0x147d080, 
          gc_reason_ = 0xfcd532 "Runtime::PerformGC", 
          collector_reason_ = 0x0
        }
        no_allocation_during_gc = {
          <v8::internal::PerThreadAssertScopeBase> = {
            static thread_local_key = 3, 
            data_ = 0x14c0ed0
          }, 
          members of v8::internal::PerThreadAssertScope<(v8::internal::PerThreadAssertType)0, false>: 
          old_state_ = true
        }
        state = {
          <v8::internal::Embedded> = {<No data fields>}, 
          members of v8::internal::VMState<(v8::internal::StateTag)1>: 
          isolate_ = 0x147d070, 
          previous_tag_ = v8::internal::JS
        }
        next_gc_likely_to_collect_more = false
#7  0x0000000000a1216c in v8::internal::Heap::CollectGarbage (this=0x147d080, space=v8::internal::NEW_SPACE, gc_reason=0xfcd532 "Runtime::PerformGC") at ../deps/v8/src/heap-inl.h:507
        collector_reason = 0x0
        collector = v8::internal::SCAVENGER
#8  0x0000000000c80b41 in v8::internal::Runtime::PerformGC (result=0xbad0003) at ../deps/v8/src/runtime.cc:14479
        isolate = 0x147d070
        failure = 0xbad0003
#9  0x00003744e2506c27 in ?? ()
No symbol table info available.
#10 0x00007fffffffd490 in ?? ()
No symbol table info available.
#11 0x00007fffffffd4e0 in ?? ()
No symbol table info available.
#12 0x0000000000000000 in ?? ()
No symbol table info available.

[placeybordeaux]

NOTE: This is from the latest github version. 3d4c663

[bnoordhuis]

Confirmed, thanks. Not sure yet what exactly is causing it but I'm reasonably sure it's a regression introduced by the recent vm2 changes. If you go back a few commits, you get the following backtrace with out/Debug/node path/to/jslint.js lib/*.js:

#0  0x0000000100002721 in v8::internal::Internals::GetNodeState (obj=0xe000000000000000) at v8.h:5559
#1  0x00000001000350ad in v8::Persistent<v8::Object>::IsWeak (this=0x102002628) at v8.h:5735
#2  0x000000010000300c in node::PersistentToLocal<v8::Object> (isolate=0x101803200, persistent=@0x102002628) at util-inl.h:33
#3  0x0000000100036f38 in node::ContextifyContext::GlobalPropertyGetterCallback (property={<v8::Handle<v8::String>> = {val_ = 0x101857a48}, <No
 data fields>}, args=@0x7fff5fbf5470) at node_contextify.cc:218
#4  0x0000000100147e7f in v8::internal::PropertyCallbackArguments::Call (this=0x7fff5fbf5588, f=0x100036ce0 <node::ContextifyContext::GlobalPropertyGetterCallback(v8::Local<v8::String>, v8::PropertyCallbackInfo<v8::Value> const&)>, arg1={<v8::Handle<v8::String>> = {val_ = 0x101857a48}, <No data fields>}) at arguments.cc:196
#5  0x000000010047a3a9 in v8::internal::JSObject::GetPropertyWithInterceptor (this=0x282e8f351b89, receiver=0x282e8f351b89, name=0x26d32ada6791, attributes=0x7fff5fbf5a8c) at objects.cc:12870
#6  0x0000000100479f94 in v8::internal::Object::GetProperty (this=0x282e8f351b89, receiver=0x282e8f351b89, result=0x7fff5fbf5a90, name=0x26d32ada6791, attributes=0x7fff5fbf5a8c) at objects.cc:886
#7  0x000000010047ab92 in v8::internal::Object::GetProperty (object={location_ = 0x7fff5fbf5d58}, receiver={location_ = 0x7fff5fbf5d58}, result=0x7fff5fbf5a90, key={location_ = 0x7fff5fbf5d50}, attributes=0x7fff5fbf5a8c) at objects.cc:792
#8  0x0000000100388f84 in v8::internal::LoadIC::Load (this=0x7fff5fbf5c48, state=v8::internal::UNINITIALIZED, object={location_ = 0x7fff5fbf5d58}, name={location_ = 0x7fff5fbf5d50}) at ic.cc:967
#9  0x00000001003892f2 in __RT_impl_LoadIC_Miss (args={<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ = 0x7fff5fbf5d58}, isolate=0x101803200) at ic.cc:2276
#10 0x00000001003792c7 in v8::internal::LoadIC_Miss (args_length=2, args_object=0x7fff5fbf5d58, isolate=0x101803200) at ic.cc:2271

/cc @domenic and @indutny

[bnoordhuis]

Update: the regression was introduced in a3bf3d1 ("vm: use MakeWeak to fix leaking contexts").

[domenic]

NOTE: This is from the latest github version. 3d4c663

That's disappointing; I would have thought @indutny's fix would take care of this :(.

[indutny]

If you don't mind, I'll look into it. Also, I'm cut-off from IRC for a couple of days, so please use email for contacting me ;)

[bnoordhuis]

Don't worry, I'm pretty sure I've found and fixed the issue. I'll open a pull request in a few for you guys to review once I'm sure it's not causing regressions.

[bnoordhuis]

Okay, after some more investigation I've come to the conclusion that there are a couple of fundamental issues with the vm2 module that probably require a fair amount of rework to fix. I'm moving to revert it for now in #6228 and re-roll in v0.13.

[bnoordhuis]

Closing, this was fixed last month in 59a075e.