Open
Bug 1136598
Opened 9 years ago
Updated 2 years ago
Shell functions that are only safe on the main thread are exposed to shell workers
Categories
(Core :: JavaScript Engine, defect, P3)
Tracking
()
NEW
People
(Reporter: lth, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: assertion, crash, testcase)
Not the end of the world but it would probably be useful to fix this, as some of these functions are useful for testing in shell workers.
js> evalInWorker('timeout(1, function () { print("yo") })')
js> for ( var i=0 ; i < 1000000000 ; i++ );
Segmentation fault
|
Reporter | |
Comment 1•9 years ago
|
||
Piling it on (this is on Windows):
$ dist/bin/js
js> evalInWorker('timeout(1, function () { print("yo") })')
function evalInWorker() {
[native code]
}
js>
Assertion failure: initialized(), at d:\moz\mozilla-inbound\js\src\build-debug\dist\include\js/RootingAPI.h:1067
|
||
Comment 2•8 years ago
|
||
This is an automated crash issue comment:
Summary: Crash [@ WatchdogMain]
Build version: mozilla-central revision 76733110704b
Build flags: --enable-optimize --enable-posix-nspr-emulation --enable-valgrind --enable-gczeal --disable-tests --disable-debug
Runtime options: --fuzzing-safe --thread-count=2
Testcase:
evalInWorker("timeout(1);");
Backtrace:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff3fff700 (LWP 37004)]
WatchdogMain (arg=0x7ffff46f5000) at js/src/shell/js.cpp:3023
#0 WatchdogMain (arg=0x7ffff46f5000) at js/src/shell/js.cpp:3023
#1 0x000000000088d199 in nspr::Thread::ThreadRoutine (arg=0x7ffff4682c60) at js/src/vm/PosixNSPR.cpp:45
#2 0x00007ffff7bc4182 in start_thread (arg=0x7ffff3fff700) at pthread_create.c:312
#3 0x00007ffff6cb3fbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
rax 0xe5e5e5e5e5e5e5e5 -1880844493789993499
rbx 0x7ffff4682c60 140737293855840
rcx 0x7ffff6cb48ca 140737333905610
rdx 0x800 2048
rsi 0xbf192b 12523819
rdi 0x7ffff46f5000 140737294323712
rbp 0x7ffff46f5000 140737294323712
rsp 0x7ffff3ffeea0 140737287024288
r8 0x0 0
r9 0x7ffff3fff700 140737287026432
r10 0x92b 2347
r11 0x246 582
r12 0x1 1
r13 0xcccccccd 3435973837
r14 0x7ffff3fff9c0 140737287027136
r15 0x7ffff3fff700 140737287026432
rip 0x437127 <WatchdogMain(void*)+39>
=> 0x437127 <WatchdogMain(void*)+39>: mov 0x60(%rax),%rdi
0x43712b <WatchdogMain(void*)+43>: mov %rax,%rbx|
|
||
Updated•8 years ago
|
|
|
Reporter | |
Updated•7 years ago
|
Priority: -- → P3
|
||
Updated•3 years ago
|
Blocks: sm-defects-crashes
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•