[Pkg-utopia-maintainers] Bug#826858: ostree: FTBFS on sparc64: gjs: Segmentation fault
Simon McVittie
smcv at debian.org
Wed Jul 6 19:58:08 UTC 2016
Control: reassign 826858 libmozjs-24-0 24.2.0-3
Control: affects 826858 gjs
On Thu, 09 Jun 2016 at 19:28:37 +0100, Simon McVittie wrote:
> On Thu, 09 Jun 2016 at 10:35:48 -0400, Aaron M. Ucko wrote:
> > - On sparc64 (not a release architecture either):
> >
> > ERROR: tests/test-pull-corruption.sh - too few tests run (expected 2, got 0)
> > ERROR: tests/test-pull-corruption.sh - exited with status 1
>
> This one is a segfault in gjs, a JavaScript environment using Mozilla
> code for the interpreter and GObject-Introspection for runtime libraries.
> OSTree uses it as a scripting language in some tests, to confirm that
> its language bindings work.
>
> It seems likely that this one is a sparc64 bug in either libmozjs,
> gjs, GObject-Introspection, or possibly libffi (used by GObject).
I've tried gjs on notker.debian.net, and it looks as though it just
doesn't work at all on sparc64. The backtrace looks more like a mozjs24
rather than gjs issue.
Steps to reproduce:
* install gjs/unstable on sparc64
* run gjs-console
Expected result:
* a "gjs>" REPL prompt at which you can type JavaScript
Actual result:
* segmentation fault
Backtrace below.
Regards,
S
(gdb) set pagination off
(gdb) bt full
#0 js::ObjectImpl::setFlag (this=this at entry=0x107706040, cx=cx at entry=0x246e90, flag_=flag_ at entry=8, generateShape=generateShape at entry=js::ObjectImpl::GENERATE_SHAPE) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/vm/Shape.cpp:1116
flag = js::BaseShape::DELEGATE
self = <optimized out>
#1 0xffff8001028e2fb8 in JSObject::setDelegate (cx=0x246e90, this=<optimized out>) at ./jsobjinlines.h:782
No locals.
#2 JSCompartment::getNewType (this=0x247910, cx=cx at entry=0x246e90, clasp=clasp at entry=0xffff800102b1d300 <JSFunction::class_>, proto_=..., fun_=fun_ at entry=0x0) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/jsinfer.cpp:6073
p = {<js::detail::HashTable<js::ReadBarriered<js::types::TypeObject> const, js::HashSet<js::ReadBarriered<js::types::TypeObject>, js::types::TypeObjectEntry, js::SystemAllocPolicy>::SetOps, js::SystemAllocPolicy>::Ptr> = {entry_ = <optimized out>}, keyHash = 1476233512, mutationCount = {<No data fields>}}
proto = {<js::RootedBase<js::TaggedProto>> = {<js::TaggedProtoOperations<JS::Rooted<js::TaggedProto> >> = {<No data fields>}, <No data fields>}, ptr = {proto = 0x107706040}}
fun = {<js::RootedBase<JSFunction*>> = {<No data fields>}, ptr = 0x0}
markUnknown = <optimized out>
type = {<js::RootedBase<js::types::TypeObject*>> = {<No data fields>}, ptr = 0x17}
enter = {suppressGC = {suppressGC_ = @0xffff800102b1d300}, freeOp = 0x107706040, compartment = 0x1, oldActiveAnalysis = false}
#3 0xffff8001028e3448 in JSObject::getNewType (this=0x107706040, cx=cx at entry=0x246e90, clasp=clasp at entry=0xffff800102b1d300 <JSFunction::class_>, fun=fun at entry=0x0) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/jsinfer.cpp:6134
No locals.
#4 0xffff80010290c024 in js::NewObjectWithClassProtoCommon (cx=0x246e90, clasp=0xffff800102b1d300 <JSFunction::class_>, protoArg=<optimized out>, parentArg=0xffff800107705020, allocKind=<optimized out>, newKind=<optimized out>) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/jsobj.cpp:1383
cache = @0x228f18: {static MAX_OBJ_SIZE = 160, entries = {{clasp = 0x0, key = 0x0, kind = js::gc::FINALIZE_OBJECT0, nbytes = 0, templateObject = '\000' <repeats 159 times>} <repeats 41 times>}}
entry = -1
parent = {<js::RootedBase<JSObject*>> = {<No data fields>}, ptr = 0xffff800107705020}
proto = {<js::RootedBase<JSObject*>> = {<No data fields>}, ptr = 0x107706040}
type = <optimized out>
obj = <optimized out>
#5 0xffff80010290c2a0 in js::NewObjectWithClassProtoCommon (cx=cx at entry=0x246e90, clasp=0x7feffffe880, protoArg=0x7feffffe890, protoArg at entry=0x0, parentArg=0xffff8001027e14d4 <obj_toSource(JSContext*, unsigned int, JS::Value*)>, allocKind=allocKind at entry=js::gc::FINALIZE_OBJECT4_BACKGROUND, newKind=newKind at entry=js::SingletonObject) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/jsobj.cpp:1343
No locals.
#6 0xffff8001028c19bc in js::NewObjectWithClassProto (newKind=js::SingletonObject, allocKind=js::gc::FINALIZE_OBJECT4_BACKGROUND, parent=<optimized out>, proto=0x0, clasp=0xffff800102b1d300 <JSFunction::class_>, cx=0x246e90) at ./jsobjinlines.h:1493
No locals.
#7 js::NewFunction (newKind=js::SingletonObject, allocKind=js::gc::FINALIZE_OBJECT4_BACKGROUND, atom=..., parent=..., flags=<optimized out>, nargs=0, native=0xffff8001027e14d4 <obj_toSource(JSContext*, unsigned int, JS::Value*)>, funobjArg=..., cx=0x246e90) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/jsfun.cpp:1560
funobj = {<js::RootedBase<JSObject*>> = {<No data fields>}, ptr = 0x0}
#8 js::DefineFunction (cx=cx at entry=0x246e90, obj=..., id=..., native=0xffff8001027e14d4 <obj_toSource(JSContext*, unsigned int, JS::Value*)>, nargs=<optimized out>, flags=0, flags at entry=512, allocKind=js::gc::FINALIZE_OBJECT4_BACKGROUND, newKind=js::GenericObject) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/jsfun.cpp:1688
gop = 0xffff800102861a90 <JS_PropertyStub(JSContext*, JS::Handle<JSObject*>, JS::Handle<long>, JS::MutableHandle<JS::Value>)>
sop = 0xffff800102861a98 <JS_StrictPropertyStub(JSContext*, JS::Handle<JSObject*>, JS::Handle<long>, int, JS::MutableHandle<JS::Value>)>
fun = {<js::RootedBase<JSFunction*>> = {<No data fields>}, ptr = 0x0}
funVal = {<js::RootedBase<JS::Value>> = {<js::MutableValueOperations<JS::Rooted<JS::Value> >> = {<js::UnbarrieredMutableValueOperations<JS::Rooted<JS::Value> >> = {<js::ValueOperations<JS::Rooted<JS::Value> >> = {<No data fields>}, <No data fields>}, <No data fields>}, <No data fields>}, ptr = {data = {asBits = 0, debugView = {tag = 0, payload47 = 0}, s = {padding = 0, payload = {i32 = 0, u32 = 0, why = JS_ELEMENTS_HOLE}}, asDouble = 0, asPtr = 0x0, asWord = 0, asUIntPtr = 0}}}
#9 0xffff80010286e238 in JS_DefineFunctions (cx=cx at entry=0x246e90, objArg=<optimized out>, fs=0xffff800102b0ec40 <js::object_methods>) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/jsapi.cpp:4902
fun = <optimized out>
atom = {<js::RootedBase<JSAtom*>> = {<No data fields>}, ptr = 0xffff800107525080}
id = {<js::RootedBase<long>> = {<No data fields>}, ptr = -140733070552960}
flags = 512
obj = {<js::RootedBase<JSObject*>> = {<No data fields>}, ptr = 0xffff800107705020}
ctor = {<js::RootedBase<JSObject*>> = {<No data fields>}, ptr = 0x0}
#10 0xffff8001027a8dac in js::DefinePropertiesAndBrand (fs=<optimized out>, ps=0x0, obj_=<optimized out>, cx=0x246e90) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/vm/GlobalObject.cpp:561
ps = 0x0
obj_ = <optimized out>
cx = 0x246e90
#11 js::GlobalObject::initFunctionAndObjectClasses (this=<optimized out>, cx=cx at entry=0x246e90) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/vm/GlobalObject.cpp:314
self = {<js::RootedBase<js::GlobalObject*>> = {<No data fields>}, ptr = 0xffff800107703060}
objectProto = {<js::RootedBase<JSObject*>> = {<No data fields>}, ptr = 0xffff800107705020}
functionProto = {<js::RootedBase<JSFunction*>> = {<No data fields>}, ptr = 0xffff800107706040}
objectCtor = {<js::RootedBase<JSFunction*>> = {<No data fields>}, ptr = 0xffff800107706080}
functionCtor = {<js::RootedBase<JSFunction*>> = {<No data fields>}, ptr = 0xffff8001077060c0}
getter = <optimized out>
setter = <optimized out>
undefinedValue = {<js::RootedBase<JS::Value>> = {<js::MutableValueOperations<JS::Rooted<JS::Value> >> = {<js::UnbarrieredMutableValueOperations<JS::Rooted<JS::Value> >> = {<js::ValueOperations<JS::Rooted<JS::Value> >> = {<No data fields>}, <No data fields>}, <No data fields>}, <No data fields>}, ptr = {data = {asBits = 8791798049560, debugView = {tag = 0, payload47 = 8791798049560}, s = {padding = 2046, payload = {i32 = -5352, u32 = 4294961944, why = 4294961944}}, asDouble = 4.3437253814616731e-311, asPtr = 0x7feffffeb18, asWord = 8791798049560, asUIntPtr = 8791798049560}}}
evalId = {<js::RootedBase<long>> = {<No data fields>}, ptr = -140733151044976}
evalobj = <optimized out>
throwTypeError = {<js::RootedBase<JSFunction*>> = {<No data fields>}, ptr = 0x6}
intrinsicsHolder = {<js::RootedBase<JSObject*>> = {<No data fields>}, ptr = 0xffff800107704070}
global = {<js::RootedBase<JS::Value>> = {<js::MutableValueOperations<JS::Rooted<JS::Value> >> = {<js::UnbarrieredMutableValueOperations<JS::Rooted<JS::Value> >> = {<js::ValueOperations<JS::Rooted<JS::Value> >> = {<No data fields>}, <No data fields>}, <No data fields>}, <No data fields>}, ptr = {data = {asBits = 18446603340640972864, debugView = {tag = 131071, payload47 = 4419776576}, s = {padding = 4294934529, payload = {i32 = 124809280, u32 = 124809280, why = 124809280}}, asDouble = -nan(0xf800107707040), asPtr = 0xffff800107707040, asWord = 18446603340640972864, asUIntPtr = 18446603340640972864}}}
tagged = {<js::RootedBase<js::TaggedProto>> = {<js::TaggedProtoOperations<JS::Rooted<js::TaggedProto> >> = {<No data fields>}, <No data fields>}, ptr = {proto = 0xffff8001077060c0}}
functionProtoScript = {<js::RootedBase<JSScript*>> = {<No data fields>}, ptr = 0xffff800107525300}
#12 0xffff8001027a95e4 in js::GlobalObject::initStandardClasses (cx=cx at entry=0x246e90, global=...) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/vm/GlobalObject.cpp:456
undefinedValue = {<js::RootedBase<JS::Value>> = {<js::MutableValueOperations<JS::Rooted<JS::Value> >> = {<js::UnbarrieredMutableValueOperations<JS::Rooted<JS::Value> >> = {<js::ValueOperations<JS::Rooted<JS::Value> >> = {<No data fields>}, <No data fields>}, <No data fields>}, <No data fields>}, ptr = {data = {asBits = 18444773748872577024, debugView = {tag = JSVAL_TAG_UNDEFINED, payload47 = 0}, s = {padding = 4294508544, payload = {i32 = 0, u32 = 0, why = JS_ELEMENTS_HOLE}}, asDouble = -nan(0x9000000000000), asPtr = 0xfff9000000000000, asWord = 18444773748872577024, asUIntPtr = 18444773748872577024}}}
#13 0xffff800102820de4 in JSRuntime::initSelfHosting (this=this at entry=0x228000, cx=cx at entry=0x246e90) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/vm/SelfHosting.cpp:655
savedGlobal = {<js::RootedBase<JSObject*>> = {<No data fields>}, ptr = 0x0}
ac = {cx_ = 0x246e90, oldCompartment_ = 0x0}
shg = {<js::RootedBase<js::GlobalObject*>> = {<No data fields>}, ptr = 0xffff800107703060}
options = {principals = 0x0, originPrincipals = 0x7feffffffff, version = -32767, versionSet = false, utf8 = 74, filename = 0x5 <error: Cannot access memory at address 0x5>, lineno = 0, column = 0, element = {<js::HandleBase<JSObject*>> = {<No data fields>}, ptr = 0x4}, compileAndGo = 255, forEval = 255, noScriptRval = 128, selfHostingMode = true, canLazilyParse = 2, sourcePolicy = (JS::CompileOptions::LAZY_SOURCE | unknown: 3276852)}
oldReporter = <optimized out>
rv = {data = {asBits = 8791798049920, debugView = {tag = 0, payload47 = 8791798049920}, s = {padding = 2046, payload = {i32 = -4992, u32 = 4294962304, why = 4294962304}}, asDouble = 4.3437253816395367e-311, asPtr = 0x7feffffec80, asWord = 8791798049920, asUIntPtr = 8791798049920}}
ok = <optimized out>
filename = <optimized out>
#14 0xffff80010289255c in js::NewContext (rt=0x228000, stackChunkSize=8192) at /build/mozjs24-t3hfaL/mozjs24-24.2.0/js/src/jscntxt.cpp:318
ok = <optimized out>
cxCallback = <optimized out>
#15 0xffff800100497e54 in ?? () from /usr/lib/libgjs.so.0
No symbol table info available.
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
More information about the Pkg-utopia-maintainers
mailing list