Details
-
Bug
-
Resolution: Done
-
P1: Critical
-
5.15.6
-
OpenWRT LEDE 17.01-snapshot, Onion Omega2+, MT7688
-
-
6aef29a731 (qt/qtdeclarative/dev) b43fa81bf6 (qt/qtdeclarative/6.2) f4a55f7633 (qt/tqtc-qtdeclarative/5.15) 005460e356 (qt/qtdeclarative/6.3) b43fa81bf6 (qt/tqtc-qtdeclarative/6.2) 005460e356 (qt/tqtc-qtdeclarative/6.3)
Description
I ported a huge JS project to use with QML server side (no GUI, no Quick). On Ubuntu 20.04.3 it runs fine, I checked with Valgrind, no obvious issues.
But when used on my target board Onion Omega2+ running OpenWRT LEDE 17.01-snapshot,
the app crashes randomly, changing the time when it crashes when I comment out particular code lines.
I recompiled QML lib and ran valgrind:
==4301== Thread 1: ==4301== Invalid read of size 4 ==4301== at 0x4EDC694: QV4::Chunk::sweep(QV4::ExecutionEngine*) (qv4mm.cpp:345) ==4301== by 0x4EDD80C: QV4::BlockAllocator::sweep()::{lambda(QV4::Chunk*)#1}::operator()(QV4::Chunk*) const (qv4mm.cpp:631) ==4301== by 0x4EE35DC: __gnu_cxx::__normal_iterator<QV4::Chunk**, std::vector<QV4::Chunk*, std::allocator<QV4::Chunk*> > > std::__partition<__gnu_cxx::__normal_iterator<QV4::Chunk**, std::vector<QV4::Chunk*, std::allocator<QV4::Chunk*> > >, QV4::BlockAllocator::sweep()::{lambda(QV4::Chunk*)#1}>(QV4::BlockAllocator::sweep()::{lambda(QV4::Chunk*)#1}, QV4::BlockAllocator::sweep()::{lambda(QV4::Chunk*)#1}, QV4::BlockAllocator::sweep()::{lambda(QV4::Chunk*)#1}, std::bidirectional_iterator_tag) (stl_algo.h:1518) ==4301== by 0x4EE3068: __gnu_cxx::__normal_iterator<QV4::Chunk**, std::vector<QV4::Chunk*, std::allocator<QV4::Chunk*> > > std::partition<__gnu_cxx::__normal_iterator<QV4::Chunk**, std::vector<QV4::Chunk*, std::allocator<QV4::Chunk*> > >, QV4::BlockAllocator::sweep()::{lambda(QV4::Chunk*)#1}>(QV4::BlockAllocator::sweep()::{lambda(QV4::Chunk*)#1}, QV4::BlockAllocator::sweep()::{lambda(QV4::Chunk*)#1}, QV4::BlockAllocator::sweep()::{lambda(QV4::Chunk*)#1}) (stl_algo.h:4521) ==4301== by 0x4EDDAE8: QV4::BlockAllocator::sweep() (qv4mm.cpp:631) ==4301== by 0x4EE0540: QV4::MemoryManager::sweep(bool, void (*)(char const*)) (qv4mm.cpp:994) ==4301== by 0x4EE0C74: QV4::MemoryManager::runGC() (qv4mm.cpp:1054) ==4301== by 0x4EE8254: QV4::MemoryManager::allocate(QV4::BlockAllocator*, unsigned int) (qv4mm_p.h:328) ==4301== by 0x4EDF3A4: QV4::MemoryManager::allocData(unsigned int) (qv4mm.cpp:806) ==4301== by 0x4EDF57C: QV4::MemoryManager::allocObjectWithMemberData(QV4::VTable const*, unsigned int) (qv4mm.cpp:829) ==4301== by 0x5213740: QV4::StrictArgumentsObject::Data* QV4::MemoryManager::allocateObject<QV4::StrictArgumentsObject>(QV4::Heap::InternalClass*) (qv4mm_p.h:191) ==4301== by 0x52130D8: QV4::StrictArgumentsObject::Data* QV4::MemoryManager::allocObject<QV4::StrictArgumentsObject, QV4::CppStackFrame*>(QV4::Heap::InternalClass*, QV4::CppStackFrame*) (qv4mm_p.h:227) ==4301== Address 0x8 is not stack'd, malloc'd or (recently) free'd ==4301== ==4301== ==4301== Process terminating with default action of signal 11 (SIGSEGV)
I played with V4 envs listed in the docs with no luck, except that when I set too small QV4_JS_MAX_STACK_SIZE "RangeError: Maximum call stack size exceeded" appear and occasionally i might not crash, but at most times it still does.
Setting QV4_MM_AGGRESSIVE_GC=1 causes th app to run veeeeeery slowly but as far as i remember it finally crashed too.
Setting QV4_FORCE_INTERPRETER=1 did not help either.
Any hints are appreciated, especially if you are not going to fix the bug on this rarely used platform
Attachments
Issue Links
- resulted in
-
QTBUG-120450 Allocating or deallocating a QJSEngine object causes a crash if the application has called mlockall(MCL_CURRENT|MCL_FUTURE)
- Closed
For Gerrit Dashboard: QTBUG-100431 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
393706,2 | V4: Do not call dtor of an object we continue to use | dev | qt/qtdeclarative | Status: MERGED | +2 | 0 |
393857,2 | V4: Do not call dtor of an object we continue to use | 6.2 | qt/qtdeclarative | Status: MERGED | +2 | 0 |
393858,2 | V4: Do not call dtor of an object we continue to use | 6.3 | qt/qtdeclarative | Status: MERGED | +2 | 0 |
393859,2 | V4: Do not call dtor of an object we continue to use | tqtc/lts-5.15 | qt/tqtc-qtdeclarative | Status: MERGED | +2 | 0 |
394489,1 | WIP: masm: Check results of madvise() | dev | qt/qtdeclarative | Status: ABANDONED | -2 | 0 |
398041,2 | QML: Protect against EAGAIN when calling madvise on linux | dev | qt/qtdeclarative | Status: MERGED | +2 | 0 |
402787,2 | QML: Protect against EAGAIN when calling madvise on linux | 6.2 | qt/qtdeclarative | Status: MERGED | +2 | 0 |
402788,2 | QML: Protect against EAGAIN when calling madvise on linux | 6.3 | qt/qtdeclarative | Status: MERGED | +2 | 0 |
402789,2 | QML: Protect against EAGAIN when calling madvise on linux | tqtc/lts-5.15 | qt/tqtc-qtdeclarative | Status: MERGED | +2 | 0 |