Yet another segmentation fault in node-v4.0.0-rc.1 #2721

pmq20 · 2015-09-07T11:33:54Z

var cp = require('child_process');
cp.spawn('/bin/ls', [], {
  stdio: [
    process.stdin,
    process.stdout,
    process.stderr,
  ]
});

The text was updated successfully, but these errors were encountered:

silverwind · 2015-09-07T13:06:31Z

Confirmed, I'm almost certain this is the one seen in #2552

(lldb) target create "node"
Current executable set to 'node' (x86_64).
(lldb) settings set -- target.run-args  "seg"
(lldb) r
Process 37974 launched: '/usr/local/bin/node' (x86_64)
Process 37974 stopped
* thread #1: tid = 0x1a1f80, 0x000000010015e1ff node`v8::Value::IntegerValue(v8::Local<v8::Context>) const + 415, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=EXC_I386_GPFLT)
    frame #0: 0x000000010015e1ff node`v8::Value::IntegerValue(v8::Local<v8::Context>) const + 415
node`v8::Value::IntegerValue:
->  0x10015e1ff <+415>: cvttsd2si 0x7(%rdx), %rdx
    0x10015e205 <+421>: jmp    0x10015e20b               ; <+427>
    0x10015e207 <+423>: sarq   $0x20, %rdx
    0x10015e20b <+427>: movb   $0x1, %al
(lldb) bt
* thread #1: tid = 0x1a1f80, 0x000000010015e1ff node`v8::Value::IntegerValue(v8::Local<v8::Context>) const + 415, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=EXC_I386_GPFLT)
  * frame #0: 0x000000010015e1ff node`v8::Value::IntegerValue(v8::Local<v8::Context>) const + 415
    frame #1: 0x000000010015e2c9 node`v8::Value::IntegerValue() const + 169
    frame #2: 0x00000001006b2af7 node`node::ProcessWrap::ParseStdioOptions(node::Environment*, v8::Local<v8::Object>, uv_process_options_s*) + 483
    frame #3: 0x00000001006b22e9 node`node::ProcessWrap::Spawn(v8::FunctionCallbackInfo<v8::Value> const&) + 1109
    frame #4: 0x000000010017fcfe node`v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) + 158
    frame #5: 0x00000001001a9735 node`v8::internal::MaybeHandle<v8::internal::Object> v8::internal::HandleApiCallHelper<false>(v8::internal::Isolate*, v8::internal::(anonymous namespace)::BuiltinArguments<(v8::internal::BuiltinExtraArguments)1>&) + 1125
    frame #6: 0x00000001001ac5bd node`v8::internal::Builtin_HandleApiCall(int, v8::internal::Object**, v8::internal::Isolate*) + 61
    frame #7: 0x00001b54705060bb
    frame #8: 0x00001b54705db6f1
    frame #9: 0x00001b54705d998d
    frame #10: 0x00001b5470519494
    frame #11: 0x00001b54705bae73
    frame #12: 0x00001b547051f5c7
    frame #13: 0x00001b54705ba497
    frame #14: 0x00001b54705b4325
    frame #15: 0x00001b54705b0dd2
    frame #16: 0x00001b54705a6bd0
    frame #17: 0x00001b54705a6303
    frame #18: 0x00001b5470577965
    frame #19: 0x00001b5470575e12
    frame #20: 0x00001b5470519f7d
    frame #21: 0x00001b54705189e2
    frame #22: 0x00000001002ecaec node`v8::internal::Invoke(bool, v8::internal::Handle<v8::internal::JSFunction>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*) + 732
    frame #23: 0x0000000100166724 node`v8::Function::Call(v8::Local<v8::Context>, v8::Local<v8::Value>, int, v8::Local<v8::Value>*) + 276
    frame #24: 0x0000000100685954 node`node::LoadEnvironment(node::Environment*) + 478
    frame #25: 0x0000000100686cfc node`node::Start(int, char**) + 474
    frame #26: 0x0000000100001034 node`start + 52

Fishrock123 · 2015-09-07T14:39:00Z

@silverwind could you get the JavaScript stack out of that too? You can use https://github.com/thlorenz/lldb-jbt for that.

silverwind · 2015-09-07T15:38:05Z

@Fishrock123 hmm, can't get that to work:

$ source jbt
Now debug your node process with lldb and ensure to use the '--perf-basic-prof' flag.
In lldb run 'command script import jbt' to initialize the command.
$ lldb -- node --perf-basic-prof seg
(lldb) target create "node"
Current executable set to 'node' (x86_64).
(lldb) settings set -- target.run-args  "--perf-basic-prof" "seg"
(lldb) command script import jbt
error: module importing failed: No module named jbt
  File "temp.py", line 1, in <module>

Anyways, for all I know, #2722 fixes the issue.

Fishrock123 · 2015-09-07T15:49:31Z

@silverwind you installed it globally, right? Maybe try watching the screencast?
cc @thlorenz

silverwind · 2015-09-07T16:21:14Z

Yeah, of course. I'm doing it like in the screencast. Maybe try for yourself, you should see the segfault with current master or the 4.0 RCs.

Should be fixed deps/v8/src/api.cc Workaround solution will be the next commit

evanlucas · 2015-09-07T17:19:59Z

Ah this is actually a bug in child_process. PR incoming

brodycj · 2015-09-07T17:31:12Z

Please make sure you include a test. I issued #2725 with the test that was included in PR #2722, with the original author preserved in the commit.

When passing `process.stdin` in `stdio` options to `child_process.spawn`, make sure that its `fd` is getting passed properly to the C++ internals. It is `0`, so the `stdio.fd || stdio` check will return `process.stdin`, instead of the number. Fix: nodejs#2721

Previously, in _validateStdio we were using stdio.fd || stdio. If stdio.fd was falsy (or 0 in the case of stdin), then the entire stdio object would be passed which could cause a crash. Fixes: nodejs#2721 PR-URL: nodejs#2727 Reviewed-By: silverwind - Roman Reiss <me@silverwind.io> Reviewed-By: cjihrig - Colin Ihrig <cjihrig@gmail.com> Reviewed-By: indutny - Fedor Indutny <fedor.indutny@gmail.com>

Previously, in _validateStdio we were using stdio.fd || stdio. If stdio.fd was falsy (or 0 in the case of stdin), then the entire stdio object would be passed which could cause a crash. Fixes: #2721 PR-URL: #2727 Reviewed-By: silverwind - Roman Reiss <me@silverwind.io> Reviewed-By: cjihrig - Colin Ihrig <cjihrig@gmail.com> Reviewed-By: indutny - Fedor Indutny <fedor.indutny@gmail.com>

silverwind · 2015-09-08T01:40:48Z

Fixed in evanlucas@3bc7e58

Previously, in _validateStdio we were using stdio.fd || stdio. If stdio.fd was falsy (or 0 in the case of stdin), then the entire stdio object would be passed which could cause a crash. Fixes: #2721 PR-URL: #2727 Reviewed-By: silverwind - Roman Reiss <me@silverwind.io> Reviewed-By: cjihrig - Colin Ihrig <cjihrig@gmail.com> Reviewed-By: indutny - Fedor Indutny <fedor.indutny@gmail.com>

pmq20 mentioned this issue Sep 7, 2015

v8: fix segmentation faults caused by IntegerValue #2722

Closed

silverwind added confirmed-bug Issues with confirmed bugs. c++ Issues and PRs that require attention from people who are familiar with C++. labels Sep 7, 2015

silverwind added v8 engine Issues and PRs related to the V8 dependency. and removed c++ Issues and PRs that require attention from people who are familiar with C++. labels Sep 7, 2015

brodycj pushed a commit to brodycj/node that referenced this issue Sep 7, 2015

v8: *test* segmentation faults related to IntegerValue (nodejs#2721)

6d34031

Should be fixed deps/v8/src/api.cc Workaround solution will be the next commit

brodycj pushed a commit to brodycj/node that referenced this issue Sep 7, 2015

Workaround solution for nodejs#2721 as suggested by @evanlucas

fb578f5

brodycj mentioned this issue Sep 7, 2015

Workaround for crash in #2721 on 4.0.0-rc #2726

Closed

evanlucas mentioned this issue Sep 7, 2015

child_process: use stdio.fd even if it is 0 #2727

Merged

mscdex added the child_process Issues and PRs related to the child_process subsystem. label Sep 7, 2015

indutny mentioned this issue Sep 7, 2015

child_process: handle zero fd in process.stdin #2730

Closed

skomski mentioned this issue Sep 7, 2015

Fix v8_enable_handle_zapping for 4.5 #2731

Closed

silverwind closed this as completed Sep 8, 2015

s4sc mentioned this issue Nov 30, 2023

[Snyk] Fix for 1 vulnerabilities s4sc/node#34

Open

AyushG3112 mentioned this issue Nov 30, 2023

[Snyk] Fix for 1 vulnerabilities AyushG3112/node#36

Open

Megoy-Tambayan mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities Megoy-Tambayan/node#2

Open

Dixiejane mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities Dixiejane/node#17

Open

JCsomeShots mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities JCsomeShots/node#13

Open

jj-crypto mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities jj-crypto/node#26

Open

ZRDK mentioned this issue Feb 11, 2024

[Snyk] Security upgrade node-gyp from 9.4.1 to 10.0.0 ZRDK/node#67

Open

buzzlightyear726 mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities buzzlightyear726/node#44

Open

Renukaloch mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities Renukaloch/node#26

Open

MaxMood96 mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities MaxMood96/node#44

Open

davidmather mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities davidmather/node#18

Open

mrod0101 mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities mrod0101/node#14

Open

CxsLucyfer mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities CxsLucyfer/node#7

Open

dewaynesmith3711 mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities dewaynesmith3711/node#77

Open

kingjay66 mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities kingjay66/node#9

Open

zhangpan0907 mentioned this issue Feb 11, 2024

[Snyk] Fix for 1 vulnerabilities zhangpan0907/node#5

Open

Supermajestcd mentioned this issue Feb 12, 2024

[Snyk] Fix for 1 vulnerabilities Supermajestcd/node#23

Open

MatheusKael mentioned this issue Feb 12, 2024

[Snyk] Fix for 1 vulnerabilities MatheusKael/node#20

Open

SanchitMahajan236 mentioned this issue Feb 12, 2024

[Snyk] Fix for 1 vulnerabilities SanchitMahajan236/node#28

Open

terrorizer1980 mentioned this issue Feb 12, 2024

[Snyk] Fix for 1 vulnerabilities Exhorder6/node#29

Open

myvali998 mentioned this issue Feb 12, 2024

[Snyk] Fix for 1 vulnerabilities myvali998/node#14

Open

ambai mentioned this issue Feb 12, 2024

[Snyk] Security upgrade node-gyp from 9.4.1 to 10.0.0 ambai/node#73

Open

dewaynesmith3711 mentioned this issue Feb 12, 2024

[Snyk] Security upgrade node-gyp from 8.4.1 to 10.0.0 dewaynesmith3711/node#79

Open

BryanLaura mentioned this issue Feb 12, 2024

[Snyk] Security upgrade node-gyp from 8.4.1 to 10.0.0 BryanLaura/node#89

Open

nicholaschoi168 mentioned this issue Feb 12, 2024

[Snyk] Fix for 1 vulnerabilities nicholaschoi168/node#19

Open

jefeaguila mentioned this issue Feb 12, 2024

[Snyk] Security upgrade node-gyp from 9.4.1 to 10.0.0 jefeaguila/node#54

Open

Michaela813 mentioned this issue Feb 12, 2024

[Snyk] Security upgrade node-gyp from 9.4.1 to 10.0.0 Michaela813/node#57

Open

chrismilleruk mentioned this issue Feb 12, 2024

[Snyk] Fix for 1 vulnerabilities chrismilleruk/node#16

Open

Michaela813 mentioned this issue Feb 12, 2024

[Snyk] Fix for 1 vulnerabilities Michaela813/node#58

Open

JoanKalanzi1 mentioned this issue Feb 12, 2024

[Snyk] Fix for 1 vulnerabilities JoanKalanzi1/node#18

Open

BryanLaura mentioned this issue Feb 12, 2024

[Snyk] Fix for 1 vulnerabilities BryanLaura/node#90

Open

aliscco mentioned this issue May 14, 2024

[Snyk] Fix for 2 vulnerabilities aliscco/alisco-node#1459

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Yet another segmentation fault in node-v4.0.0-rc.1 #2721

Yet another segmentation fault in node-v4.0.0-rc.1 #2721

pmq20 commented Sep 7, 2015

silverwind commented Sep 7, 2015

Fishrock123 commented Sep 7, 2015

silverwind commented Sep 7, 2015

Fishrock123 commented Sep 7, 2015

silverwind commented Sep 7, 2015

evanlucas commented Sep 7, 2015

brodycj commented Sep 7, 2015

silverwind commented Sep 8, 2015

Yet another segmentation fault in node-v4.0.0-rc.1 #2721

Yet another segmentation fault in node-v4.0.0-rc.1 #2721

Comments

pmq20 commented Sep 7, 2015

silverwind commented Sep 7, 2015

Fishrock123 commented Sep 7, 2015

silverwind commented Sep 7, 2015

Fishrock123 commented Sep 7, 2015

silverwind commented Sep 7, 2015

evanlucas commented Sep 7, 2015

brodycj commented Sep 7, 2015

silverwind commented Sep 8, 2015