← Back to team overview

desktop-packages team mailing list archive

[Bug 1471029] Re: Segfault in xsltproc on i386

 

OK, so sampling the last two lines of the process map every 0.2 seconds:

start:
b772c000-b772e000 rw-p 00005000 fd:01 67267      /usr/bin/xsltproc
bfe83000-bfea4000 rw-p 00000000 00:00 0          [stack]
0.2s
b7894000-b849e000 rw-p 00000000 00:00 0          [heap]
bfe83000-bfea4000 rw-p 00000000 00:00 0          [stack]
0.4s
b7894000-b90d5000 rw-p 00000000 00:00 0          [heap]
bfe83000-bfea4000 rw-p 00000000 00:00 0          [stack]

The heap starts to squeeze the stack for room. When they are separated
by 64k, the heap takes over the stacks naming rights, and the sizes are
fixed:

3.6s
b7894000-bfe32000 rw-p 00000000 00:00 0          [heap]
bfe4c000-bfea4000 rw-p 00000000 00:00 0          [stack]
3.8s
b7894000-bfe32000 rw-p 00000000 00:00 0          [heap]
bfe3d000-bfea4000 rw-p 00000000 00:00 0          [stack]
4.0s
b7894000-bfe32000 rw-p 00000000 00:00 0          [heap]
bfe33000-bfea4000 rw-p 00000000 00:00 0          [heap]
4.2s
b7894000-bfe32000 rw-p 00000000 00:00 0          [heap]
bfe33000-bfea4000 rw-p 00000000 00:00 0          [heap]

The stack is fixed in size from here on in, so it is only a matter of
luck and time.

20.6s
b7894000-bfe32000 rw-p 00000000 00:00 0          [heap]
bfe33000-bfea4000 rw-p 00000000 00:00 0          [heap]
20.8s
b7894000-bfe32000 rw-p 00000000 00:00 0          [heap]
bfe33000-bfea4000 rw-p 00000000 00:00 0          [heap]

post-mortum:

b7894000-bfe32000 rw-p 00000000 00:00 0          [heap]
bfe33000-bfea4000 rw-p 00000000 00:00 0          [heap]

Why? I don't know.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libxml2 in Ubuntu.
https://bugs.launchpad.net/bugs/1471029

Title:
  Segfault in xsltproc on i386

Status in libxml2 package in Ubuntu:
  New

Bug description:
  Running the Samba autobuild tests on a 15.04 openstack image results
  in a segfault in this command:

  /usr/bin/xsltproc --nonet -o default/docs-xml/manpages/smb.conf.5
  /home/ubuntu/autobuild/b22271/samba/docs-xml/xslt/man.xsl default
  /docs-xml/manpages/smb.conf.5.xml

  I reported this upstream as a bug in xsltproc, but it was found to be
  impossible to reproduce using upstream source on the openstack
  instance:

  https://bugzilla.gnome.org/show_bug.cgi?id=751764

  Comment 8 (https://bugzilla.gnome.org/show_bug.cgi?id=751764#c8) is
  particularly informative.

  The stack trace below shows the segfault actually occurs in libxml's
  xpath evaluation functions. I see no difference between xpath.c in
  upstream 2.9.2 and Ubuntu's version.

  (gdb) bt 12
  #0  0xb760f874 in xmlXPathCompOpEval (ctxt=0xba25d3e8, op=0xb86bc818) at ../../xpath.c:13606
  #1  0xb760f82e in xmlXPathCompOpEval (ctxt=0xba25d3e8, op=0xb86bc890) at ../../xpath.c:13598
  #2  0xb7610244 in xmlXPathCompOpEval (ctxt=0xba25d3e8, op=0xb86bc8b8) at ../../xpath.c:13529
  #3  0xb760f9d6 in xmlXPathCompOpEval (ctxt=0xba25d3e8, op=0xb86bc8e0) at ../../xpath.c:13977
  #4  0xb7612735 in xmlXPathCompOpEval (op=<optimized out>, ctxt=0xba25d3e8) at ../../xpath.c:14552
  #5  xmlXPathRunEval (ctxt=0xba25d3e8, toBool=<optimized out>) at ../../xpath.c:14552
  #6  0xb76171ed in xmlXPathCompiledEvalInternal (toBool=0, resObj=<synthetic pointer>, ctxt=<optimized out>, comp=<optimized out>) at ../../xpath.c:14915
  #7  xmlXPathCompiledEval__internal_alias (comp=0xb866a948, ctx=0xb99bd308) at ../../xpath.c:14978
  #8  0xb7787260 in xsltEvalVariable (ctxt=ctxt@entry=0xb9836560, variable=variable@entry=0xba25d3b0, castedComp=0xb86a4238) at ../../../libxslt/variables.c:903
  #9  0xb778759a in xsltBuildVariable (ctxt=0xb9836560, castedComp=0xb86a4238, tree=0xb86a6978) at ../../../libxslt/variables.c:1759
  #10 0xb7788bfa in xsltParseStylesheetCallerParam (ctxt=0xb86a6978, inst=0xb86a6978) at ../../../libxslt/variables.c:1975
  #11 0xb779b9db in xsltCallTemplate (ctxt=0xb9836560, node=0xb85efed8, inst=0xb86a6880, castedComp=0xb86a4148) at ../../../libxslt/transform.c:4739
  (More stack frames follow...)

  (gdb) bt -5
  #3311 0xb779a7de in xsltProcessOneNode (ctxt=0xb9836560, contextNode=0xb97586a0, withParams=0x0) at ../../../libxslt/transform.c:2097
  #3312 0xb779d818 in xsltApplyStylesheetInternal (style=0xba25d3e8, style@entry=0xb85ee200, doc=0xb86bc7f0, doc@entry=0xb97586a0, params=0xb77ed340 <params>, 
      output=0xb85e13e0 "default/docs-xml/manpages/smb.conf.5", profile=0x0, userCtxt=0xb9836560) at ../../../libxslt/transform.c:6159
  #3313 0xb779df8d in xsltRunStylesheetUser (style=0xb85ee200, doc=0xb97586a0, params=0xb77ed340 <params>, output=0xb85e13e0 "default/docs-xml/manpages/smb.conf.5", SAX=0x0, IObuf=0x0, 
      profile=0x0, userCtxt=0xb9836560) at ../../../libxslt/transform.c:6449
  #3314 0xb77ea12c in xsltProcess (doc=0xb97586a0, cur=0xb85ee200, filename=0xbfd59812 "default/docs-xml/manpages/smb.conf.5.xml") at ../../../xsltproc/xsltproc.c:483
  #3315 0xb77e9298 in main (argc=6, argv=0xbfd58f94) at ../../../xsltproc/xsltproc.c:903

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libxml2/+bug/1471029/+subscriptions


References