#16931: Crash in BPrivate::processHeap::free(void*)
--------------------------------+-----------------------------
Reporter: humdinger | Owner: axeld
Type: bug | Status: new
Priority: normal | Milestone: Unscheduled
Component: Servers/app_server | Version: R1/Development
Keywords: | Blocked By:
Blocking: | Platform: All
--------------------------------+-----------------------------
This is hrev55064, 64bits
Had an app-server crash. Along with a 'rebased' WebPositive (I think
compiled on 2nd April 2021), I was running a current HaikuLauncher (built
2nd May 2021) checking if some issue on the Gerrit site solved itself...
So, I'm not quite sure who triggered the app_server crash, but I'd say it
was the HaikuLauncher's tool tip.
Here a snippet, full debug report attached:
{{{
thread 3534: w:985:tool tip
state: Exception (General protection fault)
Frame IP Function Name
-----------------------------------------------
0x7fffd2602080 0x1f2dd0ecf91 BPrivate::processHeap::free(void*) + 0x41
Disassembly:
BPrivate::processHeap::free(void*):
0x000001f2dd0ecf50: 4885f6 test %rsi, %rsi
0x000001f2dd0ecf53: 0f8447010000 jz 0x1f2dd0ed0a0
0x000001f2dd0ecf59: 55 push %rbp
0x000001f2dd0ecf5a: 488d46f0 lea -0x10(%rsi),
%rax
0x000001f2dd0ecf5e: 4889e5 mov %rsp, %rbp
0x000001f2dd0ecf61: 4156 push %r14
0x000001f2dd0ecf63: 4155 push %r13
0x000001f2dd0ecf65: 4154 push %r12
0x000001f2dd0ecf67: 53 push %rbx
0x000001f2dd0ecf68: 4883ec10 sub $0x10, %rsp
0x000001f2dd0ecf6c: 488b56f0 mov -0x10(%rsi),
%rdx
0x000001f2dd0ecf70: 488945d0 mov %rax,
-0x30(%rbp)
0x000001f2dd0ecf74: f6c201 test $0x1, %dl
0x000001f2dd0ecf77: 0f85f3000000 jnz 0x1f2dd0ed070
0x000001f2dd0ecf7d: 4989fc mov %rdi, %r12
0x000001f2dd0ecf80: 488b7808 mov 0x8(%rax), %rdi
0x000001f2dd0ecf84: 48897dd8 mov %rdi,
-0x28(%rbp)
0x000001f2dd0ecf88: 4885ff test %rdi, %rdi
0x000001f2dd0ecf8b: 0f846d010000 jz 0x1f2dd0ed0fe
0x000001f2dd0ecf91: 8b4704 mov 0x4(%rdi), %eax
<--
Frame memory:
[0x7fffd2602040] 0Y......UVVVWWWX 30 59 c3 02 ee 11 00
00 55 56 56 56 57 57 57 58
[0x7fffd2602050] @Y.............. 40 59 c3 02 ee 11 00
00 84 ff ff ff 00 00 00 00
[0x7fffd2602060] ................ 00 0d 1e 04 ee 11 00
00 01 00 00 00 00 00 00 00
[0x7fffd2602070] . `....."....... 90 20 60 d2 ff 7f 00
00 22 e1 0e dd f2 01 00 00
0x7fffd26020a0 0x1f2dd0ee11d free + 0x3d
0x7fffd26020c0 0x1a4602d1cad BMessage::_Clear() + 0x4d
0x7fffd2602190 0xe4da22d2a1 Window::ResizeBy(int, int, BRegion*, bool)
+ 0x411
0x7fffd2602280 0xe4da1ef053 Desktop::ResizeWindowBy(Window*, float,
float) + 0x203
0x7fffd2602340 0xe4da2255a7 ServerWindow::_DispatchMessage(int,
BPrivate::LinkReceiver&) + 0x787
0x7fffd26023b0 0xe4da21f331 ServerWindow::_MessageLooper() + 0x191
0x7fffd26023c0 0xe4da1fd377 MessageLooper::_message_thread(void*) +
0x7
0x7fffd26023e0 0x1f2dd060367 thread_entry + 0x17
00000000 0x7fd5008a0260 commpage_thread_exit + 0
}}}
--
Ticket URL: <https://dev.haiku-os.org/ticket/16931>
Haiku <https://dev.haiku-os.org>
The Haiku operating system.