Comment #5 on issue 5933 by craig.schlenter: test_shell_tests aborts due to double free on linux with hammer SHARED=1 http://code.google.com/p/chromium/issues/detail?id=5933
I'm starting to think this behaviour is explainable and I'll try to put together a much smaller test case and trace it tomorrow after I have downloaded the necessary glibc debug symbols which are unfortunately huge. Executive summary: I think linking libtest_shell.so without v8 is definitely the right answer i.e. v8 should only be linked to test_shell_tests. First some background on __cxa_finalize: http://refspecs.freestandards.org/LSB_3.2.0/LSB-Core-generic/LSB-Core-generic/baselib--- cxa_finalize.html and on a rather unexpected twist in glibc with hidden symbols and other strange exit magic: http://lists.uclibc.org/pipermail/uclibc/2005-September/012540.html Here's my theory: For the case that is crashing, both test_shell_tests and libtest_shell.so are linked against v8 and as a result each one ends up with static objects in_use_list_ and free_list_ from v8's allocation.cc that are visible with objdump or nm. Exit cleanup functions are registered for these objects in both test_shell_tests and libtest_shell.so and these exit functions are probably private to the .so and exe respectively as per the latter url. So even when __cxa_finalize marks one particular exit function as "used", the other function which destroys exactly the same objects again will still be called. The only reasonable solution to this is not to have the static data duplicated to begin with i.e. to only link v8 to test_shell_tests and not to libtest_shell.so. Comments? Thank you. -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
