renderer process gets SIGBUS in 1.19.5 on arale

Not seeing the problem on an M10 running a xenial arm64 image (in comparison my MX4 runs a vivid armhf image).

I’ve done a local cross-build of oxide 1.19.5 in debug mode to try and get a useful stacktrace, but the crash doesn’t happen with that build.

I’ve managed to reproduce the crash on my M10 running a vivid armhf image, and captured the following stacktrace:

Program received signal SIGBUS, Bus error.
__fill_a<v8::internal::compiler::InstructionOperand*, v8::internal::compiler::InstructionOperand> () at /usr/include/c++/4.9/bits/stl_algobase.h:693
693 /usr/include/c++/4.9/bits/stl_algobase.h: No such file or directory.
(gdb) bt
#0 __fill_a<v8::internal::compiler::InstructionOperand*, v8::internal::compiler::InstructionOperand> () at /usr/include/c++/4.9/bits/stl_algobase.h:693
#1 fill<v8::internal::compiler::InstructionOperand*, v8::internal::compiler::InstructionOperand> () at /usr/include/c++/4.9/bits/stl_algobase.h:739
#2 EmitTableSwitch () at ../../v8/src/compiler/instruction-selector.cc:1491
#3 0xf47c0abc in VisitSwitch ()
    at ../../v8/src/compiler/arm/instruction-selector-arm.cc:2036
#4 0xf435ef9c in VisitControl ()
    at ../../v8/src/compiler/instruction-selector.cc:907
#5 0xf435f074 in VisitBlock ()
    at ../../v8/src/compiler/instruction-selector.cc:812
#6 0xf435f266 in SelectInstructions ()
    at ../../v8/src/compiler/instruction-selector.cc:69
#7 0xf43b1232 in Run () at ../../v8/src/compiler/pipeline.cc:1244
#8 Run<v8::internal::compiler::InstructionSelectionPhase, v8::internal::compiler::Linkage*> () at ../../v8/src/compiler/pipeline.cc:719
#9 0xf43b350a in ScheduleAndSelectInstructions ()
    at ../../v8/src/compiler/pipeline.cc:1773
#10 0xf43b442e in ScheduleAndGenerateCode ()
    at ../../v8/src/compiler/pipeline.cc:1874
#11 GenerateCodeForCodeStub () at ../../v8/src/compiler/pipeline.cc:1669
#12 0xf43330e8 in GenerateCode () at ../../v8/src/compiler/code-assembler.cc:73
#13 0xf42ffc00 in GenerateCode () at ../../v8/src/code-stubs.cc:419
#14 0xf430c2f8 in GetCode () at ../../v8/src/code-stubs.cc:155
#15 0xf42e4c26 in make_callable<v8::internal::EqualStub> ()
    at ../../v8/src/code-factory.cc:19
#16 Equal () at ../../v8/src/code-factory.cc:365
#17 0xf436f690 in LowerJSEqual ()
    at ../../v8/src/compiler/js-generic-lowering.cc:73
#18 0xf437217c in Reduce () at ../../v8/src/compiler/js-generic-lowering.cc:42
#19 0xf4352c7a in Reduce () at ../../v8/src/compiler/graph-reducer.cc:83
#20 ReduceTop () at ../../v8/src/compiler/graph-reducer.cc:133
#21 0xf4352e22 in ReduceNode () at ../../v8/src/compiler/graph-reducer.cc:54
#22 0xf43b4a70 in Run () at ../../v8/src/compiler/pipeline.cc:1008
#23 Run<v8::internal::compiler::GenericLoweringPhase> ()
    at ../../v8/src/compiler/pipeline.cc:712
#24 0xf43b58ba in CreateGraph () at ../../v8/src/compiler/pipeline.cc:1586
#25 0xf43b605c in PrepareJobImpl () at ../../v8/src/compiler/pipeline.cc:628
#26 0xf4313aea in PrepareJob () at ../../v8/src/compiler.cc:89
#27 0xf43173d8 in GetOptimizedCodeLater () at ../../v8/src/compiler.cc:633
#28 GetOptimizedCode () at ../../v8/src/compiler.cc:755
#29 0xf4317cc8 in CompileOptimized () at ../../v8/src/compiler.cc:1240
#30 0xf466dc9c in __RT_impl_Runtime_CompileOptimized_Concurrent ()
    at ../../v8/src/runtime/runtime-compiler.cc:64
#31 Runtime_CompileOptimized_Concurrent ()
    at ../../v8/src/runtime/runtime-compiler.cc:58
#32 0x2238633c in ?? ()
Backtrace stopped: previous fr...

The stacktrace is very similar to the one in https://bugs.chromium.org/p/v8/issues/detail?id=5668.

Looks like this has the same root cause as bug #1642317.

I can confirm the problem on Krillin, running image r467, ie from
2016/11/09, this is pre-OTA-14, but already had a change which triggers
this issue.

On Fri, Dec 9, 2016 at 10:52 PM, Olivier Tilloy <
<email address hidden>> wrote:

> Public bug reported:
>
> I’ve just installed oxide 1.19.5 on arale (running latest rc-proposed)
> from https://launchpad.net/~ci-train-ppa-
> service/+archive/ubuntu/2263/+packages , and when opening a page
> (testing with http://whatsmyua.com/) in webbrowser-app, I’m reliably
> getting the sad tab.
>
> Here is what I get in the app’s log:
>
> getrlimit(RLIMIT_NOFILE) failed
> [1209/224850:ERROR:gles2_cmd_decoder.cc(2379)] [GroupMarkerNotSet(
> crbug.com/242999)!:78729093]GL ERROR :GL_INVALID_OPERATION :
> BackFramebuffer::Create: <- error from previous GL command
> Received signal 7 BUS_ADRALN 0000020b9014
> #0 0x0000b48c02d6 <unknown>
> #1 0x0000b48c05e8 <unknown>
> #2 0x0000b392a250 <unknown>
> #3 0x0000b42e77f8 <unknown>
> #4 0x0000b474fabc <unknown>
> #5 0x0000b42edf9c <unknown>
> #6 0x0000b42ee074 <unknown>
> #7 0x0000b42ee266 <unknown>
> #8 0x0000b4340232 <unknown>
> #9 0x0000b434250a <unknown>
> #10 0x0000b434342e <unknown>
> #11 0x0000b42c20e8 <unknown>
> #12 0x0000b428ec00 <unknown>
> #13 0x0000b429b2f8 <unknown>
> #14 0x0000b4273c26 <unknown>
> #15 0x0000b42fe690 <unknown>
> #16 0x0000b430117c <unknown>
> #17 0x0000b42e1c7a <unknown>
> #18 0x0000b42e1e22 <unknown>
> #19 0x0000b4343a70 <unknown>
> #20 0x0000b43448ba <unknown>
> #21 0x0000b434505c <unknown>
> #22 0x0000b42a2aea <unknown>
> #23 0x0000b42a63d8 <unknown>
> #24 0x0000b42a6cc8 <unknown>
> #25 0x0000b45fcc9c <unknown>
> [end of stack trace]
>
> ** Affects: oxide
> Importance: Undecided
> Status: New
>
> --
> You received this bug notification because you are a member of Ubuntu
> WebApps bug tracking, which is subscribed to Oxide.
> https://bugs.launchpad.net/bugs/1648891
>
> Title:
> renderer process gets SIGBUS in 1.19.5 on arale
>
> Status in Oxide:
> New
>
> Bug description:
> I’ve just installed oxide 1.19.5 on arale (running latest rc-proposed)
> from https://launchpad.net/~ci-train-ppa-
> service/+archive/ubuntu/2263/+packages , and when opening a page
> (testing with http://whatsmyua.com/) in webbrowser-app, I’m reliably
> getting the sad tab.
>
> Here is what I get in the app’s log:
>
> getrlimit(RLIMIT_NOFILE) failed
> [1209/224850:ERROR:gles2_cmd_decoder.cc(2379)] [GroupMarkerNotSet(
> crbug.com/242999)!:78729093]GL ERROR :GL_INVALID_OPERATION :
> BackFramebuffer::Create: <- error from previous GL command
> Received signal 7 BUS_ADRALN 0000020b9014
> #0 0x0000b48c02d6 <unknown>
> #1 0x0000b48c05e8 <unknown>
> #2 0x0000b392a250 <unknown>
> #3 0x0000b42e77f8 <unknown>
> #4 0x0000b474fabc <unknown>
> #5 0x0000b42edf9c <unknown>
> #6 0x0000b42ee074 <unknown>
> #7 0x0000b42ee266 <unknown>
> #8 0x0000b4340232 <unknown>
> #9 0x0000b434250a <unknown>
> #10 0x0000b434342e <unknown>
> #11 0x0000b42c20e8 <unknown>
> #12 0x0000b428ec00 <unknown>
> #13 0x0000b429b2f8 <unknown>
> #14 0x0000b4273c26 <unknown>
> #15 0x0000b42fe690 <unknown>
> #16 0x0000b430117c <unknown>
> ...

Adding Santosh to the bug.

@santoshbit2007: can you help Olivier debug this issue? it is blocking the
1.19 release update right now. thanks

On Tue, Dec 13, 2016 at 11:06 AM, David Barth <email address hidden>
wrote:

> I can confirm the problem on Krillin, running image r467, ie from
> 2016/11/09, this is pre-OTA-14, but already had a change which triggers
> this issue.
>
> On Fri, Dec 9, 2016 at 10:52 PM, Olivier Tilloy <
> <email address hidden>> wrote:
>
>> Public bug reported:
>>
>> I’ve just installed oxide 1.19.5 on arale (running latest rc-proposed)
>> from https://launchpad.net/~ci-train-ppa-
>> service/+archive/ubuntu/2263/+packages , and when opening a page
>> (testing with http://whatsmyua.com/) in webbrowser-app, I’m reliably
>> getting the sad tab.
>>
>> Here is what I get in the app’s log:
>>
>> getrlimit(RLIMIT_NOFILE) failed
>> [1209/224850:ERROR:gles2_cmd_decoder.cc(2379)] [GroupMarkerNotSet(
>> crbug.com/242999)!:78729093]GL <http://crbug.com/242999)!:78729093%5DGL>
>> ERROR :GL_INVALID_OPERATION : BackFramebuffer::Create: <- error from
>> previous GL command
>> Received signal 7 BUS_ADRALN 0000020b9014
>> #0 0x0000b48c02d6 <unknown>
>> #1 0x0000b48c05e8 <unknown>
>> #2 0x0000b392a250 <unknown>
>> #3 0x0000b42e77f8 <unknown>
>> #4 0x0000b474fabc <unknown>
>> #5 0x0000b42edf9c <unknown>
>> #6 0x0000b42ee074 <unknown>
>> #7 0x0000b42ee266 <unknown>
>> #8 0x0000b4340232 <unknown>
>> #9 0x0000b434250a <unknown>
>> #10 0x0000b434342e <unknown>
>> #11 0x0000b42c20e8 <unknown>
>> #12 0x0000b428ec00 <unknown>
>> #13 0x0000b429b2f8 <unknown>
>> #14 0x0000b4273c26 <unknown>
>> #15 0x0000b42fe690 <unknown>
>> #16 0x0000b430117c <unknown>
>> #17 0x0000b42e1c7a <unknown>
>> #18 0x0000b42e1e22 <unknown>
>> #19 0x0000b4343a70 <unknown>
>> #20 0x0000b43448ba <unknown>
>> #21 0x0000b434505c <unknown>
>> #22 0x0000b42a2aea <unknown>
>> #23 0x0000b42a63d8 <unknown>
>> #24 0x0000b42a6cc8 <unknown>
>> #25 0x0000b45fcc9c <unknown>
>> [end of stack trace]
>>
>> ** Affects: oxide
>> Importance: Undecided
>> Status: New
>>
>> --
>> You received this bug notification because you are a member of Ubuntu
>> WebApps bug tracking, which is subscribed to Oxide.
>> https://bugs.launchpad.net/bugs/1648891
>>
>> Title:
>> renderer process gets SIGBUS in 1.19.5 on arale
>>
>> Status in Oxide:
>> New
>>
>> Bug description:
>> I’ve just installed oxide 1.19.5 on arale (running latest rc-proposed)
>> from https://launchpad.net/~ci-train-ppa-
>> service/+archive/ubuntu/2263/+packages , and when opening a page
>> (testing with http://whatsmyua.com/) in webbrowser-app, I’m reliably
>> getting the sad tab.
>>
>> Here is what I get in the app’s log:
>>
>> getrlimit(RLIMIT_NOFILE) failed
>> [1209/224850:ERROR:gles2_cmd_decoder.cc(2379)] [GroupMarkerNotSet(
>> crbug.com/242999)!:78729093]GL <http://crbug.com/242999)!:78729093%5DGL>
>> ERROR :GL_INVALID_OPERATION : BackFramebuffer::Create: <- error from
>> previous GL command
>> Received signal 7 BUS_ADRALN 0000020b9014
>> #0 0x0000b48c02d6 <unknown>
>> #1 0x0000b48c05e8 <unknown>
>> #2 0x0000b392a250 <unknown>
>> #3 0x0000b42e77f8 <unknown>
>> #4 0x0000b474fabc ...

There's nothing left to debug - the information Olivier has provided is pretty much enough to confirm that it's the same issue as bug 1642317, for which there is already a patch.

Until this is fixed in upstream v8, we will distropatch https://bugs.chromium.org/p/v8/issues/attachmentText?aid=260809.