29954 2009-10-01 01:14:04 -0700 [MIPS] WebKit SIGBUS when destroying old page (closing tab or simply reloading a web page) 2014-09-30 03:12:54 -0700 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) Other Linux UNCONFIRMED P2 Normal --- 0 michael.heide webkit-unassigned commit-queue deepak.m gnome jacob mrobinson petr.pisar oldest_to_newest 151478 0 michael.heide 2009-10-01 01:14:04 -0700 I'm trying to use webkit with a Loongson 2F machine (Fuloong 2F) (MIPS64 N32 with Loongson specific instructions). I'm using Gentoo Linux and I tried arora (qt-webkit 4.5.2-r1) and midori (webkit-gtk 1.1.10). Both are crashing with the similar Bus Error when closing tabs or loading a new web page in an old tab (i.e. clicking on a link). Middleclicking a link, i.e. open in a new tab, is working fine. backtraces: (midori, webkit-gtk) Program received signal SIGBUS, Bus error. [Switching to Thread 0x2fc28eb0 (LWP 1181)] 0x2c6ed84c in WebCore::TimerBase::setNextFireTime (this=0x111a0364, newTime=0) at WebCore/platform/Timer.cpp:302 302 WebCore/platform/Timer.cpp: No such file or directory. in WebCore/platform/Timer.cpp Current language: auto; currently c++ (gdb) bt #0 0x2c6ed84c in WebCore::TimerBase::setNextFireTime (this=0x111a0364, newTime=0) at WebCore/platform/Timer.cpp:302 #1 0x2c6ecf94 in WebCore::TimerBase::stop (this=0x111a0364) at WebCore/platform/Timer.cpp:197 #2 0x2c6ecb10 in ~TimerBase (this=0x111a0364) at WebCore/platform/Timer.cpp:180 #3 0x2c94a2fc in ~Timer (this=0x111a0364) at ./WebCore/platform/Timer.h:90 #4 0x2c943250 in ~RenderTextControlSingleLine (this=0x111a02c4) at WebCore/rendering/RenderTextControlSingleLine.cpp:70 #5 0x2c8f0708 in WebCore::RenderObject::arenaDelete (this=0x111a02c4, [...] (arora, qt-webkit) Program received signal SIGBUS, Bus error. [Switching to Thread 0x2aace200 (LWP 6063)] 0x2b5ab47c in WebCore::TimerBase::setNextFireTime () from /usr/lib/qt4/libQtWebKit.so.4 (gdb) bt #0 0x2b5ab47c in WebCore::TimerBase::setNextFireTime () from /usr/lib/qt4/libQtWebKit.so.4 #1 0x2b5ab124 in WebCore::TimerBase::stop () from /usr/lib/qt4/libQtWebKit.so.4 #2 0x2b5aaec0 in WebCore::TimerBase::~TimerBase () from /usr/lib/qt4/libQtWebKit.so.4 #3 0x2b728218 in WebCore::Timer<WebCore::RenderTextControlSingleLine>::~Timer () from /usr/lib/qt4/libQtWebKit.so.4 #4 0x2b722550 in WebCore::RenderTextControlSingleLine::~RenderTextControlSingleLine () from /usr/lib/qt4/libQtWebKit.so.4 #5 0x2b6dcd1c in WebCore::RenderObject::arenaDelete () from /usr/lib/qt4/libQtWebKit.so.4 #6 0x2b6dca48 in WebCore::RenderObject::destroy () from /usr/lib/qt4/libQtWebKit.so.4 [...] (If you tell me I can upload longer backtraces or other gdb outputs) The bus error occurs while reading the value in m_nextFireTime: "double oldTime = m_nextFireTime;" -> SIGBUS. I'm not a developer so I cannot debug it by myself, but I added the following at the beginning of void TimerBase::setNextFireTime(double newTime): printf(" m_nextFireTimeAddress:%i \n",&m_nextFireTime); fflush(stdout); printf(" m_nextFireTime:%e \n",m_nextFireTime); fflush(stdout); Webkit now prints many of those messages, as long as I do not close a tab or load a new page in an existing tab. It seems there are many timers destroyed successfully. But if I close a tab or simply click a link in an existing web page which opens in the current window, the last line printed before SIGBUS is m_nextFireTimeAddress:xxx. The address printed is always near all those adresses printed before, so for me it seems it could be a valid one. (btw: it's a 32 bit binary, but the kernel is 64bit. Is "%i" right then??) But while many addresses printed without crashing webkit are printed multiple times, the crashing one I cannot find upwards. 243638 1 jacob 2010-06-28 03:03:32 -0700 I'm hitting this same issue on an older build (r44552) and was able to get rid of the SIGBUS crash by using a patch very similar to one used for Sparc as listed in bug 19946. https://bugs.webkit.org/show_bug.cgi?id=19946 This involves dealing with alignment in the Arena memory management and solves the problem (I think), and I am able click links and browse, but hitting pages with lots of content causes a SIGSEGV consistently. No stability. I'm curious to know if there is a good solution to this. 264663 2 deepak.m 2010-08-14 02:34:54 -0700 Even I am facing same issue .. My browser doesnt have any tabs , but whenver i click on new links it crashes. I found many bug topics related to alignment issues on mips, following link helped in solve many alignment warnings , but still im getting bus error :( https://bugs.webkit.org/show_bug.cgi?id=29415 https://bugs.webkit.org/show_bug.cgi?id=38045 Thanks 310438 3 petr.pisar 2010-11-17 12:12:22 -0800 webkit-gtk-1.2.5 inside Midori affected too (MIPS64 with n32 user space, Loongson processor, Gentoo). 431493 4 99530 mtjm 2011-07-01 15:43:33 -0700 Created attachment 99530 patch enabling the fix for other architectures on MIPS N32 This patch for WebKit GTK 1.4.1 enables treating MIPS N32 as MIPS, so the alignment fix for O32 is used. It also disables JIT on MIPS N32, since it needs a nonavailable file. 988546 5 commit-queue 2014-03-08 03:58:47 -0800 Attachment 99530 did not pass style-queue: Total errors found: 0 in 0 files If any of these errors are false positives, please file a bug against check-webkit-style. 998970 6 mrobinson 2014-04-08 18:17:29 -0700 Still a problem? 99530 2011-07-01 15:43:33 -0700 2011-07-01 15:43:33 -0700 patch enabling the fix for other architectures on MIPS N32 fix-mips-n32.patch text/plain 1085 mtjm LS0tIHdlYmtpdC0xLjQuMS5vcmlnL1NvdXJjZS9KYXZhU2NyaXB0Q29yZS93dGYvUGxhdGZvcm0u aAkyMDExLTA2LTMwIDEyOjE0OjAxLjU3MjExOTkwOSArMDIwMAorKysgd2Via2l0LTEuNC4xL1Nv dXJjZS9KYXZhU2NyaXB0Q29yZS93dGYvUGxhdGZvcm0uaAkyMDExLTA2LTMwIDEyOjE3OjAwLjM1 MjM4MjI2MiArMDIwMApAQCAtMTM5LDggKzEzOSw5IEBACiAKIC8qIENQVShNSVBTKSAtIE1JUFMg MzItYml0ICovCiAvKiBOb3RlOiBPbmx5IE8zMiBBQkkgaXMgdGVzdGVkLCBzbyB3ZSBlbmFibGUg aXQgZm9yIE8zMiBBQkkgZm9yIG5vdy4gICovCisvKiBOMzIgaXMgYWxzbyB0ZXN0ZWQsIHdpdGhv dXQgSklULiAqLwogI2lmIChkZWZpbmVkKG1pcHMpIHx8IGRlZmluZWQoX19taXBzX18pIHx8IGRl ZmluZWQoTUlQUykgfHwgZGVmaW5lZChfTUlQU18pKSBcCi0gICAgJiYgZGVmaW5lZChfQUJJTzMy KQorICAmJiAoZGVmaW5lZChfQUJJTzMyKSB8fCBkZWZpbmVkKF9BQklOMzIpKQogI2RlZmluZSBX VEZfQ1BVX01JUFMgMQogI2lmIGRlZmluZWQoX19NSVBTRUJfXykKICNkZWZpbmUgV1RGX0NQVV9C SUdfRU5ESUFOIDEKQEAgLTEwMDksOSArMTAxMCw5IEBACiAjZGVmaW5lIEVOQUJMRV9KSVQgMAog I2VuZGlmCiAKLS8qIFRoZSBKSVQgaXMgZW5hYmxlZCBieSBkZWZhdWx0IG9uIGFsbCB4ODYsIHg2 NC02NCwgQVJNICYgTUlQUyBwbGF0Zm9ybXMuICovCisvKiBUaGUgSklUIGlzIGVuYWJsZWQgYnkg ZGVmYXVsdCBvbiBhbGwgeDg2LCB4NjQtNjQsIEFSTSAmIE1JUFMgTzMyIHBsYXRmb3Jtcy4gKi8K ICNpZiAhZGVmaW5lZChFTkFCTEVfSklUKSBcCi0gICAgJiYgKENQVShYODYpIHx8IENQVShYODZf NjQpIHx8IENQVShBUk0pIHx8IENQVShNSVBTKSkgXAorICAgICYmIChDUFUoWDg2KSB8fCBDUFUo WDg2XzY0KSB8fCBDUFUoQVJNKSB8fCAoQ1BVKE1JUFMpICYmIGRlZmluZWQoX0FCSU8zMikpKSBc CiAgICAgJiYgKE9TKERBUldJTikgfHwgIUNPTVBJTEVSKEdDQykgfHwgR0NDX1ZFUlNJT05fQVRf TEVBU1QoNCwgMSwgMCkpIFwKICAgICAmJiAhT1MoV0lOQ0UpCiAjZGVmaW5lIEVOQUJMRV9KSVQg MQo=