Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Node 0.11 segfault problems #26

Open
joshmarinacci opened this issue May 20, 2013 · 9 comments
Open

Node 0.11 segfault problems #26

joshmarinacci opened this issue May 20, 2013 · 9 comments

Comments

@joshmarinacci
Copy link

I'm trying to track down an issue I'm having using libpng inside of a node native addon. Whenever I read a file the next call to OpenGL crashes. I've isolated it to memory allocation. If I allocate a chunk of memory in my addon (say: 10k bytes) then later on node will segfault. If I don't allocate it then node proceeds into the gl loop just fine. Any ideas what could be causing this? Is there anything in node that might be messing with memory it's not supposed to, and my malloc triggers the issue?
@paddybyers
Copy link
Owner

That's the kind of thing that happens if something is overrunning one of its buffers by a few bytes and it corrupts the headers that malloc depends on. I can't think of anything that's been changed in the Android port that would cause that. Being 0.11, and (relatively) unstable, it's possible there's a bug in the generic code, but you'd expect that kind of thing to show up fairly readily on other platforms.

Do you have the tombstone from the logcat?

@joshmarinacci
Copy link
Author

no. how to i get the tombstone?

@joshmarinacci
Copy link
Author

Okay. Here's the adb logcat log:

D/libEGL ( 380): loaded /vendor/lib/egl/libEGL_POWERVR_SGX540_120.so
D/libEGL ( 380): loaded /vendor/lib/egl/libGLESv1_CM_POWERVR_SGX540_120.so
D/libEGL ( 380): loaded /vendor/lib/egl/libGLESv2_POWERVR_SGX540_120.so
F/libc ( 380): Fatal signal 11 (SIGSEGV) at 0x0000000c (code=1), thread 380 (node)
I/DEBUG ( 126): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
I/DEBUG ( 126): Build fingerprint: 'Android/full_maguro/maguro:4.1.2/JZO54K/6:userdebug/test-keys'
I/DEBUG ( 126): pid: 380, tid: 380, name: node >>> ./node <<<
I/DEBUG ( 126): signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0000000c
I/DEBUG ( 126): r0 00000001 r1 0000000 r2 00000002 r3 00000001
I/DEBUG ( 126): r4 0000000 r5 01add780 r6 00000002 r7 40071514
I/DEBUG ( 126): r8 3682b6f9 r9 368080a1 sl 01a3d034 fp bea70864
I/DEBUG ( 126): ip 40b79e00 sp bea70730 lr 4003bdc3 pc 4003be02 cpsr 00000030
I/DEBUG ( 126): d0 7246676e5064616f d1 000000000000006d
I/DEBUG ( 126): d2 0240b03f00000046 d3 04bb320000000269
I/DEBUG ( 126): d4 ffff0221020c903f d5 023c403f04bbdaff
I/DEBUG ( 126): d6 0000002126000000 d7 4040800000000000
I/DEBUG ( 126): d8 0000000000000000 d9 0000000000000000
I/DEBUG ( 126): d10 0000000000000000 d11 0000000000000000
I/DEBUG ( 126): d12 0000000000000000 d13 0000000000000000
I/DEBUG ( 126): d14 0000000000000000 d15 0000000000000000
I/DEBUG ( 126): d16 0000000000000001 d17 0000000000000000
I/DEBUG ( 126): d18 41ca09b561800000 d19 0000000000000000
I/DEBUG ( 126): d20 0000000000000000 d21 0000000000000000
I/DEBUG ( 126): d22 0000000000000000 d23 0000000000000000
I/DEBUG ( 126): d24 0000000000000000 d25 0000000000000000
I/DEBUG ( 126): d26 0000000000000000 d27 0000000000000000
I/DEBUG ( 126): d28 0000000000000000 d29 0000000000000000
I/DEBUG ( 126): d30 0000000000000000 d31 0000000000000000
I/DEBUG ( 126): scr 20000010
I/DEBUG ( 126):
I/DEBUG ( 126): backtrace:
I/DEBUG ( 126): #00 pc 00013e02 /system/lib/libc.so (dlmalloc+117)
I/DEBUG ( 126): #1 pc 00016d2f /system/lib/libc.so (malloc+10)
I/DEBUG ( 126): #2 pc 007a266b /data/phonetest/libv8.so (operator new(unsigned int)+18)
I/DEBUG ( 126):
I/DEBUG ( 126): stack:
I/DEBUG ( 126): bea706f0 bea708ac [stack]
I/DEBUG ( 126): bea706f4 00000006
I/DEBUG ( 126): bea706f8 bea7070c [stack]
I/DEBUG ( 126): bea706fc 40492104 /data/phonetest/libv8.so (v8::internal::Thread::GetExistingThreadLocal(v8::internal::Thread::LocalStorageKey)+24)
I/DEBUG ( 126): bea70700 bea7071c [stack]
I/DEBUG ( 126): bea70704 00000006
I/DEBUG ( 126): bea70708 bea70724 [stack]
I/DEBUG ( 126): bea7070c 14003f09
I/DEBUG ( 126): bea70710 bea7072c [stack]
I/DEBUG ( 126): bea70714 0000000
I/DEBUG ( 126): bea70718 c0000000
I/DEBUG ( 126): bea7071c 0000000c
I/DEBUG ( 126): bea70720 0000000
I/DEBUG ( 126): bea70724 0000000
I/DEBUG ( 126): bea70728 df0027ad
I/DEBUG ( 126): bea7072c 0000000
I/DEBUG ( 126): #00 bea70730 40ba944c /data/phonetest/aminonative.node
I/DEBUG ( 126): bea70734 3682b6f9
I/DEBUG ( 126): bea70738 368080a1
I/DEBUG ( 126): bea7073c 01a3d034 [heap]
I/DEBUG ( 126): bea70740 bea70864 [stack]
I/DEBUG ( 126): bea70744 40b7e554
I/DEBUG ( 126): bea70748 0000000c
I/DEBUG ( 126): bea7074c 0000000
I/DEBUG ( 126): bea70750 3778f938
I/DEBUG ( 126): bea70754 3682b6f9
I/DEBUG ( 126): bea70758 368080a1
I/DEBUG ( 126): bea7075c 01a3d034 [heap]
I/DEBUG ( 126): bea70760 bea70864 [stack]
I/DEBUG ( 126): bea70764 4003ed31 /system/lib/libc.so (malloc+12)
I/DEBUG ( 126): #1 bea70768 00000002
I/DEBUG ( 126): bea7076c 4099e66f /data/phonetest/libv8.so (operator new(unsigned int)+22)
I/DEBUG ( 126): #2 bea70770 00000002
I/DEBUG ( 126): bea70774 bea708b4 [stack]
I/DEBUG ( 126): bea70778 00010ed2 /data/phonetest/node
I/DEBUG ( 126): bea7077c 40b985a1 /data/phonetest/aminonative.node (LoadPngFromFile(v8::Arguments const&)+28)
I/DEBUG ( 126): bea70780 bea70854 [stack]
I/DEBUG ( 126): bea70784 40b98585 /data/phonetest/aminonative.node (LoadPngFromFile(v8::Arguments const&))
I/DEBUG ( 126): bea70788 01a3d028 [heap]
I/DEBUG ( 126): bea7078c 01a637cc [heap]
I/DEBUG ( 126): bea70790 01a637cc [heap]
I/DEBUG ( 126): bea70794 bea70700 [stack]
I/DEBUG ( 126): bea70798 bea707ac [stack]
I/DEBUG ( 126): bea7079c bea708b4 [stack]
I/DEBUG ( 126): bea707a0 bea70854 [stack]
I/DEBUG ( 126): bea707a4 bea708b8 [stack]
I/DEBUG ( 126): bea707a8 3778f938
I/DEBUG ( 126): bea707ac 4050fabc /data/phonetest/libv8.so
I/DEBUG ( 126):
I/DEBUG ( 126): memory near r5:
I/DEBUG ( 126): 01add760 0000000 0000000 0000000 0000000 ................
I/DEBUG ( 126): 01add770 0000000 0000000 0000000 0000000 ................
I/DEBUG ( 126): 01add780 0000000 0000000 0000000 0000000 ................
I/DEBUG ( 126): 01add790 0000000 0000000 0000000 0000000 ................
I/DEBUG ( 126): 01add7a0 0000000 0000000 0000000 0000000 ................
I/DEBUG ( 126):
I/DEBUG ( 126): memory near r7:
I/DEBUG ( 126): 400714f4 01ae5638 01afffe0 00200000 58585858 8V........ .XXXX
I/DEBUG ( 126): 40071504 0000000 0000000 40071504 40071504 ...........@...@
I/DEBUG ( 126): 40071514 4007150c 4007150c 01add780 01add780 ...@...@........
I/DEBUG ( 126): 40071524 01ad5b68 01ad5b68 01ad58a8 01ad58a8 h[..h[...X...X..
I/DEBUG ( 126): 40071534 01ab5588 01ab5588 01adbd78 01adbd78 .U...U..x...x...
I/DEBUG ( 126):
I/DEBUG ( 126): memory near r8:
I/DEBUG ( 126): 3682b6d8 36808091 4f01f94d 4f009445 4f00c17d ...6M..OE..O}..O
I/DEBUG ( 126): 3682b6e8 4f018349 36808091 4f023ae1 36808091 I..O...6.:.O...6
I/DEBUG ( 126): 3682b6f8 59d08239 0000008a 3682b815 0000000 9..Y.......6....
I/DEBUG ( 126): 3682b708 36837315 36837315 368373bd 36837315 .s.6.s.6.s.6.s.6
I/DEBUG ( 126): 3682b718 3683683d 368368bd 36836909 59d09a99 =h.6.h.6.i.6...Y
I/DEBUG ( 126):
I/DEBUG ( 126): memory near r9:
I/DEBUG ( 126): 36808080 59d080d1 4f0080b5 0000000 00000006 ...Y...O........
I/DEBUG ( 126): 36808090 59d080d1 4f008081 4f0080a9 0000000a ...Y...O...O....
I/DEBUG ( 126): 368080a0 59d080d1 4f0080c5 fffffffe 00000004 ...Y...O........
I/DEBUG ( 126): 368080b0 59d080d1 4f0080d5 00000002 00000002 ...Y...O........
I/DEBUG ( 126): 368080c0 59d080d1 4f0080e5 0000000 0000000 ...Y...O........
I/DEBUG ( 126):
I/DEBUG ( 126): memory near sl:
I/DEBUG ( 126): 01a3d014 00000013 01a43ce0 0000000 0000000 .....<..........
I/DEBUG ( 126): 01a3d024 0000634b 00000001 0000000 01a3d028 Kc..........(...
I/DEBUG ( 126): 01a3d034 59d08081 59d08171 59d08199 59d081c1 ...Yq..Y...Y...Y
I/DEBUG ( 126): 01a3d044 26d05c38 36808091 368080a1 36808081 8.&...6...6...6
I/DEBUG ( 126): 01a3d054 368080b1 368080c1 59d081e9 59d08211 ...6...6...Y...Y
I/DEBUG ( 126):
I/DEBUG ( 126): memory near fp:
I/DEBUG ( 126): bea70844 0000000 5d452d19 5d434a99 36808091 .....-E].JC]...6
I/DEBUG ( 126): bea70854 01a3d028 00000003 40508b64 bea7087c (.......d.P@|...
I/DEBUG ( 126): bea70864 40508c28 bea7087c 01a3d028 00000003 (.P@|...(.......
I/DEBUG ( 126): bea70874 bea708b8 bea70894 40508be4 3910a35c ..........P@..9
I/DEBUG ( 126): bea70884 01a3d028 00000003 bea708b8 bea708a8 (...............
I/DEBUG ( 126):
I/DEBUG ( 126): memory near ip:
I/DEBUG ( 126): 40b79de0 4099ed09 0000000 0000000 0000000 ...@............
I/DEBUG ( 126): 40b79df0 40046e75 40046f8d 4003616c 4003eedc un.@.o.@LA.@...@
I/DEBUG ( 126): 40b79e00 4003ed25 4003ed39 40036278 400a59a0 %..@9..@xb.@.Y.@
I/DEBUG ( 126): 40b79e10 400ad6c0 400a9150 400adb00 400a52c8 ...@p..@...@.R.@
I/DEBUG ( 126): 40b79e20 4009ee80 400abdd4 4005263d 400a8d38 ...@...@=&.@8..@
I/DEBUG ( 126):
I/DEBUG ( 126): memory near sp:
I/DEBUG ( 126): bea70710 bea7072c 0000000 c0000000 0000000c ,...............
I/DEBUG ( 126): bea70720 0000000 0000000 df0027ad 0000000 .........'......
I/DEBUG ( 126): bea70730 40ba944c 3682b6f9 368080a1 01a3d034 L..@...6...64...
I/DEBUG ( 126): bea70740 bea70864 40b7e554 0000000c 0000000 d...T..@........
I/DEBUG ( 126): bea70750 3778f938 3682b6f9 368080a1 01a3d034 8.x7...6...64...
I/DEBUG ( 126):
I/DEBUG ( 126): code around pc:
I/DEBUG ( 126): 4003bde0 447f08e2 fa36683e 079df302 f003d042 ...D>h6.....B...
I/DEBUG ( 126): 4003bdf0 37240001 0401f080 eb0718a6 68bd07c6 ..$7...........h
I/DEBUG ( 126): 4003be00 68e368ac d00842ab 0b94f8df f8df462a .h.h.B......*F..
I/DEBUG ( 126): 4003be10 44781b94 f7ff4479 42a7fc83 f8dfd10c ..xDyD.....B....
I/DEBUG ( 126): 4003be20 2001cb88 fa1044fc f8dcf206 ea233000 ... .D.......0#.
I/DEBUG ( 126):
I/DEBUG ( 126): code around lr:
I/DEBUG ( 126): 4003bda0 b930fd21 2becf8df f8d2447a 078b11b4 !.0....+zD......
I/DEBUG ( 126): 4003bdb0 f8dfd50a 447d5be4 70dcf505 f7fe2500 .....[}D...p.%..
I/DEBUG ( 126): 4003bdc0 2800e958 8249f041 f2002cf4 2c0a823f X..(A.I..,..?..,
I/DEBUG ( 126): 4003bdd0 340bd903 0407f024 2410e000 7bbcf8df ...4$......$...{
I/DEBUG ( 126): 4003bde0 447f08e2 fa36683e 079df302 f003d042 ...D>h6.....B...
D/KlaatuPhone( 323): <<< Unsolicited message=UNSOL_SIGNAL_STRENGTH [1009]
D/KlaatuPhone( 323): Signal strength changed 4
D/KlaatuPhone( 323): <<< Unsolicited message=UNSOL_SIGNAL_STRENGTH [1009]
D/KlaatuPhone( 323): Signal strength changed 4
V/KlaatuWifi( 322): ....Start processing message CMD_RSSI_POLL (17) in state Driver_Loaded
V/KlaatuWifi( 322): .....Command: SIGNAL_POLL
D/KlaatuPhone( 323): <<< Unsolicited message=UNSOL_SIGNAL_STRENGTH [1009]
D/KlaatuPhone( 323): Signal strength changed 4
^C

@joshmarinacci
Copy link
Author

And here is the tombstone.

Build fingerprint: 'Android/full_maguro/maguro:4.1.2/JZO54K/6:userdebug/test-keys'
pid: 435, tid: 435, name: node >>> ./node <<<
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0000000c
r0 00000001 r1 0000000 r2 00000002 r3 00000001
r4 0000000 r5 011f5780 r6 00000002 r7 40218514
r8 44c2b6f9 r9 44c080a1 sl 01155034 fp be976864
ip 40bd5e00 sp be976730 lr 401e2dc3 pc 401e2e02 cpsr 00000030
d0 7246676e5064616f d1 000000000000006d
d2 0240b03f00000046 d3 04bb320000000269
d4 ffff0221020c903f d5 023c403f04bbdaff
d6 0000002126000000 d7 4040800000000000
d8 0000000000000000 d9 0000000000000000
d10 0000000000000000 d11 0000000000000000
d12 0000000000000000 d13 0000000000000000
d14 0000000000000000 d15 0000000000000000
d16 0000000000000001 d17 0000000000000000
d18 41bae02544000000 d19 0000000000000000
d20 0000000000000000 d21 0000000000000000
d22 0000000000000000 d23 0000000000000000
d24 0000000000000000 d25 0000000000000000
d26 0000000000000000 d27 0000000000000000
d28 0000000000000000 d29 0000000000000000
d30 0000000000000000 d31 0000000000000000
scr 20000010

backtrace:
#00 pc 00013e02 /system/lib/libc.so (dlmalloc+117)
#1 pc 00016d2f /system/lib/libc.so (malloc+10)
#2 pc 007a266b /data/phonetest/libv8.so (operator new(unsigned int)+18)

stack:
be9766f0 be9768ac [stack]
be9766f4 00000006
be9766f8 be97670c [stack]
be9766fc 404ee104 /data/phonetest/libv8.so (v8::internal::Thread::GetExistingThreadLocal(v8::internal::Thread::LocalStorageKey)+24)
be976700 be97671c [stack]
be976704 00000006
be976708 be976724 [stack]
be97670c a105502d
be976710 be97672c [stack]
be976714 0000000
be976718 c0000000
be97671c 0000000c
be976720 0000000
be976724 0000000
be976728 df0027ad
be97672c 0000000
#00 be976730 4008844c /data/phonetest/aminonative.node
be976734 44c2b6f9
be976738 44c080a1
be97673c 01155034 [heap]
be976740 be976864 [stack]
be976744 40bda554
be976748 0000000c
be97674c 0000000
be976750 2df8f920
be976754 44c2b6f9
be976758 44c080a1
be97675c 01155034 [heap]
be976760 be976864 [stack]
be976764 401e5d31 /system/lib/libc.so (malloc+12)
#1 be976768 00000002
be97676c 409fa66f /data/phonetest/libv8.so (operator new(unsigned int)+22)
#2 be976770 00000002
be976774 be9768b4 [stack]
be976778 00010ed2 /data/phonetest/node
be97677c 400775a1 /data/phonetest/aminonative.node (LoadPngFromFile(v8::Arguments const&)+28)
be976780 be976854 [stack]
be976784 40077585 /data/phonetest/aminonative.node (LoadPngFromFile(v8::Arguments const&))
be976788 01155028 [heap]
be97678c 0117b7cc [heap]
be976790 0117b7cc [heap]
be976794 be976700 [stack]
be976798 be9767ac [stack]
be97679c be9768b4 [stack]
be9767a0 be976854 [stack]
be9767a4 be9768b8 [stack]
be9767a8 2df8f920
be9767ac 4056babc /data/phonetest/libv8.so

memory near r5:
011f5760 0000000 0000000 0000000 0000000 ................
011f5770 0000000 0000000 0000000 0000000 ................
011f5780 0000000 0000000 0000000 0000000 ................
011f5790 0000000 0000000 0000000 0000000 ................
011f57a0 0000000 0000000 0000000 0000000 ................

memory near r7:
402184f4 011fd638 01217fe0 00200000 58585858 8.....!... .XXXX
40218504 0000000 0000000 40218504 40218504 ..........!@..!@
40218514 4021850c 4021850c 011f5780 011f5780 ..!@..!@.W...W..
40218524 011edb68 011edb68 011ed8a8 011ed8a8 h...h...........
40218534 011cd588 011cd588 011f3d78 011f3d78 ........x=..x=..

memory near r8:
44c2b6d8 44c08091 3ca1f94d 3ca09445 3ca0c17d ...DM..<E..<}..<
44c2b6e8 3ca18349 44c08091 3ca23ae1 44c08091 I..<...D.:.<...D
44c2b6f8 3a808239 0000008a 44c2b815 0000000 9..:.......D....
44c2b708 44c37315 44c37315 44c373bd 44c37315 .s.D.s.D.s.D.s.D
44c2b718 44c3683d 44c368bd 44c36909 3a809a99 =h.D.h.D.i.D...:

memory near r9:
44c08080 3a8080d1 3ca080b5 0000000 00000006 ...:...<........
44c08090 3a8080d1 3ca08081 3ca080a9 0000000a ...:...<...<....
44c080a0 3a8080d1 3ca080c5 fffffffe 00000004 ...:...<........
44c080b0 3a8080d1 3ca080d5 00000002 00000002 ...:...<........
44c080c0 3a8080d1 3ca080e5 0000000 0000000 ...:...<........

memory near sl:
01155014 00000013 0115bce0 0000000 0000000 ................
01155024 0000634b 00000001 0000000 01155028 Kc..........(P..
01155034 3a808081 3a808171 3a808199 3a8081c1 ...:q..:...:...:
01155044 558a5c3c 44c08091 44c080a1 44c08081 <.U...D...D...D
01155054 44c080b1 44c080c1 3a8081e9 3a808211 ...D...D...:...:

memory near fp:
be976844 0000000 41c52d19 41c34a99 44c08091 .....-.A.J.A...D
be976854 01155028 00000003 40564b64 be97687c (P......dKV@|h..
be976864 40564c28 be97687c 01155028 00000003 (LV@|h..(P......
be976874 be9768b8 be976894 40564be4 4c40a35c .h...h...KV@.@l
be976884 01155028 00000003 be9768b8 be9768a8 (P.......h...h..

memory near ip:
40bd5de0 409fad09 0000000 0000000 0000000 ...@............
40bd5df0 401ede75 401edf8d 401dd16c 401e5edc u..@...@l..@.^.@
40bd5e00 401e5d25 401e5d39 401dd278 400299a0 %].@9].@x..@...@
40bd5e10 400316c0 4002d150 40031b00 400292c8 ...@p..@...@...@
40bd5e20 40022e80 4002fdd4 401f963d 4002cd38 ...@...@=..@8..@

memory near sp:
be976710 be97672c 0000000 c0000000 0000000c ,g..............
be976720 0000000 0000000 df0027ad 0000000 .........'......
be976730 4008844c 44c2b6f9 44c080a1 01155034 L..@...D...D4P..
be976740 be976864 40bda554 0000000c 0000000 dh..T..@........
be976750 2df8f920 44c2b6f9 44c080a1 01155034 ..-...D...D4P..

code around pc:
401e2de0 447f08e2 fa36683e 079df302 f003d042 ...D>h6.....B...
401e2df0 37240001 0401f080 eb0718a6 68bd07c6 ..$7...........h
401e2e00 68e368ac d00842ab 0b94f8df f8df462a .h.h.B......*F..
401e2e10 44781b94 f7ff4479 42a7fc83 f8dfd10c ..xDyD.....B....
401e2e20 2001cb88 fa1044fc f8dcf206 ea233000 ... .D.......0#.

code around lr:
401e2da0 b930fd21 2becf8df f8d2447a 078b11b4 !.0....+zD......
401e2db0 f8dfd50a 447d5be4 70dcf505 f7fe2500 .....[}D...p.%..
401e2dc0 2800e958 8249f041 f2002cf4 2c0a823f X..(A.I..,..?..,
401e2dd0 340bd903 0407f024 2410e000 7bbcf8df ...4$......$...{
401e2de0 447f08e2 fa36683e 079df302 f003d042 ...D>h6.....B...
--------- tail end of log /dev/log/main
05-23 18:58:20.093 435 435 D libEGL : loaded /vendor/lib/egl/libEGL_POWERVR_SGX540_120.so
05-23 18:58:20.101 435 435 D libEGL : loaded /vendor/lib/egl/libGLESv1_CM_POWERVR_SGX540_120.so
05-23 18:58:20.101 435 435 D libEGL : loaded /vendor/lib/egl/libGLESv2_POWERVR_SGX540_120.so
05-23 18:58:20.296 435 435 F libc : Fatal signal 11 (SIGSEGV) at 0x0000000c (code=1), thread 435 (node)

pid: 435, tid: 436, name: SignalSender
r0 0117b78c r1 00000080 r2 fffffffe r3 0000000
r4 0117b78c r5 0000000 r6 fffffffe r7 000000f0
r8 409f76c0 r9 00010000 sl 0117b578 fp 40c05e94
ip 40bd5fcc sp 40c05e68 lr 401f8131 pc 401dcc70 cpsr 60000010
d0 00002000000001ac d1 0000000000000000
d2 0000000000000000 d3 0000000000000000
d4 deadbeefdeadbeef d5 deadbeefdeadbeef
d6 e340006be30b0f0c d7 e3a00000e52d0004
d8 0000000000000000 d9 0000000000000000
d10 0000000000000000 d11 0000000000000000
d12 0000000000000000 d13 0000000000000000
d14 0000000000000000 d15 0000000000000000
d16 41b2be23d13851ec d17 3f50624dd2f1a9fc
d18 41bae02544000000 d19 0000000000000000
d20 0000000000000000 d21 0000000000000000
d22 0000000000000000 d23 0000000000000000
d24 0000000000000000 d25 0000000000000000
d26 0000000000000000 d27 0000000000000000
d28 0000000000000000 d29 0000000000000000
d30 0000000000000000 d31 0000000000000000
scr 00000010

backtrace:
#00 pc 0000dc70 /system/lib/libc.so (__futex_syscall3+8)
#1 pc 0002912d /system/lib/libc.so (sem_wait+48)
#2 pc 0079ff90 /data/phonetest/libv8.so (v8::internal::LinuxSemaphore::Wait()+36)
#3 pc 0059fcd0 /data/phonetest/libv8.so (v8::internal::RuntimeProfiler::WaitForSomeIsolateToEnterJS()+156)
#4 pc 007a0a10 /data/phonetest/libv8.so (v8::internal::SignalSender::Run()+120)
#5 pc 0079f77c /data/phonetest/libv8.so
#6 pc 00012bb0 /system/lib/libc.so (__thread_entry+48)
#7 pc 00012308 /system/lib/libc.so (pthread_create+172)

stack:
40c05e28 40c05e44
40c05e2c 4055d760 /data/phonetest/libv8.so (v8::internal::Acquire_Load(int const volatile_)+32)
40c05e30 407f80cc /data/phonetest/libv8.so (v8::internal::LazyInstanceImpl<v8::internal::Semaphore, v8::internal::DynamicallyAllocatedInstanceTraitv8::internal::Semaphore, v8::internal::CreateSemaphoreTrait<0>, v8::internal::ThreadSafeInitOnceTrait, v8::internal::LeakyInstanceTraitv8::internal::Semaphore >::InitInstance(v8::internal::Semaphore__))
40c05e34 40bda3e4
40c05e38 0115bcc4 [heap]
40c05e3c 00000002
40c05e40 40c05e5c
40c05e44 4066db7c /data/phonetest/libv8.so (void v8::internal::CallOnce(int_, v8::internal::OneArgFunction<void*>::type, void_)+32)
40c05e48 00000001
40c05e4c 40bda3e8
40c05e50 407f80cc /data/phonetest/libv8.so (v8::internal::LazyInstanceImpl<v8::internal::Semaphore, v8::internal::DynamicallyAllocatedInstanceTraitv8::internal::Semaphore, v8::internal::CreateSemaphoreTrait<0>, v8::internal::ThreadSafeInitOnceTrait, v8::internal::LeakyInstanceTraitv8::internal::Semaphore >::InitInstance(v8::internal::Semaphore__))
40c05e54 40bda3e4
40c05e58 40c05e74
40c05e5c 4066b4ac /data/phonetest/libv8.so (void v8::internal::ThreadSafeInitOnceTrait::Init<void ()(void), void_>(int_, void ()(void), void_)+40)
40c05e60 0117b78c [heap]
40c05e64 0000000
#00 40c05e68 0117b78c [heap]
40c05e6c 00000078
#1 40c05e70 40bd5de4 /data/phonetest/libv8.so
40c05e74 409f76c0 /data/phonetest/libv8.so
40c05e78 0117b578 [heap]
40c05e7c 409f7f94 /data/phonetest/libv8.so (v8::internal::LinuxSemaphore::Wait()+40)
#2 40c05e80 40c05e94
40c05e84 0117b788 [heap]
40c05e88 40bd5de4 /data/phonetest/libv8.so
40c05e8c 40bda3e4
40c05e90 40c05ea4
40c05e94 407f7cd4 /data/phonetest/libv8.so (v8::internal::RuntimeProfiler::WaitForSomeIsolateToEnterJS()+160)
#3 40c05e98 0000000
40c05e9c 0000000
40c05ea0 40c05ec4
40c05ea4 409f8a14 /data/phonetest/libv8.so (v8::internal::SignalSender::Run()+124)
#4 40c05ea8 0000000
40c05eac 0117b578 [heap]
40c05eb0 0000000
40c05eb4 00000001
40c05eb8 40c05f00
40c05ebc 0117b738 [heap]
40c05ec0 40c05eec
40c05ec4 409f7780 /data/phonetest/libv8.so
#5 40c05ec8 0000000
40c05ecc 0000000
40c05ed0 0000000
40c05ed4 0117b578 [heap]
40c05ed8 0117b578 [heap]
40c05edc 0117b578 [heap]
40c05ee0 409f76c0 /data/phonetest/libv8.so
40c05ee4 40c05f00
40c05ee8 00000001
40c05eec 401e1bb4 /system/lib/libc.so (__thread_entry+52)
#6 40c05ef0 0117b748 [heap]
40c05ef4 40c05f00
40c05ef8 be976a78 [stack]
40c05efc 401e130c /system/lib/libc.so (pthread_create+176)
#7 40c05f00 40c05f00
40c05f04 0117b748 [heap]
40c05f08 0000000
40c05f0c 0000000
40c05f10 0000000
40c05f14 0000000
40c05f18 0000000
40c05f1c 0000000
40c05f20 0000000
40c05f24 0000000
40c05f28 0000000
40c05f2c 0000000
40c05f30 0000000
40c05f34 0000000
40c05f38 0000000
40c05f3c 0000000

pid: 435, tid: 437, name: v8:SweeperThrea
r0 0117c92c r1 00000080 r2 fffffffe r3 0000000
r4 0117c92c r5 0000000 r6 fffffffe r7 000000f0
r8 409f76c0 r9 00010000 sl 0117c7b8 fp 40c3eeac
ip 40bd5fcc sp 40c3ee80 lr 401f8131 pc 401dcc70 cpsr 60000010
d0 706d6172546572b0 d1 757453656e696cb7
d2 e1a01101e8bd4817 d3 e12fff1ee08dd001
d4 1ddd5b2a1ddd4b28 d5 1ddd7b2e1ddd6b2c
d6 1ddd9b321ddd8b30 d7 1dddbb361dddab34
d8 0000000000000000 d9 0000000000000000
d10 0000000000000000 d11 0000000000000000
d12 0000000000000000 d13 0000000000000000
d14 0000000000000000 d15 0000000000000000
d16 41b2be23d13851ec d17 3f50624dd2f1a9fc
d18 41bae02544000000 d19 0000000000000000
d20 0000000000000000 d21 0000000000000000
d22 0000000000000000 d23 0000000000000000
d24 0000000000000000 d25 0000000000000000
d26 0000000000000000 d27 0000000000000000
d28 0000000000000000 d29 0000000000000000
d30 0000000000000000 d31 0000000000000000
scr 00000010

backtrace:
#00 pc 0000dc70 /system/lib/libc.so (__futex_syscall3+8)
#1 pc 0002912d /system/lib/libc.so (sem_wait+48)
#2 pc 0079ff90 /data/phonetest/libv8.so (v8::internal::LinuxSemaphore::Wait()+36)
#3 pc 00688b74 /data/phonetest/libv8.so (v8::internal::SweeperThread::Run()+68)
#4 pc 0079f77c /data/phonetest/libv8.so
#5 pc 00012bb0 /system/lib/libc.so (__thread_entry+48)
#6 pc 00012308 /system/lib/libc.so (pthread_create+172)

stack:
40c3ee40 0000000
40c3ee44 0000000
40c3ee48 0000000
40c3ee4c 0000000
40c3ee50 00000004
40c3ee54 00000007
40c3ee58 409f76c0 /data/phonetest/libv8.so
40c3ee5c 0117c7b8 [heap]
40c3ee60 00000007
40c3ee64 401e206c /system/lib/libc.so (pthread_setspecific+152)
40c3ee68 0000000
40c3ee6c 0000000
40c3ee70 0000000
40c3ee74 40bd5de4 /data/phonetest/libv8.so
40c3ee78 0117c92c [heap]
40c3ee7c 0000000
#00 40c3ee80 0117c92c [heap]
40c3ee84 00000078
#1 40c3ee88 0117c918 [heap]
40c3ee8c 409f76c0 /data/phonetest/libv8.so
40c3ee90 0117c7b8 [heap]
40c3ee94 409f7f94 /data/phonetest/libv8.so (v8::internal::LinuxSemaphore::Wait()+40)
#2 40c3ee98 0000000
40c3ee9c 0117c928 [heap]
40c3eea0 0000000
40c3eea4 0117c918 [heap]
40c3eea8 40c3eec4
40c3eeac 408e0b78 /data/phonetest/libv8.so (v8::internal::SweeperThread::Run()+72)
#3 40c3eeb0 0000000
40c3eeb4 0117c7b8 [heap]
40c3eeb8 40c3ef00
40c3eebc 0117c918 [heap]
40c3eec0 40c3eeec
40c3eec4 409f7780 /data/phonetest/libv8.so
#4 40c3eec8 0000000
40c3eecc 0000000
40c3eed0 0000000
40c3eed4 0117c7b8 [heap]
40c3eed8 0117c7b8 [heap]
40c3eedc 0117c7b8 [heap]
40c3eee0 409f76c0 /data/phonetest/libv8.so
40c3eee4 40c3ef00
40c3eee8 00000001
40c3eeec 401e1bb4 /system/lib/libc.so (__thread_entry+52)
#5 40c3eef0 0117ca58 [heap]
40c3eef4 40c3ef00
40c3eef8 be976ad8 [stack]
40c3eefc 401e130c /system/lib/libc.so (pthread_create+176)
#6 40c3ef00 40c3ef00
40c3ef04 0117ca58 [heap]
40c3ef08 0000000
40c3ef0c 0000000
40c3ef10 0000000
40c3ef14 01155028 [heap]
40c3ef18 0000000
40c3ef1c 0000000
40c3ef20 0000000
40c3ef24 0000000
40c3ef28 0000000
40c3ef2c 0000000
40c3ef30 0000000
40c3ef34 0000000
40c3ef38 0000000
40c3ef3c 0000000

pid: 435, tid: 438, name: v8:SweeperThrea
r0 0117cc0c r1 00000080 r2 fffffffe r3 0000000
r4 0117cc0c r5 0000000 r6 fffffffe r7 000000f0
r8 409f76c0 r9 00010000 sl 0117ca98 fp 40ca2eac
ip 40bd5fcc sp 40ca2e80 lr 401f8131 pc 401dcc70 cpsr 60000010
d0 706d6172546572b0 d1 757453656e696cb7
d2 e1a01101e8bd4817 d3 e12fff1ee08dd001
d4 1ddd5b2a1ddd4b28 d5 1ddd7b2e1ddd6b2c
d6 1ddd9b321ddd8b30 d7 1dddbb361dddab34
d8 0000000000000000 d9 0000000000000000
d10 0000000000000000 d11 0000000000000000
d12 0000000000000000 d13 0000000000000000
d14 0000000000000000 d15 0000000000000000
d16 41b2be23d13851ec d17 3f50624dd2f1a9fc
d18 41bae02544000000 d19 0000000000000000
d20 0000000000000000 d21 0000000000000000
d22 0000000000000000 d23 0000000000000000
d24 0000000000000000 d25 0000000000000000
d26 0000000000000000 d27 0000000000000000
d28 0000000000000000 d29 0000000000000000
d30 0000000000000000 d31 0000000000000000
scr 00000010

backtrace:
#00 pc 0000dc70 /system/lib/libc.so (__futex_syscall3+8)
#1 pc 0002912d /system/lib/libc.so (sem_wait+48)
#2 pc 0079ff90 /data/phonetest/libv8.so (v8::internal::LinuxSemaphore::Wait()+36)
#3 pc 00688b74 /data/phonetest/libv8.so (v8::internal::SweeperThread::Run()+68)
#4 pc 0079f77c /data/phonetest/libv8.so
#5 pc 00012bb0 /system/lib/libc.so (__thread_entry+48)
#6 pc 00012308 /system/lib/libc.so (pthread_create+172)

stack:
40ca2e40 0000000
40ca2e44 0000000
40ca2e48 0000000
40ca2e4c 0000000
40ca2e50 00000004
40ca2e54 00000007
40ca2e58 409f76c0 /data/phonetest/libv8.so
40ca2e5c 0117ca98 [heap]
40ca2e60 00000007
40ca2e64 401e206c /system/lib/libc.so (pthread_setspecific+152)
40ca2e68 0000000
40ca2e6c 0000000
40ca2e70 0000000
40ca2e74 40bd5de4 /data/phonetest/libv8.so
40ca2e78 0117cc0c [heap]
40ca2e7c 0000000
#00 40ca2e80 0117cc0c [heap]
40ca2e84 00000078
#1 40ca2e88 0117cbf8 [heap]
40ca2e8c 409f76c0 /data/phonetest/libv8.so
40ca2e90 0117ca98 [heap]
40ca2e94 409f7f94 /data/phonetest/libv8.so (v8::internal::LinuxSemaphore::Wait()+40)
#2 40ca2e98 0000000
40ca2e9c 0117cc08 [heap]
40ca2ea0 0000000
40ca2ea4 0117cbf8 [heap]
40ca2ea8 40ca2ec4
40ca2eac 408e0b78 /data/phonetest/libv8.so (v8::internal::SweeperThread::Run()+72)
#3 40ca2eb0 0000000
40ca2eb4 0117ca98 [heap]
40ca2eb8 40ca2f00
40ca2ebc 0117cbf8 [heap]
40ca2ec0 40ca2eec
40ca2ec4 409f7780 /data/phonetest/libv8.so
#4 40ca2ec8 0000000
40ca2ecc 0000000
40ca2ed0 0000000
40ca2ed4 0117ca98 [heap]
40ca2ed8 0117ca98 [heap]
40ca2edc 0117ca98 [heap]
40ca2ee0 409f76c0 /data/phonetest/libv8.so
40ca2ee4 40ca2f00
40ca2ee8 00000001
40ca2eec 401e1bb4 /system/lib/libc.so (__thread_entry+52)
#5 40ca2ef0 0117cd38 [heap]
40ca2ef4 40ca2f00
40ca2ef8 be976ad8 [stack]
40ca2efc 401e130c /system/lib/libc.so (pthread_create+176)
#6 40ca2f00 40ca2f00
40ca2f04 0117cd38 [heap]
40ca2f08 0000000
40ca2f0c 0000000
40ca2f10 0000000
40ca2f14 01155028 [heap]
40ca2f18 0000000
40ca2f1c 0000000
40ca2f20 0000000
40ca2f24 0000000
40ca2f28 0000000
40ca2f2c 0000000
40ca2f30 0000000
40ca2f34 0000000
40ca2f38 0000000
40ca2f3c 0000000

pid: 435, tid: 441, name: node
r0 fffffffc r1 43f9feb0 r2 00000001 r3 0000000
r4 0001831a r5 43f9fec8 r6 40c259bc r7 000000a2
r8 400e5ed5 r9 00100000 sl 011af518 fp 00000001
ip 40c25e7c sp 43f9fea8 lr 401e909d pc 401dc2f0 cpsr 60000010
d0 0f00040400010000 d1 0100000304050000
d2 0000006e6f697463 d3 0000010000030316
d4 0000ffff10100001 d5 00726f6c6f635f76
d6 0100000305050000 d7 0f00040000010000
d8 0000000000000000 d9 0000000000000000
d10 0000000000000000 d11 0000000000000000
d12 0000000000000000 d13 0000000000000000
d14 0000000000000000 d15 0000000000000000
d16 0000000000000001 d17 0000000000000000
d18 41bae02544000000 d19 0000000000000000
d20 0000000000000000 d21 0000000000000000
d22 0000000000000000 d23 0000000000000000
d24 0000000000000000 d25 0000000000000000
d26 0000000000000000 d27 0000000000000000
d28 0000000000000000 d29 0000000000000000
d30 0000000000000000 d31 0000000000000000
scr 20000010

backtrace:
#00 pc 0000d2f0 /system/lib/libc.so (nanosleep+12)
#1 pc 0001a099 /system/lib/libc.so (sleep+20)
#2 pc 00009dd3 /system/lib/libEGL.so
#3 pc 00010f47 /system/lib/libutils.so (android::Thread::_threadLoop(void*)+114)
#4 pc 00012bb0 /system/lib/libc.so (__thread_entry+48)
#5 pc 00012308 /system/lib/libc.so (pthread_create+172)

stack:
43f9fe68 0000000
43f9fe6c 0000000
43f9fe70 0000000
43f9fe74 0000000
43f9fe78 0000000
43f9fe7c 0000000
43f9fe80 0000000
43f9fe84 0000000
43f9fe88 0000000
43f9fe8c 0000000
43f9fe90 0000000
43f9fe94 0000000
43f9fe98 0000000
43f9fe9c 0000000
43f9fea0 400e1de1 /system/lib/libutils.so (android::BlobCache::getFdCount() const)
43f9fea4 011af524 [heap]
#00 43f9fea8 0001831a /data/phonetest/node
43f9feac 40c259bc /system/lib/libEGL.so
#1 43f9feb0 00000003
43f9feb4 316cc7b6
43f9feb8 00000001
43f9febc 40c0fdd7 /system/lib/libEGL.so
#2 43f9fec0 011af518 [heap]
43f9fec4 400e5f49 /system/lib/libutils.so (android::Thread::threadLoop(void)+116)
#3 43f9fec8 011af518 [heap]
43f9fecc 0000000
43f9fed0 011af518 [heap]
43f9fed4 011af5f0 [heap]
43f9fed8 011af518 [heap]
43f9fedc 43f9ff00
43f9fee0 400e5ed5 /system/lib/libutils.so (android::Thread::threadLoop(void))
43f9fee4 011af518 [heap]
43f9fee8 00000078
43f9feec 401e1bb4 /system/lib/libc.so (__thread_entry+52)
#4 43f9fef0 011af608 [heap]
43f9fef4 43f9ff00
43f9fef8 be9762c8 [stack]
43f9fefc 401e130c /system/lib/libc.so (pthread_create+176)
#5 43f9ff00 43f9ff00
43f9ff04 011af608 [heap]
43f9ff08 0000000
43f9ff0c 0000000
43f9ff10 0000000
43f9ff14 0000000
43f9ff18 0000000
43f9ff1c 0000000
43f9ff20 0000000
43f9ff24 0000000
43f9ff28 0000000
43f9ff2c 0000000
43f9ff30 0000000
43f9ff34 0000000
43f9ff38 0000000
43f9ff3c 0000000
--------- log /dev/log/main
05-23 18:58:20.093 435 435 D libEGL : loaded /vendor/lib/egl/libEGL_POWERVR_SGX540_120.so
05-23 18:58:20.101 435 435 D libEGL : loaded /vendor/lib/egl/libGLESv1_CM_POWERVR_SGX540_120.so
05-23 18:58:20.101 435 435 D libEGL : loaded /vendor/lib/egl/libGLESv2_POWERVR_SGX540_120.so
05-23 18:58:20.296 435 435 F libc : Fatal signal 11 (SIGSEGV) at 0x0000000c (code=1), thread 435 (node)

@paddybyers
Copy link
Owner

Thanks. Nothing really obvious there. Can I reproduce this?

@joshmarinacci
Copy link
Author

It should be 100% reproducible. I've created a branch of my project with the smallest code that can reproduce it.

https://github.com/joshmarinacci/aminolang/tree/segfault2

Make a /data/phonetest directory on your android device, check out the source, then run 'node build androidtest'. It will copy all of the needed files to your device. Then adb shell, cd data/phonetest, run ./runit.sh to run the app. The only interesting code is in src/node/klaatu.cpp.

Essentially this code opens a GL surface, compiles a shader, allocates some memory, then swaps the buffer. Removing the shader compile or changing the amount of memory allocced will avoid the segfault or move it to a different time. It's rather non-deterministic, though it's 100% reproducible. Very strange.

@joshmarinacci
Copy link
Author

Note, I've included a precompiled native module, aminonative.node. If you want to recompile the native code you'll need to have an AOSP full OS build to do it.

@joshmarinacci
Copy link
Author

Continuing to work on this. I've reduced it to some C++ code without node hooks. I have a function called TestNative which opens a screen, loads an image, loads a shader, and draws some rects. If I call this function from node it crashes. If I call it as a regular C commandline program it's fine. Definitely something wonky with node.

@paddybyers
Copy link
Owner

Can you write a standalone c program that loads your .node shared library using dlopen and calls your code that way? I'm wondering if there is some linkage/storage problem that shows up because your code is in a shared library - ie there's some global variable for example that needs to be in shared library statics.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@joshmarinacci @paddybyers