search

rubyjs / mini_racer

Minimal embedded v8
MIT License
594 stars 93 forks source link

mini_racer 0.12.0 Segmentation fault on x86_64-linux with libv8-node 21.7.2.0 #300

Closed D-system closed 1 month ago

D-system commented 5 months ago

Hello the team

Thank you for the update to libv8-node 21.7.2.0 yesterday. I wanted to report an error. Setup:

/home/circleci/ec/vendor/ruby/3.2.0/gems/mini_racer-0.12.0/lib/mini_racer.rb:228: [BUG] Segmentation fault at 0x00007f3f10a31008
ruby 3.2.3 (2024-01-18 revision 52bb2ac0a6) [x86_64-linux]

-- Control frame information -----------------------------------------------
c:0048 p:---- s:0301 e:000300 CFUNC  :eval_unsafe
c:0047 p:0009 s:0295 e:000294 BLOCK  /home/circleci/repo/vendor/ruby/3.2.0/gems/mini_racer-0.12.0/lib/mini_racer.rb:228
c:0046 p:0010 s:0292 e:000291 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/mini_racer-0.12.0/lib/mini_racer.rb:348
c:0045 p:0008 s:0281 e:000280 BLOCK  /home/circleci/repo/vendor/ruby/3.2.0/gems/mini_racer-0.12.0/lib/mini_racer.rb:227 [FINISH]
c:0044 p:---- s:0278 e:000277 CFUNC  :synchronize
c:0043 p:0045 s:0274 e:000273 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/mini_racer-0.12.0/lib/mini_racer.rb:225
c:0042 p:0007 s:0267 e:000266 BLOCK  /home/circleci/repo/vendor/ruby/3.2.0/gems/execjs-2.9.1/lib/execjs/mini_racer_runtime.rb:11
c:0041 p:0003 s:0264 e:000262 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/execjs-2.9.1/lib/execjs/mini_racer_runtime.rb:67
c:0040 p:0035 s:0256 e:000255 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/execjs-2.9.1/lib/execjs/mini_racer_runtime.rb:10 [FINISH]
c:0039 p:---- s:0249 e:000248 CFUNC  :new
c:0038 p:0038 s:0242 e:000241 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/execjs-2.9.1/lib/execjs/runtime.rb:68
c:0037 p:0013 s:0236 e:000235 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/execjs-2.9.1/lib/execjs/module.rb:27
c:0036 p:0020 s:0230 e:000229 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/terser-1.2.2/lib/terser.rb:189
c:0035 p:0065 s:0223 e:000221 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/terser-1.2.2/lib/terser.rb:229
SEGV received in SEGV handler
c:0034 p:0014 s:0212 e:000211 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/terser-1.2.2/lib/terser.rb:181
c:0033 p:0029 s:0206 e:000205 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/terser-1.2.2/lib/terser/compressor.rb:36
c:0032 p:0007 s:0198 e:000197 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/terser-1.2.2/lib/terser/compressor.rb:23
c:0031 p:0047 s:0193 e:000192 METHOD /home/circleci/repo/vendor/ruby/3.2.0/gems/sprockets-4.2.1/lib/sprockets/processor_utils.rb:84
c:0030 p:0013 s:0185 e:000184 BLOCK  /home/circleci/repo/vendor/ruby/3.2.0/gems/sprockets-4.2.1/lib/sprockets/processor_utils.rb:66 [FINISH]
c:0029 p:---- s:0180 e:000179 CFUNC  :reverse_each
c:0028 p:0035 
Received "aborted" signal

It does work on Darwin Kernel Version 23.2.0 arm64 (Mac on arm) that compile from source.

The error is from eval -> eval_unsafe, so I suspect it is an issue with the libv8-node https://github.com/rubyjs/mini_racer/blob/5b2a25cdb4c84c7500ed47639ef8c664f5bac26d/lib/mini_racer.rb#L228

SamSaffron commented 2 months ago

OK another repro of the crash is a blank install of Discourse then: 

(0..2).map {  Thread.new { PrettyText.cook("hello") }  }

something about multithreading is causing segfaults and this is also happening on my builds

SamSaffron commented 1 month ago

This is resolved, we disabled memory protection keys in v8

Underlying issue is tracked at:

https://issues.chromium.org/issues/360909072

New version of mini_racer is now based on latest version of v8 that is shipped with node.js

tisba commented 1 month ago

That's great to hear! The build on aarch alpine is broken and mini_racer won't compile there, but that's probably unrelated. Will investigate a little and open a new issue.

SamSaffron commented 1 month ago

We are now seeing different and new issues: 

#0  0x00007f9eda540e2c in __pthread_kill_implementation (threadid=1227, signo=24957, signo@entry=11, no_tid=11, no_tid@entry=0) at ./nptl/pthread_kill.c:43
#1  0x00007f9eda540e9f in __pthread_kill_internal (signo=11, threadid=<optimized out>) at ./nptl/pthread_kill.c:78
#2  0x00007f9eda4f1fb2 in __GI_raise (sig=sig@entry=11) at ../sysdeps/posix/raise.c:26
#3  0x00007f9edaa3ffaf in ruby_default_signal (sig=sig@entry=11) at signal.c:422
#4  0x00007f9eda82c3a9 in rb_bug_for_fatal_signal (default_sighandler=0x0, sig=sig@entry=11, ctx=ctx@entry=0x7f9ea30d1ac0, fmt=fmt@entry=0x7f9edac514d5 "Segmentation fault at %p") at error.c:1069
#5  0x00007f9edaa3ef3b in sigsegv (sig=11, info=0x7f9ea30d1bf0, ctx=0x7f9ea30d1ac0) at signal.c:926
#6  <signal handler called>
#7  0x00007f9eb5346e63 in v8::internal::WriteBarrier::MarkingSlow(v8::internal::Tagged<v8::internal::HeapObject>, v8::internal::FullHeapObjectSlot, v8::internal::Tagged<v8::internal::HeapObject>) ()
   from /var/www/discourse/vendor/bundle/ruby/3.3.0/gems/mini_racer-0.15.0/lib/mini_racer_extension.so
#8  0x00007f9eb55874c2 in v8::internal::Compiler::DisposeTurbofanCompilationJob(v8::internal::Isolate*, v8::internal::TurbofanCompilationJob*, bool) ()
   from /var/www/discourse/vendor/bundle/ruby/3.3.0/gems/mini_racer-0.15.0/lib/mini_racer_extension.so
#9  0x00007f9eb5d49740 in v8::internal::OptimizingCompileDispatcher::FlushOutputQueue(bool) () from /var/www/discourse/vendor/bundle/ruby/3.3.0/gems/mini_racer-0.15.0/lib/mini_racer_extension.so
#10 0x00007f9eb5d49a53 in v8::internal::OptimizingCompileDispatcher::Flush(v8::internal::BlockingBehavior) ()
   from /var/www/discourse/vendor/bundle/ruby/3.3.0/gems/mini_racer-0.15.0/lib/mini_racer_extension.so
#11 0x00007f9eb548239e in v8::internal::Isolate::AbortConcurrentOptimization(v8::internal::BlockingBehavior) ()
   from /var/www/discourse/vendor/bundle/ruby/3.3.0/gems/mini_racer-0.15.0/lib/mini_racer_extension.so
#12 0x00007f9eb5400de8 in v8::internal::Heap::CollectAllAvailableGarbage(v8::internal::GarbageCollectionReason) ()
   from /var/www/discourse/vendor/bundle/ruby/3.3.0/gems/mini_racer-0.15.0/lib/mini_racer_extension.so
#13 0x00007f9eb52b8914 in v8::Isolate::LowMemoryNotification() () from /var/www/discourse/vendor/bundle/ruby/3.3.0/gems/mini_racer-0.15.0/lib/mini_racer_extension.so
#14 0x00007f9eb5282601 in rb_isolate_low_memory_notification (self=140319468385640) at mini_racer_extension.cc:970
#15 0x00007f9edaac52fc in vm_call_cfunc_with_frame_ (stack_bottom=<optimized out>, argv=<optimized out>, argc=0, calling=<optimized out>, reg_cfp=0x7f9e7d590eb0, ec=0x7f9e9c48ebd0)
    at /tmp/ruby-build.20240822030420.245.5BFPlP/ruby-3.3.3/vm_insnhelper.c:3490

It is going to take us a bit longer to get this v8 upgrade completed

D-system commented 1 month ago

Sorry for the extreme late reply. I tried 0.17.0.pre with my project and it works. Note that Rails went up to v7.0.8.4.

Interesting to see the Chromium issue ticket mentioning this page.