Issue 818692 link

Starred by 2 users

Issue metadata

Status:	Duplicate
Merged:	issue 818611
Owner:	----
Closed:	Mar 2018
Cc:	hablich@chromium.org inglorion@chromium.org
Components:	Blink>JavaScript
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	3
Type:	Bug

Several tests failing on CFI bot after V8 update

Project Member Reported by thakis@chromium.org, Mar 5 2018

Issue description

https://ci.chromium.org/buildbot/chromium.clang/CFI%20Linux%20ToT/1965

https://logs.chromium.org/v/?s=chromium%2Fbb%2Fchromium.clang%2FCFI_Linux_ToT%2F1965%2F%2B%2Frecipes%2Fsteps%2Fcomponents_browsertests%2F0%2Flogs%2FDomDistillerJsTest.RunJsTests%2F0


[ RUN      ] DomDistillerJsTest.RunJsTests
Xlib:  extension "RANDR" missing on display ":99".
DevTools listening on ws://127.0.0.1:42512/devtools/browser/e80a0cd2-52d8-4e63-9aee-4243c9a22f33
Fontconfig warning: "/etc/fonts/fonts.conf", line 146: blank doesn't take any effect anymore. please remove it from your fonts.conf
../../v8/src/compiler/operator.h:215:10: runtime error: control flow integrity check for type 'v8::internal::compiler::Operator1<int, v8::internal::compiler::OpEqualTo<int>, v8::internal::compiler::OpHash<int> >' failed during cast to unrelated type (vtable address 0x00000094ed80)
0x00000094ed80: note: vtable is of type 'v8::internal::compiler::Operator1<v8::internal::compiler::IfValueParameters, v8::internal::compiler::OpEqualTo<v8::internal::compiler::IfValueParameters>, v8::internal::compiler::OpHash<v8::internal::compiler::IfValueParameters> >'
 00 00 00 00  50 2c e0 04 00 00 00 00  10 31 e0 04 00 00 00 00  40 31 e0 04 00 00 00 00  e0 31 e0 04
              ^
    #0 0x4de8c77 in int const& v8::internal::compiler::OpParameter<int>(v8::internal::compiler::Operator const*) v8/src/compiler/operator.h:216:9
    #1 0x4f68bf7 in v8::internal::compiler::Verifier::Visitor::Check(v8::internal::compiler::Node*, v8::internal::compiler::AllNodes const&) v8/src/compiler/verifier.cc:301:17
    #2 0x4f6ae0d in v8::internal::compiler::Verifier::Run(v8::internal::compiler::Graph*, v8::internal::compiler::Verifier::Typing, v8::internal::compiler::Verifier::CheckInputs, v8::internal::compiler::Verifier::CodeType) v8/src/compiler/verifier.cc:1719:44
    #3 0x4ef772e in void v8::internal::compiler::PipelineImpl::Run<v8::internal::compiler::VerifyGraphPhase, bool>(bool) v8/src/compiler/pipeline.cc:1071:9
    #4 0x4ef5b24 in v8::internal::compiler::PipelineImpl::OptimizeGraph(v8::internal::compiler::Linkage*) v8/src/compiler/pipeline.cc:1962:5
    #5 0x4ef594f in v8::internal::compiler::PipelineCompilationJob::ExecuteJobImpl() v8/src/compiler/pipeline.cc:835:18
    #6 0x4db201b in v8::internal::CompilationJob::ExecuteJob() v8/src/compiler.cc:111:22
    #7 0x4dafb8e in v8::internal::OptimizingCompileDispatcher::CompileNext(v8::internal::CompilationJob*) v8/src/compiler-dispatcher/optimizing-compile-dispatcher.cc:115:40
    #8 0x4db0a53 in v8::internal::OptimizingCompileDispatcher::CompileTask::RunInternal() v8/src/compiler-dispatcher/optimizing-compile-dispatcher.cc:67:20
    #9 0x34bb984 in base::OnceCallback<void ()>::Run() && base/callback.h:95:12
    #10 0x579b647 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) base/debug/task_annotator.cc:61:33
    #11 0x582ce1d in base::internal::TaskTracker::RunOrSkipTask(base::internal::Task, base::internal::Sequence*, bool) base/task_scheduler/task_tracker.cc:460:23
    #12 0x582e884 in base::internal::TaskTrackerPosix::RunOrSkipTask(base::internal::Task, base::internal::Sequence*, bool) base/task_scheduler/task_tracker_posix.cc:25:16
    #13 0x582c218 in base::internal::TaskTracker::RunAndPopNextTask(scoped_refptr<base::internal::Sequence>, base::internal::CanScheduleSequenceObserver*) base/task_scheduler/task_tracker.cc:353:3
    #14 0x5823263 in base::internal::SchedulerWorker::Thread::ThreadMain() base/task_scheduler/scheduler_worker.cc:85:41
    #15 0x5833753 in base::(anonymous namespace)::ThreadFunc(void*) base/threading/platform_thread_posix.cc:76:13
    #16 0x7f748f1b4183 in start_thread /build/eglibc-ripdx6/eglibc-2.19/nptl/pthread_create.c:312:0
    #17 0x7f748959d03c in clone /build/eglibc-ripdx6/eglibc-2.19/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:111:0
BrowserTestBase received signal: Terminated. Backtrace:
#0 0x00000579958c base::debug::StackTrace::StackTrace()
#1 0x0000059404d3 content::(anonymous namespace)::DumpStackTraceSignalHandler()
#2 0x7fa540320cb0 <unknown>
#3 0x7fa5403dac9d __poll
#4 0x7fa5454d8fe4 <unknown>
#5 0x7fa5454d90ec g_main_context_iteration
#6 0x0000057cce36 base::MessagePumpGlib::Run()
#7 0x0000057c6d31 base::MessageLoop::Run()
#8 0x0000057fc04f base::RunLoop::Run()
#9 0x0000034f1528 dom_distiller::DomDistillerJsTest_RunJsTests_Test::RunTestOnMainThread()
#10 0x00000593ffe4 content::BrowserTestBase::ProxyRunTestOnMainThreadLoop()
#11 0x000005940e11 _ZN4base8internal7InvokerINS0_9BindStateIMN7content15BrowserTestBaseEFvvEJNS0_17UnretainedWrapperIS4_EEEEEFvvEE7RunImplIRKS6_RKNSt3__15tupleIJS8_EEEJLm0EEEEvOT_OT0_NSF_16integer_sequenceImJXspT1_EEEE
#12 0x0000058eb042 content::ShellBrowserMainParts::PreMainMessageLoopRun()
#13 0x0000042ce82b content::BrowserMainLoop::PreMainMessageLoopRun()
#14 0x0000042d2661 _ZN4base8internal7InvokerINS0_9BindStateIMN7content15BrowserMainLoopEFivEJNS0_17UnretainedWrapperIS4_EEEEEFivEE7RunImplIRKS6_RKNSt3__15tupleIJS8_EEEJLm0EEEEiOT_OT0_NSF_16integer_sequenceImJXspT1_EEEE
#15 0x0000048ee7c9 content::StartupTaskRunner::RunAllTasksNow()
#16 0x0000042cd1ee content::BrowserMainLoop::CreateStartupTasks()
#17 0x0000042d34ca content::BrowserMainRunnerImpl::Initialize()
#18 0x0000059299c8 ShellBrowserMain()
#19 0x000005928077 content::ShellMainDelegate::RunProcess()
#20 0x0000056cc7b3 content::RunNamedProcessTypeMain()
#21 0x0000056cdee1 content::ContentMainRunnerImpl::Run()
#22 0x000007092b1a service_manager::Main()
#23 0x0000056c52b4 content::ContentMain()
#24 0x00000593fb93 content::BrowserTestBase::SetUp()
#25 0x0000058d379f content::ContentBrowserTest::SetUp()
#26 0x0000035abacd testing::Test::Run()
#27 0x0000035ac1fd testing::TestInfo::Run()
#28 0x0000035ac972 testing::TestCase::Run()
#29 0x0000035b13e3 testing::internal::UnitTestImpl::RunAllTests()
#30 0x0000035b107a testing::UnitTest::Run()
#31 0x00000588abb7 base::TestSuite::Run()
#32 0x000005926f2c content::ContentTestLauncherDelegate::RunTestSuite()
#33 0x00000594be6e content::LaunchTests()
#34 0x000005926e99 main
#35 0x7fa54030bf45 __libc_start_main
#36 0x00000339202a _start


Also (same stacks):
https://logs.chromium.org/v/?s=chromium%2Fbb%2Fchromium.clang%2FCFI_Linux_ToT%2F1965%2F%2B%2Frecipes%2Fsteps%2Fwebkit_unit_tests%2F0%2Flogs%2FJsToCppTest.BackPointer%2F0
https://logs.chromium.org/v/?s=chromium%2Fbb%2Fchromium.clang%2FCFI_Linux_ToT%2F1965%2F%2B%2Frecipes%2Fsteps%2Fbrowser_tests%2F0%2Flogs%2FCrExtensionsShortcutA11yTestWithExtensions.ShortcutsWithExtensions_duplicate_id%2F0

and several more, see first link.

Comment 1 by thakis@chromium.org, Mar 5 2018

Cc: hablich@chromium.org

Forgot to say: Build included this v8 roll: https://chromium-review.googlesource.com/946270

Changes in that roll: https://chromium.googlesource.com/v8/v8/+log/d5002715..e1de5c82

Comment 2 by hablich@chromium.org, Mar 5 2018

Mergedinto: 818611
Status: Duplicate (was: Untriaged)

►

Issue 818692 link

Issue metadata

Several tests failing on CFI bot after V8 update

Issue description

Comment 1 by thakis@chromium.org, Mar 5 2018

Comment 1 Deleted

Comment 2 by hablich@chromium.org, Mar 5 2018

Comment 2 Deleted

Sign in to add a comment