275099 2024-06-04 01:39:58 -0700 [WPE] WPEWebProcess : allocateMoreOutOfLineStorage crash 2026-01-19 00:30:03 -0800 1 1 1 Unclassified WebKit JavaScriptCore WebKit Local Build Unspecified Unspecified REOPENED P2 Normal --- 1 w.vanhauwaert webkit-unassigned aperez oldest_to_newest 2039608 0 w.vanhauwaert 2024-06-04 01:39:58 -0700 In our application (sending and interpreting websocket data on regular time, running on imx53 if that matters), after a while we get a crash of WPEWebProcess. This results in a screen which shows: "The renderer process crashed. Reloading the page may fix intermittent failures." Backtrace got me to: (gdb) bt #0 0xb4701ebc in JSC::JSObject::allocateMoreOutOfLineStorage(JSC::VM&, unsigned int, unsigned int) () from /home/wv/debugfs/usr/lib/libWPEWebKit-2.0.so.1 #1 0xb478ba26 in JSC::LiteralParser<unsigned char>::parseRecursively(JSC::VM&, unsigned char*) () from /home/wv/debugfs/usr/lib/libWPEWebKit-2.0.so.1 #2 0xb4789b32 in JSC::LiteralParser<unsigned char>::parseRecursively(JSC::VM&, unsigned char*) () from /home/wv/debugfs/usr/lib/libWPEWebKit-2.0.so.1 #3 0xb4789b32 in JSC::LiteralParser<unsigned char>::parseRecursively(JSC::VM&, unsigned char*) () from /home/wv/debugfs/usr/lib/libWPEWebKit-2.0.so.1 #4 0xb478884c in JSC::LiteralParser<unsigned char>::parseRecursively(JSC::VM&, unsigned char*) () from /home/wv/debugfs/usr/lib/libWPEWebKit-2.0.so.1 #5 0xb4789b32 in JSC::LiteralParser<unsigned char>::parseRecursively(JSC::VM&, unsigned char*) () from /home/wv/debugfs/usr/lib/libWPEWebKit-2.0.so.1 #6 0xb4789b32 in JSC::LiteralParser<unsigned char>::parseRecursively(JSC::VM&, unsigned char*) () from /home/wv/debugfs/usr/lib/libWPEWebKit-2.0.so.1 #7 0xb478f1d2 in JSC::LiteralParser<unsigned char>::parseRecursivelyEntry(JSC::VM&) () from /home/wv/debugfs/usr/lib/libWPEWebKit-2.0.so.1 #8 0xb46f5b22 in JSC::jsonProtoFuncParse(JSC::JSGlobalObject*, JSC::CallFrame*) () from /home/wv/debugfs/usr/lib/libWPEWebKit-2.0.so.1 #9 0xad2ff128 in ?? () Backtrace stopped: previous frame identical to this frame (corrupt stack?) Anyone has an idea? Of idea to dig further? 2041148 1 w.vanhauwaert 2024-06-13 04:33:15 -0700 same function, different backtrace #0 0xb471eebc in JSC::JSObject::allocateMoreOutOfLineStorage(JSC::VM&, unsigned int, unsigned int) () from /opt/nfsroot/rootfs_imx53_scarthgap/usr/lib/libWPEWebKit-2.0.so.1.3.2 #1 0xb423dad4 in WTF::ASCIILiteral JSC::JSObject::putDirectInternal<(JSC::JSObject::PutMode)0>(JSC::VM&, JSC::PropertyName, JSC::JSValue, unsigned int, JSC::PutPropertySlot&) () from /opt/nfsroot/rootfs_imx53_scarthgap/usr/lib/libWPEWebKit-2.0.so.1.3.2 #2 0xb4527966 in llint_slow_path_put_by_id () from /opt/nfsroot/rootfs_imx53_scarthgap/usr/lib/libWPEWebKit-2.0.so.1.3.2 #3 0xb6508ab8 in llint_op_put_by_id () from /opt/nfsroot/rootfs_imx53_scarthgap/usr/lib/libWPEWebKit-2.0.so.1.3.2 2143923 2 aperez 2025-09-18 05:10:09 -0700 It looks like this is the same as bug #295780 as pointer by Wouter in the WPE chat room -- the other one has a bit more of information, so I am going to close this one as duplicate. *** This bug has been marked as a duplicate of bug 295780 *** 2172953 3 w.vanhauwaert 2026-01-19 00:28:18 -0800 It appears no duplicate of the earlier mentioned bug. Result looks the same (issue in memory allocation), but origin differs. I took a step back and avoided the recursive parsing by adding JSC_useRecursiveJSONParse=false to the environment and issue seems gone 2172954 4 w.vanhauwaert 2026-01-19 00:30:03 -0800 Hitting same on imx6q, rdk-vivante backend (no cog) Core was generated by `/usr/libexec/wpe-webkit-1.1/WPEWebProcess 23 27 31'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x7419c8ec in JSC::JSObject::allocateMoreOutOfLineStorage(JSC::VM&, unsigned int, unsigned int) () from ./usr/lib/libWPEWebKit-1.1.so.0 [Current thread is 1 (LWP 700)] (gdb) bt #0 0x7419c8ec in JSC::JSObject::allocateMoreOutOfLineStorage(JSC::VM&, unsigned int, unsigned int) () from ./usr/lib/libWPEWebKit-1.1.so.0 #1 0x742741c6 in JSC::LiteralParser<unsigned char, (JSC::JSONReviverMode)0>::parseRecursively(JSC::VM&, unsigned char*) () from ./usr/lib/libWPEWebKit-1.1.so.0 #2 0x7427093c in JSC::LiteralParser<unsigned char, (JSC::JSONReviverMode)0>::parseRecursively(JSC::VM&, unsigned char*) () from ./usr/lib/libWPEWebKit-1.1.so.0 #3 0x7427093c in JSC::LiteralParser<unsigned char, (JSC::JSONReviverMode)0>::parseRecursively(JSC::VM&, unsigned char*) () from ./usr/lib/libWPEWebKit-1.1.so.0 #4 0x7426fc60 in JSC::LiteralParser<unsigned char, (JSC::JSONReviverMode)0>::parseRecursively(JSC::VM&, unsigned char*) () from ./usr/lib/libWPEWebKit-1.1.so.0 #5 0x7427093c in JSC::LiteralParser<unsigned char, (JSC::JSONReviverMode)0>::parseRecursively(JSC::VM&, unsigned char*) () from ./usr/lib/libWPEWebKit-1.1.so.0 #6 0x7427093c in JSC::LiteralParser<unsigned char, (JSC::JSONReviverMode)0>::parseRecursively(JSC::VM&, unsigned char*) () from ./usr/lib/libWPEWebKit-1.1.so.0 #7 0x7427a0a0 in JSC::LiteralParser<unsigned char, (JSC::JSONReviverMode)0>::parseRecursivelyEntry(JSC::VM&) () from ./usr/lib/libWPEWebKit-1.1.so.0 #8 0x74192484 in JSC::jsonProtoFuncParse(JSC::JSGlobalObject*, JSC::CallFrame*) () from ./usr/lib/libWPEWebKit-1.1.so.0 #9 0x6c2ff148 in ?? () Backtrace stopped: previous frame identical to this frame (corrupt stack?) (gdb) Idem for rockchip rk3288 with wayland/cog. No backtrace of this one, but I suspect the same