Bug 279883

Summary: [GTK] [2.46.0] Web process crashes in armhf: RELEASE_ASSERT(!g_wtfConfig.isPermanentlyFrozen);
Product: WebKit Reporter: Alberto Garcia <berto>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: NEW    
Severity: Normal CC: bugs-noreply
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Alberto Garcia
Reported 2024-09-18 05:01:37 PDT
How to reproduce the problem: $ xvfb-run --server-args='-screen 0 640x480x16' /usr/lib/*/webkit2gtk-4.1/MiniBrowser https://webkitgtk.org/ libEGL warning: DRI3: Screen seems not DRI3 capable libEGL warning: DRI3: Screen seems not DRI3 capable MESA: error: ZINK: vkCreateInstance failed (VK_ERROR_INCOMPATIBLE_DRIVER) libEGL warning: egl: failed to create dri2 screen ** (MiniBrowser:2440926): WARNING **: 11:54:48.880: WebProcess CRASHED $ gdb -c core /usr/lib/arm-linux-gnueabihf/webkit2gtk-4.1/WebKitWebProcessCore was generated by `/usr/lib/arm-linux-gnueabihf/webkit2gtk-4.1/WebKitWebProcess 13 117 119'. Program terminated with signal SIGABRT, Aborted. #0 __libc_do_syscall () at ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:47 warning: 47 ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S: No such file or directory [Current thread is 1 (Thread 0xe5473020 (LWP 2440959))] (gdb) bt #0 __libc_do_syscall () at ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:47 #1 0xf49db7d4 in __pthread_kill_implementation (threadid=3846647840, signo=6, no_tid=<optimized out>) at pthread_kill.c:43 #2 0xf49aa022 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #3 0xf499afec in __GI_abort () at abort.c:79 #4 0xf46ac290 in WTFCrashWithInfo () at ./Source/WTF/wtf/Assertions.h:864 #5 WTF::Config::AssertNotFrozenScope::~AssertNotFrozenScope () at ./Source/WTF/wtf/WTFConfig.h:128 #6 WTF::SignalHandlers::finalize () at ./Source/WTF/wtf/threads/Signals.cpp:608 #7 0xf468c83c in operator() () at ./Source/WTF/wtf/WTFConfig.cpp:121 #8 __invoke_impl<void, WTF::Config::finalize()::<lambda()> > () at /usr/include/c++/14/bits/invoke.h:61 #9 __invoke<WTF::Config::finalize()::<lambda()> > () at /usr/include/c++/14/bits/invoke.h:96 #10 operator() () at /usr/include/c++/14/mutex:909 #11 operator() () at /usr/include/c++/14/mutex:845 #12 _FUN () at /usr/include/c++/14/mutex:845 #13 0xf49ddf0c in __pthread_once_slow (once_control=0xf47fcd3c <WTF::Config::finalize()::once>, init_routine=0xf1c66a2d <__once_proxy>) at pthread_once.c:116 #14 0xf468c788 in __gthread_once () at /usr/include/arm-linux-gnueabihf/c++/14/bits/gthr-default.h:713 #15 call_once<WTF::Config::finalize()::<lambda()> > () at /usr/include/c++/14/mutex:916 #16 WTF::Config::finalize () at ./Source/WTF/wtf/WTFConfig.cpp:120 #17 0xf435467c in JSC::Config::finalize () at ./Source/JavaScriptCore/runtime/JSCConfig.h:49 #18 JSC::VM::VM () at ./Source/JavaScriptCore/runtime/VM.cpp:436 #19 0xf4354e00 in JSC::VM::create () at ./Source/JavaScriptCore/runtime/VM.cpp:551 #20 0xf5f1b3c2 in WebCore::commonVMSlow () at ./Source/WebCore/bindings/js/CommonVM.cpp:68 #21 0xf52cb776 in WebCore::commonVM () at ./build-soup3/WebCore/PrivateHeaders/WebCore/CommonVM.h:52 #22 WebKit::WebProcess::initializeWebProcess () at ./Source/WebKit/WebProcess/WebProcess.cpp:605 #23 0xf4ed137e in IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}::operator()<WebKit::WebProcessCreationParameters>(WebKit::WebProcessCreationParameters&&) const () at ./Source/WebKit/Platform/IPC/HandleMessage.h:146 #24 std::__invoke_impl<void, IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}, WebKit::WebProcessCreationParameters>(std::__invoke_other, IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}&&, WebKit::WebProcessCreationParameters&&) () at /usr/include/c++/14/bits/invoke.h:61 #25 std::__invoke<IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}, WebKit::WebProcessCreationParameters>(IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}&&, WebKit::WebProcessCreationParameters&&) () at /usr/include/c++/14/bits/invoke.h:96 #26 std::__apply_impl<IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}, std::tuple<WebKit::WebProcessCreationParameters>, 0u>(IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}&&, std::tuple<WebKit::WebProcessCreationParameters>&&, std::integer_sequence<unsigned int, 0u>) () at /usr/include/c++/14/tuple:2921 #27 _ZSt5applyIZN3IPC18callMemberFunctionIN6WebKit10WebProcessES3_FvONS2_28WebProcessCreationParametersEON3WTF17CompletionHandlerIFvN7WebCore15ProcessIdentityEEEEESt5tupleIJS4_EESA_EEvPT_MT0_T1_OT2_ONS7_IT3_EEEUlDpOT_E_TkSt12__tuple_likeSF_EDcOSG_OSI_ () at /usr/include/c++/14/tuple:2936 #28 IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void(WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void(WebCore::ProcessIdentity)> () at ./Source/WebKit/Platform/IPC/HandleMessage.h:144 #29 IPC::handleMessageAsync<Messages::WebProcess::InitializeWebProcess, WebKit::WebProcess, WebKit::WebProcess, void(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void(WebCore::ProcessIdentity)>&&)> () at ./Source/WebKit/Platform/IPC/HandleMessage.h:336 #30 0xf4ed4df6 in WebKit::WebProcess::didReceiveWebProcessMessage () at ./build-soup3/DerivedSources/WebKit/WebProcessMessageReceiver.cpp:112 #31 0xf50cd4f0 in IPC::Connection::dispatchMessage () at ./Source/WebKit/Platform/IPC/Connection.cpp:1451 #32 0xf50cda98 in IPC::Connection::dispatchMessage () at ./Source/WebKit/Platform/IPC/Connection.cpp:1408 #33 IPC::Connection::dispatchOneIncomingMessage () at ./Source/WebKit/Platform/IPC/Connection.cpp:1518 #34 0xf46641fc in WTF::Function<void()>::operator() () at ./Source/WTF/wtf/Function.h:82 #35 WTF::RunLoop::performWork () at ./Source/WTF/wtf/RunLoop.cpp:147 #36 0xf46aeab6 in operator() () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:80 #37 _FUN () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:82 #38 0xf46af4bc in operator() () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:53 #39 _FUN () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:56 #40 0xf1f6eb06 in g_main_dispatch (context=context@entry=0x1c9ef80) at ../../../glib/gmain.c:3357 #41 0xf1f70620 in g_main_context_dispatch_unlocked (context=0x1c9ef80) at ../../../glib/gmain.c:4208 #42 g_main_context_iterate_unlocked (context=0x1c9ef80, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../../../glib/gmain.c:4273 #43 0xf1f70ee0 in g_main_loop_run (loop=0x1cb9160) at ../../../glib/gmain.c:4475 #44 0xf46af638 in WTF::RunLoop::run () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:108 #45 0xf54582ea in WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run () at ./Source/WebKit/Shared/AuxiliaryProcessMain.h:72 #46 WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run () at ./Source/WebKit/Shared/AuxiliaryProcessMain.h:59 #47 WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainGtk> () at ./Source/WebKit/Shared/AuxiliaryProcessMain.h:98 #48 0xf499b4fa in __libc_start_call_main (main=main@entry=0x6ce57d <main()>, argc=argc@entry=4, argv=0xffcc8f24, argv@entry=0xf4a8be44) at ../sysdeps/nptl/libc_start_call_main.h:58 #49 0xf499b59e in __libc_start_main_impl (main=0x6ce57d <main()>, argc=4, argv=0xf4a8be44, init=<optimized out>, fini=0x0, rtld_fini=0xf7e1099d <_dl_fini>, stack_end=0xffcc8f24) at libc-start.c:360 #50 0x006ce5a8 in _start () Backtrace stopped: previous frame identical to this frame (corrupt stack?)
Attachments
Add attachment proposed patch, testcase, etc.
Alberto Garcia
Comment 1 2024-09-19 07:37:54 PDT
This seems to happen if the system malloc is used instead of bmalloc. I had to disable bmalloc on armhf due to bug 278858, but if I re-enable it again I cannot reproduce this crash.
Note You need to log in before you can comment on or make changes to this bug.