RESOLVED INVALID 150273
[QTWEBKIT] Blocked browser after random actions 
https://bugs.webkit.org/show_bug.cgi?id=150273
Summary [QTWEBKIT] Blocked browser after random actions
williambni
Reported 2015-10-17 01:16:14 PDT
Hello, qt5webkit is stuck after few map action with OpenLayers3 actions . CONTEXTE: I tested it on QT5.3.2, QT5.4.1 either on Ubuntu 14.04, Ubuntu 15.04 and a yocto build from my own. DESCRIPTION: After some ol3 actions, the browser is stuck with the following states: - all the thread are asleep in cond_wait-like condition except on which is running permanently . - at kernel level, this thread mmap and munmap memory indefinitely to acquire memory. - with debugger, I can see always stop the execution in Qt calling JSC::arrayProtoFuncPush . Then, you can see below the callstack going to mmap. I Ubuntu 14.04, I have more information regarding callstack at Qt level: it goes through : - QEventLoop::processEvents() - QAbstractAnimation::start() - QAbstractAnimation::setCurrentTime() My idea is that Webkit receives the same event to create a object indefinitely. I look forward any idea to solve this. My next step would be to compile QtCore & QtGui in debug to figure out why it calls permanently this stack. Thanks. #0 mmap64 () at ../sysdeps/unix/syscall-template.S:81 #1 0x00007f189c4a9bd3 in WTF::OSAllocator::reserveUncommitted (bytes=bytes@entry=1634304, usage=usage@entry=WTF::OSAllocator::UnknownUsage, writable=writable@entry=true, executable=executable@entry=false, includesGuardPages=includesGuardPages@entry=false) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/WTF/wtf/OSAllocatorPosix.cpp:67 #2 0x00007f189c487d6b in WTF::PageAllocationAligned::allocate (size=size@entry=1605632, alignment=alignment@entry=32768, usage=usage@entry=WTF::OSAllocator::UnknownUsage, writable=writable@entry=true) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/WTF/wtf/PageAllocationAligned.cpp:55 #3 0x00007f1895d34911 in createCustomSize (blockAlignment=32768, blockSize=1605632) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/heap/Region.h:186 #4 createCustomSize (superRegion=<optimized out>, blockAlignment=32768, blockSize=<optimized out>) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/heap/Region.h:243 #5 allocateCustomSize (blockAlignment=32768, this=<optimized out>, blockSize=1572920) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/heap/BlockAllocator.h:165 #6 JSC::CopiedSpace::tryAllocateOversize (this=this@entry=0x1847b68, bytes=1572856, outPtr=outPtr@entry=0x7ffef2e75c30) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/heap/CopiedSpace.cpp:85 #7 0x00007f1895d36f6a in JSC::CopiedSpace::tryReallocateOversize (this=this@entry=0x1847b68, ptr=ptr@entry=0x7ffef2e75da8, oldSize=oldSize@entry=786424, newSize=newSize@entry=1572856) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/heap/CopiedSpace.cpp:132 #8 0x00007f1895d3806c in JSC::CopiedSpace::tryReallocate (this=this@entry=0x1847b68, ptr=ptr@entry=0x7ffef2e75da8, oldSize=786424, newSize=newSize@entry=1572856) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/heap/CopiedSpace.cpp:109 #9 0x00007f189607cf1e in tryReallocateStorage (newSize=<optimized out>, oldSize=<optimized out>, ptr=0x7ffef2e75da8, this=0x183f0b8) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/heap/Heap.h:396 #10 JSC::Butterfly::growArrayRight (this=<optimized out>, vm=..., oldStructure=0x7f183c37e788, propertyCapacity=<optimized out>, hadIndexingHeader=hadIndexingHeader@entry=true, oldIndexingPayloadSizeInBytes=oldIndexingPayloadSizeInBytes@entry=786416, newIndexingPayloadSizeInBytes=1572848) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/runtime/ButterflyInlines.h:115 #11 0x00007f189607450c in JSC::JSObject::ensureLengthSlow (this=this@entry=0x7f1802d14820, vm=..., length=length@entry=98303) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/runtime/JSObject.cpp:2372 #12 0x00007f189602e3cd in JSC::JSObject::ensureLength (this=this@entry=0x7f1802d14820, vm=..., length=length@entry=98303) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/runtime/JSObject.h:801 #13 0x00007f189607f3fe in JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes<(unsigned char)22> (this=this@entry=0x7f1802d14820, exec=exec@entry=0x7f183c387778, i=i@entry=98302, value=...) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/runtime/JSObject.cpp:1886 #14 0x00007f189607a390 in JSC::JSObject::putByIndexBeyondVectorLength (this=this@entry=0x7f1802d14820, exec=exec@entry=0x7f183c387778, i=i@entry=98302, value=..., shouldThrow=shouldThrow@entry=true) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/runtime/JSObject.cpp:2028 #15 0x00007f189607a5a7 in JSC::JSObject::putByIndex (cell=0x7f1802d14820, exec=0x7f183c387778, propertyName=98302, value=..., shouldThrow=<optimized out>) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/runtime/JSObject.cpp:537 #16 0x00007f1895fac9cc in JSC::arrayProtoFuncPush (exec=0x7f183c387778) at /home/will/disk/wk/rtd/qtwebkit-opensource-src-5.4.1/Source/JavaScriptCore/runtime/ArrayPrototype.cpp:501
Attachments
Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2016-10-13 12:15:51 PDT
webkit.org no longer supports Qt, this port has been removed a long time ago.
Note You need to log in before you can comment on or make changes to this bug.