WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
Bug 179914
[GTK] Duplicated symbols in libjavascriptcoregtk and libwebkit2gtk can cause crashes in production builds
https://bugs.webkit.org/show_bug.cgi?id=179914
Summary
[GTK] Duplicated symbols in libjavascriptcoregtk and libwebkit2gtk can cause ...
Andres Gomez Garcia
Reported
2017-11-21 04:35:11 PST
Created
attachment 327398
[details]
BT from gdb for the WebProcess I'm using WebKitGtk+ with my own JHBuild setting:
https://github.com/tanty/jhbuild-epiphany/tree/master
MiniBrowser from WebKit 2.17.92. The compilation was done with CMake args: '-DDEBUG_FISSION=OFF -DPORT=GTK -DCMAKE_BUILD_TYPE=Release -DENABLE_MINIBROWSER=ON -DUSE_WOFF2=OFF -DCMAKE_C_FLAGS_RELEASE="-O0 -g -DNDEBUG -DG_DISABLE_CAST_CHECKS -DRELEASE_WITHOUT_OPTIMIZATIONS" -DCMAKE_CXX_FLAGS_RELEASE="-O0 -g -DNDEBUG -DG_DISABLE_CAST_CHECKS -DRELEASE_WITHOUT_OPTIMIZATIONS"' The WebProcess SIGSEVs immediately after launching. 100% reproducibility. It is unusable. This was not happening with 2.17.91, with the same compilation flags. Core from coredumpctl.
Attachments
BT from gdb for the WebProcess
(122.75 KB, text/plain)
2017-11-21 04:35 PST
,
Andres Gomez Garcia
no flags
Details
backtrace from abrt
(52.02 KB, text/plain)
2017-12-01 10:16 PST
,
Adam Williamson
no flags
Details
wk.patch
(6.88 KB, text/plain)
2017-12-04 10:49 PST
,
Milan Crha
no flags
Details
Patch
(18.71 KB, patch)
2017-12-21 13:49 PST
,
Michael Catanzaro
no flags
Details
Formatted Diff
Diff
Patch
(18.76 KB, patch)
2017-12-21 13:58 PST
,
Michael Catanzaro
cgarcia
: review+
cgarcia
: commit-queue-
Details
Formatted Diff
Diff
Scripts
(3.76 KB, patch)
2018-01-16 08:14 PST
,
Carlos Garcia Campos
no flags
Details
Formatted Diff
Diff
Patch
(7.32 KB, patch)
2018-01-17 01:23 PST
,
Carlos Garcia Campos
zan
: review+
Details
Formatted Diff
Diff
Show Obsolete
(3)
View All
Add attachment
proposed patch, testcase, etc.
Andres Gomez Garcia
Comment 1
2017-11-21 04:40:46 PST
(In reply to Andres Gomez Garcia from
comment #0
)
> MiniBrowser from WebKit 2.17.92.
I meant 2.19.2
Andres Gomez Garcia
Comment 2
2017-11-21 04:41:07 PST
(In reply to Andres Gomez Garcia from
comment #0
)
> This was not happening with 2.17.91, with the same compilation flags.
I meant 2.19.1
Carlos Garcia Campos
Comment 3
2017-11-21 05:05:41 PST
This is because
r224537
I guess, I can't reproduce, nor the bots either.
Carlos Garcia Campos
Comment 4
2017-11-21 05:12:41 PST
It doesn't look specific to GTK port.
Xabier Rodríguez Calvar
Comment 5
2017-11-27 02:19:34 PST
I'm hitting this in 2.19.2
Xabier Rodríguez Calvar
Comment 6
2017-11-27 02:24:03 PST
I am just building Epiphany from today's JHBuild with the following custom things: repos['git.gnome.org'] = 'ssh://git.gnome.org/git/' moduleset = 'gnome-world' modules = [ 'iso-codes', 'sbc', 'bluez', 'gnutls', 'gnome-themes-standard', 'gst-plugins-good', 'gst-plugins-bad', 'gst-libav' ] # WebKit ones modules = modules + [ 'dconf', 'epiphany' ] # Epiphany ones checkoutroot = os.path.expanduser('/home/calvaris/gnome/jhbuild/build/src') prefix = '/home/calvaris/gnome/jhbuild/build/install' makeargs = '-j' + os.environ['NUMBER_OF_PROCESSORS'] os.environ['MAKE'] = 'make -j' + os.environ['NUMBER_OF_PROCESSORS'] autogenargs='--disable-static --disable-gtk-doc --disable-tests' os.environ['INSTALL'] = os.path.expanduser('~/.local/bin/install-check') os.environ["DBUS_SYSTEM_BUS_ADDRESS"] = "unix:path=/var/run/dbus/system_bus_socket" os.environ['WEBKIT_DISABLE_COMPOSITING_MODE'] = '1' tarballdir = os.path.join(checkoutroot,'tarballs') module_autogenargs['WebKit'] = autogenargs + ' --disable-introspection --enable-silent-rules --enable-web-audio' module_autogenargs['cairo'] = autogenargs + ' --enable-gl=yes --enable-egl=yes --enable-glx=yes' module_autogenargs['NetworkManager'] = autogenargs + ' --enable-tests=no --with-system-libndp=no --enable-static' module_autogenargs['librsvg'] = autogenargs + ' --enable-vala=no' module_autogenargs['wayland'] = autogenargs + ' --disable-documentation' module_autogenargs['pulseaudio'] = autogenargs + ' --disable-systemd-daemon' module_autogenargs['libsoup'] = autogenargs + ' --enable-introspection' module_autogenargs['libqmi'] = autogenargs + ' --enable-pdc' module_makeargs['cairo'] = makeargs + ' CFLAGS+="-ffat-lto-objects"' addpath('ACLOCAL_PATH', '/usr/share/aclocal') addpath('GI_TYPELIB_PATH', '/home/calvaris/store/gnome/install/lib64/girepository-1.0')
Dan Jacobson
Comment 7
2017-11-28 22:31:38 PST
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882387
Yusuke Suzuki
Comment 8
2017-11-29 08:10:11 PST
(In reply to Andres Gomez Garcia from
comment #1
)
> (In reply to Andres Gomez Garcia from
comment #0
) > > MiniBrowser from WebKit 2.17.92. > > I meant 2.19.2
Is this caused by RELEASE_BASSERT?
https://trac.webkit.org/browser/webkit/releases/WebKitGTK/webkit-2.19.2/Source/bmalloc/bmalloc/IsoTLS.cpp#L80
Yusuke Suzuki
Comment 9
2017-11-29 08:23:48 PST
(In reply to Yusuke Suzuki from
comment #8
)
> (In reply to Andres Gomez Garcia from
comment #1
) > > (In reply to Andres Gomez Garcia from
comment #0
) > > > MiniBrowser from WebKit 2.17.92. > > > > I meant 2.19.2
And can we reproduce this with ToT?
Tomas Popela
Comment 10
2017-11-29 22:44:18 PST
(In reply to Yusuke Suzuki from
comment #9
)
> And can we reproduce this with ToT?
As per IRC some are able to reproduce it there: <mcrha> annulen, still crashes with git mastere of webkit
Milan Crha
Comment 11
2017-11-30 01:08:46 PST
Right, I have the checkout at commit 59f33e1bb10a912c57479fab2f6bf7dc82bccea6 [CoordGraphics] Rename CoordinatedBuffer to Nicosia::Buffer
https://bugs.webkit.org/show_bug.cgi?id=180135
and it's still crashing, but this time in a different place, because the initial issue had been fixed with changes for
bug #179463
. I added some debug prints around the code and I see that IsoTLS::get() is called three times before it's initialized, before it crashes. Unfortunately, I do not have debug symbols compiled, I'll retry, but no promises, because the last time I tried gdb didn't like it. I'll see. 0x7fda5dce4ac0 get: not initialized #2 0x00007fda5cc3adc8 in bmalloc::IsoTLS::get() [clone .part.118] () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #3 0x00007fda5cc4decd in WebCore::RenderView::operator new(unsigned long) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #4 0x00007fda5c4ee862 in WebCore::Document::createRenderTree() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #5 0x00007fda5c5002e0 in WebCore::Document::didBecomeCurrentDocumentInFrame() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #6 0x00007fda5c87810a in WebCore::Frame::setDocument(WTF::RefPtr<WebCore::Document>&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #7 0x00007fda5c7b93ad in WebCore::DocumentWriter::begin(WebCore::URL const&, bool, WebCore::Document*) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #8 0x00007fda5c7b96fd in WebCore::DocumentLoader::commitData(char const*, unsigned long) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #9 0x00007fda5c7b9e0c in WebCore::DocumentLoader::finishedLoading() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #10 0x00007fda5c7bbd39 in WebCore::DocumentLoader::maybeLoadEmpty() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #11 0x00007fda5c7bd3fc in WebCore::DocumentLoader::startLoadingMainResource() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #12 0x00007fda5c7cb2f3 in WebCore::FrameLoader::init() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #13 0x00007fda5bb9f6ec in WebKit::WebFrame::createWithCoreMainFrame(WebKit::WebPage*, WebCore::Frame*) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #14 0x00007fda5bbb55f7 in WebKit::WebPage::WebPage(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #15 0x00007fda5bbb5e5e in WebKit::WebPage::create(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #16 0x00007fda5bb0a358 in WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #17 0x00007fda5bd9bcf7 in void IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)>(IPC::Decoder&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #18 0x00007fda5bd982c3 in WebKit::WebProcess::didReceiveWebProcessMessage(IPC::Connection&, IPC::Decoder&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #19 0x00007fda5b9b31fb in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #20 0x00007fda5b9b3a78 in IPC::Connection::dispatchOneMessage() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #21 0x00007fda582c06dd in WTF::RunLoop::performWork() () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #22 0x00007fda582e6d49 in WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #23 0x00007fda587c5bb7 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #24 0x00007fda587c5f60 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0 #25 0x00007fda587c6272 in g_main_loop_run () at /lib64/libglib-2.0.so.0 #26 0x00007fda582e7688 in WTF::RunLoop::run() () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #27 0x00007fda5bd35b08 in int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #28 0x00007fda5ad0003a in __libc_start_main () at /lib64/libc.so.6 #29 0x000000000040086a in _start () 0x7fda5dce4ac0 get: not initialized #2 0x00007fda5cc3adc8 in bmalloc::IsoTLS::get() [clone .part.118] () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #3 0x00007fda5cc54005 in bmalloc::IsoTLS* bmalloc::IsoTLS::ensureHeapAndEntries<WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #4 0x00007fda5cc555be in void* bmalloc::IsoTLS::allocateSlow<bmalloc::IsoConfig<560u>, WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&, bool) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #5 0x00007fda5c4ee862 in WebCore::Document::createRenderTree() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #6 0x00007fda5c5002e0 in WebCore::Document::didBecomeCurrentDocumentInFrame() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #7 0x00007fda5c87810a in WebCore::Frame::setDocument(WTF::RefPtr<WebCore::Document>&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #8 0x00007fda5c7b93ad in WebCore::DocumentWriter::begin(WebCore::URL const&, bool, WebCore::Document*) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #9 0x00007fda5c7b96fd in WebCore::DocumentLoader::commitData(char const*, unsigned long) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #10 0x00007fda5c7b9e0c in WebCore::DocumentLoader::finishedLoading() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #11 0x00007fda5c7bbd39 in WebCore::DocumentLoader::maybeLoadEmpty() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #12 0x00007fda5c7bd3fc in WebCore::DocumentLoader::startLoadingMainResource() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #13 0x00007fda5c7cb2f3 in WebCore::FrameLoader::init() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #14 0x00007fda5bb9f6ec in WebKit::WebFrame::createWithCoreMainFrame(WebKit::WebPage*, WebCore::Frame*) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #15 0x00007fda5bbb55f7 in WebKit::WebPage::WebPage(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #16 0x00007fda5bbb5e5e in WebKit::WebPage::create(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #17 0x00007fda5bb0a358 in WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #18 0x00007fda5bd9bcf7 in void IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)>(IPC::Decoder&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #19 0x00007fda5bd982c3 in WebKit::WebProcess::didReceiveWebProcessMessage(IPC::Connection&, IPC::Decoder&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #20 0x00007fda5b9b31fb in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #21 0x00007fda5b9b3a78 in IPC::Connection::dispatchOneMessage() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #22 0x00007fda582c06dd in WTF::RunLoop::performWork() () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #23 0x00007fda582e6d49 in WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #24 0x00007fda587c5bb7 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #25 0x00007fda587c5f60 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0 #26 0x00007fda587c6272 in g_main_loop_run () at /lib64/libglib-2.0.so.0 #27 0x00007fda582e7688 in WTF::RunLoop::run() () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #28 0x00007fda5bd35b08 in int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #29 0x00007fda5ad0003a in __libc_start_main () at /lib64/libc.so.6 #30 0x000000000040086a in _start () 0x7fda5dce4ac0 get: not initialized #2 0x00007fda582f1008 in bmalloc::IsoTLS::get() [clone .part.15] () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #3 0x00007fda582f16e5 in bmalloc::IsoTLS::ensureEntries(unsigned int) () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #4 0x00007fda5cc555be in void* bmalloc::IsoTLS::allocateSlow<bmalloc::IsoConfig<560u>, WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&, bool) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #5 0x00007fda5c4ee862 in WebCore::Document::createRenderTree() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #6 0x00007fda5c5002e0 in WebCore::Document::didBecomeCurrentDocumentInFrame() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #7 0x00007fda5c87810a in WebCore::Frame::setDocument(WTF::RefPtr<WebCore::Document>&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #8 0x00007fda5c7b93ad in WebCore::DocumentWriter::begin(WebCore::URL const&, bool, WebCore::Document*) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #9 0x00007fda5c7b96fd in WebCore::DocumentLoader::commitData(char const*, unsigned long) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #10 0x00007fda5c7b9e0c in WebCore::DocumentLoader::finishedLoading() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #11 0x00007fda5c7bbd39 in WebCore::DocumentLoader::maybeLoadEmpty() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #12 0x00007fda5c7bd3fc in WebCore::DocumentLoader::startLoadingMainResource() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #13 0x00007fda5c7cb2f3 in WebCore::FrameLoader::init() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #14 0x00007fda5bb9f6ec in WebKit::WebFrame::createWithCoreMainFrame(WebKit::WebPage*, WebCore::Frame*) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #15 0x00007fda5bbb55f7 in WebKit::WebPage::WebPage(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #16 0x00007fda5bbb5e5e in WebKit::WebPage::create(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #17 0x00007fda5bb0a358 in WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #18 0x00007fda5bd9bcf7 in void IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)>(IPC::Decoder&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #19 0x00007fda5bd982c3 in WebKit::WebProcess::didReceiveWebProcessMessage(IPC::Connection&, IPC::Decoder&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #20 0x00007fda5b9b31fb in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #21 0x00007fda5b9b3a78 in IPC::Connection::dispatchOneMessage() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #22 0x00007fda582c06dd in WTF::RunLoop::performWork() () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #23 0x00007fda582e6d49 in WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #24 0x00007fda587c5bb7 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #25 0x00007fda587c5f60 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0 #26 0x00007fda587c6272 in g_main_loop_run () at /lib64/libglib-2.0.so.0 #27 0x00007fda582e7688 in WTF::RunLoop::run() () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #28 0x00007fda5bd35b08 in int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #29 0x00007fda5ad0003a in __libc_start_main () at /lib64/libc.so.6 #30 0x000000000040086a in _start () 0x7fda5dce4ac0 operator(): using pthread_key_create(), key:0x11 0x7fda5dce4ac0 get: got-tls:(nil) 0x7fda5dce4ac0 ensureEntries: offset:136 got-tls:(nil) oldlast:(nil) layout.head():(nil) 0x7fda5dce4ac0 set: setting-tls:0x7fda5dd34000 to key:0x11 #3 0x00007fda582e4086 in WTF::jscSignalHandler(int, siginfo_t*, void*) () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #4 0x00007fda5ad16720 in <signal handler called> () at /lib64/libc.so.6 #5 0x00007fda5cc55342 in bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocateSlow(bool) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #6 0x00007fda5c4ee862 in WebCore::Document::createRenderTree() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #7 0x00007fda5c5002e0 in WebCore::Document::didBecomeCurrentDocumentInFrame() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #8 0x00007fda5c87810a in WebCore::Frame::setDocument(WTF::RefPtr<WebCore::Document>&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #9 0x00007fda5c7b93ad in WebCore::DocumentWriter::begin(WebCore::URL const&, bool, WebCore::Document*) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #10 0x00007fda5c7b96fd in WebCore::DocumentLoader::commitData(char const*, unsigned long) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #11 0x00007fda5c7b9e0c in WebCore::DocumentLoader::finishedLoading() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #12 0x00007fda5c7bbd39 in WebCore::DocumentLoader::maybeLoadEmpty() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #13 0x00007fda5c7bd3fc in WebCore::DocumentLoader::startLoadingMainResource() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #14 0x00007fda5c7cb2f3 in WebCore::FrameLoader::init() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #15 0x00007fda5bb9f6ec in WebKit::WebFrame::createWithCoreMainFrame(WebKit::WebPage*, WebCore::Frame*) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #16 0x00007fda5bbb55f7 in WebKit::WebPage::WebPage(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #17 0x00007fda5bbb5e5e in WebKit::WebPage::create(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #18 0x00007fda5bb0a358 in WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #19 0x00007fda5bd9bcf7 in void IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)>(IPC::Decoder&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #20 0x00007fda5bd982c3 in WebKit::WebProcess::didReceiveWebProcessMessage(IPC::Connection&, IPC::Decoder&) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #21 0x00007fda5b9b31fb in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #22 0x00007fda5b9b3a78 in IPC::Connection::dispatchOneMessage() () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #23 0x00007fda582c06dd in WTF::RunLoop::performWork() () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #24 0x00007fda582e6d49 in WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #25 0x00007fda587c5bb7 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #26 0x00007fda587c5f60 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0 #27 0x00007fda587c6272 in g_main_loop_run () at /lib64/libglib-2.0.so.0 #28 0x00007fda582e7688 in WTF::RunLoop::run() () at /build/test-wk2/lib/libjavascriptcoregtk-4.0.so.18 #29 0x00007fda5bd35b08 in int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) () at /build/test-wk2/lib/libwebkit2gtk-4.0.so.37 #30 0x00007fda5ad0003a in __libc_start_main () at /lib64/libc.so.6 #31 0x000000000040086a in _start ()
Milan Crha
Comment 12
2017-11-30 02:27:29 PST
The debug info works fine now, even many parts are optimized out (I'd not use the optimization, but you force it, thus bad luck for you). At the place of the current crash: #8 bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocateSlow (this=0x7f82cc6dd098, abortOnFailure=true) at /data/develop/test-wk2/_other/webkit.master/Source/bmalloc/bmalloc/IsoAllocatorInlines.h:63 63 std::lock_guard<Mutex> locker(m_heap->lock); (gdb) p m_heap $1 = (bmalloc::IsoHeapImpl<bmalloc::IsoConfig<560> > *) 0x0 (gdb) p *this $2 = {m_heap = 0x0, m_freeList = {m_scrambledHead = 0, m_secret = 0, m_payloadEnd = 0x0, m_remaining = 0, m_originalSize = 0}, m_currentPage = 0x0} ------------------------------------------------------------------------------ And now the boring part: 0x7f82cc68dac0 get: not initialized #2 0x00007f82cb5e3dc8 in bmalloc::IsoTLS::get() () at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:124 #3 0x00007f82cb5f6ecd in bmalloc::IsoTLS::get() () at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:80 ret = <optimized out> #4 0x00007f82cb5f6ecd in bmalloc::IsoTLS::allocateImpl<bmalloc::IsoConfig<560u>, WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&, bool) (abortOnFailure=true, handle=...) at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:71 #5 0x00007f82cb5f6ecd in bmalloc::IsoTLS::allocate<WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&, bool) (abortOnFailure=true, handle=...) at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:39 #6 0x00007f82cb5f6ecd in bmalloc::api::IsoHeap<WebCore::RenderView>::allocate() (this=0x7f82cc4ccb80 <WebCore::RenderView::bisoHeap()::heap>) at ....webkit.master/Source/bmalloc/bmalloc/IsoHeapInlines.h:50 #7 0x00007f82cb5f6ecd in WebCore::RenderView::operator new(unsigned long) (size=size@entry=560) at ....webkit.master/Source/WebCore/rendering/RenderView.cpp:61 #8 0x00007f82cae97862 in WebCore::createRenderer<WebCore::RenderView, WebCore::Document&, WebCore::RenderStyle>(WebCore::Document&, WebCore::RenderStyle&&) () at ....webkit.master/Source/WebCore/rendering/RenderPtr.h:43 this = 0x7f826cdf1800 #9 0x00007f82cae97862 in WebCore::Document::createRenderTree() (this=0x7f826cdf1800) at ....webkit.master/Source/WebCore/dom/Document.cpp:2211 this = 0x7f826cdf1800 #10 0x00007f82caea92e0 in WebCore::Document::didBecomeCurrentDocumentInFrame() (this=0x7f826cdf1800) at ....webkit.master/Source/WebCore/dom/Document.cpp:2227 #11 0x00007f82cb22110a in WebCore::Frame::setDocument(WTF::RefPtr<WebCore::Document>&&) (this=0x7f82af1ad440, newDocument=...) at ....webkit.master/Source/WebCore/page/Frame.cpp:297 #12 0x00007f82cb1623ad in WebCore::DocumentWriter::begin(WebCore::URL const&, bool, WebCore::Document*) (this=this@entry=0x7f82af19a080, urlReference=..., dispatch=dispatch@entry=false, ownerDocument=ownerDocument@entry=0x0) at ....webkit.master/Source/WebCore/loader/DocumentWriter.cpp:174 url = {m_string = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f82c6f0ead0 <WTF::StringImpl::s_atomicEmptyString>}}, m_isValid = false, m_protocolIsInHTTPFamily = false, m_cannotBeABaseURL = false, m_schemeEnd = 0, m_userStart = 0, m_userEnd = 0, m_passwordEnd = 0, m_hostEnd = 0, m_portEnd = 0, m_pathAfterLastSlash = 0, m_pathEnd = 0, m_queryEnd = 0} document = {static isRef = <optimized out>, m_ptr = 0x7f826cdf1800} shouldReuseDefaultView = <optimized out> insecureNavigationRequestsToUpgrade = {m_impl = {static m_maxLoad = 2, static m_minLoad = 6, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}} #13 0x00007f82cb1626fd in WebCore::DocumentLoader::commitData(char const*, unsigned long) (this=this@entry=0x7f82af19a000, bytes=bytes@entry=0x0, length=length@entry=0) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:855 userChosen = <optimized out> encoding = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f82c6f0ead0 <WTF::StringImpl::s_atomicEmptyString>}} #14 0x00007f82cb162e0c in WebCore::DocumentLoader::finishedLoading() (this=this@entry=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:413 protectedThis = {static isRef = <optimized out>, m_ptr = 0x7f82af19a000} responseEndTime = <optimized out> #15 0x00007f82cb164d39 in WebCore::DocumentLoader::maybeLoadEmpty() (this=this@entry=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1439 shouldLoadEmpty = <optimized out> mimeType = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f68000f0f40}} #16 0x00007f82cb1663fc in WebCore::DocumentLoader::startLoadingMainResource() (this=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1451 #17 0x00007f82cb1742f3 in WebCore::FrameLoader::init() (this=0x235ab30) at ....webkit.master/Source/WebCore/loader/FrameLoader.cpp:307 protect = <optimized out> #18 0x00007f82cb22108c in WebCore::Frame::init() (this=<optimized out>) at ....webkit.master/Source/WebCore/page/Frame.cpp:203 #19 0x00007f82ca5486ec in WebKit::WebFrame::createWithCoreMainFrame(WebKit::WebPage*, WebCore::Frame*) (page=page@entry=0x7f826cdf9000, coreFrame=0x7f82af1ad440) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebFrame.cpp:120 frame = {static isRef = <optimized out>, m_ptr = 0x7f82af1b6068} #20 0x00007f82ca55e5f7 in WebKit::WebPage::WebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0x7f826cdf9000, pageID=<optimized out>, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:431 webProcess = <optimized out> #21 0x00007f82ca55ee5e in WebKit::WebPage::create(unsigned long, WebKit::WebPageCreationParameters&&) (pageID=1, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:311 page = {static isRef = <optimized out>, m_ptr = 0x0} #22 0x00007f82ca4b3358 in WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0x2360b60, pageID=<optimized out>, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebProcess.cpp:597 #23 0x00007f82ca744cf7 in IPC::callMemberFunctionImpl<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, 0ul, 1ul>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, std::integer_sequence<unsigned long, 0ul, 1ul>) (args=..., function=<optimized out>, object=0x2360b60) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:40 #24 0x00007f82ca744cf7 in IPC::callMemberFunction<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, std::integer_sequence<unsigned long, 0ul, 1ul> >(std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (function=<optimized out>, object=0x2360b60, args=...) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:46 #25 0x00007f82ca744cf7 in IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)>(IPC::Decoder&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (decoder=..., object=object@entry=0x2360b60, function=(void (WebKit::WebProcess::*)(WebKit::WebProcess * const, unsigned long, WebKit::WebPageCreationParameters &&)) 0x7f82ca4b3300 <WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&)>) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:126 #26 0x00007f82ca7412c3 in WebKit::WebProcess::didReceiveWebProcessMessage(IPC::Connection&, IPC::Decoder&) (this=0x2360b60, connection=..., decoder=...) at ....webkit.master/_build/DerivedSources/WebKit/WebProcessMessageReceiver.cpp:69 #27 0x00007f82ca35c1fb in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (this=0x7f82af1e5000, message=std::unique_ptr<IPC::Decoder> containing 0x7f82af1dd060) at ....webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:928 oldDidReceiveInvalidMessage = false #28 0x00007f82ca35ca78 in IPC::Connection::dispatchOneMessage() (this=0x7f82af1e5000) at ....webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:959 message = std::unique_ptr<IPC::Decoder> containing 0x0 #29 0x00007f82c6c696dd in WTF::Function<void ()>::operator()() const (this=<synthetic pointer>) at ....webkit.master/Source/WTF/wtf/Function.h:56 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f82af1e3030} functionsHandled = 1 functionsToHandle = <optimized out> #30 0x00007f82c6c696dd in WTF::RunLoop::performWork() (this=0x7f82af1f9000) at ....webkit.master/Source/WTF/wtf/RunLoop.cpp:123 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f82af1e3030} functionsHandled = 1 functionsToHandle = <optimized out> #31 0x00007f82c6c8fd49 in WTF::RunLoop::<lambda(gpointer)>::operator() (__closure=0x0, userData=<optimized out>) at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:68 #32 0x00007f82c6c8fd49 in WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer) () at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:70 #33 0x00007f82c716ebb7 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #34 0x00007f82c716ef60 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0 #35 0x00007f82c716f272 in g_main_loop_run () at /lib64/libglib-2.0.so.0 #36 0x00007f82c6c90688 in WTF::RunLoop::run() () at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:96 nestedMainLoop = <optimized out> #37 0x00007f82ca6deb08 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) (argc=<optimized out>, argv=0x7ffd4424ff18) at ....webkit.master/Source/WebKit/Shared/unix/ChildProcessMain.h:61 #38 0x00007f82c96a903a in __libc_start_main () at /lib64/libc.so.6 #39 0x000000000040086a in _start () 0x7f82cc68dac0 get: not initialized #2 0x00007f82cb5e3dc8 in bmalloc::IsoTLS::get() () at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:124 #3 0x00007f82cb5fd005 in bmalloc::IsoTLS::get() () at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:161 ret = <optimized out> offset = <optimized out> #4 0x00007f82cb5fd005 in bmalloc::IsoTLS::ensureHeapAndEntries<WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&) (handle=...) at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:161 offset = <optimized out> #5 0x00007f82cb5fe5be in bmalloc::IsoTLS::allocateSlow<bmalloc::IsoConfig<560u>, WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&, bool) (handle=..., abortOnFailure=abortOnFailure@entry=true) at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:86 tls = <optimized out> #6 0x00007f82cb5f6eae in bmalloc::IsoTLS::allocateImpl<bmalloc::IsoConfig<560u>, WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&, bool) (abortOnFailure=true, handle=...) at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:73 #7 0x00007f82cb5f6eae in bmalloc::IsoTLS::allocate<WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&, bool) (abortOnFailure=true, handle=...) at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:39 #8 0x00007f82cb5f6eae in bmalloc::api::IsoHeap<WebCore::RenderView>::allocate() (this=<optimized out>) at ....webkit.master/Source/bmalloc/bmalloc/IsoHeapInlines.h:50 #9 0x00007f82cb5f6eae in WebCore::RenderView::operator new(unsigned long) (size=size@entry=560) at ....webkit.master/Source/WebCore/rendering/RenderView.cpp:61 #10 0x00007f82cae97862 in WebCore::createRenderer<WebCore::RenderView, WebCore::Document&, WebCore::RenderStyle>(WebCore::Document&, WebCore::RenderStyle&&) () at ....webkit.master/Source/WebCore/rendering/RenderPtr.h:43 this = 0x7f826cdf1800 #11 0x00007f82cae97862 in WebCore::Document::createRenderTree() (this=0x7f826cdf1800) at ....webkit.master/Source/WebCore/dom/Document.cpp:2211 this = 0x7f826cdf1800 #12 0x00007f82caea92e0 in WebCore::Document::didBecomeCurrentDocumentInFrame() (this=0x7f826cdf1800) at ....webkit.master/Source/WebCore/dom/Document.cpp:2227 #13 0x00007f82cb22110a in WebCore::Frame::setDocument(WTF::RefPtr<WebCore::Document>&&) (this=0x7f82af1ad440, newDocument=...) at ....webkit.master/Source/WebCore/page/Frame.cpp:297 #14 0x00007f82cb1623ad in WebCore::DocumentWriter::begin(WebCore::URL const&, bool, WebCore::Document*) (this=this@entry=0x7f82af19a080, urlReference=..., dispatch=dispatch@entry=false, ownerDocument=ownerDocument@entry=0x0) at ....webkit.master/Source/WebCore/loader/DocumentWriter.cpp:174 url = {m_string = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f82c6f0ead0 <WTF::StringImpl::s_atomicEmptyString>}}, m_isValid = false, m_protocolIsInHTTPFamily = false, m_cannotBeABaseURL = false, m_schemeEnd = 0, m_userStart = 0, m_userEnd = 0, m_passwordEnd = 0, m_hostEnd = 0, m_portEnd = 0, m_pathAfterLastSlash = 0, m_pathEnd = 0, m_queryEnd = 0} document = {static isRef = <optimized out>, m_ptr = 0x7f826cdf1800} shouldReuseDefaultView = <optimized out> insecureNavigationRequestsToUpgrade = {m_impl = {static m_maxLoad = 2, static m_minLoad = 6, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}} #15 0x00007f82cb1626fd in WebCore::DocumentLoader::commitData(char const*, unsigned long) (this=this@entry=0x7f82af19a000, bytes=bytes@entry=0x0, length=length@entry=0) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:855 userChosen = <optimized out> encoding = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f82c6f0ead0 <WTF::StringImpl::s_atomicEmptyString>}} #16 0x00007f82cb162e0c in WebCore::DocumentLoader::finishedLoading() (this=this@entry=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:413 protectedThis = {static isRef = <optimized out>, m_ptr = 0x7f82af19a000} responseEndTime = <optimized out> #17 0x00007f82cb164d39 in WebCore::DocumentLoader::maybeLoadEmpty() (this=this@entry=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1439 shouldLoadEmpty = <optimized out> mimeType = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f68000f0f40}} #18 0x00007f82cb1663fc in WebCore::DocumentLoader::startLoadingMainResource() (this=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1451 #19 0x00007f82cb1742f3 in WebCore::FrameLoader::init() (this=0x235ab30) at ....webkit.master/Source/WebCore/loader/FrameLoader.cpp:307 protect = <optimized out> #20 0x00007f82cb22108c in WebCore::Frame::init() (this=<optimized out>) at ....webkit.master/Source/WebCore/page/Frame.cpp:203 #21 0x00007f82ca5486ec in WebKit::WebFrame::createWithCoreMainFrame(WebKit::WebPage*, WebCore::Frame*) (page=page@entry=0x7f826cdf9000, coreFrame=0x7f82af1ad440) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebFrame.cpp:120 frame = {static isRef = <optimized out>, m_ptr = 0x7f82af1b6068} #22 0x00007f82ca55e5f7 in WebKit::WebPage::WebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0x7f826cdf9000, pageID=<optimized out>, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:431 webProcess = <optimized out> #23 0x00007f82ca55ee5e in WebKit::WebPage::create(unsigned long, WebKit::WebPageCreationParameters&&) (pageID=1, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:311 page = {static isRef = <optimized out>, m_ptr = 0x0} #24 0x00007f82ca4b3358 in WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0x2360b60, pageID=<optimized out>, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebProcess.cpp:597 #25 0x00007f82ca744cf7 in IPC::callMemberFunctionImpl<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, 0ul, 1ul>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, std::integer_sequence<unsigned long, 0ul, 1ul>) (args=..., function=<optimized out>, object=0x2360b60) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:40 #26 0x00007f82ca744cf7 in IPC::callMemberFunction<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, std::integer_sequence<unsigned long, 0ul, 1ul> >(std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (function=<optimized out>, object=0x2360b60, args=...) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:46 #27 0x00007f82ca744cf7 in IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)>(IPC::Decoder&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (decoder=..., object=object@entry=0x2360b60, function=(void (WebKit::WebProcess::*)(WebKit::WebProcess * const, unsigned long, WebKit::WebPageCreationParameters &&)) 0x7f82ca4b3300 <WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&)>) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:126 #28 0x00007f82ca7412c3 in WebKit::WebProcess::didReceiveWebProcessMessage(IPC::Connection&, IPC::Decoder&) (this=0x2360b60, connection=..., decoder=...) at ....webkit.master/_build/DerivedSources/WebKit/WebProcessMessageReceiver.cpp:69 #29 0x00007f82ca35c1fb in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (this=0x7f82af1e5000, message=std::unique_ptr<IPC::Decoder> containing 0x7f82af1dd060) at ....webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:928 oldDidReceiveInvalidMessage = false #30 0x00007f82ca35ca78 in IPC::Connection::dispatchOneMessage() (this=0x7f82af1e5000) at ....webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:959 message = std::unique_ptr<IPC::Decoder> containing 0x0 #31 0x00007f82c6c696dd in WTF::Function<void ()>::operator()() const (this=<synthetic pointer>) at ....webkit.master/Source/WTF/wtf/Function.h:56 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f82af1e3030} functionsHandled = 1 functionsToHandle = <optimized out> #32 0x00007f82c6c696dd in WTF::RunLoop::performWork() (this=0x7f82af1f9000) at ....webkit.master/Source/WTF/wtf/RunLoop.cpp:123 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f82af1e3030} functionsHandled = 1 functionsToHandle = <optimized out> #33 0x00007f82c6c8fd49 in WTF::RunLoop::<lambda(gpointer)>::operator() (__closure=0x0, userData=<optimized out>) at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:68 #34 0x00007f82c6c8fd49 in WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer) () at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:70 #35 0x00007f82c716ebb7 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #36 0x00007f82c716ef60 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0 #37 0x00007f82c716f272 in g_main_loop_run () at /lib64/libglib-2.0.so.0 #38 0x00007f82c6c90688 in WTF::RunLoop::run() () at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:96 nestedMainLoop = <optimized out> #39 0x00007f82ca6deb08 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) (argc=<optimized out>, argv=0x7ffd4424ff18) at ....webkit.master/Source/WebKit/Shared/unix/ChildProcessMain.h:61 #40 0x00007f82c96a903a in __libc_start_main () at /lib64/libc.so.6 #41 0x000000000040086a in _start () 0x7f82cc68dac0 get: not initialized #2 0x00007f82c6c9a008 in bmalloc::IsoTLS::get() () at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:124 #3 0x00007f82c6c9a6e5 in bmalloc::IsoTLS::get() () at ....webkit.master/Source/bmalloc/bmalloc/IsoTLS.cpp:116 ret = <optimized out> onceFlag = {_M_once = 0} tls = <optimized out> oldLastEntry = <optimized out> startEntry = <optimized out> __FUNCTION__ = "ensureEntries" targetEntry = <optimized out> requiredCapacity = <optimized out> #4 0x00007f82c6c9a6e5 in bmalloc::IsoTLS::ensureEntries(unsigned int) (offset=136) at ....webkit.master/Source/bmalloc/bmalloc/IsoTLS.cpp:68 onceFlag = {_M_once = 0} tls = <optimized out> oldLastEntry = <optimized out> startEntry = <optimized out> __FUNCTION__ = "ensureEntries" targetEntry = <optimized out> requiredCapacity = <optimized out> #5 0x00007f82cb5fcf98 in bmalloc::IsoTLS::ensureHeapAndEntries<WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&) (handle=...) at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:174 offset = <optimized out> #6 0x00007f82cb5fe5be in bmalloc::IsoTLS::allocateSlow<bmalloc::IsoConfig<560u>, WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&, bool) (handle=..., abortOnFailure=abortOnFailure@entry=true) at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:86 tls = <optimized out> #7 0x00007f82cb5f6eae in bmalloc::IsoTLS::allocateImpl<bmalloc::IsoConfig<560u>, WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&, bool) (abortOnFailure=true, handle=...) at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:73 #8 0x00007f82cb5f6eae in bmalloc::IsoTLS::allocate<WebCore::RenderView>(bmalloc::api::IsoHeap<WebCore::RenderView>&, bool) (abortOnFailure=true, handle=...) at ....webkit.master/Source/bmalloc/bmalloc/IsoTLSInlines.h:39 #9 0x00007f82cb5f6eae in bmalloc::api::IsoHeap<WebCore::RenderView>::allocate() (this=<optimized out>) at ....webkit.master/Source/bmalloc/bmalloc/IsoHeapInlines.h:50 #10 0x00007f82cb5f6eae in WebCore::RenderView::operator new(unsigned long) (size=size@entry=560) at ....webkit.master/Source/WebCore/rendering/RenderView.cpp:61 #11 0x00007f82cae97862 in WebCore::createRenderer<WebCore::RenderView, WebCore::Document&, WebCore::RenderStyle>(WebCore::Document&, WebCore::RenderStyle&&) () at ....webkit.master/Source/WebCore/rendering/RenderPtr.h:43 this = 0x7f826cdf1800 #12 0x00007f82cae97862 in WebCore::Document::createRenderTree() (this=0x7f826cdf1800) at ....webkit.master/Source/WebCore/dom/Document.cpp:2211 this = 0x7f826cdf1800 #13 0x00007f82caea92e0 in WebCore::Document::didBecomeCurrentDocumentInFrame() (this=0x7f826cdf1800) at ....webkit.master/Source/WebCore/dom/Document.cpp:2227 #14 0x00007f82cb22110a in WebCore::Frame::setDocument(WTF::RefPtr<WebCore::Document>&&) (this=0x7f82af1ad440, newDocument=...) at ....webkit.master/Source/WebCore/page/Frame.cpp:297 #15 0x00007f82cb1623ad in WebCore::DocumentWriter::begin(WebCore::URL const&, bool, WebCore::Document*) (this=this@entry=0x7f82af19a080, urlReference=..., dispatch=dispatch@entry=false, ownerDocument=ownerDocument@entry=0x0) at ....webkit.master/Source/WebCore/loader/DocumentWriter.cpp:174 url = {m_string = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f82c6f0ead0 <WTF::StringImpl::s_atomicEmptyString>}}, m_isValid = false, m_protocolIsInHTTPFamily = false, m_cannotBeABaseURL = false, m_schemeEnd = 0, m_userStart = 0, m_userEnd = 0, m_passwordEnd = 0, m_hostEnd = 0, m_portEnd = 0, m_pathAfterLastSlash = 0, m_pathEnd = 0, m_queryEnd = 0} document = {static isRef = <optimized out>, m_ptr = 0x7f826cdf1800} shouldReuseDefaultView = <optimized out> insecureNavigationRequestsToUpgrade = {m_impl = {static m_maxLoad = 2, static m_minLoad = 6, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}} #16 0x00007f82cb1626fd in WebCore::DocumentLoader::commitData(char const*, unsigned long) (this=this@entry=0x7f82af19a000, bytes=bytes@entry=0x0, length=length@entry=0) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:855 userChosen = <optimized out> encoding = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f82c6f0ead0 <WTF::StringImpl::s_atomicEmptyString>}} #17 0x00007f82cb162e0c in WebCore::DocumentLoader::finishedLoading() (this=this@entry=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:413 protectedThis = {static isRef = <optimized out>, m_ptr = 0x7f82af19a000} responseEndTime = <optimized out> #18 0x00007f82cb164d39 in WebCore::DocumentLoader::maybeLoadEmpty() (this=this@entry=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1439 shouldLoadEmpty = <optimized out> mimeType = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f68000f0f40}} #19 0x00007f82cb1663fc in WebCore::DocumentLoader::startLoadingMainResource() (this=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1451 #20 0x00007f82cb1742f3 in WebCore::FrameLoader::init() (this=0x235ab30) at ....webkit.master/Source/WebCore/loader/FrameLoader.cpp:307 protect = <optimized out> #21 0x00007f82cb22108c in WebCore::Frame::init() (this=<optimized out>) at ....webkit.master/Source/WebCore/page/Frame.cpp:203 #22 0x00007f82ca5486ec in WebKit::WebFrame::createWithCoreMainFrame(WebKit::WebPage*, WebCore::Frame*) (page=page@entry=0x7f826cdf9000, coreFrame=0x7f82af1ad440) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebFrame.cpp:120 frame = {static isRef = <optimized out>, m_ptr = 0x7f82af1b6068} #23 0x00007f82ca55e5f7 in WebKit::WebPage::WebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0x7f826cdf9000, pageID=<optimized out>, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:431 webProcess = <optimized out> #24 0x00007f82ca55ee5e in WebKit::WebPage::create(unsigned long, WebKit::WebPageCreationParameters&&) (pageID=1, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:311 page = {static isRef = <optimized out>, m_ptr = 0x0} #25 0x00007f82ca4b3358 in WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0x2360b60, pageID=<optimized out>, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebProcess.cpp:597 #26 0x00007f82ca744cf7 in IPC::callMemberFunctionImpl<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, 0ul, 1ul>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, std::integer_sequence<unsigned long, 0ul, 1ul>) (args=..., function=<optimized out>, object=0x2360b60) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:40 #27 0x00007f82ca744cf7 in IPC::callMemberFunction<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, std::integer_sequence<unsigned long, 0ul, 1ul> >(std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (function=<optimized out>, object=0x2360b60, args=...) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:46 #28 0x00007f82ca744cf7 in IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)>(IPC::Decoder&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (decoder=..., object=object@entry=0x2360b60, function=(void (WebKit::WebProcess::*)(WebKit::WebProcess * const, unsigned long, WebKit::WebPageCreationParameters &&)) 0x7f82ca4b3300 <WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&)>) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:126 #29 0x00007f82ca7412c3 in WebKit::WebProcess::didReceiveWebProcessMessage(IPC::Connection&, IPC::Decoder&) (this=0x2360b60, connection=..., decoder=...) at ....webkit.master/_build/DerivedSources/WebKit/WebProcessMessageReceiver.cpp:69 #30 0x00007f82ca35c1fb in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (this=0x7f82af1e5000, message=std::unique_ptr<IPC::Decoder> containing 0x7f82af1dd060) at ....webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:928 oldDidReceiveInvalidMessage = false #31 0x00007f82ca35ca78 in IPC::Connection::dispatchOneMessage() (this=0x7f82af1e5000) at ....webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:959 message = std::unique_ptr<IPC::Decoder> containing 0x0 #32 0x00007f82c6c696dd in WTF::Function<void ()>::operator()() const (this=<synthetic pointer>) at ....webkit.master/Source/WTF/wtf/Function.h:56 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f82af1e3030} functionsHandled = 1 functionsToHandle = <optimized out> #33 0x00007f82c6c696dd in WTF::RunLoop::performWork() (this=0x7f82af1f9000) at ....webkit.master/Source/WTF/wtf/RunLoop.cpp:123 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f82af1e3030} functionsHandled = 1 functionsToHandle = <optimized out> #34 0x00007f82c6c8fd49 in WTF::RunLoop::<lambda(gpointer)>::operator() (__closure=0x0, userData=<optimized out>) at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:68 #35 0x00007f82c6c8fd49 in WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer) () at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:70 #36 0x00007f82c716ebb7 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #37 0x00007f82c716ef60 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0 #38 0x00007f82c716f272 in g_main_loop_run () at /lib64/libglib-2.0.so.0 #39 0x00007f82c6c90688 in WTF::RunLoop::run() () at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:96 nestedMainLoop = <optimized out> #40 0x00007f82ca6deb08 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) (argc=<optimized out>, argv=0x7ffd4424ff18) at ....webkit.master/Source/WebKit/Shared/unix/ChildProcessMain.h:61 #41 0x00007f82c96a903a in __libc_start_main () at /lib64/libc.so.6 #42 0x000000000040086a in _start () 0x7f82cc68dac0 operator(): using pthread_key_create(), key:0x11 0x7f82cc68dac0 get: got-tls:(nil) 0x7f82cc68dac0 ensureEntries: offset:136 got-tls:(nil) oldlast:(nil) layout.head():(nil) 0x7f82cc68dac0 set: setting-tls:0x7f82cc6dd000 to key:0x11 #3 0x00007f82c6c8d086 in WTF::jscSignalHandler(int, siginfo_t*, void*) (sig=<optimized out>, info=0x7ffd4424def0, ucontext=0x7ffd4424ddc0) at ....webkit.master/Source/WTF/wtf/threads/Signals.cpp:353 signal = WTF::Signal::BadAccess sigInfo = {faultingAddress = 0x10} didHandle = <optimized out> restoreDefaultHandler = false oldActionIndex = <optimized out> oldAction = <optimized out> #4 0x00007f82c96bf720 in <signal handler called> () at /lib64/libc.so.6 #5 0x00007f82cb5fe342 in std::lock_guard<bmalloc::Mutex>::lock_guard(bmalloc::Mutex&) (__m=..., this=<synthetic pointer>) at /usr/include/c++/7/bits/std_mutex.h:162 locker = <optimized out> result = <optimized out> #6 0x00007f82cb5fe342 in bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocateSlow(bool) (this=0x7f82cc6dd098, abortOnFailure=true) at ....webkit.master/Source/bmalloc/bmalloc/IsoAllocatorInlines.h:63 locker = <optimized out> result = <optimized out> #7 0x00007f82cb5fe5a1 in bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool)::{lambda()#1}::operator()() const (__closure=<optimized out>) at ....webkit.master/Source/bmalloc/bmalloc/IsoAllocatorInlines.h:53 this = <optimized out> remaining = <optimized out> #8 0x00007f82cb5fe5a1 in bmalloc::FreeList::allocate<bmalloc::IsoConfig<560u>, bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool)::{lambda()#1}>(bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool)::{lambda()#1} const&) (slowPath=..., this=<optimized out>) at ....webkit.master/Source/bmalloc/bmalloc/FreeListInlines.h:44 this = <optimized out> remaining = <optimized out> #9 0x00007f82cb5fe5a1 in bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool) (this=<optimized out>, abortOnFailure=<optimized out>) at ....webkit.master/Source/bmalloc/bmalloc/IsoAllocatorInlines.h:51 #10 0x00007f82cae97862 in WebCore::createRenderer<WebCore::RenderView, WebCore::Document&, WebCore::RenderStyle>(WebCore::Document&, WebCore::RenderStyle&&) () at ....webkit.master/Source/WebCore/rendering/RenderPtr.h:43 this = 0x7f826cdf1800 #11 0x00007f82cae97862 in WebCore::Document::createRenderTree() (this=0x7f826cdf1800) at ....webkit.master/Source/WebCore/dom/Document.cpp:2211 this = 0x7f826cdf1800 #12 0x00007f82caea92e0 in WebCore::Document::didBecomeCurrentDocumentInFrame() (this=0x7f826cdf1800) at ....webkit.master/Source/WebCore/dom/Document.cpp:2227 #13 0x00007f82cb22110a in WebCore::Frame::setDocument(WTF::RefPtr<WebCore::Document>&&) (this=0x7f82af1ad440, newDocument=...) at ....webkit.master/Source/WebCore/page/Frame.cpp:297 #14 0x00007f82cb1623ad in WebCore::DocumentWriter::begin(WebCore::URL const&, bool, WebCore::Document*) (this=this@entry=0x7f82af19a080, urlReference=..., dispatch=dispatch@entry=false, ownerDocument=ownerDocument@entry=0x0) at ....webkit.master/Source/WebCore/loader/DocumentWriter.cpp:174 url = {m_string = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f82c6f0ead0 <WTF::StringImpl::s_atomicEmptyString>}}, m_isValid = false, m_protocolIsInHTTPFamily = false, m_cannotBeABaseURL = false, m_schemeEnd = 0, m_userStart = 0, m_userEnd = 0, m_passwordEnd = 0, m_hostEnd = 0, m_portEnd = 0, m_pathAfterLastSlash = 0, m_pathEnd = 0, m_queryEnd = 0} document = {static isRef = <optimized out>, m_ptr = 0x7f826cdf1800} shouldReuseDefaultView = <optimized out> insecureNavigationRequestsToUpgrade = {m_impl = {static m_maxLoad = 2, static m_minLoad = 6, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}} #15 0x00007f82cb1626fd in WebCore::DocumentLoader::commitData(char const*, unsigned long) (this=this@entry=0x7f82af19a000, bytes=bytes@entry=0x0, length=length@entry=0) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:855 userChosen = <optimized out> encoding = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f82c6f0ead0 <WTF::StringImpl::s_atomicEmptyString>}} #16 0x00007f82cb162e0c in WebCore::DocumentLoader::finishedLoading() (this=this@entry=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:413 protectedThis = {static isRef = <optimized out>, m_ptr = 0x7f82af19a000} responseEndTime = <optimized out> #17 0x00007f82cb164d39 in WebCore::DocumentLoader::maybeLoadEmpty() (this=this@entry=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1439 shouldLoadEmpty = <optimized out> mimeType = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f68000f0f40}} #18 0x00007f82cb1663fc in WebCore::DocumentLoader::startLoadingMainResource() (this=0x7f82af19a000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1451 #19 0x00007f82cb1742f3 in WebCore::FrameLoader::init() (this=0x235ab30) at ....webkit.master/Source/WebCore/loader/FrameLoader.cpp:307 protect = <optimized out> #20 0x00007f82cb22108c in WebCore::Frame::init() (this=<optimized out>) at ....webkit.master/Source/WebCore/page/Frame.cpp:203 #21 0x00007f82ca5486ec in WebKit::WebFrame::createWithCoreMainFrame(WebKit::WebPage*, WebCore::Frame*) (page=page@entry=0x7f826cdf9000, coreFrame=0x7f82af1ad440) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebFrame.cpp:120 frame = {static isRef = <optimized out>, m_ptr = 0x7f82af1b6068} #22 0x00007f82ca55e5f7 in WebKit::WebPage::WebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0x7f826cdf9000, pageID=<optimized out>, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:431 webProcess = <optimized out> #23 0x00007f82ca55ee5e in WebKit::WebPage::create(unsigned long, WebKit::WebPageCreationParameters&&) (pageID=1, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:311 page = {static isRef = <optimized out>, m_ptr = 0x0} #24 0x00007f82ca4b3358 in WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0x2360b60, pageID=<optimized out>, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebProcess.cpp:597 #25 0x00007f82ca744cf7 in IPC::callMemberFunctionImpl<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, 0ul, 1ul>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, std::integer_sequence<unsigned long, 0ul, 1ul>) (args=..., function=<optimized out>, object=0x2360b60) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:40 #26 0x00007f82ca744cf7 in IPC::callMemberFunction<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, std::integer_sequence<unsigned long, 0ul, 1ul> >(std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (function=<optimized out>, object=0x2360b60, args=...) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:46 #27 0x00007f82ca744cf7 in IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)>(IPC::Decoder&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (decoder=..., object=object@entry=0x2360b60, function=(void (WebKit::WebProcess::*)(WebKit::WebProcess * const, unsigned long, WebKit::WebPageCreationParameters &&)) 0x7f82ca4b3300 <WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&)>) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:126 #28 0x00007f82ca7412c3 in WebKit::WebProcess::didReceiveWebProcessMessage(IPC::Connection&, IPC::Decoder&) (this=0x2360b60, connection=..., decoder=...) at ....webkit.master/_build/DerivedSources/WebKit/WebProcessMessageReceiver.cpp:69 #29 0x00007f82ca35c1fb in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (this=0x7f82af1e5000, message=std::unique_ptr<IPC::Decoder> containing 0x7f82af1dd060) at ....webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:928 oldDidReceiveInvalidMessage = false #30 0x00007f82ca35ca78 in IPC::Connection::dispatchOneMessage() (this=0x7f82af1e5000) at ....webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:959 message = std::unique_ptr<IPC::Decoder> containing 0x0 #31 0x00007f82c6c696dd in WTF::Function<void ()>::operator()() const (this=<synthetic pointer>) at ....webkit.master/Source/WTF/wtf/Function.h:56 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f82af1e3030} functionsHandled = 1 functionsToHandle = <optimized out> #32 0x00007f82c6c696dd in WTF::RunLoop::performWork() (this=0x7f82af1f9000) at ....webkit.master/Source/WTF/wtf/RunLoop.cpp:123 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f82af1e3030} functionsHandled = 1 functionsToHandle = <optimized out> #33 0x00007f82c6c8fd49 in WTF::RunLoop::<lambda(gpointer)>::operator() (__closure=0x0, userData=<optimized out>) at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:68 #34 0x00007f82c6c8fd49 in WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer) () at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:70 #35 0x00007f82c716ebb7 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #36 0x00007f82c716ef60 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0 #37 0x00007f82c716f272 in g_main_loop_run () at /lib64/libglib-2.0.so.0 #38 0x00007f82c6c90688 in WTF::RunLoop::run() () at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:96 nestedMainLoop = <optimized out> #39 0x00007f82ca6deb08 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) (argc=<optimized out>, argv=0x7ffd4424ff18) at ....webkit.master/Source/WebKit/Shared/unix/ChildProcessMain.h:61 #40 0x00007f82c96a903a in __libc_start_main () at /lib64/libc.so.6 #41 0x000000000040086a in _start ()
Michael Catanzaro
Comment 13
2017-11-30 06:24:52 PST
I think we should roll this out, since it seems to have totally broken WebKit for many users. I'm just confused why most of us are not able to reproduce the issue.
Milan Crha
Comment 14
2017-11-30 09:26:36 PST
(In reply to Michael Catanzaro from
comment #13
)
> roll this out
Like to make a release? It's still crashing, only "few lines later", it's not fixed yet.
Michael Catanzaro
Comment 15
2017-11-30 09:32:25 PST
No... in WebKit, "roll out" means "revert," the exact opposite of what it means to the rest of the world. Oh well.
Adam Williamson
Comment 16
2017-11-30 16:24:13 PST
I hit this right away after upgrading Webkit in my Rawhide install. So did twohot on #fedora-qa IRC. Makes Evo pretty useless.
Michael Catanzaro
Comment 17
2017-11-30 22:01:52 PST
Tom has turned off bmalloc in Fedora, so Evolution should start working again as soon as you get the update. Let's wait a bit longer before doing a rollout; I think the bmalloc developers have not even seen this yet, because we haven't assigned the bug to the right component.
Saam Barati
Comment 18
2017-11-30 22:08:51 PST
Michael or Yusuke, have you been able to catch this in a debugger? If this is a crash on launch, I bet it's likely trivial to fix.
Michael Catanzaro
Comment 19
2017-11-30 22:12:16 PST
I can't reproduce it at all, unfortunately.
Michael Catanzaro
Comment 20
2017-11-30 22:12:49 PST
Do you need more than Milan's trace in
comment #12
?
Michael Catanzaro
Comment 21
2017-11-30 22:14:45 PST
(In reply to Milan Crha from
comment #12
)
> The debug info works fine now, even many parts are optimized out (I'd not > use the optimization, but you force it, thus bad luck for you).
If you ever need to do a rebuild, you can use -DCMAKE_BUILD_TYPE=Debug to build without optimization.
Saam Barati
Comment 22
2017-11-30 22:18:21 PST
(In reply to Michael Catanzaro from
comment #20
)
> Do you need more than Milan's trace in
comment #12
?
I'm confused about this trace. Is it just many backtraces of the crashing thread? Can we get a backtrace of all threads on the system?
Saam Barati
Comment 23
2017-11-30 22:18:41 PST
(In reply to Saam Barati from
comment #22
)
> (In reply to Michael Catanzaro from
comment #20
) > > Do you need more than Milan's trace in
comment #12
? > > I'm confused about this trace. Is it just many backtraces of the crashing > thread? > > Can we get a backtrace of all threads on the system?
s/system/process
Carlos Garcia Campos
Comment 24
2017-12-01 00:55:31 PST
(In reply to Milan Crha from
comment #14
)
> (In reply to Michael Catanzaro from
comment #13
) > > roll this out > > Like to make a release? It's still crashing, only "few lines later", it's > not fixed yet.
But I'll make a release for sure as soon as this is fixed. I'm sorry 2.19.2 is so broken for many people, I can't reproduce it and bots are working too, so it was impossible for me to catch it. On the other hand I'm happy to see unstable releases are useful :-)
Michael Catanzaro
Comment 25
2017-12-01 07:13:19 PST
I believe it is three backtraces, to the first calls to IsoTLS::get, and then a fourth backtrace for the crash itself: (In reply to Milan Crha from
comment #11
)
> I added some debug prints around the code and I see that IsoTLS::get() is > called three times before it's initialized, before it crashes. > Unfortunately, I do not have debug symbols compiled, I'll retry, but no > promises, because the last time I tried gdb didn't like it. I'll see.
From the first three backtraces, it's not clear to me if IsoTLS::get is returning null, or if it's returning uninitialized memory. But I suspect it's probably the later, because the code expects and is prepared to handle null in all those places.
Adam Williamson
Comment 26
2017-12-01 10:16:17 PST
Created
attachment 328113
[details]
backtrace from abrt I'm attaching the backtrace abrt generated for me, in case it's any use. Note this wasn't a 'crash on startup' for me, the crash report appeared when I tried to reply to a mail in Evolution, IIRC. I don't recall if the whole of Evolution actually crashed, but the composer window certainly didn't appear.
Adam Williamson
Comment 27
2017-12-01 10:19:53 PST
After quitting and restarting Evo, I cannot display any messages. The preview pane shows "A WebKitWebProcess crashed when displaying the message." Ditto any mail I double-click on to open. Presumably the same crash. Attempting to reply to any message appears to do nothing (the button clicks, then...nothing).
Milan Crha
Comment 28
2017-12-04 08:39:28 PST
(In reply to Michael Catanzaro from
comment #25
)
> From the first three backtraces, it's not clear to me if IsoTLS::get is > returning null, or if it's returning uninitialized memory.
It's returning nullptr:
> inline IsoTLS* IsoTLS::get() > { > #if HAVE_PTHREAD_MACHDEP_H > return static_cast<IsoTLS*>(_pthread_getspecific_direct(tlsKey)); > #else > if (!s_didInitialize) { > printf (" %p %s: not initialized\n", (void *) pthread_self (), __FUNCTION__); > return nullptr; > } > IsoTLS *ret = static_cast<IsoTLS*>(pthread_getspecific(s_tlsKey)); > printf (" %p %s: got-tls:%p\n", (void *) pthread_self (), __FUNCTION__, ret); > return ret; > #endif > }
All the series of backtraces in
comment #11
is one run of MiniBrowser with my debug prints added. The first three backtraces only show when the code called IsoTLS::get() without the IsoTLS being initialized. I updated git master from commit 59f33e1bb1 to commit 8db8781244 and I can retest. Just let me know what you'd like to see (hmm, well, till Thursday, after which I'm gone for the rest of the year).
Michael Catanzaro
Comment 29
2017-12-04 09:41:53 PST
Aaaaaaah, I did not realize that was a debug printf. I was thinking it was returning uninitialized memory, not nullptr. It looks like, in all three cases, the code is actually prepared to handle IsoTLS::get() returning null, so that should be OK....
Milan Crha
Comment 30
2017-12-04 10:46:30 PST
The current test, with commit 8db8781244, shows me this (with some more added debug prints; note of the this=0x0 there): Document: 0x7f3671af1800: constructor setDocument: m_doc:0x7f3671af1800 newDocument:0x7f36ce498edb createRenderTree: 0x7f3671af1800 0x7f36d13a5ac0 get: not initialized 0x7f36d13a5ac0 get: not initialized 0x7f36d13a5ac0 get: not initialized 0x7f36d13a5ac0 operator(): using pthread_key_create(), key:0x11 0x7f36d13a5ac0 get: got-tls:(nil) 0x7f36d13a5ac0 ensureEntries: offset:136 got-tls:(nil) oldlast:(nil) layout.head():(nil) 0x7f36d13a5ac0 set: setting-tls:0x7f36d13f5000 to key:0x11 allocate: going to allocate 560 bytes in heap:(nil) #5 0x00007f36cb994156 in WTF::jscSignalHandler(int, siginfo_t*, void*) (sig=<optimized out>, info=0x7ffd9b83fcf0, ucontext=0x7ffd9b83fbc0) at ....webkit.master/Source/WTF/wtf/threads/Signals.cpp:353 signal = WTF::Signal::BadAccess sigInfo = {faultingAddress = 0x10} didHandle = <optimized out> restoreDefaultHandler = false oldActionIndex = <optimized out> oldAction = <optimized out> #6 0x00007f36ce3c7720 in <signal handler called> () at /lib64/libc.so.6 #7 0x00007f36d0308552 in std::lock_guard<bmalloc::Mutex>::lock_guard(bmalloc::Mutex&) (__m=..., this=<synthetic pointer>) at /usr/include/c++/7/bits/std_mutex.h:162 locker = <optimized out> result = <optimized out> #8 0x00007f36d0308552 in bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocateSlow(bool) (this=0x7f36d13f5098, abortOnFailure=true) at ....webkit.master/Source/bmalloc/bmalloc/IsoAllocatorInlines.h:64 locker = <optimized out> result = <optimized out> #9 0x00007f36d03087da in bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool)::{lambda()#1}::operator()() const (__closure=<optimized out>) at ....webkit.master/Source/bmalloc/bmalloc/IsoAllocatorInlines.h:54 this = <optimized out> remaining = <optimized out> __FUNCTION__ = "allocate" #10 0x00007f36d03087da in bmalloc::FreeList::allocate<bmalloc::IsoConfig<560u>, bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool)::{lambda()#1}>(bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool)::{lambda()#1} const&) (slowPath=..., this=<optimized out>) at ....webkit.master/Source/bmalloc/bmalloc/FreeListInlines.h:44 this = <optimized out> remaining = <optimized out> __FUNCTION__ = "allocate" #11 0x00007f36d03087da in bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool) (this=<optimized out>, abortOnFailure=<optimized out>) at ....webkit.master/Source/bmalloc/bmalloc/IsoAllocatorInlines.h:52 __FUNCTION__ = "allocate" #12 0x00007f36cfba52bf in WebCore::createRenderer<WebCore::RenderView, WebCore::Document&, WebCore::RenderStyle>(WebCore::Document&, WebCore::RenderStyle&&) () at ....webkit.master/Source/WebCore/rendering/RenderPtr.h:43 this = 0x0 #13 0x00007f36cfba52bf in WebCore::Document::createRenderTree() (this=0x0) at ....webkit.master/Source/WebCore/dom/Document.cpp:2214 this = 0x0 #14 0x00007f36cfbb6d30 in WebCore::Document::didBecomeCurrentDocumentInFrame() (this=0x7f3671af1800) at ....webkit.master/Source/WebCore/dom/Document.cpp:2230 #15 0x00007f36cff2ec87 in WebCore::Frame::setDocument(WTF::RefPtr<WebCore::Document>&&) (this=0x7f36b3ead440, newDocument=...) at ....webkit.master/Source/WebCore/page/Frame.cpp:298 __FUNCTION__ = "setDocument" #16 0x00007f36cfe6fdad in WebCore::DocumentWriter::begin(WebCore::URL const&, bool, WebCore::Document*) (this=this@entry=0x7f36b3e9b080, urlReference=..., dispatch=dispatch@entry=false, ownerDocument=ownerDocument@entry=0x0) at ....webkit.master/Source/WebCore/loader/DocumentWriter.cpp:174 url = {m_string = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f36cbc16ad0 <WTF::StringImpl::s_atomicEmptyString>}}, m_isValid = false, m_protocolIsInHTTPFamily = false, m_cannotBeABaseURL = false, m_schemeEnd = 0, m_userStart = 0, m_userEnd = 0, m_passwordEnd = 0, m_hostEnd = 0, m_portEnd = 0, m_pathAfterLastSlash = 0, m_pathEnd = 0, m_queryEnd = 0} document = {static isRef = <optimized out>, m_ptr = 0x7f3671af1800} shouldReuseDefaultView = <optimized out> insecureNavigationRequestsToUpgrade = {m_impl = {static m_maxLoad = 2, static m_minLoad = 6, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}} #17 0x00007f36cfe700fd in WebCore::DocumentLoader::commitData(char const*, unsigned long) (this=this@entry=0x7f36b3e9b000, bytes=bytes@entry=0x0, length=length@entry=0) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:855 userChosen = <optimized out> encoding = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f36cbc16ad0 <WTF::StringImpl::s_atomicEmptyString>}} #18 0x00007f36cfe7080c in WebCore::DocumentLoader::finishedLoading() (this=this@entry=0x7f36b3e9b000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:413 protectedThis = {static isRef = <optimized out>, m_ptr = 0x7f36b3e9b000} responseEndTime = <optimized out> #19 0x00007f36cfe72739 in WebCore::DocumentLoader::maybeLoadEmpty() (this=this@entry=0x7f36b3e9b000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1439 shouldLoadEmpty = <optimized out> mimeType = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f1c000f0f80}} #20 0x00007f36cfe73dfc in WebCore::DocumentLoader::startLoadingMainResource() (this=0x7f36b3e9b000) at ....webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1451 #21 0x00007f36cfe81d23 in WebCore::FrameLoader::init() (this=0xa8da60) at ....webkit.master/Source/WebCore/loader/FrameLoader.cpp:307 protect = <optimized out> #22 0x00007f36cff2ebec in WebCore::Frame::init() (this=<optimized out>) at ....webkit.master/Source/WebCore/page/Frame.cpp:203 #23 0x00007f36cf251fec in WebKit::WebFrame::createWithCoreMainFrame(WebKit::WebPage*, WebCore::Frame*) (page=page@entry=0x7f3671af9000, coreFrame=0x7f36b3ead440) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebFrame.cpp:120 frame = {static isRef = <optimized out>, m_ptr = 0x7f36b3eb7068} #24 0x00007f36cf267f37 in WebKit::WebPage::WebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0x7f3671af9000, pageID=<optimized out>, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:436 pageConfiguration = {alternativeTextClient = 0x0, chromeClient = 0xac0e90, contextMenuClient = 0xa77ff0, editorClient = {m_ref = std::unique_ptr<WebCore::EditorClient> containing 0x0}, socketProvider = {static isRef = <optimized out>, m_ptr = 0x0}, dragClient = 0xac0ec0, inspectorClient = 0xa56090, libWebRTCProvider = {m_ref = std::unique_ptr<WebCore::LibWebRTCProvider> containing 0x0}, plugInClient = 0xac0ee0, progressTrackerClient = 0xac0f30, backForwardClient = {static isRefPtr = <optimized out>, m_ptr = 0x7f36b3efb120}, validationMessageClient = std::unique_ptr<WebCore::ValidationMessageClient> containing 0x0, loaderClientForMainFrame = 0xac0f00, diagnosticLoggingClient = std::unique_ptr<WebCore::DiagnosticLoggingClient> containing 0x0, performanceLoggingClient = std::unique_ptr<WebCore::PerformanceLoggingClient> containing 0x0, webGLStateTracker = std::unique_ptr<WebCore::WebGLStateTracker> containing 0x0, applicationCacheStorage = {static isRefPtr = <optimized out>, m_ptr = 0x7f36b3ed4000}, databaseProvider = {static isRefPtr = <optimized out>, m_ptr = 0x7f36b3eed180}, cacheStorageProvider = {static isRef = <optimized out>, m_ptr = 0x0}, pluginInfoProvider = {static isRefPtr = <optimized out>, m_ptr = 0x7f36b3ef7190}, storageNamespaceProvider = {static isRefPtr = <optimized out>, m_ptr = 0x7f36b3ef71e0}, userContentProvider = {static isRefPtr = <optimized out>, m_ptr = 0x7f36b3ecb000}, visitedLinkStore = {static isRefPtr = <optimized out>, m_ptr = 0x7f36b3ef7230}} webProcess = <optimized out> #25 0x00007f36cf26879e in WebKit::WebPage::create(unsigned long, WebKit::WebPageCreationParameters&&) (pageID=1, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:316 page = {static isRef = <optimized out>, m_ptr = 0x0} #26 0x00007f36cf1bcda8 in WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0xa93ab0, pageID=<optimized out>, parameters=...) at ....webkit.master/Source/WebKit/WebProcess/WebProcess.cpp:574 result = {iterator = {<std::iterator<std::forward_iterator_tag, WTF::KeyValuePair<unsigned long, WTF::RefPtr<WebKit::WebPage> >, long, WTF::KeyValuePair<unsigned long, WTF::RefPtr<WebKit::WebPage> >*, WTF::KeyValuePair<unsigned long, WTF::RefPtr<WebKit::WebPage> >&>> = {<No data fields>}, m_iterator = {<std::iterator<std::forward_iterator_tag, WTF::KeyValuePair<unsigned long, WTF::RefPtr<WebKit::WebPage> >, long, WTF::KeyValuePair<unsigned long, WTF::RefPtr<WebKit::WebPage> > const*, WTF::KeyValuePair<unsigned long, WTF::RefPtr<WebKit::WebPage> > const&>> = {<No data fields>}, m_position = 0x7f36b3efd610, m_endPosition = <optimized out>}}, isNewEntry = <optimized out>} #27 0x00007f36cf44e767 in IPC::callMemberFunctionImpl<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, 0ul, 1ul>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, std::integer_sequence<unsigned long, 0ul, 1ul>) (args=..., function=<optimized out>, object=0xa93ab0) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:40 arguments = std::tuple containing = {[1] = 1, [2] = {viewSize = {m_width = 0, m_height = 0}, activityState = 32, store = {m_values = {m_impl = {static m_maxLoad = <optimized out>, static m_minLoad = <optimized out>, m_table = 0x7f3671cfa000, m_tableSize = 64, m_tableSizeMask = 63, m_keyCount = 24, m_deletedCount = 0}}, m_overridenDefaults = {m_impl = {static m_maxLoad = <optimized out>, static m_minLoad = <optimized out>, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}}}, drawingAreaType = WebKit::DrawingAreaTypeImpl, pageGroupData = {identifier = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f1c000fd240}}, pageGroupID = 1, visibleToInjectedBundle = true, visibleToHistoryClient = true, userContentControllerIdentifier = 1}, drawsBackground = true, isEditable = false, underlayColor = {static black = 4278190080, static white = 4294967295, static darkGray = 4286611584, static gray = 4288716960, static lightGray = 4290822336, static transparent = 0, static cyan = 4278255615, static yellow = 4294967040, static compositionFill = 4292992341, static extendedColor = 0, static invalidRGBAColor = 1, static validRGBAColorBit = 2, static validRGBAColor = 3, static deletedHashValue = 18446744073709551613, static emptyHashValue = 18446744073709551611, m_colorData = {rgbaAndFlags = 1, extendedColor = 0x1}}, useFixedLayout = false, fixedLayoutSize = {m_width = 0, m_height = 0}, suppressScrollbarAnimations = false, paginationMode = WebCore::Pagination::Unpaginated, paginationBehavesLikeColumns = false, pageLength = 0, gapBetweenPages = 0, paginationLineGridEnabled = false, userAgent = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f1c000f8000}}, itemStates = {<WTF::VectorBuffer<WebKit::BackForwardListItemState, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::BackForwardListItemState, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, sessionID = {m_sessionID = 1}, highestUsedBackForwardItemID = 0, userContentControllerID = 2, visitedLinkTableID = 1, websiteDataStoreID = 1, canRunBeforeUnloadConfirmPanel = false, canRunModal = false, deviceScaleFactor = 1, viewScaleFactor = 1, topContentInset = 0, mediaVolume = 1, muted = 0, mayStartMediaWhenInWindow = true, minimumLayoutSize = {m_width = 0, m_height = 0}, autoSizingShouldExpandToViewHeight = false, viewportSizeForCSSViewportUnits = {<std::constexpr_optional_base<WebCore::IntSize>> = {init_ = false, storage_ = {dummy_ = 0 '\000', value_ = {m_width = 0, m_height = 0}}}, <No data fields>}, scrollPinningBehavior = WebCore::DoNotPin, scrollbarOverlayStyle = {<std::constexpr_optional_base<unsigned int>> = {init_ = false, storage_ = {dummy_ = 0 '\000', value_ = 0}}, <No data fields>}, backgroundExtendsBeyondPage = false, layerHostingMode = WebKit::LayerHostingMode::InProcess, mimeTypesWithCustomContentProviders = {<WTF::VectorBuffer<WTF::String, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WTF::String, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, controlledByAutomation = false, allowsRemoteInspection = true, remoteInspectionNameOverride = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, appleMailPaginationQuirkEnabled = false, shouldScaleViewToFitDocument = false, userInterfaceLayoutDirection = WebCore::UserInterfaceLayoutDirection::LTR, observedLayoutMilestones = 0, overrideContentSecurityPolicy = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, cpuLimit = {<std::constexpr_optional_base<double>> = {init_ = false, storage_ = {dummy_ = 0 '\000', value_ = 0}}, <No data fields>}, urlSchemeHandlers = {m_impl = {static m_maxLoad = 2, static m_minLoad = 6, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}}, iceCandidateFilteringEnabled = true, enumeratingAllNetworkInterfacesEnabled = false, userContentWorlds = {<WTF::VectorBuffer<std::pair<unsigned long, WTF::String>, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<std::pair<unsigned long, WTF::String>, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, userScripts = {<WTF::VectorBuffer<WebKit::WebUserScriptData, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::WebUserScriptData, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, userStyleSheets = {<WTF::VectorBuffer<WebKit::WebUserStyleSheetData, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::WebUserStyleSheetData, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, messageHandlers = {<WTF::VectorBuffer<WebKit::WebScriptMessageHandlerData, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::WebScriptMessageHandlerData, WTF::FastMalloc>> = {m_buffer = 0x7f36b3efb0f0, m_capacity = 1, m_size = 1}, <No data fields>}, <No data fields>}}} #28 0x00007f36cf44e767 in IPC::callMemberFunction<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, std::integer_sequence<unsigned long, 0ul, 1ul> >(std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (function=<optimized out>, object=0xa93ab0, args=...) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:46 arguments = std::tuple containing = {[1] = 1, [2] = {viewSize = {m_width = 0, m_height = 0}, activityState = 32, store = {m_values = {m_impl = {static m_maxLoad = <optimized out>, static m_minLoad = <optimized out>, m_table = 0x7f3671cfa000, m_tableSize = 64, m_tableSizeMask = 63, m_keyCount = 24, m_deletedCount = 0}}, m_overridenDefaults = {m_impl = {static m_maxLoad = <optimized out>, static m_minLoad = <optimized out>, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}}}, drawingAreaType = WebKit::DrawingAreaTypeImpl, pageGroupData = {identifier = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f1c000fd240}}, pageGroupID = 1, visibleToInjectedBundle = true, visibleToHistoryClient = true, userContentControllerIdentifier = 1}, drawsBackground = true, isEditable = false, underlayColor = {static black = 4278190080, static white = 4294967295, static darkGray = 4286611584, static gray = 4288716960, static lightGray = 4290822336, static transparent = 0, static cyan = 4278255615, static yellow = 4294967040, static compositionFill = 4292992341, static extendedColor = 0, static invalidRGBAColor = 1, static validRGBAColorBit = 2, static validRGBAColor = 3, static deletedHashValue = 18446744073709551613, static emptyHashValue = 18446744073709551611, m_colorData = {rgbaAndFlags = 1, extendedColor = 0x1}}, useFixedLayout = false, fixedLayoutSize = {m_width = 0, m_height = 0}, suppressScrollbarAnimations = false, paginationMode = WebCore::Pagination::Unpaginated, paginationBehavesLikeColumns = false, pageLength = 0, gapBetweenPages = 0, paginationLineGridEnabled = false, userAgent = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f1c000f8000}}, itemStates = {<WTF::VectorBuffer<WebKit::BackForwardListItemState, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::BackForwardListItemState, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, sessionID = {m_sessionID = 1}, highestUsedBackForwardItemID = 0, userContentControllerID = 2, visitedLinkTableID = 1, websiteDataStoreID = 1, canRunBeforeUnloadConfirmPanel = false, canRunModal = false, deviceScaleFactor = 1, viewScaleFactor = 1, topContentInset = 0, mediaVolume = 1, muted = 0, mayStartMediaWhenInWindow = true, minimumLayoutSize = {m_width = 0, m_height = 0}, autoSizingShouldExpandToViewHeight = false, viewportSizeForCSSViewportUnits = {<std::constexpr_optional_base<WebCore::IntSize>> = {init_ = false, storage_ = {dummy_ = 0 '\000', value_ = {m_width = 0, m_height = 0}}}, <No data fields>}, scrollPinningBehavior = WebCore::DoNotPin, scrollbarOverlayStyle = {<std::constexpr_optional_base<unsigned int>> = {init_ = false, storage_ = {dummy_ = 0 '\000', value_ = 0}}, <No data fields>}, backgroundExtendsBeyondPage = false, layerHostingMode = WebKit::LayerHostingMode::InProcess, mimeTypesWithCustomContentProviders = {<WTF::VectorBuffer<WTF::String, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WTF::String, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, controlledByAutomation = false, allowsRemoteInspection = true, remoteInspectionNameOverride = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, appleMailPaginationQuirkEnabled = false, shouldScaleViewToFitDocument = false, userInterfaceLayoutDirection = WebCore::UserInterfaceLayoutDirection::LTR, observedLayoutMilestones = 0, overrideContentSecurityPolicy = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, cpuLimit = {<std::constexpr_optional_base<double>> = {init_ = false, storage_ = {dummy_ = 0 '\000', value_ = 0}}, <No data fields>}, urlSchemeHandlers = {m_impl = {static m_maxLoad = 2, static m_minLoad = 6, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}}, iceCandidateFilteringEnabled = true, enumeratingAllNetworkInterfacesEnabled = false, userContentWorlds = {<WTF::VectorBuffer<std::pair<unsigned long, WTF::String>, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<std::pair<unsigned long, WTF::String>, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, userScripts = {<WTF::VectorBuffer<WebKit::WebUserScriptData, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::WebUserScriptData, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, userStyleSheets = {<WTF::VectorBuffer<WebKit::WebUserStyleSheetData, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::WebUserStyleSheetData, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, messageHandlers = {<WTF::VectorBuffer<WebKit::WebScriptMessageHandlerData, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::WebScriptMessageHandlerData, WTF::FastMalloc>> = {m_buffer = 0x7f36b3efb0f0, m_capacity = 1, m_size = 1}, <No data fields>}, <No data fields>}}} #29 0x00007f36cf44e767 in IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)>(IPC::Decoder&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (decoder=..., object=object@entry=0xa93ab0, function=(void (WebKit::WebProcess::*)(WebKit::WebProcess * const, unsigned long, WebKit::WebPageCreationParameters &&)) 0x7f36cf1bcd50 <WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&)>) at ....webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:126 arguments = std::tuple containing = {[1] = 1, [2] = {viewSize = {m_width = 0, m_height = 0}, activityState = 32, store = {m_values = {m_impl = {static m_maxLoad = <optimized out>, static m_minLoad = <optimized out>, m_table = 0x7f3671cfa000, m_tableSize = 64, m_tableSizeMask = 63, m_keyCount = 24, m_deletedCount = 0}}, m_overridenDefaults = {m_impl = {static m_maxLoad = <optimized out>, static m_minLoad = <optimized out>, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}}}, drawingAreaType = WebKit::DrawingAreaTypeImpl, pageGroupData = {identifier = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f1c000fd240}}, pageGroupID = 1, visibleToInjectedBundle = true, visibleToHistoryClient = true, userContentControllerIdentifier = 1}, drawsBackground = true, isEditable = false, underlayColor = {static black = 4278190080, static white = 4294967295, static darkGray = 4286611584, static gray = 4288716960, static lightGray = 4290822336, static transparent = 0, static cyan = 4278255615, static yellow = 4294967040, static compositionFill = 4292992341, static extendedColor = 0, static invalidRGBAColor = 1, static validRGBAColorBit = 2, static validRGBAColor = 3, static deletedHashValue = 18446744073709551613, static emptyHashValue = 18446744073709551611, m_colorData = {rgbaAndFlags = 1, extendedColor = 0x1}}, useFixedLayout = false, fixedLayoutSize = {m_width = 0, m_height = 0}, suppressScrollbarAnimations = false, paginationMode = WebCore::Pagination::Unpaginated, paginationBehavesLikeColumns = false, pageLength = 0, gapBetweenPages = 0, paginationLineGridEnabled = false, userAgent = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f1c000f8000}}, itemStates = {<WTF::VectorBuffer<WebKit::BackForwardListItemState, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::BackForwardListItemState, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, sessionID = {m_sessionID = 1}, highestUsedBackForwardItemID = 0, userContentControllerID = 2, visitedLinkTableID = 1, websiteDataStoreID = 1, canRunBeforeUnloadConfirmPanel = false, canRunModal = false, deviceScaleFactor = 1, viewScaleFactor = 1, topContentInset = 0, mediaVolume = 1, muted = 0, mayStartMediaWhenInWindow = true, minimumLayoutSize = {m_width = 0, m_height = 0}, autoSizingShouldExpandToViewHeight = false, viewportSizeForCSSViewportUnits = {<std::constexpr_optional_base<WebCore::IntSize>> = {init_ = false, storage_ = {dummy_ = 0 '\000', value_ = {m_width = 0, m_height = 0}}}, <No data fields>}, scrollPinningBehavior = WebCore::DoNotPin, scrollbarOverlayStyle = {<std::constexpr_optional_base<unsigned int>> = {init_ = false, storage_ = {dummy_ = 0 '\000', value_ = 0}}, <No data fields>}, backgroundExtendsBeyondPage = false, layerHostingMode = WebKit::LayerHostingMode::InProcess, mimeTypesWithCustomContentProviders = {<WTF::VectorBuffer<WTF::String, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WTF::String, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, controlledByAutomation = false, allowsRemoteInspection = true, remoteInspectionNameOverride = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, appleMailPaginationQuirkEnabled = false, shouldScaleViewToFitDocument = false, userInterfaceLayoutDirection = WebCore::UserInterfaceLayoutDirection::LTR, observedLayoutMilestones = 0, overrideContentSecurityPolicy = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, cpuLimit = {<std::constexpr_optional_base<double>> = {init_ = false, storage_ = {dummy_ = 0 '\000', value_ = 0}}, <No data fields>}, urlSchemeHandlers = {m_impl = {static m_maxLoad = 2, static m_minLoad = 6, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}}, iceCandidateFilteringEnabled = true, enumeratingAllNetworkInterfacesEnabled = false, userContentWorlds = {<WTF::VectorBuffer<std::pair<unsigned long, WTF::String>, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<std::pair<unsigned long, WTF::String>, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, userScripts = {<WTF::VectorBuffer<WebKit::WebUserScriptData, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::WebUserScriptData, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, userStyleSheets = {<WTF::VectorBuffer<WebKit::WebUserStyleSheetData, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::WebUserStyleSheetData, WTF::FastMalloc>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>}, messageHandlers = {<WTF::VectorBuffer<WebKit::WebScriptMessageHandlerData, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WebKit::WebScriptMessageHandlerData, WTF::FastMalloc>> = {m_buffer = 0x7f36b3efb0f0, m_capacity = 1, m_size = 1}, <No data fields>}, <No data fields>}}} #30 0x00007f36cf44ad33 in WebKit::WebProcess::didReceiveWebProcessMessage(IPC::Connection&, IPC::Decoder&) (this=0xa93ab0, connection=..., decoder=...) at ....webkit.master/_build/DerivedSources/WebKit/WebProcessMessageReceiver.cpp:69 #31 0x00007f36cf0664cb in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (this=0x7f36b3ee5000, message=std::unique_ptr<IPC::Decoder> containing 0x7f36b3edd060) at ....webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:928 oldDidReceiveInvalidMessage = false #32 0x00007f36cf066d48 in IPC::Connection::dispatchOneMessage() (this=0x7f36b3ee5000) at ....webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:959 message = std::unique_ptr<IPC::Decoder> containing 0x0 #33 0x00007f36cb97077d in WTF::Function<void ()>::operator()() const (this=<synthetic pointer>) at ....webkit.master/Source/WTF/wtf/Function.h:56 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f36b3ee3030} functionsHandled = 1 functionsToHandle = <optimized out> #34 0x00007f36cb97077d in WTF::RunLoop::performWork() (this=0x7f36b3ef9000) at ....webkit.master/Source/WTF/wtf/RunLoop.cpp:123 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f36b3ee3030} functionsHandled = 1 functionsToHandle = <optimized out> #35 0x00007f36cb996de9 in WTF::RunLoop::<lambda(gpointer)>::operator() (__closure=0x0, userData=<optimized out>) at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:68 #36 0x00007f36cb996de9 in WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer) () at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:70 #37 0x00007f36cbe76bb7 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #38 0x00007f36cbe76f60 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0 #39 0x00007f36cbe77272 in g_main_loop_run () at /lib64/libglib-2.0.so.0 #40 0x00007f36cb997728 in WTF::RunLoop::run() () at ....webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:96 runLoop = @0x7f36b3ef9000: {<WTF::FunctionDispatcher> = {<WTF::ThreadSafeRefCounted<WTF::FunctionDispatcher>> = {<WTF::ThreadSafeRefCountedBase> = {m_refCount = {<std::__atomic_base<unsigned int>> = {static _S_alignment = 4, _M_i = 20}, <No data fields>}}, <No data fields>}, _vptr.FunctionDispatcher = 0x7f36cbbdcd48 <vtable for WTF::RunLoop+16>}, m_functionQueueLock = {m_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 512, __spins = 0, __elision = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 17 times>, "\002", '\000' <repeats 21 times>, __align = 0}}, m_functionQueue = {m_start = 2, m_end = 12, m_buffer = {<WTF::VectorBufferBase<WTF::Function<void()>, WTF::FastMalloc>> = {m_buffer = 0x7f36b3ee1100, m_capacity = 16, m_size = 0}, <No data fields>}}, m_mainContext = {m_ptr = 0xa83980}, m_mainLoops = {<WTF::VectorBuffer<WTF::GRefPtr<_GMainLoop>, 0, WTF::FastMalloc>> = {<WTF::VectorBufferBase<WTF::GRefPtr<_GMainLoop>, WTF::FastMalloc>> = {m_buffer = 0x7f36b3efd100, m_capacity = 16, m_size = 1}, <No data fields>}, <No data fields>}, m_source = {m_ptr = 0xab8880}} nestedMainLoop = <optimized out> #41 0x00007f36cf3e9688 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) (argc=<optimized out>, argv=0x7ffd9b841d28) at ....webkit.master/Source/WebKit/Shared/unix/ChildProcessMain.h:61 childMain = {<WebKit::ChildProcessMainBase> = {_vptr.ChildProcessMainBase = 0x7f36d101caf8 <vtable for WebKit::WebProcessMain+16>, m_parameters = {uiProcessName = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, clientIdentifier = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, connectionIdentifier = 20, extraInitializationData = {m_impl = {static m_maxLoad = 2, static m_minLoad = 6, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}}}}, <No data fields>} #42 0x00007f36ce3b103a in __libc_start_main () at /lib64/libc.so.6 #43 0x000000000040086a in _start ()
Milan Crha
Comment 31
2017-12-04 10:49:04 PST
Created
attachment 328363
[details]
wk.patch This is the change I've applied on top of git master of webkitgtk checkout at commit 8db8781244167fde, aka Fix StyleBench/InteractiveRunner.html , which ends with: git-svn-id:
http://svn.webkit.org/repository/webkit/trunk@225478
268f45cc-cd09-0410-ab3c-d52691b4dbfc
Michael Catanzaro
Comment 32
2017-12-06 14:15:53 PST
This is too big to roll out. We need to disable bmalloc until we figure out how to fix it.
Michael Catanzaro
Comment 33
2017-12-06 16:00:15 PST
I tried a release build with Fedora's hardening flags, expecting that might allow me to reproduce the crash, but no such luck. Milan, how *exactly* are you building it? Are you using Fedora 27, x86_64?
Filip Pizlo
Comment 34
2017-12-06 16:27:31 PST
(In reply to Michael Catanzaro from
comment #33
)
> I tried a release build with Fedora's hardening flags, expecting that might > allow me to reproduce the crash, but no such luck. > > Milan, how *exactly* are you building it? Are you using Fedora 27, x86_64?
Note that I recently landed a significant fix:
https://trac.webkit.org/changeset/225551/webkit
Dunno if it affects this issue. Also,
Filip Pizlo
Comment 35
2017-12-06 16:27:52 PST
(In reply to Filip Pizlo from
comment #34
)
> (In reply to Michael Catanzaro from
comment #33
) > > I tried a release build with Fedora's hardening flags, expecting that might > > allow me to reproduce the crash, but no such luck. > > > > Milan, how *exactly* are you building it? Are you using Fedora 27, x86_64? > > Note that I recently landed a significant fix: >
https://trac.webkit.org/changeset/225551/webkit
> > Dunno if it affects this issue. > > Also,
Also, Zalan had landed some fixes that look like maybe they could have fixed this.
Michael Catanzaro
Comment 36
2017-12-06 16:37:13 PST
OK, Milan, I know we only have you for one more day... thanks very much for helping so far. First, of course try trunk again, with Filip and Zalan's new fixes. We can hope that's solved it. Failing that... let's test a workaround. Try removing the WTF_MAKE_ISO_ALLOCATED(RenderView) line from RenderView.h, and the corresponding WTF_MAKE_ISO_ALLOCATED_IMPL(RenderView); line in RenderView.cpp. Does that help? (In reply to Milan Crha from
comment #30
)
> #13 0x00007f36cfba52bf in WebCore::Document::createRenderTree() (this=0x0) > at ....webkit.master/Source/WebCore/dom/Document.cpp:2214 > this = 0x0 > #14 0x00007f36cfbb6d30 in > WebCore::Document::didBecomeCurrentDocumentInFrame() (this=0x7f3671af1800) > at ....webkit.master/Source/WebCore/dom/Document.cpp:2230
This point in the backtrace looks really bad. Document should not be deleting itself while executing its member functions, and for no apparent reason. I'm not sure that the iso allocator can be blamed for this....
Milan Crha
Comment 37
2017-12-07 02:44:23 PST
(In reply to Michael Catanzaro from
comment #33
)
> Milan, how *exactly* are you building it? Are you using Fedora 27, x86_64?
Right, this is Fedora 27, x86_64. Related environment variables: ACLOCAL_FLAGS='-I /build/test-wk2/share/aclocal' CFLAGS='-g -O0 -Wall' GDK_SYNCHRONIZE=1 GSETTINGS_SCHEMA_DIR=/build/test-wk2/share/glib-2.0/schemas LDFLAGS='-Wl,--as-needed -Wl,-z -Wl,relro -Wl,-z -Wl,now -Wl,-z -Wl,defs' LD_LIBRARY_PATH=/build/test-wk2/lib:/build/test-wk2/samba/lib MAGIC_BUILD_ROOT=/build/test-wk2 PATH=/build/test-wk2/bin:$PATH PKG_CONFIG_PATH=/build/test-wk2/lib/pkgconfig:/build/test-wk2/samba/lib/pkgconfig:/build/test-wk2/share/pkgconfig cmake -G "Unix Makefiles" \ -DPORT=GTK \ -DCMAKE_BUILD_TYPE=RelWithDebInfo \ -DCMAKE_PREFIX_PATH=$MAGIC_BUILD_ROOT \ -DCMAKE_INSTALL_PREFIX=$MAGIC_BUILD_ROOT \ -DLIB_INSTALL_DIR:PATH=$MAGIC_BUILD_ROOT/lib \ -DENABLE_X11_TARGET=ON \ -DENABLE_WAYLAND_TARGET=OFF \ -DENABLE_PLUGIN_PROCESS_GTK2=OFF \ -DENABLE_INTROSPECTION=OFF \ -DENABLE_GTKDOC=OFF \ -DDEVELOPER_MODE=OFF \ -DENABLE_MINIBROWSER=ON \ .. Which results in: -- Enabled features: -- ENABLE_ACCELERATED_2D_CANVAS ................... OFF -- ENABLE_DRAG_SUPPORT ON -- ENABLE_GEOLOCATION ............................. ON -- ENABLE_GLES2 OFF -- ENABLE_GTKDOC .................................. OFF -- ENABLE_ICONDATABASE ON -- ENABLE_INTROSPECTION ........................... OFF -- ENABLE_JIT ON -- ENABLE_MINIBROWSER ............................. ON -- ENABLE_OPENGL ON -- ENABLE_PLUGIN_PROCESS_GTK2 ..................... OFF -- ENABLE_QUARTZ_TARGET OFF -- ENABLE_SAMPLING_PROFILER ....................... ON -- ENABLE_SPELLCHECK ON -- ENABLE_TOUCH_EVENTS ............................ ON -- ENABLE_VIDEO ON -- ENABLE_WAYLAND_TARGET .......................... OFF -- ENABLE_WEBDRIVER ON -- ENABLE_WEB_AUDIO ............................... ON -- ENABLE_WEB_CRYPTO ON -- ENABLE_X11_TARGET .............................. ON -- USE_LIBHYPHEN ON -- USE_LIBNOTIFY .................................. ON -- USE_LIBSECRET ON -- USE_SYSTEM_MALLOC .............................. OFF -- USE_UPOWER ON -- USE_WOFF2 ...................................... ON I cannot built git at commit 2506187a87eb3fd845e47a985516cc76548ba27d (git-svn-id:
http://svn.webkit.org/repository/webkit/trunk@225622
268f45cc-cd09-0410-ab3c-d52691b4dbfc), it fails to compile with error: In file included from ....webkit.master/Source/JavaScriptCore/runtime/JSCPoisonedPtr.h:28:0, from ....webkit.master/Source/JavaScriptCore/assembler/MacroAssemblerCodeRef.h:29, from ....webkit.master/Source/JavaScriptCore/interpreter/AbstractPC.h:28, from ....webkit.master/Source/JavaScriptCore/interpreter/CallFrame.h:25, from ....webkit.master/Source/JavaScriptCore/runtime/ClassInfo.h:25, from ....webkit.master/Source/JavaScriptCore/runtime/Structure.h:28, from ....webkit.master/Source/JavaScriptCore/bytecode/ArrayProfile.h:29, from ....webkit.master/Source/JavaScriptCore/llint/LLIntOffsetsExtractor.cpp:28: ....webkit.master/Source/WTF/wtf/Poisoned.h: In substitution of ‘template<uintptr_t& key, class T> using Poisoned = WTF::PoisonedImpl<const long unsigned int&, ((const long unsigned int&)key), T> [with uintptr_t& key = JSC::g_classInfoPoison; T = const JSC::ClassInfo*]’: ....webkit.master/Source/JavaScriptCore/runtime/JSCPoisonedPtr.h:37:74: required from here ....webkit.master/Source/WTF/wtf/Poisoned.h:122:56: error: ‘(const long unsigned int&)JSC::g_classInfoPoison’ is not a valid template argument for type ‘const long unsigned int&’ because it is not an object with linkage using Poisoned = PoisonedImpl<const uintptr_t&, key, T>; ^ ....webkit.master/Source/WTF/wtf/Poisoned.h: In substitution of ‘template<uintptr_t& key, class T> using Poisoned = WTF::PoisonedImpl<const long unsigned int&, ((const long unsigned int&)key), T> [with uintptr_t& key = JSC::g_masmPoison; T = void*]’: ....webkit.master/Source/JavaScriptCore/runtime/JSCPoisonedPtr.h:38:53: required from here ....webkit.master/Source/WTF/wtf/Poisoned.h:122:56: error: ‘(const long unsigned int&)JSC::g_masmPoison’ is not a valid template argument for type ‘const long unsigned int&’ because it is not an object with linkage In file included from ....webkit.master/Source/JavaScriptCore/interpreter/AbstractPC.h:28:0, from ....webkit.master/Source/JavaScriptCore/interpreter/CallFrame.h:25, from ....webkit.master/Source/JavaScriptCore/runtime/ClassInfo.h:25, from ....webkit.master/Source/JavaScriptCore/runtime/Structure.h:28, from ....webkit.master/Source/JavaScriptCore/bytecode/ArrayProfile.h:29, from ....webkit.master/Source/JavaScriptCore/llint/LLIntOffsetsExtractor.cpp:28: ....webkit.master/Source/JavaScriptCore/assembler/MacroAssemblerCodeRef.h: In constructor ‘JSC::FunctionPtr::FunctionPtr(returnType (*)())’: ....webkit.master/Source/JavaScriptCore/assembler/MacroAssemblerCodeRef.h:70:9: error: ‘PoisonedMasmPtr’ has not been declared I reverted commit 679b410c541bdccac78ef40c873ea497a613243abdccac78ef40c873ea497a613243a to be able to move forward. I'm running under X, not under Wayland (I cannot run it under Wayland due to some mesa issue in rawhide, which may or may not be due to the machine being virtual;
https://bugzilla.redhat.com/show_bug.cgi?id=1518674
). Thus I'm with clean webkitgtk+ checkout at commit 2506187a87eb3fd845e47a985516cc76548ba27d minus commit 679b410c541bdccac78ef40c873ea497a613243a and it's still crashing, this time here, with no this=0x0 in the backtrace: #6 0x00007f5aa50892e2 in bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocateSlow(bool) (this=0x7f5aa619a098, abortOnFailure=true) at ..../webkit.master/Source/bmalloc/bmalloc/IsoAllocatorInlines.h:63 #7 0x00007f5aa5089531 in bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool)::{lambda()#1}::operator()() const (__closure=<optimized out>) at ..../webkit.master/Source/bmalloc/bmalloc/IsoAllocatorInlines.h:53 #8 0x00007f5aa5089531 in bmalloc::FreeList::allocate<bmalloc::IsoConfig<560u>, bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool)::{lambda()#1}>(bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool)::{lambda()#1} const&) (slowPath=..., this=<optimized out>) at ..../webkit.master/Source/bmalloc/bmalloc/FreeListInlines.h:44 #9 0x00007f5aa5089531 in bmalloc::IsoAllocator<bmalloc::IsoConfig<560u> >::allocate(bool) (this=<optimized out>, abortOnFailure=<optimized out>) at ..../webkit.master/Source/bmalloc/bmalloc/IsoAllocatorInlines.h:51 #10 0x00007f5aa49244f2 in WebCore::createRenderer<WebCore::RenderView, WebCore::Document&, WebCore::RenderStyle>(WebCore::Document&, WebCore::RenderStyle&&) () at ..../webkit.master/Source/WebCore/rendering/RenderPtr.h:43 #11 0x00007f5aa49244f2 in WebCore::Document::createRenderTree() (this=0x7f5a426f1800) at ..../webkit.master/Source/WebCore/dom/Document.cpp:2212 #12 0x00007f5aa4935ed0 in WebCore::Document::didBecomeCurrentDocumentInFrame() (this=0x7f5a426f1800) at ..../webkit.master/Source/WebCore/dom/Document.cpp:2228 (In reply to Michael Catanzaro from
comment #36
)
> Failing that... let's test a workaround. Try removing the > WTF_MAKE_ISO_ALLOCATED(RenderView) line from RenderView.h, and the > corresponding WTF_MAKE_ISO_ALLOCATED_IMPL(RenderView); line in > RenderView.cpp. Does that help?
Nope, still goes down: #3 0x00007fc263e6bc16 in WTF::jscSignalHandler(int, siginfo_t*, void*) (sig=<optimized out>, info=0x7ffd9602eef0, ucontext=0x7ffd9602edc0) at ..../webkit.master/Source/WTF/wtf/threads/Signals.cpp:353 #4 0x00007fc2668a0720 in <signal handler called> () at /lib64/libc.so.6 #5 0x00007fc2686769f2 in WebCore::RenderBlockFlow::operator new(unsigned long) (size=size@entry=560) at ..../webkit.master/Source/WebCore/rendering/RenderBlockFlow.cpp:62 #6 0x00007fc2680921f2 in WebCore::createRenderer<WebCore::RenderView, WebCore::Document&, WebCore::RenderStyle>(WebCore::Document&, WebCore::RenderStyle&&) () at ..../webkit.master/Source/WebCore/rendering/RenderPtr.h:43 #7 0x00007fc2680921f2 in WebCore::Document::createRenderTree() (this=0x7fc209ff1800) at ..../webkit.master/Source/WebCore/dom/Document.cpp:2212 #8 0x00007fc2680a3bd0 in WebCore::Document::didBecomeCurrentDocumentInFrame() (this=0x7fc209ff1800) at ..../webkit.master/Source/WebCore/dom/Document.cpp:2228 #9 0x00007fc26841c6fa in WebCore::Frame::setDocument(WTF::RefPtr<WebCore::Document>&&) (this=0x7fc24c3b8550, newDocument=...) at ..../webkit.master/Source/WebCore/page/Frame.cpp:297 #10 0x00007fc26835d44d in WebCore::DocumentWriter::begin(WebCore::URL const&, bool, WebCore::Document*) (this=this@entry=0x7fc24c39a080, urlReference=..., dispatch=dispatch@entry=false, ownerDocument=ownerDocument@entry=0x0) at ..../webkit.master/Source/WebCore/loader/DocumentWriter.cpp:174 #11 0x00007fc26835d79d in WebCore::DocumentLoader::commitData(char const*, unsigned long) (this=this@entry=0x7fc24c39a000, bytes=bytes@entry=0x0, length=length@entry=0) at ..../webkit.master/Source/WebCore/loader/DocumentLoader.cpp:867 #12 0x00007fc26835deac in WebCore::DocumentLoader::finishedLoading() (this=this@entry=0x7fc24c39a000) at ..../webkit.master/Source/WebCore/loader/DocumentLoader.cpp:425 #13 0x00007fc26835fdd9 in WebCore::DocumentLoader::maybeLoadEmpty() (this=this@entry=0x7fc24c39a000) at ..../webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1514 #14 0x00007fc26836149c in WebCore::DocumentLoader::startLoadingMainResource() (this=0x7fc24c39a000) at ..../webkit.master/Source/WebCore/loader/DocumentLoader.cpp:1526 #15 0x00007fc26836f3c3 in WebCore::FrameLoader::init() (this=0x7889d0) at ..../webkit.master/Source/WebCore/loader/FrameLoader.cpp:307 #16 0x00007fc26841c67c in WebCore::Frame::init() (this=<optimized out>) at ..../webkit.master/Source/WebCore/page/Frame.cpp:203 #17 0x00007fc2677318cc in WebKit::WebFrame::createWithCoreMainFrame(WebKit::WebPage*, WebCore::Frame*) (page=page@entry=0x7fc209ff9000, coreFrame=0x7fc24c3b8550) at ..../webkit.master/Source/WebKit/WebProcess/WebPage/WebFrame.cpp:120 #18 0x00007fc267747887 in WebKit::WebPage::WebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0x7fc209ff9000, pageID=<optimized out>, parameters=...) at ..../webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:440 #19 0x00007fc2677480ee in WebKit::WebPage::create(unsigned long, WebKit::WebPageCreationParameters&&) (pageID=1, parameters=...) at ..../webkit.master/Source/WebKit/WebProcess/WebPage/WebPage.cpp:316 #20 0x00007fc26769c6a8 in WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&) (this=0x78ea20, pageID=<optimized out>, parameters=...) at ..../webkit.master/Source/WebKit/WebProcess/WebProcess.cpp:579 #21 0x00007fc26792e2b7 in IPC::callMemberFunctionImpl<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, 0ul, 1ul>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, std::integer_sequence<unsigned long, 0ul, 1ul>) (args=..., function=<optimized out>, object=0x78ea20) at ..../webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:40 #22 0x00007fc26792e2b7 in IPC::callMemberFunction<WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&), std::tuple<unsigned long, WebKit::WebPageCreationParameters>, std::integer_sequence<unsigned long, 0ul, 1ul> >(std::tuple<unsigned long, WebKit::WebPageCreationParameters>&&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (function=<optimized out>, object=0x78ea20, args=...) at ..../webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:46 #23 0x00007fc26792e2b7 in IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)>(IPC::Decoder&, WebKit::WebProcess*, void (WebKit::WebProcess::*)(unsigned long, WebKit::WebPageCreationParameters&&)) (decoder=..., object=object@entry=0x78ea20, function=(void (WebKit::WebProcess::*)(WebKit::WebProcess * const, unsigned long, WebKit::WebPageCreationParameters &&)) 0x7fc26769c650 <WebKit::WebProcess::createWebPage(unsigned long, WebKit::WebPageCreationParameters&&)>) at ..../webkit.master/Source/WebKit/Platform/IPC/HandleMessage.h:126 #24 0x00007fc26792a883 in WebKit::WebProcess::didReceiveWebProcessMessage(IPC::Connection&, IPC::Decoder&) (this=0x78ea20, connection=..., decoder=...) at ..../webkit.master/_build/DerivedSources/WebKit/WebProcessMessageReceiver.cpp:69 #25 0x00007fc267545d5b in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (this=0x7fc24c3e5000, message=std::unique_ptr<IPC::Decoder> containing 0x7fc24c3dd060) at ..../webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:928 #26 0x00007fc2675465d8 in IPC::Connection::dispatchOneMessage() (this=0x7fc24c3e5000) at ..../webkit.master/Source/WebKit/Platform/IPC/Connection.cpp:959 #27 0x00007fc263e482bd in WTF::Function<void ()>::operator()() const (this=<synthetic pointer>) at ..../webkit.master/Source/WTF/wtf/Function.h:56 #28 0x00007fc263e482bd in WTF::RunLoop::performWork() (this=0x7fc24c3f9000) at ..../webkit.master/Source/WTF/wtf/RunLoop.cpp:123 #29 0x00007fc263e6e899 in WTF::RunLoop::<lambda(gpointer)>::operator() (__closure=0x0, userData=<optimized out>) at ..../webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:68 #30 0x00007fc263e6e899 in WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer) () at ..../webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:70 #31 0x00007fc26434fbb7 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #32 0x00007fc26434ff60 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0 #33 0x00007fc264350272 in g_main_loop_run () at /lib64/libglib-2.0.so.0 #34 0x00007fc263e6f1d8 in WTF::RunLoop::run() () at ..../webkit.master/Source/WTF/wtf/glib/RunLoopGLib.cpp:96 #35 0x00007fc2678c93f8 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) (argc=<optimized out>, argv=0x7ffd96030eb8) at ..../webkit.master/Source/WebKit/Shared/unix/ChildProcessMain.h:61 #36 0x00007fc26688a03a in __libc_start_main () at /lib64/libc.so.6 #37 0x000000000040086a in _start () And it looks suspicious, thus I reverted the previous change in RenderView and disabled bmalloc in my local build to see whether it'll help and with the system malloc the MiniBrowser opens webkitgtk.org page with no problem. I'll try to involve some other helper tools like valgrind or AddressSanitizer, as soon as I manage to compile WebKitGTK+ again, without the system malloc.
Milan Crha
Comment 38
2017-12-07 03:42:21 PST
To add a bit more confusion to this, the MiniBrowser works, when I have exported: ASAN_OPTIONS=abort_on_error=1:detect_stack_use_after_return=0:detect_leaks=0:handle_segv=0 and I run it as: $ LD_PRELOAD=/usr/lib64/libasan.so.4 ..../libexec/webkit2gtk-4.0/MiniBrowser It only aborts on close of the MiniBrowser witht he below error. Removing that LD_PRELOAD causes crash before the webkitgtk.org is loaded in the MiniBrowse. By the way, I also use: export G_SLICE=debug-blocks,always-malloc export G_DEBUG=gc-friendly export G_ENABLE_DIAGNOSTIC=0 export GTK_OVERLAY_SCROLLING=0 export GDK_SYNCHRONIZE=1 in my ~/.bashrc (there's also `export GTK_MODULES=gnomesegvhandler,$GTK_MODULES`), but I doubt it has any real impact on this, because when I unset it, then the MiniBrowser doesn't show the page too). ================================================================= ==19318==ERROR: AddressSanitizer: new-delete-type-mismatch on 0x60200029b7b0 in thread T0: object passed to delete has wrong type: size of the allocated type: 16 bytes; size of the deallocated type: 8 bytes. #0 0x7fcb55b356d8 in operator delete(void*, unsigned long) (/usr/lib64/libasan.so.4+0xe16d8) #1 0x7fcb53b3b572 in _WebKitWebInspectorPrivate::~_WebKitWebInspectorPrivate() ..../webkit.master/Source/WebKit/UIProcess/API/gtk/WebKitWebInspector.cpp:83 #2 0x7fcb53b3b572 in webkit_web_inspector_finalize ..../webkit.master/Source/WebKit/UIProcess/API/gtk/WebKitWebInspector.cpp:92 #3 0x7fcb51dc0688 in g_object_unref (/lib64/libgobject-2.0.so.0+0x14688) #4 0x7fcb53b28d92 in void WTF::derefGPtr<_WebKitWebInspector>(_WebKitWebInspector*) ..../webkit.master/Source/WTF/wtf/glib/GRefPtr.h:250 #5 0x7fcb53b28d92 in WTF::GRefPtr<_WebKitWebInspector>::~GRefPtr() ..../webkit.master/Source/WTF/wtf/glib/GRefPtr.h:76 #6 0x7fcb53b28d92 in _WebKitWebViewPrivate::~_WebKitWebViewPrivate() ..../webkit.master/Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:196 #7 0x7fcb53b28d92 in webkit_web_view_finalize ..../webkit.master/Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:261 #8 0x7fcb51dc0688 in g_object_unref (/lib64/libgobject-2.0.so.0+0x14688) #9 0x7fcb51de400f in g_value_unset (/lib64/libgobject-2.0.so.0+0x3800f) #10 0x7fcb51dd6d4c in g_signal_emit_valist (/lib64/libgobject-2.0.so.0+0x2ad4c) #11 0x7fcb51dd766e in g_signal_emit (/lib64/libgobject-2.0.so.0+0x2b66e) #12 0x41202f in browserWindowTryClose ..../webkit.master/Tools/MiniBrowser/gtk/BrowserWindow.c:277 #13 0x4140c6 in browserWindowDeleteEvent ..../webkit.master/Tools/MiniBrowser/gtk/BrowserWindow.c:1075 #14 0x7fcb52bdcb76 (/lib64/libgtk-3.so.0+0x233b76) #15 0x7fcb51dbb975 (/lib64/libgobject-2.0.so.0+0xf975) #16 0x7fcb51dd69c8 in g_signal_emit_valist (/lib64/libgobject-2.0.so.0+0x2a9c8) #17 0x7fcb51dd766e in g_signal_emit (/lib64/libgobject-2.0.so.0+0x2b66e) #18 0x7fcb52d27cd3 (/lib64/libgtk-3.so.0+0x37ecd3) #19 0x7fcb52bdbbd5 in gtk_main_do_event (/lib64/libgtk-3.so.0+0x232bd5) #20 0x7fcb526e9304 (/lib64/libgdk-3.so.0+0x37304) #21 0x7fcb5271ab21 (/lib64/libgdk-3.so.0+0x68b21) #22 0x7fcb51ae2bb6 in g_main_context_dispatch (/lib64/libglib-2.0.so.0+0x4abb6) #23 0x7fcb51ae2f5f (/lib64/libglib-2.0.so.0+0x4af5f) #24 0x7fcb51ae3271 in g_main_loop_run (/lib64/libglib-2.0.so.0+0x4b271) #25 0x7fcb52bdaca4 in gtk_main (/lib64/libgtk-3.so.0+0x231ca4) #26 0x40c8a5 in main ..../webkit.master/Tools/MiniBrowser/gtk/main.c:561 #27 0x7fcb5019b039 in __libc_start_main (/lib64/libc.so.6+0x21039) #28 0x40c9a9 in _start (/build/test-wk2/libexec/webkit2gtk-4.0/MiniBrowser+0x40c9a9) 0x60200029b7b0 is located 0 bytes inside of 16-byte region [0x60200029b7b0,0x60200029b7c0) allocated by thread T0 here: #0 0x7fcb55b34158 in operator new(unsigned long) (/usr/lib64/libasan.so.4+0xe0158) #1 0x7fcb53b3b71f in std::_MakeUniq<WebKitInspectorClient>::__single_object std::make_unique<WebKitInspectorClient, _WebKitWebInspector*&>(_WebKitWebInspector*&) /usr/include/c++/7/bits/unique_ptr.h:825 #2 0x7fcb53b3b71f in webkitWebInspectorCreate(WebKit::WebInspectorProxy*) ..../webkit.master/Source/WebKit/UIProcess/API/gtk/WebKitWebInspector.cpp:363
Milan Crha
Comment 39
2017-12-07 03:52:15 PST
I'm not able to run WebKitWebProcess under valgrind, it crashes with: FATAL: Could not allocate gigacage memory with maxAlignment = 34359738368, totalSize = 103079215104. ==20102== Invalid write of size 4 ==20102== at 0xB1E1E5C: void std::call_once<Gigacage::ensureGigacage()::{lambda()#1}>(std::once_flag&, Gigacage::ensureGigacage()::{lambda()#1}&&)::{lambda()#2}::_FUN() (Gigacage.cpp:154) ==20102== by 0x10840AB6: __pthread_once_slow (in /usr/lib64/libpthread-2.26.so) ==20102== by 0xB1E178C: __gthread_once (gthr-default.h:699) ==20102== by 0xB1E178C: call_once<Gigacage::ensureGigacage()::<lambda()> > (mutex:684) ==20102== by 0xB1E178C: Gigacage::ensureGigacage() (Gigacage.cpp:108) ==20102== by 0xB1E25F6: bmalloc::Heap::Heap(bmalloc::HeapKind, std::lock_guard<bmalloc::StaticMutex>&) (Heap.cpp:58) ==20102== by 0xB1E0952: PerHeapKindBase<std::lock_guard<bmalloc::StaticMutex>&> (PerHeapKind.h:43) ==20102== by 0xB1E0952: PerHeapKind<std::lock_guard<bmalloc::StaticMutex>&> (PerHeapKind.h:95) ==20102== by 0xB1E0952: bmalloc::PerProcess<bmalloc::PerHeapKind<bmalloc::Heap> >::getSlowCase() (PerProcess.h:93) ==20102== by 0xB1E0670: get (PerProcess.h:84) ==20102== by 0xB1E0670: bmalloc::Cache::Cache(bmalloc::HeapKind) (Cache.cpp:46) ==20102== by 0xB1E0A1C: PerHeapKindBase<> (PerHeapKind.h:43) ==20102== by 0xB1E0A1C: PerHeapKind<> (PerHeapKind.h:95) ==20102== by 0xB1E0A1C: bmalloc::PerThread<bmalloc::PerHeapKind<bmalloc::Cache> >::getSlowCase() (PerThread.h:145) ==20102== by 0xB1E06CE: bmalloc::Cache::allocateSlowCaseNullCache(bmalloc::HeapKind, unsigned long) (Cache.cpp:58) ==20102== by 0xB1C7B56: operator new (StringImpl.h:160) ==20102== by 0xB1C7B56: WTF::StringImpl::createFromLiteral(char const*, unsigned int) (StringImpl.cpp:153) ==20102== by 0xB1C7BA0: WTF::StringImpl::createFromLiteral(char const*) (StringImpl.cpp:158) ==20102== by 0xB1D3171: WTF::String::String(WTF::ASCIILiteral) (WTFString.cpp:83) ==20102== by 0x537ED46: __static_initialization_and_destruction_0 (PasteboardHelper.cpp:43) ==20102== by 0x537ED46: _GLOBAL__sub_I_PasteboardHelper.cpp (PasteboardHelper.cpp:316) ==20102== by 0x4010E82: _dl_init (in /usr/lib64/ld-2.26.so) ==20102== by 0x4000F09: ??? (in /usr/lib64/ld-2.26.so) ==20102== by 0x1: ??? ==20102== by 0x1FFEFFFDCE: ??? ==20102== by 0x1FFEFFFE0B: ???
Michael Catanzaro
Comment 40
2017-12-07 09:57:45 PST
(In reply to Milan Crha from
comment #38
)
> ================================================================= > ==19318==ERROR: AddressSanitizer: new-delete-type-mismatch on 0x60200029b7b0 > in thread T0: > object passed to delete has wrong type: > size of the allocated type: 16 bytes; > size of the deallocated type: 8 bytes.
Bug #180533
Michael Catanzaro
Comment 41
2017-12-07 10:01:58 PST
(In reply to Milan Crha from
comment #39
)
> I'm not able to run WebKitWebProcess under valgrind, it crashes with:
That's not going to work unless Gigacage is disabled. I don't know if it's possible to disable Gigacage at runtime. Disabling bmalloc (using
https://trac.webkit.org/wiki/EnvironmentVariables
) should suffice, but then you can't test the crash we're investigating....
Saam Barati
Comment 42
2017-12-07 10:14:56 PST
(In reply to Michael Catanzaro from
comment #41
)
> (In reply to Milan Crha from
comment #39
) > > I'm not able to run WebKitWebProcess under valgrind, it crashes with: > > That's not going to work unless Gigacage is disabled. I don't know if it's > possible to disable Gigacage at runtime. Disabling bmalloc (using >
https://trac.webkit.org/wiki/EnvironmentVariables
) should suffice, but then > you can't test the crash we're investigating....
It’s easy to do at runtime. Look at Gigacage.cpp, inside bmalloc. It reads an environment variable when determining if Gigacage is enabled
Michael Catanzaro
Comment 43
2017-12-09 11:21:42 PST
OK, I'm able to reproduce by setting the following in my jhbuildrc: os.environ['CFLAGS'] = '-m64 -mtune=generic -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1' os.environ['CXXFLAGS'] = '-m64 -mtune=generic -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1' os.environ['LDFLAGS'] = '-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld' Have not yet investigated to see which particular flag there is to blame. I don't understand how to read the GCC spec files, but the contents are as follows: $ cat /usr/lib/rpm/redhat/redhat-hardened-cc1 *cc1_options: + %{!r:%{!fpie:%{!fPIE:%{!fpic:%{!fPIC:%{!fno-pic:-fPIE}}}}}} $ cat /usr/lib/rpm/redhat/redhat-hardened-ld *self_spec: + %{!static:%{!shared:%{!r:-pie}}} *link: + -z now I guessed at which flags to set by reading /usr/lib/rpm/redhat/macros, which contains this bit somewhere in the middle: %_hardening_cflags -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 # we don't escape symbols '~', '"', etc. so be careful when changing this %_hardening_ldflags -specs=/usr/lib/rpm/redhat/redhat-hardened-ld # Harden packages by default for Fedora 23: #
https://fedorahosted.org/fesco/ticket/1384
(accepted on 2014-02-11) %_hardened_build 1 %_hardened_cflags %{?_hardened_build:%{_hardening_cflags}} %_hardened_ldflags %{?_hardened_build:%{_hardening_ldflags}} %__global_compiler_flags -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches %{_hardened_cflags} %__global_cflags %{optflags} %__global_cxxflags %{optflags} %__global_fflags %{optflags} -I%_fmoddir %__global_fcflags %{optflags} -I%_fmoddir %__global_ldflags -Wl,-z,relro %{_hardened_ldflags} I assume Debian uses similar flags, since the crash is being reported by Andres and Dan as well.
Michael Catanzaro
Comment 44
2017-12-10 13:56:58 PST
(In reply to Michael Catanzaro from
comment #43
)
> OK, I'm able to reproduce by setting the following in my jhbuildrc:
Only in release builds... a debug build with the same compiler flags is unaffected. Which is odd, because we are manually adding both -O2 and -g in both cases, so the only big difference in flags that I see is -DNDEBUG.
Michael Catanzaro
Comment 45
2017-12-10 18:35:22 PST
(In reply to Michael Catanzaro from
comment #44
)
> Only in release builds... a debug build with the same compiler flags is > unaffected. Which is odd, because we are manually adding both -O2 and -g in > both cases, so the only big difference in flags that I see is -DNDEBUG.
That's wrong. The difference is DEVELOPER_MODE. That's... extremely surprising, but I've confirmed this with several clean builds. Release builds without DEVELOPER_MODE crash, but with DEVELOPER_MODE work fine. Ditto for debug builds. So to reproduce, you must not use build-webkit. Use CMake directly. My best guess right now is that it's because we use the linker version script "-Wl,--version-script,${CMAKE_MODULE_PATH}/gtksymbols.filter" only when DEVELOPER_MODE is OFF. I have not tested that yet, but I think nothing else that depends on DEVELOPER_MODE is likely to have any impact on bmalloc.
Michael Catanzaro
Comment 46
2017-12-10 20:18:37 PST
(In reply to Michael Catanzaro from
comment #43
)
> OK, I'm able to reproduce by setting the following in my jhbuildrc:
Wrong. None of those compiler flags are needed or relevant. The only thing that mattered was that I removed -DDEVELOPER_MODE=ON when trying out those flags, thinking to reproduce a distro build as quickly as possible.
Michael Catanzaro
Comment 47
2017-12-10 20:18:54 PST
(In reply to Michael Catanzaro from
comment #46
)
> quickly
I meant "closely"
Michael Catanzaro
Comment 48
2017-12-10 21:03:31 PST
(In reply to Michael Catanzaro from
comment #45
)
> My best guess right now is that it's because we use the linker version > script "-Wl,--version-script,${CMAKE_MODULE_PATH}/gtksymbols.filter" only > when DEVELOPER_MODE is OFF. I have not tested that yet, but I think nothing > else that depends on DEVELOPER_MODE is likely to have any impact on bmalloc.
Confirmed, a non-developer mode build with the linker version script removed does not crash.
Carlos Garcia Campos
Comment 49
2017-12-11 03:12:51 PST
Hey Michael, good catch, it helped a lot to find the problem, which is in PerProcess. What happens is that we have two copies of the bmalloc symbols, one in libwk and the other one in libjsc. When building in developer mode, all the symbols are public (global) by default in both libwk and libjsc, but when using the symbol filter, all symbols are global in libjsc, but local in libwk except for the ones defined as global in the filter file (our public API symbols). In IsoTLS::ensureEntries(), PerProcess is used to get the global IsoTLSLayout. The first time the IsoTLSLayout is created when PerProcess<IsoTLSLayout>::get() is called from IsoTLSEntry constructor. Then it's called again from IsoTLS::ensureEntries(), but this second time a new IsoTLSLayout is created again. That's not expected to happen, and the result is that startEntry is nullptr and IsoTLSAllocatorEntry<Config>::construct() is never called (m_heap is never initialized). My guess is that the first time we initialize bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_object in libjsc (or libwk) and the second time the one from libwk (or libjsc) is used. This is probably because bmalloc::PerProcess<bmalloc::IsoTLSLayout>::getSlowCase() is local symbol in libwk, so when using the libwk one, s_object is also the libwk one, because it's local. See: $ objdump -x libjavascriptcoregtk-4.0.so | c++filt | grep IsoTLSLayout 0000000000eb4e80 l O .rodata 000000000000000c bmalloc::PerProcess<bmalloc::IsoTLSLayout>::getSlowCase()::__FUNCTION__ 0000000000eb4e8c l O .rodata 0000000000000004 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::get()::__FUNCTION__ 0000000000000000 l df *ABS* 0000000000000000 IsoTLSLayout.cpp 0000000000eb4e98 l O .rodata 000000000000000d bmalloc::IsoTLSLayout::IsoTLSLayout(std::lock_guard<bmalloc::StaticMutex> const&)::__FUNCTION__ 00000000010761e0 l O .bss 0000000000000008 guard variable for bmalloc::IsoTLSLayout::add(bmalloc::IsoTLSEntry*)::addingMutex 00000000010761e8 l O .bss 0000000000000002 bmalloc::IsoTLSLayout::add(bmalloc::IsoTLSEntry*)::addingMutex 0000000000eb4e90 l O .rodata 0000000000000004 bmalloc::IsoTLSLayout::add(bmalloc::IsoTLSEntry*)::__FUNCTION__ 0000000000361710 l F .text 0000000000000011 _GLOBAL__sub_I_IsoTLSLayout.cpp 0000000000df8820 g F .text 00000000000000fd bmalloc::IsoTLSLayout::add(bmalloc::IsoTLSEntry*) 0000000000df87e0 g F .text 0000000000000034 bmalloc::IsoTLSLayout::IsoTLSLayout(std::lock_guard<bmalloc::StaticMutex> const&) 00000000010761c0 u O .bss 0000000000000008 guard variable for bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_mutex 00000000010761c8 u O .bss 0000000000000008 guard variable for bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_object 0000000000df87e0 g F .text 0000000000000034 bmalloc::IsoTLSLayout::IsoTLSLayout(std::lock_guard<bmalloc::StaticMutex> const&) 00000000010761b0 u O .bss 0000000000000010 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_memory 00000000010761d8 u O .bss 0000000000000008 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_object 00000000010761d0 u O .bss 0000000000000002 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_mutex 0000000000df8740 w F .text 000000000000008b bmalloc::PerProcess<bmalloc::IsoTLSLayout>::getSlowCase() $ objdump -x libwebkit2gtk-4.0.so | c++filt | grep IsoTLSLayout 0000000002c6d930 l O .rodata 000000000000000c bmalloc::PerProcess<bmalloc::IsoTLSLayout>::getSlowCase()::__FUNCTION__ 0000000002c6d93c l O .rodata 0000000000000004 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::get()::__FUNCTION__ 0000000000000000 F *UND* 0000000000000000 bmalloc::IsoTLSLayout::IsoTLSLayout(std::lock_guard<bmalloc::StaticMutex> const&) 000000000372f138 u O .bss 0000000000000008 guard variable for bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_object 000000000372f148 u O .bss 0000000000000008 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_object 000000000372f120 u O .bss 0000000000000010 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_memory 0000000002b5c910 w F .text 000000000000008b bmalloc::PerProcess<bmalloc::IsoTLSLayout>::getSlowCase() 000000000372f130 u O .bss 0000000000000008 guard variable for bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_mutex 000000000372f140 u O .bss 0000000000000002 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_mutex 0000000000000000 F *UND* 0000000000000000 bmalloc::IsoTLSLayout::add(bmalloc::IsoTLSEntry*) This is the case of not using the filter file, getSlowCase() is weak in both and s_object is unique global in both too. $ objdump -x libjavascriptcoregtk-4.0.so | c++filt | grep IsoTLSLayout 0000000000eb4eb0 l O .rodata 000000000000000c bmalloc::PerProcess<bmalloc::IsoTLSLayout>::getSlowCase()::__FUNCTION__ 0000000000eb4ebc l O .rodata 0000000000000004 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::get()::__FUNCTION__ 0000000000000000 l df *ABS* 0000000000000000 IsoTLSLayout.cpp 0000000000eb4ed8 l O .rodata 000000000000000d bmalloc::IsoTLSLayout::IsoTLSLayout(std::lock_guard<bmalloc::StaticMutex> const&)::__FUNCTION__ 00000000010761e0 l O .bss 0000000000000008 guard variable for bmalloc::IsoTLSLayout::add(bmalloc::IsoTLSEntry*)::addingMutex 00000000010761e8 l O .bss 0000000000000002 bmalloc::IsoTLSLayout::add(bmalloc::IsoTLSEntry*)::addingMutex 0000000000eb4ed0 l O .rodata 0000000000000004 bmalloc::IsoTLSLayout::add(bmalloc::IsoTLSEntry*)::__FUNCTION__ 0000000000361710 l F .text 0000000000000011 _GLOBAL__sub_I_IsoTLSLayout.cpp 0000000000df8840 g F .text 00000000000000fd bmalloc::IsoTLSLayout::add(bmalloc::IsoTLSEntry*) 0000000000df8800 g F .text 0000000000000034 bmalloc::IsoTLSLayout::IsoTLSLayout(std::lock_guard<bmalloc::StaticMutex> const&) 00000000010761c0 u O .bss 0000000000000008 guard variable for bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_mutex 00000000010761c8 u O .bss 0000000000000008 guard variable for bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_object 0000000000df8800 g F .text 0000000000000034 bmalloc::IsoTLSLayout::IsoTLSLayout(std::lock_guard<bmalloc::StaticMutex> const&) 00000000010761b0 u O .bss 0000000000000010 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_memory 00000000010761d8 u O .bss 0000000000000008 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_object 00000000010761d0 u O .bss 0000000000000002 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_mutex 0000000000df8760 w F .text 000000000000008b bmalloc::PerProcess<bmalloc::IsoTLSLayout>::getSlowCase() $ objdump -x libwebkit2gtk-4.0.so | c++filt | grep IsoTLSLayout 0000000001f84e90 l O .rodata 000000000000000c bmalloc::PerProcess<bmalloc::IsoTLSLayout>::getSlowCase()::__FUNCTION__ 0000000001f84e9c l O .rodata 0000000000000004 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::get()::__FUNCTION__ 0000000001e73e80 l F .text 000000000000008b bmalloc::PerProcess<bmalloc::IsoTLSLayout>::getSlowCase() 00000000029a48c0 l O .bss 0000000000000002 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_mutex 00000000029a48c8 l O .bss 0000000000000008 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_object 00000000029a48a0 l O .bss 0000000000000010 bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_memory 00000000029a48b8 l O .bss 0000000000000008 guard variable for bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_object 00000000029a48b0 l O .bss 0000000000000008 guard variable for bmalloc::PerProcess<bmalloc::IsoTLSLayout>::s_mutex 0000000000000000 F *UND* 0000000000000000 bmalloc::IsoTLSLayout::IsoTLSLayout(std::lock_guard<bmalloc::StaticMutex> const&) 0000000000000000 F *UND* 0000000000000000 bmalloc::IsoTLSLayout::add(bmalloc::IsoTLSEntry*) This is with the filter file. Nothing changes in libjsc, but all symbols are local in libwk. Adding _ZN7bmalloc10PerProcessINS_12IsoTLSLayoutEE8s_objectE to the global section in the filter file fixes the crash, because it makes the symbol unique global in libwk too, but I'm not sure that's the right fix, because this can happen with other symbols that are expected to be global. Maybe we should make all symbols shared between libjsc and libwk global (bmalloc and WTF)
Carlos Garcia Campos
Comment 50
2017-12-12 08:41:37 PST
I've tried several things and the only one that worked was making those symbols unique global in both libraries. That ensures only one is always used. So, I think instead of making the specific symbol global in the filter file, we could simply make all WTF and bmalloc symbols global to prevent similar issues from happening in the future. I don't know if this is a problem from the ABI point of view. Berto, would that be a problem for debian? I know you keep track of all the exported symbols, but if it's not a problem for libjsc, I guess it isn't for libwk either.
Carlos Garcia Campos
Comment 51
2017-12-13 02:22:43 PST
It turns out this no longer happens in current trunk, I don't even have IsoTLSLayout symbols in libwk. I'm currently bisecting to find the commit that "fixed" this.
Carlos Garcia Campos
Comment 52
2017-12-13 03:19:17 PST
b82f084a00fbd4fab443d5fa3857bc2fbeab0216 is the first bad commit commit b82f084a00fbd4fab443d5fa3857bc2fbeab0216 Author:
fpizlo@apple.com
<
fpizlo@apple.com
@268f45cc-cd09-0410-ab3c-d52691b4dbfc> Date: Wed Dec 13 02:35:54 2017 +0000 It should be possible to flag a cell for unconditional finalization
https://bugs.webkit.org/show_bug.cgi?id=180636
Reviewed by Saam Barati. In this case the bad commit is actually the good one. I guess this fixed this particular issue, but the general problem remains and can happen in the future. I'll make a new release anyway now that it works, so that distros can enable bmalloc again.
Carlos Garcia Campos
Comment 53
2017-12-13 04:55:17 PST
I think this is only a problem with static symbols (in bss section) that are unique global in libjsc and local in libwk. Making them unique global in libwk ensures only one will be used. Right?
Carlos Garcia Campos
Comment 54
2017-12-13 05:09:08 PST
I've written a small script to get the list of symbols in bss that are unique global in libjsc and ar also present in libwk, current result is: guard variable for bmalloc::PerProcess<bmalloc::Scavenger>::s_mutex guard variable for bmalloc::PerProcess<bmalloc::Scavenger>::s_object guard variable for bmalloc::PerProcess<bmalloc::IsoTLSDeallocatorEntry<bmalloc::IsoConfig<40u> > >::s_mutex guard variable for bmalloc::PerProcess<bmalloc::IsoTLSDeallocatorEntry<bmalloc::IsoConfig<40u> > >::s_object guard variable for bmalloc::PerProcess<bmalloc::PerHeapKind<bmalloc::Heap> >::s_mutex bmalloc::vmPageSize()::cached bmalloc::PerProcess<bmalloc::Scavenger>::s_memory bmalloc::PerProcess<bmalloc::Scavenger>::s_object bmalloc::PerProcess<bmalloc::Scavenger>::s_mutex bmalloc::PerProcess<bmalloc::IsoTLSDeallocatorEntry<bmalloc::IsoConfig<40u> > >::s_memory bmalloc::PerProcess<bmalloc::IsoTLSDeallocatorEntry<bmalloc::IsoConfig<40u> > >::s_object bmalloc::PerProcess<bmalloc::IsoTLSDeallocatorEntry<bmalloc::IsoConfig<40u> > >::s_mutex
Michael Catanzaro
Comment 55
2017-12-13 06:20:54 PST
I spent a good deal of time last night reading about linkers, and unfortunately my main takeaway is that it's time to start learning how ELF works. What I fail to understand is: why is that list so small? Are those really the only global/static template instantiations of bmalloc and WTF objects from the WebCore and WebKit layers? That seems unlikely. (In reply to Carlos Garcia Campos from
comment #53
)
> I think this is only a problem with static symbols (in bss section) that are > unique global in libjsc and local in libwk. Making them unique global in > libwk ensures only one will be used. Right?
I think so. And our linker version script is responsible for making them local, which breaks everything. But template instantiations are by default unique global or weak, so that duplicate instantiations can be merged together by the dynamic linker. (Source:
http://www.lurklurk.org/linkers/linkers.html#templates
, a good article.) So I think we can conclude that our linker script is broken, because making symbols local does not account for the need to deduplicate global C++ templates. But keep in mind, we have another problem here too: we're not running the linker script at all on libjsc. That's why it's not broken in the same way as libwk, but the cost is that none of the internal symbols are hidden. I know we don't have a .pc file for libjsc, so it's maybe not intended to be used directly, but it is present in the system library path, and we really shouldn't be exposing the internals of the library there. But: it seems impossible to reconcile the desire to hide the internal symbols with the desire to install two shared libraries, one of which depends on the other but which uses internal symbols of the other.
Carlos Garcia Campos
Comment 56
2017-12-13 06:53:29 PST
(In reply to Michael Catanzaro from
comment #55
)
> I spent a good deal of time last night reading about linkers, and > unfortunately my main takeaway is that it's time to start learning how ELF > works.
This is a great article about it, but I haven't had time to read in deep yet.
https://www.akkadia.org/drepper/dsohowto.pdf
> What I fail to understand is: why is that list so small? Are those really > the only global/static template instantiations of bmalloc and WTF objects > from the WebCore and WebKit layers? That seems unlikely.
Note that WebCore is not shared, so that's not a problem. This is the list of symbols in the .bss section that are unique global in libjsc and are also present in libwk.
> (In reply to Carlos Garcia Campos from
comment #53
) > > I think this is only a problem with static symbols (in bss section) that are > > unique global in libjsc and local in libwk. Making them unique global in > > libwk ensures only one will be used. Right? > > I think so. And our linker version script is responsible for making them > local, which breaks everything.
We have used that script for long time, and this is the first time we have an issue, so break everything sounds a bit exaggerated to me, but still.
> But template instantiations are by default > unique global or weak, so that duplicate instantiations can be merged > together by the dynamic linker. (Source: >
http://www.lurklurk.org/linkers/linkers.html#templates
, a good article.) So > I think we can conclude that our linker script is broken, because making > symbols local does not account for the need to deduplicate global C++ > templates.
Instead of listing symbols, my script could create the version script directly, including in the global section all those symbols to ensure they are unique global. I could run that script as part of make-dist when -c option is given, for example.
> But keep in mind, we have another problem here too: we're not running the > linker script at all on libjsc. That's why it's not broken in the same way > as libwk, but the cost is that none of the internal symbols are hidden.
Yes, and this is not easy to fix, because we use a lot of internal symbols of jsc in WebCore and WebKit layers.
> I > know we don't have a .pc file for libjsc,
We have a .pc for libjsc.
> so it's maybe not intended to be > used directly,
It is, currently it's only used by libwebkit, but in the past it as used by seed too.
> but it is present in the system library path, and we really > shouldn't be exposing the internals of the library there.
This is not easy to avoid I'm afraid.
> But: it seems impossible to reconcile the desire to hide the internal > symbols with the desire to install two shared libraries, one of which > depends on the other but which uses internal symbols of the other.
Michael Catanzaro
Comment 57
2017-12-13 15:45:07 PST
I'm going to ask for help in some different places. There are toolchain experts on fedora-devel who might point us at a solution. But I suspect the answer is going to be "you have to export global template instantiations, or not use them." Clearly they cannot be local. Clearly, using a linker script to mark all symbols as local by default is incompatible with C++ templates (when used as global variables). I think -fvisibility=hidden would have the same problem; there is a note on the GCC man page that that can break exceptions thrown between libraries.... (In reply to Carlos Garcia Campos from
comment #56
)
> > but it is present in the system library path, and we really > > shouldn't be exposing the internals of the library there. > > This is not easy to avoid I'm afraid.
This is probably a fool's errand, but Christian says: "if you want to share the routines in your statics with two shared libraries you need to one of: 1) add a third support shared library with symbols exported 2) export them from one library 3) link in the routines twice (and therefore larger binary sizes)" And I believe that is correct. Option (2) is what we do now. Option (3) would entail linking libwk directly to bmalloc and WTF and a second static static build of libjsc, so libjsc and libwk would each have their own copy of that code. A variant on this would be to build libjsc as *static* rather than shared, and use that as we currently do. WebKit links to that. Then we can build a *new* shared libjsc that links to the static libjsc, which just exports the JSC API. (That would be the C API, and, in the future, the GObject API). The cost is we'll then wind up with two copies of bmalloc and WTF, one inside our installed shared libjsc and one inside libwk.
Michael Catanzaro
Comment 58
2017-12-21 12:20:03 PST
(In reply to Carlos Garcia Campos from
comment #56
)
> We have used that script for long time, and this is the first time we have > an issue, so break everything sounds a bit exaggerated to me, but still.
Of course, it only breaks when a global static template variable is used in both libraries, which has never been the case before now. But anyway, when the consequence is that the web process always crashes on start, I think it's fair to say "breaks everything."
> Instead of listing symbols, my script could create the version script > directly, including in the global section all those symbols to ensure they > are unique global. I could run that script as part of make-dist when -c > option is given.
We could do that. I'm going to propose another option: let's build JSC as a static library, and link that static lib to *both* our shared libjavascriptcoregtk and libwebkit2gtk. Then we can fix this and also filter out all the private symbols that we're currently exposing in libjavascriptcoregtk, which wouldn't be possible otherwise. The cost of this is disk space. I think this trade-off is reasonable, because it's the best way I could think of that accomplishes all our goals: (a) install two shared libs, (b) export only public API symbols, (c) does not require any linker hacks. Before (release build): libjavascriptcoregtk-4.0.so: 20.1 MB libwebkit2gtk-4.0.so: 54.9 MB Total: 75 MB After: libjavascriptcoregtk-4.0.so: 16.9 MB libwebkit2gtk-4.0.so: 71.8 MB Total 88.7 MB libjavascriptcoregtk is smaller because all the private symbols are filtered out, but libwebkit2gtk is larger because it now includes a static copy of JSC.
Michael Catanzaro
Comment 59
2017-12-21 13:49:41 PST
Created
attachment 330060
[details]
Patch
Michael Catanzaro
Comment 60
2017-12-21 13:50:51 PST
(In reply to Michael Catanzaro from
comment #59
)
> Created
attachment 330060
[details]
> Patch
It's kind of a lot... I can split it into a couple separate patches if desired.
Michael Catanzaro
Comment 61
2017-12-21 13:58:09 PST
Created
attachment 330061
[details]
Patch
Carlos Garcia Campos
Comment 62
2017-12-22 01:13:16 PST
(In reply to Michael Catanzaro from
comment #58
)
> (In reply to Carlos Garcia Campos from
comment #56
) > > We have used that script for long time, and this is the first time we have > > an issue, so break everything sounds a bit exaggerated to me, but still. > > Of course, it only breaks when a global static template variable is used in > both libraries, which has never been the case before now. But anyway, when > the consequence is that the web process always crashes on start, I think > it's fair to say "breaks everything." > > > Instead of listing symbols, my script could create the version script > > directly, including in the global section all those symbols to ensure they > > are unique global. I could run that script as part of make-dist when -c > > option is given. > > We could do that. > > I'm going to propose another option: let's build JSC as a static library, > and link that static lib to *both* our shared libjavascriptcoregtk and > libwebkit2gtk. Then we can fix this and also filter out all the private > symbols that we're currently exposing in libjavascriptcoregtk, which > wouldn't be possible otherwise. The cost of this is disk space. I think this > trade-off is reasonable, because it's the best way I could think of that > accomplishes all our goals: (a) install two shared libs, (b) export only > public API symbols, (c) does not require any linker hacks.
> I like this approach, I think it's better than mine because we stop exporting all symbols in libjsc too.
> Before (release build): > > libjavascriptcoregtk-4.0.so: 20.1 MB > libwebkit2gtk-4.0.so: 54.9 MB > Total: 75 MB > > After: > > libjavascriptcoregtk-4.0.so: 16.9 MB > libwebkit2gtk-4.0.so: 71.8 MB > Total 88.7 MB > > libjavascriptcoregtk is smaller because all the private symbols are filtered > out, but libwebkit2gtk is larger because it now includes a static copy of > JSC.
Ok, I think it's reasonable.
Carlos Garcia Campos
Comment 63
2017-12-22 01:29:35 PST
Comment on
attachment 330061
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=330061&action=review
> Source/WebKit/WebProcess/InjectedBundle/API/glib/WebKitExtensionManager.h:23 > +#include "WebKitDefines.h"
Why are you including this API header here?
> Source/WebKit/WebProcess/InjectedBundle/API/glib/WebKitExtensionManager.h:42 > + __attribute__((visibility("default"))) static WebKitExtensionManager& singleton();
Could you use WTF_EXPORT instead? Whye do we need this now? This is in the version script for production builds, and already exported in developer builds.
> Source/WebKit/WebProcess/InjectedBundle/API/glib/WebKitExtensionManager.h:44 > + __attribute__((visibility("default"))) void initialize(InjectedBundle*, API::Object*);
Ditto.
> Source/cmake/OptionsGTK.cmake:111 > + set(JavaScriptCore_VERSION_SCRIPT "-Wl,--version-script,${CMAKE_MODULE_PATH}/gtk/javascriptcoregtk-symbols.map") > + set(WebKit_VERSION_SCRIPT "-Wl,--version-script,${CMAKE_MODULE_PATH}/gtk/webkit2gtk-symbols.map")
I also thought about renaming the version script, but I would also move them to a different place, I don't think they belong to CMAKE_MODULE_PATH. I would move javascriptcoregtk-symbols.map to Source/JavaScriptCore which is where the pc and git files are, for example and other similar files like JavaScriptCore.order (or use a gtk subdir if you prefer). And webkit2gtk-symbols.map to Source/WebKit/gtk for the same reasons. Also since the condition is only developer mode, I don't think we need to check it here and set these variables, we could simply check if developer mode is enabled in jsc and wk makefiles directly to include the link flags.
> Source/cmake/wpe/wpewebkit-symbols.map:14 > +};
Does it make sense to keep this duplicated file? Maybe we can use a single file using glib instead of gtk webkitglib-symbols.map.
Michael Catanzaro
Comment 64
2017-12-22 08:13:55 PST
(In reply to Carlos Garcia Campos from
comment #63
)
> Comment on
attachment 330061
[details]
> Patch > > View in context: >
https://bugs.webkit.org/attachment.cgi?id=330061&action=review
> > > Source/WebKit/WebProcess/InjectedBundle/API/glib/WebKitExtensionManager.h:23 > > +#include "WebKitDefines.h" > > Why are you including this API header here?
By mistake. I had originally used WEBKIT_API, and forgot to remove the header when I switched to using the visibility attribute directly instead.
> > Source/WebKit/WebProcess/InjectedBundle/API/glib/WebKitExtensionManager.h:42 > > + __attribute__((visibility("default"))) static WebKitExtensionManager& singleton(); > > Could you use WTF_EXPORT instead? Whye do we need this now? This is in the > version script for production builds, and already exported in developer > builds.
I could use WTF_EXPORT, but I didn't want to because I think we might want to change that to do nothing, like Adrian suggested. It's needed because this patch also adds -fvisibility=hidden. The version script only hides things that are already exported, it doesn't export things that are already hidden.
> I also thought about renaming the version script, but I would also move them > to a different place, I don't think they belong to CMAKE_MODULE_PATH. I > would move javascriptcoregtk-symbols.map to Source/JavaScriptCore which is > where the pc and git files are, for example and other similar files like > JavaScriptCore.order (or use a gtk subdir if you prefer). And > webkit2gtk-symbols.map to Source/WebKit/gtk for the same reasons. Also since > the condition is only developer mode, I don't think we need to check it here > and set these variables, we could simply check if developer mode is enabled > in jsc and wk makefiles directly to include the link flags.
OK.
> > Source/cmake/wpe/wpewebkit-symbols.map:14 > > +}; > > Does it make sense to keep this duplicated file? Maybe we can use a single > file using glib instead of gtk webkitglib-symbols.map.
OK, I agree.
Michael Catanzaro
Comment 65
2017-12-22 08:14:46 PST
Comment on
attachment 330061
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=330061&action=review
> Source/cmake/WebKitCompilerFlags.cmake:142 > + #
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80947
> + if (${CMAKE_CXX_COMPILER_VERSION} VERSION_LESS "8.0") > + WEBKIT_PREPEND_GLOBAL_CXX_FLAGS(-Wno-attributes) > + endif ()
And this needs to be inside some conditional to make sure the compiler is really GCC and not Clang.
Michael Catanzaro
Comment 66
2017-12-22 09:18:47 PST
Committed
r226266
: <
https://trac.webkit.org/changeset/226266
>
Michael Catanzaro
Comment 67
2017-12-22 09:19:26 PST
(In reply to Michael Catanzaro from
comment #66
)
> Committed
r226266
: <
https://trac.webkit.org/changeset/226266
>
I suggest not backporting this, because it isn't needed and we don't know what it will break.
Radar WebKit Bug Importer
Comment 68
2017-12-22 09:19:56 PST
<
rdar://problem/36196039
>
Michael Catanzaro
Comment 69
2017-12-22 10:06:38 PST
Committed
r226267
: <
https://trac.webkit.org/changeset/226267
>
Michael Catanzaro
Comment 70
2017-12-22 10:12:57 PST
Committed
r226268
: <
https://trac.webkit.org/changeset/226268
>
Michael Catanzaro
Comment 71
2018-01-11 19:28:54 PST
(In reply to Michael Catanzaro from
comment #67
)
> I suggest not backporting this, because it isn't needed and we don't know > what it will break.
See
bug #181438
Michael Catanzaro
Comment 72
2018-01-13 19:42:18 PST
Reopening this bug. We need to urgently fix
bug #181438
, and that means reverting my solution for this bug.
Carlos Garcia Campos
Comment 73
2018-01-15 00:27:31 PST
I'm not convinced that auto-generating the version script is a good idea, but we need a way to detect these cases for sure. So, other option would be the make the build fail if we detect a symbol in bss in both and not included in the version script, for example. Or we can do that check during dist check instead, to ensure we don't break the build for this reason, but it will still prevent me from making a release.
Michael Catanzaro
Comment 74
2018-01-15 04:30:43 PST
(In reply to Carlos Garcia Campos from
comment #73
)
> I'm not convinced that auto-generating the version script is a good idea
I'm not either, but it was good brainstorming. I would never have considered such a wild approach.
> but we need a way to detect these cases for sure. So, other option would be > the make the build fail if we detect a symbol in bss in both and not > included in the version script, for example.
This is the best suggestion I've heard so far.
> Or we can do that check during > dist check instead, to ensure we don't break the build for this reason, but > it will still prevent me from making a release.
Better to always run the check, that way EWS will fail.
Carlos Garcia Campos
Comment 75
2018-01-16 03:25:56 PST
(In reply to Michael Catanzaro from
comment #74
)
> (In reply to Carlos Garcia Campos from
comment #73
) > > I'm not convinced that auto-generating the version script is a good idea > > I'm not either, but it was good brainstorming. I would never have considered > such a wild approach. > > > but we need a way to detect these cases for sure. So, other option would be > > the make the build fail if we detect a symbol in bss in both and not > > included in the version script, for example. > > This is the best suggestion I've heard so far. > > > Or we can do that check during > > dist check instead, to ensure we don't break the build for this reason, but > > it will still prevent me from making a release. > > Better to always run the check, that way EWS will fail.
It's not really possible, because we need a production build to check it, in a developer build all those symbols will be unique global in both libraries. So, we need to check it in dist check, where we run a production build. We can also make the stable bots compile without developer mode and add a step there to check for symbols. I'm also concerned about adding symbols to the map that are no longer needed later and we don't notice it, like the one that caused this bug.
Milan Crha
Comment 76
2018-01-16 05:04:57 PST
I'm sorry, I may surely miss a bigger picture here and mixing unrelated parts, due to my lack of knowledge of the WebKit sources, but if I understand the problem properly, then it's about library A and B linking bmalloc statically, then when these two are loaded into one address space (either by each other or in library/executable C), then the common symbols between A and B can interleave, which can lead to "undefined behaviour". If so, then what about: a) either build the bmalloc the same way in developer and production builds, thus the symbols from bmalloc are unique in both shared libraries (I've accidentally noticed that bmalloc itself is also stored twice in the sources and the code doesn't match), though that may cause other trouble, like with the GigaCage, which may eventually allocated memory twice, instead of only once; b) or face it and instead of statically link bmalloc into parts which then can be linked/used in one piece, rather create a new shared library for bmalloc and use it from the other libraries, thus all the locks, memory allocations, GigaCage and so on will be truly only once in the code and in the runtime and it will always use the right implementation, no matter which library will call it?
Carlos Garcia Campos
Comment 77
2018-01-16 05:19:48 PST
It's not only bmalloc, but also WTF.
Milan Crha
Comment 78
2018-01-16 05:47:30 PST
Sure, thus anything common for library A and B. I mentioned bmalloc, because it was the place where the actual crash happened for me. I guess something like this (with eventual follow up changes) may do it (I'm not attaching it, it's just a blind idea): diff --git a/Source/cmake/OptionsGTK.cmake b/Source/cmake/OptionsGTK.cmake index 272216b9f0..8395cc5b9e 100644 --- a/Source/cmake/OptionsGTK.cmake +++ b/Source/cmake/OptionsGTK.cmake @@ -405,3 +405,5 @@ macro(ADD_WHOLE_ARCHIVE_TO_LIBRARIES _list_name) endmacro() include(GStreamerChecks) + +set(WTF_LIBRARY_TYPE SHARED)
Milan Crha
Comment 79
2018-01-16 07:26:56 PST
(In reply to Milan Crha from
comment #78
)
> +set(WTF_LIBRARY_TYPE SHARED)
With this change, the MiniBrowser falls from its 390.858K to ~515K, jsc from 393.534K to ~9.005K, libjavascriptcoregtk library not that significantly, only like by 4MB down, but libwebkit2gtk-4.0 down by ~370MB. There are required more changes, because libWTFGTK.so is not installed with this change. The file as such is 12.898KB large here (to know what 'here' means see
comment #37
). The dot in sizes is a thousands separator, for easier reading.
Michael Catanzaro
Comment 80
2018-01-16 07:40:53 PST
(In reply to Milan Crha from
comment #76
)
> I'm sorry, I may surely miss a bigger picture here and mixing unrelated > parts, due to my lack of knowledge of the WebKit sources, but if I > understand the problem properly, then it's about library A and B linking > bmalloc statically
Well, not really, no. I had thought that only libjavascriptcoregtk static links to bmalloc (and WTF). But actually, yesterday I discovered that PAL static links to WTF, so we actually are getting two copies of that, which could be messing this up further. Anyway, I don't think that's the problem here. Let me restate the problem, which is that C++ templates and weak or unique global symbols. The bmalloc template symbols are instantiated separately in libjavascriptcoregtk and libwebkit2gtk, where they're marked as unique global symbols. Then those symbols get merged together by the dynamic linker at runtime. But we break it by using our linker version script to mark those symbols as local instead of unique global in webkit2gtk.
> a) either build the bmalloc the same way in developer and production builds, > thus the symbols from bmalloc are unique in both shared libraries (I've > accidentally noticed that bmalloc itself is also stored twice in the sources > and the code doesn't match), though that may cause other trouble, like with > the GigaCage, which may eventually allocated memory twice, instead of only > once;
That was my first attempt, up above, which caused
bug #181438
.
> b) or face it and instead of statically link bmalloc into parts which then > can be linked/used in one piece, rather create a new shared library for > bmalloc and use it from the other libraries, thus all the locks, memory > allocations, GigaCage and so on will be truly only once in the code and in > the runtime and it will always use the right implementation, no matter which > library will call it?
The problem is the linker version script. It's unsafe to force symbols to be local when one C++ library can use static (global) templates defined in another library. Hence, Carlos's suggestion to add scripts to manually check the symbols. It's probably the best we can do: there's basically no discussion of this problem on the internet, and no best-practice recommendation that I can find. It seems our only options are to either (a) add Carlos's scripts (I guess he will upload them here soon), or (b) get rid of the version script entirely. And FWIW, as long as we are not using a version script for libjavascriptcoregtk, nor building it with -fvisibility=hidden and -fvisibility-inlines=hidden, I think there is not a huge amount of value in maintaining the version script for libwebkit2gtk. It cuts out some symbols, yes, but every internal implementation detail from libjavascriptcoregtk is still visible.
Carlos Garcia Campos
Comment 81
2018-01-16 08:14:17 PST
Created
attachment 331387
[details]
Scripts
Michael Catanzaro
Comment 82
2018-01-16 08:29:54 PST
Comment on
attachment 331387
[details]
Scripts r=me when you add them to the distcheck target You don't need "webkitgtk" in the script name, because there's nothing GTK-specific in the script.
Carlos Garcia Campos
Comment 83
2018-01-17 00:06:25 PST
(In reply to Michael Catanzaro from
comment #82
)
> Comment on
attachment 331387
[details]
> Scripts > > r=me when you add them to the distcheck target > > You don't need "webkitgtk" in the script name, because there's nothing > GTK-specific in the script.
It's very specific to webkitgtk and I don't think it will be ever used by any other port.
Carlos Garcia Campos
Comment 84
2018-01-17 01:23:08 PST
Created
attachment 331476
[details]
Patch
Carlos Garcia Campos
Comment 85
2018-01-17 02:06:45 PST
Committed
r227057
: <
https://trac.webkit.org/changeset/227057
>
Michael Catanzaro
Comment 86
2018-01-17 06:05:59 PST
Maybe the script should check for weak symbols as well, in addition to unique global symbols...?
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug