Is this reproducible?

I see tons of Incorrect HMAC value Failed to decrypt the BSO payload Failed to create synchronizable object from BSO, skipping... on my 64 bit machine. Next week I'll try it on my 32 bit machine where the problem occurred...

I can reproduce it just fine on my 32 bit machine. (Not 64 bit machine though.) Tested when both logged in and logged out to that website. (Desktop version of website.)

And here is what happens when I browse it using /usr/lib/*-linux-gnu/webkit2gtk-4.0/MiniBrowser \ --gtk-debug=enable-write-console-messages-to-stdout 1 0xb376b194 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(WTFCrash+0x14) [0xb376b194] 2 0xb33733f2 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(_ZN3JSC24ScratchRegisterAllocator18allocateScratchGPREv+0xe2) [0xb33733f2] 3 0xb2f36768 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(_ZN3JSC22GetterSetterAccessCase16emitDOMJITGetterERNS_21AccessGenerationStateEPKNS_6DOMJIT12GetterSetterENS_12X86Registers10RegisterIDE+0x9e8) [0xb2f36768] 4 0xb2ef5516 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(_ZN3JSC10AccessCase12generateImplERNS_21AccessGenerationStateE+0x1a66) [0xb2ef5516] 5 0xb2ef686a /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(_ZN3JSC10AccessCase8generateERNS_21AccessGenerationStateE+0x2a) [0xb2ef686a] 6 0xb2f4abf3 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(_ZN3JSC17PolymorphicAccess10regenerateERKNS_24GCSafeConcurrentJSLockerERNS_2VMEPNS_9CodeBlockERNS_17StructureStubInfoERKNS_10IdentifierE+0x9b3) [0xb2f4abf3] 7 0xb2f5cb11 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(_ZN3JSC17StructureStubInfo13addAccessCaseERKNS_24GCSafeConcurrentJSLockerEPNS_9CodeBlockERKNS_10IdentifierESt10unique_ptrINS_10AccessCaseESt14default_deleteISA_EE+0x581) [0xb2f5cb11] 8 0xb3375e35 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(+0x782e35) [0xb3375e35] 9 0xb3376d67 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(_ZN3JSC14repatchGetByIDEPNS_9ExecStateENS_7JSValueERKNS_10IdentifierERKNS_12PropertySlotERNS_17StructureStubInfoENS_11GetByIDKindE+0x37) [0xb3376d67] 10 0xb3345b51 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(+0x752b51) [0xb3345b51] 11 0xacb8514e [0xacb8514e] 12 0xacb85bf8 [0xacb85bf8] 13 0xacb6d29a [0xacb6d29a] 14 0xacb6a83a [0xacb6a83a] 15 0xacb69a77 [0xacb69a77] 16 0xac9faf19 [0xac9faf19] 17 0xb33855e3 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(+0x7925e3) [0xb33855e3] 18 0xaca8cfe9 [0xaca8cfe9] 19 0xb3385636 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(+0x792636) [0xb3385636] 20 0xb33800f8 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(+0x78d0f8) [0xb33800f8] 21 0xb32f85eb /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18(_ZN3JSC11Interpreter11executeCallEPNS_9ExecStateEPNS_8JSObjectENS_8CallTypeERKNS_8CallDataENS_7JSValueERKNS_7ArgListE+0x23b) [0xb32f85eb] The page is still visible, but one cannot scroll it with the mouse wheel. Package: libwebkit2gtk-4.0-37 Version: 2.22.2-1 File: /usr/lib/i386-linux-gnu/webkit2gtk-4.0/MiniBrowser -- System Information: Debian Release: buster/sid APT prefers experimental APT policy: (990, 'experimental'), (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 4.18.0-2-686-pae (SMP w/1 CPU core) Locale: LANG=zh_TW.UTF-8, LC_CTYPE=zh_TW.UTF-8 (charmap=UTF-8), LANGUAGE=zh_TW.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system) Versions of packages libwebkit2gtk-4.0-37:i386 depends on: ii libatk1.0-0 2.30.0-1 ii libc6 2.27-6 ii libcairo2 1.15.12-1 ii libegl1 1.1.0-1 ii libenchant1c2a 1.6.0-11.1 ii libfontconfig1 2.13.1-1 ii libfreetype6 2.9.1-2 ii libgcc1 1:8.2.0-7 ii libgcrypt20 1.8.3-1 ii libgdk-pixbuf2.0-0 2.38.0+dfsg-6 ii libgl1 1.1.0-1 ii libglib2.0-0 2.58.1-2 ii libgstreamer-gl1.0-0 1.14.4-1 ii libgstreamer-plugins-base1.0-0 1.14.4-1 ii libgstreamer1.0-0 1.14.4-1 ii libgtk-3-0 3.24.1-2 ii libharfbuzz-icu0 1.9.0-1 ii libharfbuzz0b 1.9.0-1 ii libhyphen0 2.8.8-5 ii libicu60 60.2-6 ii libjavascriptcoregtk-4.0-18 2.22.2-1 ii libjpeg62-turbo 1:1.5.2-2+b1 ii libnotify4 0.7.7-3 ii libpango-1.0-0 1.42.4-3 ii libpng16-16 1.6.34-2 ii libsecret-1-0 0.18.6-3 ii libsoup2.4-1 2.64.1-3 ii libsqlite3-0 3.25.2-1 ii libstdc++6 8.2.0-7 ii libtasn1-6 4.13-3 ii libwayland-client0 1.16.0-1 ii libwayland-egl1 1.16.0-1 ii libwayland-server0 1.16.0-1 ii libwebp6 0.6.1-2 ii libwebpdemux2 0.6.1-2 ii libwoff1 1.0.2-1 ii libx11-6 2:1.6.7-1 ii libxcomposite1 1:0.4.4-2 ii libxdamage1 1:1.1.4-3 ii libxml2 2.9.8+dfsg-1 ii libxslt1.1 1.1.32-2 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages libwebkit2gtk-4.0-37:i386 recommends: ii gstreamer1.0-alsa 1.14.4-1 pn gstreamer1.0-gl <none> ii gstreamer1.0-plugins-good 1.14.4-1 ii libgl1-mesa-dri 18.2.0-1 Versions of packages libwebkit2gtk-4.0-37:i386 suggests: pn libwebkit2gtk-4.0-37-gtk2 <none> -- no debconf information

I think this is due to register exhaustion. And I think disabling DOMJIT on 32bit environment is the reasonable fix.

Created attachment 352303 [details] Patch

Committed r237108: <https://trac.webkit.org/changeset/237108>

<rdar://problem/45271326>