RESOLVED FIXED 247727
[UNIX] Web process crash in websites using service workers while doing garbage collection 
https://bugs.webkit.org/show_bug.cgi?id=247727
Summary [UNIX] Web process crash in websites using service workers while doing garbag...
Carlos Garcia Campos
Reported 2022-11-10 04:27:43 PST
#0 0x00007f3cd2dd150e in WTFCrash () from /home/cgarcia/gnome/lib/libjavascriptcoregtk-4.1.so.0 #1 0x00007f3cd2372f6d in JSC::BlockDirectory::updatePercentageOfPagedOutPages(WTF::SimpleStats&) () from /home/cgarcia/gnome/lib/libjavascriptcoregtk-4.1.so.0 #2 0x00007f3cd23bc71b in JSC::MarkedSpace::isPagedOut() () from /home/cgarcia/gnome/lib/libjavascriptcoregtk-4.1.so.0 #3 0x00007f3cd2375af8 in JSC::FullGCActivityCallback::doCollection(JSC::VM&) () from /home/cgarcia/gnome/lib/libjavascriptcoregtk-4.1.so.0 #4 0x00007f3cd295046b in JSC::JSRunLoopTimer::timerDidFire() () from /home/cgarcia/gnome/lib/libjavascriptcoregtk-4.1.so.0 #5 0x00007f3cd295561c in JSC::JSRunLoopTimer::Manager::timerDidFire() () from /home/cgarcia/gnome/lib/libjavascriptcoregtk-4.1.so.0 #6 0x00007f3cd2e774f5 in WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::_FUN(void*) () from /home/cgarcia/gnome/lib/libjavascriptcoregtk-4.1.so.0 #7 0x00007f3cd2e77a4f in WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::_FUN(_GSource*, int (*)(void*), void*) () from /home/cgarcia/gnome/lib/libjavascriptcoregtk-4.1.so.0 #8 0x00007f3ccf296fb4 in g_main_dispatch (context=0x7f3cc00032e0) at ../glib/gmain.c:3427 #9 g_main_context_dispatch (context=context@entry=0x7f3cc00032e0) at ../glib/gmain.c:4145 #10 0x00007f3ccf297328 in g_main_context_iterate (context=context@entry=0x7f3cc00032e0, block=block@entry=0, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4221 #11 0x00007f3ccf2973cf in g_main_context_iteration (context=0x7f3cc00032e0, may_block=0) at ../glib/gmain.c:4286 #12 0x00007f3cd6b4eead in WebCore::WorkerDedicatedRunLoop::runInMode(WebCore::WorkerOrWorkletGlobalScope*, WebCore::ModePredicate const&) () from /home/cgarcia/gnome/lib/libwebkit2gtk-4.1.so.0 #13 0x00007f3cd6b4f60e in WebCore::WorkerDedicatedRunLoop::run(WebCore::WorkerOrWorkletGlobalScope*) () from /home/cgarcia/gnome/lib/libwebkit2gtk-4.1.so.0 #14 0x00007f3cd6b4fdc5 in WebCore::WorkerOrWorkletThread::workerOrWorkletThread() () from /home/cgarcia/gnome/lib/libwebkit2gtk-4.1.so.0 #15 0x00007f3cd2e05cf6 in WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) () from /home/cgarcia/gnome/lib/libjavascriptcoregtk-4.1.so.0 #16 0x00007f3cd2e7a609 in WTF::wtfThreadEntryPoint(void*) () from /home/cgarcia/gnome/lib/libjavascriptcoregtk-4.1.so.0 #17 0x00007f3cd348784a in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442 #18 0x00007f3cd350b2cc in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 There are two release asserts in JSC::BlockDirectory::updatePercentageOfPagedOutPages, but I don't know which one is failing.
Attachments
Add attachment proposed patch, testcase, etc.
Carlos Garcia Campos
Comment 1 2022-11-10 10:14:45 PST
So, it's mincore returning -1 and errno=EINVAL which means addr is not a multiple of the page size. I don't know if that's somehow expected or something we should just handle.
Radar WebKit Bug Importer
Comment 2 2022-11-10 13:27:48 PST
<rdar://problem/102209090>
Yusuke Suzuki
Comment 3 2022-11-10 13:30:33 PST
Pull request: https://github.com/WebKit/WebKit/pull/6360
EWS
Comment 4 2022-11-10 16:28:50 PST
Committed 256554@main (292a16569829): <https://commits.webkit.org/256554@main> Reviewed commits have been landed. Closing PR #6360 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.