277333 – [GTK] crashes memcpy

RESOLVED DUPLICATE of bug 274780277333

[GTK] crashes memcpy

https://bugs.webkit.org/show_bug.cgi?id=277333

Summary [GTK] crashes memcpy

darkblaze69

Reported 2024-07-30 00:52:39 PDT

Created attachment 472014 [details] gdb.log Crash when loading a page or hovering over links. webkitgtk 2.45.6, also tried 2.45.5. epiphany 47.alpha-r107-g14ee20e4f Stack trace of thread 2: #0 0x00007f5b0e3b2312 memcpy (libwebkitgtk-6.0.so.4 + 0x39b2312) #1 0x00007f5b0e3b0813 paintBackgroundDecorations (libwebkitgtk-6.0.so.4 + 0x39b0813) #2 0x00007f5b0e3ad099 paintBackgroundDecorations (libwebkitgtk-6.0.so.4 + 0x39ad099) #3 0x00007f5b0e3a9eb7 paint (libwebkitgtk-6.0.so.4 + 0x39a9eb7) #4 0x00007f5b0db6c358 paintDisplayBox (libwebkitgtk-6.0.so.4 + 0x316c358) #5 0x00007f5b0db7654b paint (libwebkitgtk-6.0.so.4 + 0x317654b) #6 0x00007f5b0e1b6018 paintContents (libwebkitgtk-6.0.so.4 + 0x37b6018) #7 0x00007f5b0e1ae14a paint (libwebkitgtk-6.0.so.4 + 0x37ae14a) #8 0x00007f5b0e24e94c paintPhase (libwebkitgtk-6.0.so.4 + 0x384e94c) #9 0x00007f5b0e1c736b paintChild (libwebkitgtk-6.0.so.4 + 0x37c736b) #10 0x00007f5b0e23814f paintChildren (libwebkitgtk-6.0.so.4 + 0x383814f) #11 0x00007f5b0e1b5f87 paintContents (libwebkitgtk-6.0.so.4 + 0x37b5f87) #12 0x00007f5b0e1ae14a paint (libwebkitgtk-6.0.so.4 + 0x37ae14a) #13 0x00007f5b0e1c7383 paintChild (libwebkitgtk-6.0.so.4 + 0x37c7383) #14 0x00007f5b0e1bb71f paintChildren (libwebkitgtk-6.0.so.4 + 0x37bb71f) #15 0x00007f5b0e1b5f87 paintContents (libwebkitgtk-6.0.so.4 + 0x37b5f87) #16 0x00007f5b0e1ae14a paint (libwebkitgtk-6.0.so.4 + 0x37ae14a) #17 0x00007f5b0e2adfb5 paintForegroundForFragmentsWithPhase (libwebkitgtk-6.0.so.4 + 0x38adfb5) #18 0x00007f5b0e2a982a paintForegroundForFragments (libwebkitgtk-6.0.so.4 + 0x38a982a) #19 0x00007f5b0e2ad7a0 paintLayer (libwebkitgtk-6.0.so.4 + 0x38ad7a0) #20 0x00007f5b0e2a9d1b paintLayerContents (libwebkitgtk-6.0.so.4 + 0x38a9d1b) #21 0x00007f5b0e2ad7a0 paintLayer (libwebkitgtk-6.0.so.4 + 0x38ad7a0) #22 0x00007f5b0e2a9d1b paintLayerContents (libwebkitgtk-6.0.so.4 + 0x38a9d1b) #23 0x00007f5b0e2b7c91 operator() (libwebkitgtk-6.0.so.4 + 0x38b7c91) #24 0x00007f5b0e2b75f3 paintIntoLayer (libwebkitgtk-6.0.so.4 + 0x38b75f3) #25 0x00007f5b0e2b60a8 paintContents (libwebkitgtk-6.0.so.4 + 0x38b60a8) #26 0x00007f5b0c23303e paintGraphicsLayerContents (libwebkitgtk-6.0.so.4 + 0x183303e) #27 0x00007f5b0c230e73 operator() (libwebkitgtk-6.0.so.4 + 0x1830e73) #28 0x00007f5b0c22eecf finalizeCompositingStateFlush (libwebkitgtk-6.0.so.4 + 0x182eecf) #29 0x00007f5b0c22ef30 finalizeCompositingStateFlush (libwebkitgtk-6.0.so.4 + 0x182ef30) #30 0x00007f5b0c22ef30 finalizeCompositingStateFlush (libwebkitgtk-6.0.so.4 + 0x182ef30) #31 0x00007f5b0c22ef30 finalizeCompositingStateFlush (libwebkitgtk-6.0.so.4 + 0x182ef30) #32 0x00007f5b0c22ef30 finalizeCompositingStateFlush (libwebkitgtk-6.0.so.4 + 0x182ef30) #33 0x00007f5b0c22ef30 finalizeCompositingStateFlush (libwebkitgtk-6.0.so.4 + 0x182ef30) #34 0x00007f5b0c16a8b3 flushPendingLayerChanges (libwebkitgtk-6.0.so.4 + 0x176a8b3) #35 0x00007f5b0c17264e layerFlushTimerFired (libwebkitgtk-6.0.so.4 + 0x177264e) #36 0x00007f5b0a359ae3 operator() (libjavascriptcoregtk-6.0.so.1 + 0x1f59ae3) #37 0x00007f5b0a358560 operator() (libjavascriptcoregtk-6.0.so.1 + 0x1f58560) #38 0x00007f5b06141c29 g_main_dispatch (libglib-2.0.so.0 + 0x5cc29) #39 0x00007f5b061a3cb7 g_main_context_dispatch_unlocked (libglib-2.0.so.0 + 0xbecb7) #40 0x00007f5b06142947 g_main_loop_run (libglib-2.0.so.0 + 0x5d947) #41 0x00007f5b0a35917e run (libjavascriptcoregtk-6.0.so.1 + 0x1f5917e) #42 0x00007f5b0c17f30a run (libwebkitgtk-6.0.so.4 + 0x177f30a) #43 0x00007f5b0a834e08 __libc_start_call_main (libc.so.6 + 0x25e08) #44 0x00007f5b0a834ecc __libc_start_main_impl (libc.so.6 + 0x25ecc) #45 0x000055a548dff625 _start (WebKitWebProcess + 0x1625)

Attachments
gdb.log (92.13 KB, text/x-log) 2024-07-30 00:52 PDT, darkblaze69	no flags	Details
View All Add attachment proposed patch, testcase, etc.

Adrian Perez

Comment 1 2024-08-16 03:23:59 PDT

Was this a LTO build made with Clang? If yes, this looks like it could be one more manifestation of bug #274780 -- for which I made a workaround that landed just yesterday.

darkblaze69

Comment 2 2024-08-16 03:29:00 PDT

(In reply to Adrian Perez from comment #1) > Was this a LTO build made with Clang? > > If yes, this looks like it could be one more manifestation of > bug #274780 -- for which I made a workaround that landed just > yesterday. Looks like this, can be closed then.

Adrian Perez

Comment 3 2024-08-16 03:46:12 PDT

*** This bug has been marked as a duplicate of bug 274780 ***

Michael Catanzaro

Comment 4 2024-08-16 05:14:25 PDT

(In reply to Adrian Perez from comment #1) > If yes, this looks like it could be one more manifestation of > bug #274780 -- for which I made a workaround that landed just > yesterday. But this backtrace is different from all the other ones? Notably, no TextDecorationIterator here.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution DUPLICATE

of bug 274780

Priority P2

Severity Critical

Classification Unclassified

Version WebKit Local Build

Hardware PC

OS Linux

Product WebKit

Component WebKitGTK

Assignee

Nobody

Reported

2024-07-30 00:52 PDT

Modified

2024-08-16 05:14 PDT History

CC List

4 users Show

URL

Keywords

Depends on

Blocks