This is bifurcated from Bug #278090. In 2.44.3, running the Unity Tanks demo https://www.wasm.com.cn/demo/Tanks/ crashes the WebProcess. Backtrace follows below. Note that Adrian encounters a similar issue with the Arch Linux package (see Bug 278090 Comment 2) The Tanks demo works fine in 2.44.2 and @main. I have confirmed that reverting commit 279c9d7@webkitglib/2.44 (Bug #271175) clears the issue. Note that this code is also present in @main and works fine there. Perhaps there is some later commit or dependency that is also needed to support the change. Thread 38 received signal SIGABRT, Aborted. [Switching to Thread 32 (LWP 32)] 0x00007ffc0b9711aa in __lwp_sigqueue () from /lib/64/libc.so.1 (gdb) bt #0 0x00007ffc0b9711aa in __lwp_sigqueue () at /lib/64/libc.so.1 #1 0x00007ffc0b9657c1 in thr_kill () at /lib/64/libc.so.1 #2 0x00007ffc0b913d09 in raise () at /lib/64/libc.so.1 #3 0x00007ffc0b8e8df2 in abort () at /lib/64/libc.so.1 #4 0x00007ffc038bb2fb in () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #5 0x00007ffc0491b2c7 in () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #6 0x00007ffc049b8294 in JSC::Wasm::BBQJITImpl::BBQJIT::emitMoveMemory(JSC::Wasm::TypeKind, JSC::Wasm::BBQJITImpl::BBQJIT::Location, JSC::Wasm::BBQJITImpl::BBQJIT::Location) () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #7 0x00007ffc04947d16 in void JSC::Wasm::BBQJITImpl::BBQJIT::returnValuesFromCall<8ul>(WTF::Vector<JSC::Wasm::BBQJITImpl::BBQJIT::Value, 8ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, JSC::Wasm::FunctionSignature const&, JSC::Wasm::CallInformation const&) () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #8 0x00007ffc0493b709 in JSC::Wasm::BBQJITImpl::BBQJIT::addCall(unsigned int, JSC::Wasm::TypeDefinition const&, WTF::Vector<JSC::Wasm::BBQJITImpl::BBQJIT::Value, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, WTF::Vector<JSC::Wasm::BBQJITImpl::BBQJIT::Value, 8ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, JSC::CallLinkInfoBase::CallType) () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #9 0x00007ffc04963cd1 in JSC::Wasm::FunctionParser<JSC::Wasm::BBQJITImpl::BBQJIT>::parseExpression() () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #10 0x00007ffc049557cb in JSC::Wasm::FunctionParser<JSC::Wasm::BBQJITImpl::BBQJIT>::parseBody() () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #11 0x00007ffc04948820 in JSC::Wasm::FunctionParser<JSC::Wasm::BBQJITImpl::BBQJIT>::parse() () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #12 0x00007ffc0493d907 in JSC::Wasm::parseAndCompileBBQ(JSC::Wasm::CompilationContext&, JSC::Wasm::BBQCallee&, JSC::Wasm::FunctionData const&, JSC::Wasm::TypeDefinition const&, WTF::Vector<JSC::Wasm::UnlinkedWasmToWasmCall, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, JSC::Wasm::ModuleInformation const&, JSC::MemoryMode, unsigned int, std::__1::optional<bool>, unsigned int, JSC::Wasm::TierUpCount*) () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #13 0x00007ffc049f6a9b in JSC::Wasm::BBQPlan::compileFunction(unsigned int, JSC::Wasm::BBQCallee&, JSC::Wasm::CompilationContext&, WTF::Vector<JSC::Wasm::UnlinkedWasmToWasmCall, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, JSC::Wasm::TierUpCount*) () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #14 0x00007ffc049f5c21 in JSC::Wasm::BBQPlan::work(JSC::Wasm::Plan::CompilationEffort) () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #15 0x00007ffc04bd3da6 in JSC::Wasm::Worklist::Thread::work() () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #16 0x00007ffc04ccd1b4 in WTF::Detail::CallableWrapper<WTF::AutomaticThread::start(WTF::AbstractLocker const&)::$_0, void>::call() () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #17 0x00007ffc04cf7066 in WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #18 0x00007ffc04d59769 in WTF::wtfThreadEntryPoint(void*) () at /usr/lib/64/libjavascriptcoregtk-4.1.so.0 #19 0x00007ffc0b967ba9 in _thrp_setup () at /lib/64/libc.so.1 #20 0x00007ffc0b967e50 in _lwp_start () at /lib/64/libc.so.1 #21 0x0000000000000000 in ()