279883 – [GTK] [2.46.0] Web process crashes in armhf: RELEASE_ASSERT(!g_wtfConfig.isPermanentlyFrozen);

NEW 279883

[GTK] [2.46.0] Web process crashes in armhf: RELEASE_ASSERT(!g_wtfConfig.isPermanentlyFrozen);

https://bugs.webkit.org/show_bug.cgi?id=279883

Summary [GTK] [2.46.0] Web process crashes in armhf: RELEASE_ASSERT(!g_wtfConfig.isPe...

Alberto Garcia

Reported 2024-09-18 05:01:37 PDT

How to reproduce the problem: $ xvfb-run --server-args='-screen 0 640x480x16' /usr/lib/*/webkit2gtk-4.1/MiniBrowser https://webkitgtk.org/ libEGL warning: DRI3: Screen seems not DRI3 capable libEGL warning: DRI3: Screen seems not DRI3 capable MESA: error: ZINK: vkCreateInstance failed (VK_ERROR_INCOMPATIBLE_DRIVER) libEGL warning: egl: failed to create dri2 screen ** (MiniBrowser:2440926): WARNING **: 11:54:48.880: WebProcess CRASHED $ gdb -c core /usr/lib/arm-linux-gnueabihf/webkit2gtk-4.1/WebKitWebProcessCore was generated by `/usr/lib/arm-linux-gnueabihf/webkit2gtk-4.1/WebKitWebProcess 13 117 119'. Program terminated with signal SIGABRT, Aborted. #0 __libc_do_syscall () at ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:47 warning: 47 ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S: No such file or directory [Current thread is 1 (Thread 0xe5473020 (LWP 2440959))] (gdb) bt #0 __libc_do_syscall () at ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:47 #1 0xf49db7d4 in __pthread_kill_implementation (threadid=3846647840, signo=6, no_tid=<optimized out>) at pthread_kill.c:43 #2 0xf49aa022 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #3 0xf499afec in __GI_abort () at abort.c:79 #4 0xf46ac290 in WTFCrashWithInfo () at ./Source/WTF/wtf/Assertions.h:864 #5 WTF::Config::AssertNotFrozenScope::~AssertNotFrozenScope () at ./Source/WTF/wtf/WTFConfig.h:128 #6 WTF::SignalHandlers::finalize () at ./Source/WTF/wtf/threads/Signals.cpp:608 #7 0xf468c83c in operator() () at ./Source/WTF/wtf/WTFConfig.cpp:121 #8 __invoke_impl<void, WTF::Config::finalize()::<lambda()> > () at /usr/include/c++/14/bits/invoke.h:61 #9 __invoke<WTF::Config::finalize()::<lambda()> > () at /usr/include/c++/14/bits/invoke.h:96 #10 operator() () at /usr/include/c++/14/mutex:909 #11 operator() () at /usr/include/c++/14/mutex:845 #12 _FUN () at /usr/include/c++/14/mutex:845 #13 0xf49ddf0c in __pthread_once_slow (once_control=0xf47fcd3c <WTF::Config::finalize()::once>, init_routine=0xf1c66a2d <__once_proxy>) at pthread_once.c:116 #14 0xf468c788 in __gthread_once () at /usr/include/arm-linux-gnueabihf/c++/14/bits/gthr-default.h:713 #15 call_once<WTF::Config::finalize()::<lambda()> > () at /usr/include/c++/14/mutex:916 #16 WTF::Config::finalize () at ./Source/WTF/wtf/WTFConfig.cpp:120 #17 0xf435467c in JSC::Config::finalize () at ./Source/JavaScriptCore/runtime/JSCConfig.h:49 #18 JSC::VM::VM () at ./Source/JavaScriptCore/runtime/VM.cpp:436 #19 0xf4354e00 in JSC::VM::create () at ./Source/JavaScriptCore/runtime/VM.cpp:551 #20 0xf5f1b3c2 in WebCore::commonVMSlow () at ./Source/WebCore/bindings/js/CommonVM.cpp:68 #21 0xf52cb776 in WebCore::commonVM () at ./build-soup3/WebCore/PrivateHeaders/WebCore/CommonVM.h:52 #22 WebKit::WebProcess::initializeWebProcess () at ./Source/WebKit/WebProcess/WebProcess.cpp:605 #23 0xf4ed137e in IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}::operator()<WebKit::WebProcessCreationParameters>(WebKit::WebProcessCreationParameters&&) const () at ./Source/WebKit/Platform/IPC/HandleMessage.h:146 #24 std::__invoke_impl<void, IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}, WebKit::WebProcessCreationParameters>(std::__invoke_other, IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}&&, WebKit::WebProcessCreationParameters&&) () at /usr/include/c++/14/bits/invoke.h:61 #25 std::__invoke<IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}, WebKit::WebProcessCreationParameters>(IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}&&, WebKit::WebProcessCreationParameters&&) () at /usr/include/c++/14/bits/invoke.h:96 #26 std::__apply_impl<IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}, std::tuple<WebKit::WebProcessCreationParameters>, 0u>(IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void (WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void (WebCore::ProcessIdentity)>(WebKit::WebProcess*, void (WebKit::WebProcess::*)(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>&&, WTF::CompletionHandler<void (WebCore::ProcessIdentity)>&&)::{lambda((auto:1&&)...)#1}&&, std::tuple<WebKit::WebProcessCreationParameters>&&, std::integer_sequence<unsigned int, 0u>) () at /usr/include/c++/14/tuple:2921 #27 _ZSt5applyIZN3IPC18callMemberFunctionIN6WebKit10WebProcessES3_FvONS2_28WebProcessCreationParametersEON3WTF17CompletionHandlerIFvN7WebCore15ProcessIdentityEEEEESt5tupleIJS4_EESA_EEvPT_MT0_T1_OT2_ONS7_IT3_EEEUlDpOT_E_TkSt12__tuple_likeSF_EDcOSG_OSI_ () at /usr/include/c++/14/tuple:2936 #28 IPC::callMemberFunction<WebKit::WebProcess, WebKit::WebProcess, void(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void(WebCore::ProcessIdentity)>&&), std::tuple<WebKit::WebProcessCreationParameters>, void(WebCore::ProcessIdentity)> () at ./Source/WebKit/Platform/IPC/HandleMessage.h:144 #29 IPC::handleMessageAsync<Messages::WebProcess::InitializeWebProcess, WebKit::WebProcess, WebKit::WebProcess, void(WebKit::WebProcessCreationParameters&&, WTF::CompletionHandler<void(WebCore::ProcessIdentity)>&&)> () at ./Source/WebKit/Platform/IPC/HandleMessage.h:336 #30 0xf4ed4df6 in WebKit::WebProcess::didReceiveWebProcessMessage () at ./build-soup3/DerivedSources/WebKit/WebProcessMessageReceiver.cpp:112 #31 0xf50cd4f0 in IPC::Connection::dispatchMessage () at ./Source/WebKit/Platform/IPC/Connection.cpp:1451 #32 0xf50cda98 in IPC::Connection::dispatchMessage () at ./Source/WebKit/Platform/IPC/Connection.cpp:1408 #33 IPC::Connection::dispatchOneIncomingMessage () at ./Source/WebKit/Platform/IPC/Connection.cpp:1518 #34 0xf46641fc in WTF::Function<void()>::operator() () at ./Source/WTF/wtf/Function.h:82 #35 WTF::RunLoop::performWork () at ./Source/WTF/wtf/RunLoop.cpp:147 #36 0xf46aeab6 in operator() () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:80 #37 _FUN () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:82 #38 0xf46af4bc in operator() () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:53 #39 _FUN () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:56 #40 0xf1f6eb06 in g_main_dispatch (context=context@entry=0x1c9ef80) at ../../../glib/gmain.c:3357 #41 0xf1f70620 in g_main_context_dispatch_unlocked (context=0x1c9ef80) at ../../../glib/gmain.c:4208 #42 g_main_context_iterate_unlocked (context=0x1c9ef80, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../../../glib/gmain.c:4273 #43 0xf1f70ee0 in g_main_loop_run (loop=0x1cb9160) at ../../../glib/gmain.c:4475 #44 0xf46af638 in WTF::RunLoop::run () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:108 #45 0xf54582ea in WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run () at ./Source/WebKit/Shared/AuxiliaryProcessMain.h:72 #46 WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run () at ./Source/WebKit/Shared/AuxiliaryProcessMain.h:59 #47 WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainGtk> () at ./Source/WebKit/Shared/AuxiliaryProcessMain.h:98 #48 0xf499b4fa in __libc_start_call_main (main=main@entry=0x6ce57d <main()>, argc=argc@entry=4, argv=0xffcc8f24, argv@entry=0xf4a8be44) at ../sysdeps/nptl/libc_start_call_main.h:58 #49 0xf499b59e in __libc_start_main_impl (main=0x6ce57d <main()>, argc=4, argv=0xf4a8be44, init=<optimized out>, fini=0x0, rtld_fini=0xf7e1099d <_dl_fini>, stack_end=0xffcc8f24) at libc-start.c:360 #50 0x006ce5a8 in _start () Backtrace stopped: previous frame identical to this frame (corrupt stack?)

Attachments
Add attachment proposed patch, testcase, etc.

Alberto Garcia

Comment 1 2024-09-19 07:37:54 PDT

This seems to happen if the system malloc is used instead of bmalloc. I had to disable bmalloc on armhf due to bug 278858, but if I re-enable it again I cannot reproduce this crash.

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component WebKitGTK

Assignee

Nobody

Reported

2024-09-18 05:01 PDT

Modified

2024-09-19 07:37 PDT History

CC List

1 user Show

URL

Keywords

Depends on

Blocks