Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-75584

WebKit browser crashes on Linux with 64k page size

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P1: Critical
    • Resolution: Done
    • Affects Version/s: 5.11.3
    • Fix Version/s: None
    • Component/s: WebKit
    • Labels:
      None
    • Platform/s:
      Linux/Wayland

      Description

      The QtWebkit(widget) browser crashes on Linux 4.19 with 64k page size.
      Platform: TI AM654x EVM with arm64
      OS: Linux kernel 4.19 
      EGL (QPA): EGLFS, WAYLAND on top of Weston 5.0

      The same demo browser at QT 5.9.3 worked fine on Linux Kernel 4.14 with 64k page size.

      The Segmentation fault is caused by the size of the SmallPage a SmallPage.h

      class SmallPage : public ListNode<SmallPage> {
      public:
      SmallPage()
      : m_hasFreeLines(true)
      {
      }

       ...

      private:
      unsigned char m_hasFreeLines: 1;
      unsigned short m_refCount;

      ...

      }

      The refCount goes from 0 to 127, but there will be more smallLines with large page size as shown below:

      Heap::allocateSmallBumpRangesMetadata: pageSize = 0x10000, lineSize=0x100, smallLineCount = 256

       Here is the sample trace:

      root@am65xx-evm:~# /usr/share/examples/webkitwidgets/browser/browser www.ti.com
      Heap::allocateSmallBumpRangesMetadata: pageSize = 0x10000, lineSize=0x100, smallLineCount = 256
      Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 0
      bmalloc: SmallPage::ref refCount: 0
      Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 1
      bmalloc: SmallPage::ref refCount: 1
      Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 2

      ...

      Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 125
      bmalloc: SmallPage::ref refCount: 125
      Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 126
      bmalloc: SmallPage::ref refCount: 126
      Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 127
      bmalloc: SmallPage::ref refCount: 127
      Segmentation fault (core dumped)

      Is there a patch available to fix this problem?

       

       

       

       

       

       

       

       

       

       

        Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            Assignee:
            annulen Konstantin Tokarev
            Reporter:
            ericruei Eric Ruei
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Gerrit Reviews

                There are no open Gerrit changes