Details
-
Bug
-
Resolution: Done
-
P1: Critical
-
None
-
5.11.3
-
None
-
Linux/Wayland
Description
The QtWebkit(widget) browser crashes on Linux 4.19 with 64k page size.
Platform: TI AM654x EVM with arm64
OS: Linux kernel 4.19
EGL (QPA): EGLFS, WAYLAND on top of Weston 5.0
The same demo browser at QT 5.9.3 worked fine on Linux Kernel 4.14 with 64k page size.
The Segmentation fault is caused by the size of the SmallPage a SmallPage.h
class SmallPage : public ListNode<SmallPage> {
public:
SmallPage()
: m_hasFreeLines(true)
{
}
...
private:
unsigned char m_hasFreeLines: 1;
unsigned short m_refCount;
...
}
The refCount goes from 0 to 127, but there will be more smallLines with large page size as shown below:
Heap::allocateSmallBumpRangesMetadata: pageSize = 0x10000, lineSize=0x100, smallLineCount = 256
Here is the sample trace:
root@am65xx-evm:~# /usr/share/examples/webkitwidgets/browser/browser www.ti.com
Heap::allocateSmallBumpRangesMetadata: pageSize = 0x10000, lineSize=0x100, smallLineCount = 256
Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 0
bmalloc: SmallPage::ref refCount: 0
Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 1
bmalloc: SmallPage::ref refCount: 1
Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 2
...
Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 125
bmalloc: SmallPage::ref refCount: 125
Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 126
bmalloc: SmallPage::ref refCount: 126
Heap::allocateSmallBumpRangesMetadata: allocateSmallBumpRange: lineNumber = 127
bmalloc: SmallPage::ref refCount: 127
Segmentation fault (core dumped)
Is there a patch available to fix this problem?