[Webkit-unassigned] [Bug 225095] New: Segmentation fault in 'libjavascriptcoregtk' when sending SIGUSR1 signal to a process using webkit through WebKit2Gtk
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 27 01:58:00 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=225095
Bug ID: 225095
Summary: Segmentation fault in 'libjavascriptcoregtk' when
sending SIGUSR1 signal to a process using webkit
through WebKit2Gtk
Product: WebKit
Version: Other
Hardware: PC
OS: Linux
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
Assignee: webkit-unassigned at lists.webkit.org
Reporter: g4mba5 at gmail.com
System: Ubuntu 20.10 / Linux kernel 5.8.0-48-generic / x86_64 / KDE environment
If you send the SIGUSR1 signal to a process using webkitgtk (WebKit2Gtk-4.0 version 2.30.6), the process segfaults.
Here is a gdb log (the process is the Gambas interpreter):
---------------------------------------------------------------------------------------------
GNU gdb (Ubuntu 9.2-0ubuntu2) 9.2
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from gbx3...
Attaching to program: /usr/bin/gbx3, process 24324
[New LWP 24331]
[New LWP 24332]
[New LWP 24334]
[New LWP 24335]
[New LWP 24336]
[New LWP 24337]
[New LWP 24342]
[New LWP 24345]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
0x00007f6b4f6ac66f in __GI___poll (fds=0x556d2627bc10, nfds=3, timeout=5853) at ../sysdeps/unix/sysv/linux/poll.c:29
29 ../sysdeps/unix/sysv/linux/poll.c: Aucun fichier ou dossier de ce type.
(gdb) cont
Continuing.
[Thread 0x7f6b38bfb640 (LWP 24342) exited]
Thread 1 "gbx3" received signal SIGUSR1, User defined signal 1.
0x00007f6b4f6ac66f in __GI___poll (fds=0x556d2627bc10, nfds=3, timeout=90000) at ../sysdeps/unix/sysv/linux/poll.c:29
29 in ../sysdeps/unix/sysv/linux/poll.c
(gdb) cont
Continuing.
Thread 1 "gbx3" received signal SIGSEGV, Segmentation fault.
WTF::Thread::signalHandlerSuspendResume () at ../Source/WTF/wtf/posix/ThreadingPOSIX.cpp:121
121 ../Source/WTF/wtf/posix/ThreadingPOSIX.cpp: Aucun fichier ou dossier de ce type.
(gdb) bt
#0 WTF::Thread::signalHandlerSuspendResume(int, siginfo_t*, void*) () at ../Source/WTF/wtf/posix/ThreadingPOSIX.cpp:121
#1 0x00007f6b4f5e0950 in <signal handler called> () at /lib/x86_64-linux-gnu/libc.so.6
#2 0x00007f6b4f6ac66f in __GI___poll (fds=0x556d2627bc10, nfds=3, timeout=90000) at ../sysdeps/unix/sysv/linux/poll.c:29
#3 0x00007f6b4bc0d86e in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#4 0x00007f6b4bc0d9a3 in g_main_context_iteration () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#5 0x00007f6b4c25aaf5 in gtk_main_iteration_do (blocking=blocking at entry=1) at ../../../../gtk/gtkmain.c:1456
#6 0x00007f6b4d219cea in MAIN_do_iteration(bool) (do_not_block=do_not_block at entry=false) at main.cpp:689
#7 0x00007f6b4d219d3e in hook_loop() () at main.cpp:586
#8 0x0000556d24bd01d2 in main (argc=<optimized out>, argv=<optimized out>) at gbx.c:480
(gdb) disassemble
Dump of assembler code for function WTF::Thread::signalHandlerSuspendResume(int, siginfo_t*, void*):
0x00007f6b43de2890 <+0>: endbr64
0x00007f6b43de2894 <+4>: push %rbp
0x00007f6b43de2895 <+5>: push %rbx
0x00007f6b43de2896 <+6>: sub $0x98,%rsp
0x00007f6b43de289d <+13>: mov %fs:0x28,%rax
0x00007f6b43de28a6 <+22>: mov %rax,0x88(%rsp)
0x00007f6b43de28ae <+30>: xor %eax,%eax
0x00007f6b43de28b0 <+32>: mov 0x3578c9(%rip),%rbx # 0x7f6b4413a180 <_ZN3WTFL12targetThreadE>
=> 0x00007f6b43de28b7 <+39>: mov 0x40(%rbx),%eax
0x00007f6b43de28ba <+42>: test %eax,%eax
0x00007f6b43de28bc <+44>: jne 0x7f6b43de2958 <WTF::Thread::signalHandlerSuspendResume(int, siginfo_t*, void*)+200>
0x00007f6b43de28c2 <+50>: mov %rsp,%rcx
0x00007f6b43de28c5 <+53>: mov 0x10(%rbx),%rax
0x00007f6b43de28c9 <+57>: cmp %rcx,%rax
0x00007f6b43de28cc <+60>: jb 0x7f6b43de28d9 <WTF::Thread::signalHandlerSuspendResume(int, siginfo_t*, void*)+73>
0x00007f6b43de28ce <+62>: test %rax,%rax
0x00007f6b43de28d1 <+65>: je 0x7f6b43de28d9 <WTF::Thread::signalHandlerSuspendResume(int, siginfo_t*, void*)+73>
0x00007f6b43de28d3 <+67>: cmp 0x18(%rbx),%rcx
0x00007f6b43de28d7 <+71>: ja 0x7f6b43de2910 <WTF::Thread::signalHandlerSuspendResume(int, siginfo_t*, void*)+128>
0x00007f6b43de28d9 <+73>: movq $0x0,0x38(%rbx)
0x00007f6b43de28e1 <+81>: mov 0x88(%rsp),%rax
0x00007f6b43de28e9 <+89>: sub %fs:0x28,%rax
0x00007f6b43de28f2 <+98>: jne 0x7f6b43de2975 <WTF::Thread::signalHandlerSuspendResume(int, siginfo_t*, void*)+229>
...
(gdb) info registers
rax 0x0 0
rbx 0x0 0
rcx 0x7f6b4f6ac66f 140098870625903
rdx 0x7ffc6646e500 140722024408320
rsi 0x7ffc6646e630 140722024408624
rdi 0xa 10
rbp 0x556d2627bc10 0x556d2627bc10
rsp 0x7ffc6646e450 0x7ffc6646e450
r8 0x0 0
r9 0x7f6b4bcea280 140098810061440
r10 0x7ffc664fd080 140722024992896
r11 0x293 659
r12 0x3 3
r13 0x7ffc6646eb04 140722024409860
r14 0x15f90 90000
r15 0x556d25e731c0 93927275704768
rip 0x7f6b43de28b7 0x7f6b43de28b7 <WTF::Thread::signalHandlerSuspendResume(int, siginfo_t*, void*)+39>
eflags 0x10246 [ PF ZF IF RF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
---------------------------------------------------------------------------------------------
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210427/6b65e51a/attachment-0001.htm>
More information about the webkit-unassigned
mailing list