[Webkit-unassigned] [Bug 243978] REGRESSION(252858 at main) WPE TestWebCore API tests is segfaulting at the start w

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Aug 17 06:39:57 PDT 2022 

https://bugs.webkit.org/show_bug.cgi?id=243978

Lauro Moura <lmoura at igalia.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|REGRESSION(252858 at main) WPE |REGRESSION(252858 at main) WPE
                   |TestWebCore API tests is    |TestWebCore API tests is
                   |segfaulting at the start    |segfaulting at the start w

--- Comment #1 from Lauro Moura <lmoura at igalia.com> ---
More from gdb:

Looks like `pas_segregated_page_config_kind_for_config_table` is filled with null pointers, not just for `pas_segregated_page_config_kind_bmalloc_small_segregated`

```
# null config
(gdb) print pas_segregated_page_config_kind_for_config_table[0]
$15 = (const pas_segregated_page_config *) 0x0
# pas small segregated config
(gdb) print pas_segregated_page_config_kind_for_config_table[1]
$16 = (const pas_segregated_page_config *) 0x0
# bmalloc small segregated config
(gdb) print pas_segregated_page_config_kind_for_config_table[2]
$17 = (const pas_segregated_page_config *) 0x0
(gdb) 
```

But checking the generated preprocessed code (with -save-temps), for the small_segregated_config (index 1), for example, it generates:

const pas_segregated_page_config* pas_segregated_page_config_kind_for_config_table[
...] = {
<config for null>,
(const pas_segregated_page_config*)((... {
    .small_segregated_config = {
        .base {
            .page_config_ptr = &pas_utility_heap_config.small_segregated_config.base,
            ....
        }
        ...
        }
        ...
        }).small_segregated_config).base.page_config_ptr,
...}

And in gdb, it's defined:

(gdb) print &pas_utility_heap_config.small_segregated_config.base
$20 = (pas_page_base_config *) 0x555564159fd8 <pas_utility_heap_config+56>
(gdb) print pas_utility_heap_config.small_segregated_config.base
$22 = {is_enabled = true, heap_config_ptr = 0x555564159fa0 <pas_utility_heap_config>, page_config_ptr = 0x555564159fd8 <pas_utility_heap_config+56>, page_config_kind = pas_page_config_kind_segregated, min_align_shift = 3 '\003', page_size = 16384, granule_size = 16384, 
  max_object_size = 1400, page_header_for_boundary = 0x555563caca45 <pas_utility_heap_page_header_for_boundary(void*)>, boundary_for_page_header = 0x555563caca53 <pas_utility_heap_boundary_for_page_header(pas_page_base*)>, page_header_for_boundary_remote = 0x0, 
  create_page_header = 0x555563caca61 <pas_utility_heap_create_page_header(void*, pas_page_kind, pas_lock_hold_mode)>, destroy_page_header = 0x555563cacab0 <pas_utility_heap_destroy_page_header(pas_page_base*, pas_lock_hold_mode)>}

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220817/a7f809a6/attachment.htm>

More information about the webkit-unassigned mailing list