Broadway: crash on web page access
Since commit 504b5bbd broadway
backend crashes immediately when browser accesses the hosted page. This is due to guint32
type replacement with size_t
which does not guarantee being 32bit on all platforms, yet all memory operations and loops used later in the code work on assumption of 32bit size. This also fails the assertion in read_some_input_nonblocking
.
I am opening this as a new issue as requested.
Error message:
Gdk:ERROR:../gdk/broadway/gdkbroadway-server.c:294:read_some_input_nonblocking: assertion failed: (server->recv_buffer_size < sizeof (server->recv_buffer))
Bail out! Gdk:ERROR:../gdk/broadway/gdkbroadway-server.c:294:read_some_input_nonblocking: assertion failed: (server->recv_buffer_size < sizeof (server->recv_buffer))
Backtrace:
#0 0x00007ffff79cc365 in raise () at /lib64/libc.so.6
#1 0x00007ffff79b58a4 in abort () at /lib64/libc.so.6
#2 0x00007ffff7d9fb6c in g_assertion_message_expr.cold () at /lib64/libglib-2.0.so.0
#3 0x00007ffff7dfa37f in g_assertion_message_expr () at /lib64/libglib-2.0.so.0
#4 0x00007fffe1ccc029 in read_some_input_nonblocking (server=0x55555582e300) at ../gdk/broadway/gdkbroadway-server.c:294
in = 0x55555582d890
pollable = <optimized out>
res = <optimized out>
error = 0x7ffff7dd1916 <block_source+166>
__func__ = "read_some_input_nonblocking"
server = 0x55555582e300
#5 input_available_cb (stream=<optimized out>, user_data=0x55555582e300) at ../gdk/broadway/gdkbroadway-server.c:377
server = 0x55555582e300
#6 0x00007ffff7dd5a5f in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
#7 0x00007ffff7e27a58 in g_main_context_iterate.constprop () at /lib64/libglib-2.0.so.0
#8 0x00007ffff7dd2e33 in g_main_context_iteration () at /lib64/libglib-2.0.so.0
#9 0x00007ffff7c35dfd in g_application_run () at /lib64/libgio-2.0.so.0
#10 0x00007ffff7965b10 in ffi_call_unix64 () at /lib64/libffi.so.6
#11 0x00007ffff79650a3 in ffi_call () at /lib64/libffi.so.6
#12 0x00007ffff7ef22ab in gjs_invoke_c_function(JSContext*, Function*, JS::CallArgs const&, JS::Handle<JSObject*>, _GIArgument*) [clone .lto_priv.0] () at /lib64/libgjs.so.0
#13 0x00007ffff7ef275a in function_call(JSContext*, unsigned int, JS::Value*) () at /lib64/libgjs.so.0
#14 0x00007ffff5ed347e in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) () at /lib64/libmozjs-78.so.0
#15 0x00007ffff5ec3922 in Interpret(JSContext*, js::RunState&) () at /lib64/libmozjs-78.so.0
#16 0x00007ffff5ed2ce9 in js::RunScript(JSContext*, js::RunState&) () at /lib64/libmozjs-78.so.0
#17 0x00007ffff5ed4366 in js::ExecuteKernel(JSContext*, JS::Handle<JSScript*>, JS::Handle<JSObject*>, JS::Handle<JS::Value>, js::AbstractFramePtr, JS::MutableHandle<JS::Value>) ()
at /lib64/libmozjs-78.so.0
#18 0x00007ffff5fda877 in bool EvaluateSourceBuffer<char16_t>(JSContext*, js::ScopeKind, JS::Handle<JSObject*>, JS::ReadOnlyCompileOptions const&, JS::SourceText<char16_t>&, JS::MutableHandle<JS::Value>) [clone .lto_priv.0] () at /lib64/libmozjs-78.so.0
#19 0x00007ffff5fbfc67 in JS::Evaluate(JSContext*, JS::Handle<JS::StackGCVector<JSObject*, js::TempAllocPolicy> >, JS::ReadOnlyCompileOptions const&, JS::SourceText<char16_t>&, JS::MutableHandle<JS::Value>) () at /lib64/libmozjs-78.so.0
#20 0x00007ffff7f12357 in GjsContextPrivate::eval_with_scope(JS::Handle<JSObject*>, char const*, long, char const*, JS::MutableHandle<JS::Value>) () at /lib64/libgjs.so.0
#21 0x00007ffff7f12bff in gjs_context_eval () at /lib64/libgjs.so.0
#22 0x0000555555556ddd in main ()
Edited by Rafał Dzięgiel