You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
On armv7 Qt5 boards (linuxfb stream), AnthiasViewer sometimes dies within ~1s of spawn, before the D-Bus handshake:
This plugin does not support createPlatformOpenGLContext!
malloc(): unaligned tcache chunk detected
Sentry: ANTHIAS-D (all 30 startup retries exhausted), ANTHIAS-F (inline 3-attempt budget exhausted). On most fleet devices the crash is rare and load_browser()'s retry absorbs it; on a few devices it fires on every spawn, so the display stays dark.
What we established (on-device, Pi 4 testbed running the latest-pi3 armhf image)
Reproduced the exact fleet signature (GL-probe warning + malloc(): unaligned tcache chunk detected, SIGABRT rc=134) in a spawn-loop harness; high crash rate in this environment (~93% of 30 spawns; an earlier pass with MALLOC_CHECK_=3 + libc_malloc_debug crashed ~23%, so allocator timing matters).
35 core dumps captured. Mix of SIGSEGV (faulting PC inside stripped libQt5WebEngineCore.so.5, ~3 recurring PC offsets across ASLR bases) and SIGABRT (glibc malloc abort) — i.e. ANTHIAS-D ("exited before handshake", no malloc line) and ANTHIAS-F (malloc line) are two faces of one bug. Crash happens mid-Chromium-init with ~18 threads live, before D-Bus registration.
Mitigation matrix — all negative (20-30 spawns per arm):
Chromium flags
ok
crash
(none, baseline)
2/30
28
--disable-gpu
8/30
22
--no-zygote --no-sandbox
5/20
15
--single-process --no-sandbox
0/20
20
--js-flags=--jitless
2/20
18
--js-flags=--jitless --no-zygote --no-sandbox
0/20
20
So it is not the zygote fork, the sandbox, the GPU process/GL probe, or the V8 JIT individually.
Environment note: the repro host runs the armhf userland under an aarch64 kernel (uname -m = aarch64 inside the armhf container; /proc/cpuinfo features show aarch64-style flags — no neon/vfp strings armhf feature-detectors look for). This configuration is also what any fleet device gets when Pi OS boots its default 64-bit kernel with the 32-bit Anthias stream. The install/upgrade scripts select pi3-64 when uname -m is aarch64, so the current armhf-under-arm64 exposure is limited to pre-pi3-64 installs that haven't re-run the upgrade script — but the crash signature is identical to what 32-bit-kernel fleet devices report, just amplified.
Cores from the existing runs are on the Pi 4 testbed under /tmp/anthias-cores and /tmp/ab*/cores-*.
Next steps
Tag Sentry events with device_type / kernel_release / kernel_machine / board_model → feat(sentry): tag events with device type, host kernel, and board model #3021. Once a release ships, ANTHIAS-D/F events will tell us whether the always-crashing devices boot a 64-bit kernel (→ steering them to the pi3-64 stream fixes them) or a 32-bit one (→ the bug needs chasing inside the Qt 5.15 WebEngine build).
Build libQt5WebEngineCore with symbols (qt5-webview-builder) and symbolize the 3 recurring crash PCs from the captured cores.
Validate on the real Pi 3 testbed (32-bit kernel) to measure the un-amplified crash rate.
Symptom
On armv7 Qt5 boards (linuxfb stream),
AnthiasViewersometimes dies within ~1s of spawn, before the D-Bus handshake:Sentry: ANTHIAS-D (all 30 startup retries exhausted), ANTHIAS-F (inline 3-attempt budget exhausted). On most fleet devices the crash is rare and
load_browser()'s retry absorbs it; on a few devices it fires on every spawn, so the display stays dark.What we established (on-device, Pi 4 testbed running the
latest-pi3armhf image)Reproduced the exact fleet signature (GL-probe warning +
malloc(): unaligned tcache chunk detected, SIGABRT rc=134) in a spawn-loop harness; high crash rate in this environment (~93% of 30 spawns; an earlier pass withMALLOC_CHECK_=3+libc_malloc_debugcrashed ~23%, so allocator timing matters).35 core dumps captured. Mix of SIGSEGV (faulting PC inside stripped
libQt5WebEngineCore.so.5, ~3 recurring PC offsets across ASLR bases) and SIGABRT (glibc malloc abort) — i.e. ANTHIAS-D ("exited before handshake", no malloc line) and ANTHIAS-F (malloc line) are two faces of one bug. Crash happens mid-Chromium-init with ~18 threads live, before D-Bus registration.Mitigation matrix — all negative (20-30 spawns per arm):
--disable-gpu--no-zygote --no-sandbox--single-process --no-sandbox--js-flags=--jitless--js-flags=--jitless --no-zygote --no-sandboxSo it is not the zygote fork, the sandbox, the GPU process/GL probe, or the V8 JIT individually.
Environment note: the repro host runs the armhf userland under an aarch64 kernel (
uname -m=aarch64inside the armhf container;/proc/cpuinfofeatures show aarch64-style flags — noneon/vfpstrings armhf feature-detectors look for). This configuration is also what any fleet device gets when Pi OS boots its default 64-bit kernel with the 32-bit Anthias stream. The install/upgrade scripts selectpi3-64whenuname -misaarch64, so the current armhf-under-arm64 exposure is limited to pre-pi3-64installs that haven't re-run the upgrade script — but the crash signature is identical to what 32-bit-kernel fleet devices report, just amplified.Repro harness
Cores from the existing runs are on the Pi 4 testbed under
/tmp/anthias-coresand/tmp/ab*/cores-*.Next steps
Tag Sentry events with→ feat(sentry): tag events with device type, host kernel, and board model #3021. Once a release ships, ANTHIAS-D/F events will tell us whether the always-crashing devices boot a 64-bit kernel (→ steering them to thedevice_type/kernel_release/kernel_machine/board_modelpi3-64stream fixes them) or a 32-bit one (→ the bug needs chasing inside the Qt 5.15 WebEngine build).libQt5WebEngineCorewith symbols (qt5-webview-builder) and symbolize the 3 recurring crash PCs from the captured cores.🤖 Generated with Claude Code