164926 2016-11-18 09:10:50 -0800 [GTK] Memory corruption causes web process crash in WebCore::createStyleContext 2016-11-18 09:12:32 -0800 1 1 1 Unclassified WebKit WebKitGTK WebKit Nightly Build PC Linux NEW https://bugzilla.redhat.com/show_bug.cgi?id=1371065 P2 Normal --- 1 mcatanzaro webkit-unassigned bugs-noreply mcatanzaro oldest_to_newest 1252690 0 mcatanzaro 2016-11-18 09:10:50 -0800 Memory corruption causes web process crash in WebCore::createStyleContext. Only one report of this ever, with 2.12.4. Unfortunately I have no valgrind memcheck for this. Truncated backtrace: Thread no. 1 (10 frames) #6 g_malloc at gmem.c:94 #7 g_data_set_internal at gdataset.c:464 #8 g_datalist_id_set_data_full at gdataset.c:670 #9 g_object_notify_queue_freeze at gobject.c:242 #10 g_object_init at gobject.c:975 #11 g_type_create_instance at gtype.c:1869 #12 g_object_new_internal at gobject.c:1781 #15 gtk_css_path_node_new at gtkcsspathnode.c:142 #16 gtk_style_context_init at gtkstylecontext.c:355 #17 g_type_create_instance at gtype.c:1875 Full backtrace downstream. Importantly: #3 0x00007f904cc96c13 in malloc_printerr (ar_ptr=0x3, ptr=<optimized out>, str=0x7f904cda3250 "malloc(): smallbin double linked list corrupted", action=3) at malloc.c:5004 buf = "000056427ea9ba30" cp = <optimized out> ar_ptr = 0x3 ptr = <optimized out> str = 0x7f904cda3250 "malloc(): smallbin double linked list corrupted" action = 3 1252692 1 mcatanzaro 2016-11-18 09:12:32 -0800 Note: last time we had a crash like this, it was an Epiphany bug in an unrelated part of code, due to forgetting to remove a weak pointer. Epiphany is not a likely culprit here since this is web process.