Bug 147106

Summary:

[GTK] SIGABRT in WebKitWebProcess WebKitGtk+ 2.8.4 and 2.10.x when visiting some pages on dispatchDecidePolicyForNavigationAction

Product:

WebKit

Reporter:

Andres Gomez Garcia <agomez>

Component:

WebKitGTK

Assignee:

Nobody <webkit-unassigned>

Status:

NEW

Severity:

Normal

CC:

agomez, bugs-noreply, cgarcia, mcatanzaro

Priority:

Version:

528+ (Nightly build)

Hardware:

Unspecified

OS:

Unspecified

See Also:

https://bugs.webkit.org/show_bug.cgi?id=147111

Attachments:

Description	Flags
BT from gdb	none
Another similar BT from gdb	none
Yet another similar BT from gdb	none
And yet another similar BT from gdb	none

Andres Gomez Garcia

Reported 2015-07-20 05:03:00 PDT

I'm using WebKitGtk+ with my own JHBuild setting: https://github.com/tanty/jhbuild-epiphany/tree/wkgtk-devel Epiphany 3.17.1 and WebKit 2.8.4 I'm running Epiphany with the dconf key: "process-model" = "shared-secondary-process" When visiting several of the entries at http://www.eljueves.es/feeds/rss.html in different tabs, WebKitGtk+ receives a SIGABRT. This bug is not reproducible in a predictable way.

Attachments
BT from gdb (30.39 KB, text/plain) 2015-07-20 05:04 PDT, Andres Gomez Garcia	no flags	Details
Another similar BT from gdb (26.03 KB, text/plain) 2015-10-30 02:16 PDT, Andres Gomez Garcia	no flags	Details
Yet another similar BT from gdb (24.88 KB, text/plain) 2015-10-30 04:57 PDT, Andres Gomez Garcia	no flags	Details
And yet another similar BT from gdb (26.46 KB, text/plain) 2015-12-19 08:37 PST, Andres Gomez Garcia	no flags	Details
View All Add attachment proposed patch, testcase, etc.

Andres Gomez Garcia

Comment 1 2015-07-20 05:04:23 PDT

Created attachment 257088 [details] BT from gdb I also have a 1.2G core, if needed.

Andres Gomez Garcia

Comment 2 2015-07-20 05:05:39 PDT

I also have a BT from epiphany and a ~600M SIGSEV core from epiphany but I suppose that is caused by the SIGABRT in the WebKitGtk+ SIGBART in the UI process.

Michael Catanzaro

Comment 3 2015-07-20 07:04:56 PDT

#6 0x00007fc69eef04e2 in std::__throw_bad_function_call() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 #7 0x00007fc6a7e46b53 in std::function<void (WebCore::PolicyAction)>::operator()(WebCore::PolicyAction) const () from /opt/gnome-os/tanty/epiphany/install/lib/libwebkit2gtk-4.0.so.37 Looks like the std::function was null. Also, "Thread 637" looks really bad. We shouldn't make more than 20-25 threads. (In reply to comment #2) > I also have a BT from epiphany and a ~600M SIGSEV core from epiphany but I > suppose that is caused by the SIGABRT in the WebKitGtk+ SIGBART in the UI > process. That is probably a separate bug worth reporting: the UI process should not crash during a web process crash (what you reported here is a web process crash).

Andres Gomez Garcia

Comment 4 2015-07-20 08:52:52 PDT

(In reply to comment #3) ... > That is probably a separate bug worth reporting: the UI process should not > crash during a web process crash (what you reported here is a web process > crash). Oh, right. Didn't realize the crashing process was <path_to>/libexec/webkit2gtk-4.0/WebKitWebProcess . Check bug 147111.

Andres Gomez Garcia

Comment 5 2015-10-30 02:16:38 PDT

Created attachment 264385 [details] Another similar BT from gdb This happen when using WebKitGtk+ with my own JHBuild setting: https://github.com/tanty/jhbuild-epiphany/tree/wkgtk-devel Epiphany 3.18.0 and WebKit 2.10.0 I'm running Epiphany with the dconf key: "process-model" = "shared-secondary-process" The compilation was done with CMake args: "-DPORT=GTK -DCMAKE_BUILD_TYPE=Debug -DDEVELOPER_MODE=ON -DCMAKE_C_FLAGS_DEBUG=-g1 -DCMAKE_CXX_FLAGS_DEBUG=-g1" WebKitWebProcess crashed as described on bug 150670. Epiphany didn't crash and re-spawned another WebProcess. This second WebProcess crashed again in this way. This bug is not reproducible in a predictable way.

Andres Gomez Garcia

Comment 6 2015-10-30 04:57:40 PDT

Created attachment 264392 [details] Yet another similar BT from gdb This one was obtained just running MiniBrowser.

Andres Gomez Garcia

Comment 7 2015-11-04 02:24:30 PST

Happens also in 2.10.3

Andres Gomez Garcia

Comment 8 2015-12-19 08:37:37 PST

Created attachment 267688 [details] And yet another similar BT from gdb BT obtained from 2.10.4 with CMake args: '-DPORT=GTK -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_FLAGS_RELEASE="-O0 -g1 -DNDEBUG -DG_DISABLE_CAST_CHECKS" -DCMAKE_CXX_FLAGS_RELEASE="-O0 -g1 -DNDEBUG -DG_DISABLE_CAST_CHECKS"'

Note You need to log in before you can comment on or make changes to this bug.