Bug 154884

Another one the crash server thinks is fixed in 2.10.7, we have 79 reports of this with 2.10.4, the most recent yesterday from someone who hasn't updated WebKit, and zero reports with 2.10.7.

Just got a report of this with 2.14.1. Here are some updated line numbers: Thread 1 (Thread 0x7f763971bac0 (LWP 30532)): #0 0x00007f76304c427d in g_type_check_instance (type_instance=type_instance@entry=0x31) at gtype.c:4137 #1 0x00007f76304b0209 in g_signal_handler_disconnect (instance=0x31, handler_id=0) at gsignal.c:2621 _g_boolean_var_ = <optimized out> handler = <optimized out> __func__ = "g_signal_handler_disconnect" #2 0x00007f76129fa155 in NPP_Destroy () at /usr/lib64/mozilla/plugins/libgnome-shell-browser-plugin.so #3 0x00007f7637572ef3 in WebKit::NetscapePlugin::destroy() (this=0x7f7621fd8000) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/WebProcess/Plugins/Netscape/NetscapePlugin.cpp:731 #4 0x00007f763754fe9a in WebKit::Plugin::destroyPlugin() (this=this@entry=0x7f7621fd8000) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/WebProcess/Plugins/Plugin.cpp:101 #5 0x00007f76373ecc6e in WebKit::PluginControllerProxy::destroy() (this=0x55a63e058490) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/PluginProcess/PluginControllerProxy.cpp:158 #6 0x00007f76373f0b88 in WebKit::WebProcessConnection::destroyPluginControllerProxy(WebKit::PluginControllerProxy*) (this=<optimized out>, pluginController=<optimized out>) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/PluginProcess/WebProcessConnection.cpp:83 #7 0x00007f76373f116c in WebKit::WebProcessConnection::destroyPlugin(unsigned long, bool, WTF::PassRefPtr<Messages::WebProcessConnection::DestroyPlugin::DelayedReply>) (this=0x7f7621ff40a0, pluginInstanceID=1, asynchronousCreationIncomplete=<optimized out>, reply=...) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/PluginProcess/WebProcessConnection.cpp:200 activityAssertion = {m_activity = @0x7f76395c6630} #8 0x00007f76376d4087 in IPC::handleMessageDelayed<Messages::WebProcessConnection::DestroyPlugin, WebKit::WebProcessConnection, void (WebKit::WebProcessConnection::*)(unsigned long, bool, WTF::PassRefPtr<Messages::WebProcessConnection::DestroyPlugin::DelayedReply>)>(IPC::Connection&, IPC::Decoder&, std::unique_ptr<IPC::Encoder, std::default_delete<IPC::Encoder> >&, WebKit::WebProcessConnection*, void (WebKit::WebProcessConnection::*)(unsigned long, bool, WTF::PassRefPtr<Messages::WebProcessConnection::DestroyPlugin::DelayedReply>)) (args=<unknown type in /var/cache/abrt-di/usr/lib/debug/usr/lib64/libwebkit2gtk-4.0.so.37.14.8.debug, CU 0xe8945ff, DIE 0xe8b941d>, delayedReply=..., function=<optimized out>, object=0x7f7621ff40a0) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/Platform/IPC/HandleMessage.h:41 arguments = std::tuple containing = {[1] = 1, [2] = false} delayedReply = {static isRefPtr = <optimized out>, m_ptr = 0x0} #9 0x00007f76376d4087 in IPC::handleMessageDelayed<Messages::WebProcessConnection::DestroyPlugin, WebKit::WebProcessConnection, void (WebKit::WebProcessConnection::*)(unsigned long, bool, WTF::PassRefPtr<Messages::WebProcessConnection::DestroyPlugin::DelayedReply>)>(IPC::Connection&, IPC::Decoder&, std::unique_ptr<IPC::Encoder, std::default_delete<IPC::Encoder> >&, WebKit::WebProcessConnection*, void (WebKit::WebProcessConnection::*)(unsigned long, bool, WTF::PassRefPtr<Messages::WebProcessConnection::DestroyPlugin::DelayedReply>)) (function=<optimized out>, object=0x7f7621ff40a0, delayedReply=..., args=<unknown type in /var/cache/abrt-di/usr/lib/debug/usr/lib64/libwebkit2gtk-4.0.so.37.14.8.debug, CU 0xe8945ff, DIE 0xe8b941d>) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/Platform/IPC/HandleMessage.h:47 arguments = std::tuple containing = {[1] = 1, [2] = false} delayedReply = {static isRefPtr = <optimized out>, m_ptr = 0x0} #10 0x00007f76376d4087 in IPC::handleMessageDelayed<Messages::WebProcessConnection::DestroyPlugin, WebKit::WebProcessConnection, void (WebKit::WebProcessConnection::*)(unsigned long, bool, WTF::PassRefPtr<Messages::WebProcessConnection::DestroyPlugin::DelayedReply>)>(IPC::Connection&, IPC::Decoder&, std::unique_ptr<IPC::Encoder, std::default_delete<IPC::Encoder> >&, WebKit::WebProcessConnection*, void (WebKit::WebProcessConnection::*)(unsigned long, bool, WTF::PassRefPtr<Messages::WebProcessConnection::DestroyPlugin::DelayedReply>)) (connection=..., decoder=..., replyEncoder=std::unique_ptr<IPC::Encoder> containing 0x0, object=object@entry=0x7f7621ff40a0, function=(void (WebKit::WebProcessConnection::*)(WebKit::WebProcessConnection * const, unsigned long, bool, WTF::PassRefPtr<Messages::WebProcessConnection::DestroyPlugin::DelayedReply>)) 0x7f76373f1040 <WebKit::WebProcessConnection::destroyPlugin(unsigned long, bool, WTF::PassRefPtr<Messages::WebProcessConnection::DestroyPlugin::DelayedReply>)>) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/Platform/IPC/HandleMessage.h:151 arguments = std::tuple containing = {[1] = 1, [2] = false} delayedReply = {static isRefPtr = <optimized out>, m_ptr = 0x0} #11 0x00007f76376d3a38 in WebKit::WebProcessConnection::didReceiveSyncWebProcessConnectionMessage(IPC::Connection&, IPC::Decoder&, std::unique_ptr<IPC::Encoder, std::default_delete<IPC::Encoder> >&) (this=0x7f7621ff40a0, connection=..., decoder=..., replyEncoder=std::unique_ptr<IPC::Encoder> containing 0x0) at /usr/src/debug/webkitgtk-2.14.1/x86_64-redhat-linux-gnu/DerivedSources/WebKit2/WebProcessConnectionMessageReceiver.cpp:105 #12 0x00007f76373f0985 in WebKit::WebProcessConnection::didReceiveSyncMessage(IPC::Connection&, IPC::Decoder&, std::unique_ptr<IPC::Encoder, std::default_delete<IPC::Encoder> >&) (this=0x7f7621ff40a0, connection=..., decoder=..., replyEncoder=...) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/PluginProcess/WebProcessConnection.cpp:150 currentConnectionChange = {m_scopedVariable = @0x7f76395c66c8, m_originalValue = 0x0} protector = <optimized out> #13 0x00007f76373e703b in IPC::Connection::dispatchSyncMessage(IPC::Decoder&) (this=0x7f7621ff3168, decoder=...) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/Platform/IPC/Connection.cpp:789 syncRequestID = 12 replyEncoder = std::unique_ptr<IPC::Encoder> containing 0x0 #14 0x00007f76373e712d in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (this=0x7f7621ff3168, message=std::unique_ptr<IPC::Decoder> containing 0x7f7621fc9160) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/Platform/IPC/Connection.cpp:856 oldDidReceiveInvalidMessage = false #15 0x00007f76373e73be in IPC::Connection::SyncMessageState::dispatchMessages(IPC::Connection*) (this=this@entry=0x7f76395c63e0 <IPC::Connection::SyncMessageState::singleton()::syncMessageState>, allowedConnection=allowedConnection@entry=0x7f7621ff3168) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/Platform/IPC/Connection.cpp:164 i = 0 messagesToDispatchWhileWaitingForSyncReply = {<WTF::VectorBuffer<IPC::Connection::SyncMessageState::ConnectionAndIncomingMessage, 0ul>> = {<WTF::VectorBufferBase<IPC::Connection::SyncMessageState::ConnectionAndIncomingMessage>> = {m_buffer = 0x7f7621fdab00, m_capacity = <optimized out>, m_size = 1}, <No data fields>}, <No data fields>} messagesToPutBack = {<WTF::VectorBuffer<IPC::Connection::SyncMessageState::ConnectionAndIncomingMessage, 0ul>> = {<WTF::VectorBufferBase<IPC::Connection::SyncMessageState::ConnectionAndIncomingMessage>> = {m_buffer = 0x0, m_capacity = 0, m_size = 0}, <No data fields>}, <No data fields>} #16 0x00007f76373e7657 in IPC::Connection::SyncMessageState::dispatchMessageAndResetDidScheduleDispatchMessagesForConnection(IPC::Connection&) (this=0x7f76395c63e0 <IPC::Connection::SyncMessageState::singleton()::syncMessageState>, connection=...) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/Platform/IPC/Connection.cpp:183 #17 0x00007f7636aa390d in WTF::RunLoop::performWork() (this=<synthetic pointer>) at /usr/src/debug/webkitgtk-2.14.1/Source/WTF/wtf/Function.h:50 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f7621fdb150} functionsHandled = 1 functionsToHandle = <optimized out> #18 0x00007f7636aa390d in WTF::RunLoop::performWork() (this=0x7f7621ff7000) at /usr/src/debug/webkitgtk-2.14.1/Source/WTF/wtf/RunLoop.cpp:122 function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f7621fdb150} functionsHandled = 1 functionsToHandle = <optimized out> #19 0x00007f7636aca2e9 in WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer) (__closure=0x0, userData=<optimized out>) at /usr/src/debug/webkitgtk-2.14.1/Source/WTF/wtf/glib/RunLoopGLib.cpp:66 #20 0x00007f7636aca2e9 in WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer) () at /usr/src/debug/webkitgtk-2.14.1/Source/WTF/wtf/glib/RunLoopGLib.cpp:68 #21 0x00007f76301c96ba in g_main_context_dispatch (context=0x55a63db63d20) at gmain.c:3154 dispatch = 0x7f7636aca300 <WTF::<lambda(GSource*, GSourceFunc, gpointer)>::_FUN(GSource *, GSourceFunc, gpointer)> prev_source = 0x0 was_in_call = 0 user_data = 0x7f7621ff7000 callback = 0x7f7636aca2e0 <WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer)> cb_funcs = 0x7f763048d280 <g_source_callback_funcs> cb_data = 0x55a63de65dc0 need_destroy = <optimized out> source = 0x55a63e230c20 current = 0x55a63daf6890 i = 0 #22 0x00007f76301c96ba in g_main_context_dispatch (context=context@entry=0x55a63db63d20) at gmain.c:3769 #23 0x00007f76301c9a70 in g_main_context_iterate (context=0x55a63db63d20, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3840 max_priority = 2147483647 timeout = -1 some_ready = 1 nfds = 4 allocated_nfds = 4 fds = <optimized out> #24 0x00007f76301c9d92 in g_main_loop_run (loop=0x55a63e230c00) at gmain.c:4034 __func__ = "g_main_loop_run" #25 0x00007f7636acaba0 in WTF::RunLoop::run() () at /usr/src/debug/webkitgtk-2.14.1/Source/WTF/wtf/glib/RunLoopGLib.cpp:94 runLoop = @0x7f7621ff7000: {<WTF::FunctionDispatcher> = {<WTF::ThreadSafeRefCounted<WTF::FunctionDispatcher>> = {<WTF::ThreadSafeRefCountedBase> = {m_refCount = {<std::__atomic_base<int>> = {static _S_alignment = 4, _M_i = 1}, <No data fields>}}, <No data fields>}, _vptr.FunctionDispatcher = 0x7f7636c89ba0 <vtable for WTF::RunLoop+16>}, m_functionQueueLock = {m_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 512, __spins = 0, __elision = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 17 times>, "\002", '\000' <repeats 21 times>, __align = 0}}, m_functionQueue = {m_start = 13, m_end = 13, m_buffer = {<WTF::VectorBufferBase<WTF::Function<void()> >> = {m_buffer = 0x7f7621fef100, m_capacity = 16, m_size = 0}, <No data fields>}}, m_mainContext = {m_ptr = 0x55a63db63d20}, m_mainLoops = {<WTF::VectorBuffer<WTF::GRefPtr<_GMainLoop>, 0ul>> = {<WTF::VectorBufferBase<WTF::GRefPtr<_GMainLoop> >> = {m_buffer = 0x7f7621ffa180, m_capacity = 16, m_size = 1}, <No data fields>}, <No data fields>}, m_source = {m_ptr = 0x55a63e230c20}} nestedMainLoop = <optimized out> #26 0x00007f763761e29c in WebKit::ChildProcessMain<WebKit::PluginProcess, WebKit::PluginProcessMain>(int, char**) (argc=<optimized out>, argv=0x7fff1f34f6c8) at /usr/src/debug/webkitgtk-2.14.1/Source/WebKit2/Shared/unix/ChildProcessMain.h:61 childMain = {<WebKit::ChildProcessMainBase> = {_vptr.ChildProcessMainBase = 0x7f763942b840 <vtable for WebKit::PluginProcessMain+16>, m_parameters = {uiProcessName = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, clientIdentifier = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, connectionIdentifier = 38, extraInitializationData = {m_impl = {static m_maxLoad = 2, static m_minLoad = 6, m_table = 0x7f7621ffa200, m_tableSize = 8, m_tableSizeMask = 7, m_keyCount = 1, m_deletedCount = 0}}}}, <No data fields>} #27 0x00007f762b338731 in __libc_start_main (main=0x55a63d4ebbf0 <main(int, char**)>, argc=3, argv=0x7fff1f34f6c8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff1f34f6b8) at ../csu/libc-start.c:289 result = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, 4348833101302671825, 94172481502208, 140733716952768, 0, 0, 7559411127939705297, 7636420861578783185}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x7fff1f34f6e8, 0x7f7639805128}, data = {prev = 0x0, cleanup = 0x0, canceltype = 523564776}}} not_first_call = <optimized out> #28 0x000055a63d4ebc29 in _start ()

I assume this is with the gnome-shell patch applied, right?

(In reply to comment #3) > I assume this is with the gnome-shell patch applied, right? No, the user did NOT have your recent gnome-shell browser plugin patch. If you think it's a duplicate of the other issues, you could mark it as such and we can assume it's fixed until proven otherwise.

Yes, probably, I can't know for sure, but I won't spend time debugging this unless it happens with the patch applied, so better close this an reopen if still happens with the fixed plugin.

OK, assuming this is INVALID until proven otherwise.