Bug 167307
| Summary: | [GTK] UI process crash in webkit_back_forward_list_get_current_item | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Michael Catanzaro <mcatanzaro> |
| Component: | WebKitGTK | Assignee: | Nobody <webkit-unassigned> |
| Status: | NEW | ||
| Severity: | Normal | CC: | bugs-noreply, mcatanzaro |
| Priority: | P2 | ||
| Version: | WebKit Nightly Build | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| See Also: | https://bugzilla.redhat.com/show_bug.cgi?id=1415737 | ||
Michael Catanzaro
I have 51 reports of this UI process crash in webkit_back_forward_list_get_current_item. Looks like this occurs when performing a delayed page load (loading a saved tab for the first time after opening Epiphany):
Thread 1 (Thread 0x7f7119147fc0 (LWP 2493)):
#0 0x00007f71154d8a3c in WTFCrash() () at /usr/src/debug/webkitgtk-2.14.2/Source/WTF/wtf/Assertions.cpp:323
#1 0x00007f7115c8c199 in WTF::CrashOnOverflow::crash() () at /usr/src/debug/webkitgtk-2.14.2/Source/WTF/wtf/CheckedArithmetic.h:85
#2 0x00007f7115c8c199 in WTF::CrashOnOverflow::overflowed() () at /usr/src/debug/webkitgtk-2.14.2/Source/WTF/wtf/CheckedArithmetic.h:78
#3 0x00007f7115c8c199 in WTF::Vector<WTF::RefPtr<WebKit::WebBackForwardListItem>, 0ul, WTF::CrashOnOverflow, 16ul>::at(unsigned long) const (i=<optimized out>, this=<optimized out>) at /usr/src/debug/webkitgtk-2.14.2/Source/WTF/wtf/Vector.h:661
#4 0x00007f7115c8c199 in WTF::Vector<WTF::RefPtr<WebKit::WebBackForwardListItem>, 0ul, WTF::CrashOnOverflow, 16ul>::operator[](unsigned long) const (i=<optimized out>, this=<optimized out>) at /usr/src/debug/webkitgtk-2.14.2/Source/WTF/wtf/Vector.h:676
#5 0x00007f7115c8c199 in WebKit::WebBackForwardList::currentItem() const (this=<optimized out>) at /usr/src/debug/webkitgtk-2.14.2/Source/WebKit2/UIProcess/WebBackForwardList.cpp:212
#6 0x00007f7115e66fd4 in webkit_back_forward_list_get_current_item(WebKitBackForwardList*) (backForwardList=0x560cbd098720 [WebKitBackForwardList]) at /usr/src/debug/webkitgtk-2.14.2/Source/WebKit2/UIProcess/API/gtk/WebKitBackForwardList.cpp:166
#7 0x0000560cbbc45fa2 in load_delayed_request_if_mapped (user_data=user_data@entry=0x560cbc98f2d0) at ephy-embed.c:648
embed = 0x560cbc98f2d0 [EphyEmbed]
web_view = 0x560cbd0063d0 [EphyWebView]
item = <optimized out>
#8 0x00007f71111f688d in g_timeout_dispatch (source=0x560cbcf6c120, callback=0x560cbbc45f00 <load_delayed_request_if_mapped>, user_data=0x560cbc98f2d0) at gmain.c:4674
timeout_source = 0x560cbcf6c120
again = <optimized out>
I considered that this might be an Epiphany bug, but I don't think it is. We are careful to ensure that callback is not called after the EphyEmbed is disposed. I think the WebBackForwardList has been somehow corrupted, possibly due to a problem with session state.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |