Bug 65161
| Summary: | Midori Segmentation Fault caused by Javascript Core (WebKit GTK+) | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Max <archerseven> |
| Component: | WebKitGTK | Assignee: | Nobody <webkit-unassigned> |
| Status: | UNCONFIRMED | ||
| Severity: | Normal | CC: | bugs-noreply, cachobot, mrobinson, une.belette |
| Priority: | P2 | Keywords: | Gtk |
| Version: | 528+ (Nightly build) | ||
| Hardware: | PC | ||
| OS: | Linux | ||
Max
While loading a google search result, Midori segfaulted while running in gdb, and the segfault seems to be caused by something Javascript in webkitgtk (at which point this goes above my head).
backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff4d9b0ea in JSC::StructureStubInfo::deref() () from /usr/lib/libwebkitgtk-1.0.so.0
(gdb) bt*** NSPlugin Viewer *** ERROR: rpc_end_sync called when not in sync!
#0 0x00007ffff4d9b0ea in JSC::StructureStubInfo::deref() () from /usr/lib/libwebkitgtk-1.0.so.0
#1 0x00007ffff4d98baf in JSC::CodeBlock::~CodeBlock() () from /usr/lib/libwebkitgtk-1.0.so.0
#2 0x00007ffff4e5cfa2 in JSC::FunctionCodeBlock::~FunctionCodeBlock() () from /usr/lib/libwebkitgtk-1.0.so.0
#3 0x00007ffff4e5c647 in JSC::FunctionExecutable::~FunctionExecutable() () from /usr/lib/libwebkitgtk-1.0.so.0
#4 0x00007ffff4e45bb8 in JSC::MarkedBlock::sweep() () from /usr/lib/libwebkitgtk-1.0.so.0
#5 0x00007ffff4e45e7b in JSC::MarkedSpace::sweep() () from /usr/lib/libwebkitgtk-1.0.so.0
#6 0x00007ffff4e47868 in JSC::Heap::reset(JSC::Heap::SweepToggle) () from /usr/lib/libwebkitgtk-1.0.so.0
#7 0x00007ffff4248cc5 in WebCore::collect(void*) () from /usr/lib/libwebkitgtk-1.0.so.0
#8 0x00007ffff47043f2 in WebCore::ThreadTimers::sharedTimerFiredInternal() () from /usr/lib/libwebkitgtk-1.0.so.0
#9 0x00007ffff41322c2 in WebCore::timeout_cb(void*) () from /usr/lib/libwebkitgtk-1.0.so.0
#10 0x00007ffff5d32b9b in ?? () from /usr/lib/libglib-2.0.so.0
#11 0x00007ffff5d3129d in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#12 0x00007ffff5d31a78 in ?? () from /usr/lib/libglib-2.0.so.0
#13 0x00007ffff5d320ba in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#14 0x00007ffff74542d7 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#15 0x0000000000424a77 in main ()
(gdb)
and yes, the NSPluginViewer bit did occur right there and I have no idea how it could have.
Will post if I get more information, and please let me know if I can help.
(Haven't found a reliable way to reproduce, but I just started doing this against an un-stripped webkitgtk so perhaps I'll learn more as I get this crash and meaningful backtraces.)
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Martin Robinson
What version of WebKitGTK+ did you observe this with?
Max
observed on webkitgtk 1.4.2
Max
Refreshing pages on Google Plus seems to be a reliable way to reproduce. Navigating to Google+ does not seem to cause any issues, but quite often a refresh on a Google+ page will.
Martin Robinson
(In reply to comment #3)
> Refreshing pages on Google Plus seems to be a reliable way to reproduce. Navigating to Google+ does not seem to cause any issues, but quite often a refresh on a Google+ page will.
Do you still see this issue with the 1.8 release?