NEW150666
[GTK] WebKitGtk+ 2.10.0 compiled in Debug mode hits ASSERT on removeListener 
https://bugs.webkit.org/show_bug.cgi?id=150666
Summary [GTK] WebKitGtk+ 2.10.0 compiled in Debug mode hits ASSERT on removeListener
Andres Gomez Garcia
Reported 2015-10-29 03:55:15 PDT
Created attachment 264310 [details] BT from gdb I'm using WebKitGtk+ with my own JHBuild setting: https://github.com/tanty/jhbuild-epiphany/tree/wkgtk-devel Epiphany 3.18.0 and WebKit 2.10.0 I'm running Epiphany with the dconf key: "process-model" = "shared-secondary-process" The compilation was done with CMake args: "-DPORT=GTK -DCMAKE_BUILD_TYPE=Debug -DDEVELOPER_MODE=ON -DCMAKE_C_FLAGS_DEBUG=-g1 -DCMAKE_CXX_FLAGS_DEBUG=-g1" When closing Epiphany, sometimes it will end crashing with a SIGSEV. This bug is not reproducible in a predictable way.
Attachments
BT from gdb (4.32 KB, text/plain)
2015-10-29 03:55 PDT, Andres Gomez Garcia 		no flags
Details
Another similar BT from gdb (17.39 KB, text/plain)
2015-10-30 04:46 PDT, Andres Gomez Garcia 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Carlos Garcia Campos
Comment 1 2015-10-29 04:28:53 PDT
hmm, I fixed this one. Are you sure this is 2.10.0? or 2.10.2? This nshould be fixed by this merge http://trac.webkit.org/changeset/191571/releases/WebKitGTK/webkit-2.10/Source/WebKit2/UIProcess/Storage/StorageManager.cpp
Andres Gomez Garcia
Comment 2 2015-10-29 04:38:44 PDT
$ cat /opt/gnome-os/tanty/epiphany/checkout/webkitgtk-2.10.0/Source/WebKit2/UIProcess/Storage/StorageManager.cpp ... void StorageManager::StorageArea::removeListener(IPC::Connection& connection, uint64_t storageMapID) { ASSERT(m_eventListeners.contains(std::make_pair(&connection, storageMapID))); m_eventListeners.remove(std::make_pair(&connection, storageMapID)); } ...
Andres Gomez Garcia
Comment 3 2015-10-29 04:43:40 PDT
(In reply to comment #1) > hmm, I fixed this one. Are you sure this is 2.10.0? or 2.10.2? This nshould > be fixed by this merge > http://trac.webkit.org/changeset/191571/releases/WebKitGTK/webkit-2.10/ > Source/WebKit2/UIProcess/Storage/StorageManager.cpp I suppose that't the thing, then, right? If you are sure that fixes this bug, this should be closed as DUPLICATED of bug 150315 and that one proposed for merge in 2.10.4
Carlos Garcia Campos
Comment 4 2015-10-29 04:53:19 PDT
(In reply to comment #3) > (In reply to comment #1) > > hmm, I fixed this one. Are you sure this is 2.10.0? or 2.10.2? This nshould > > be fixed by this merge > > http://trac.webkit.org/changeset/191571/releases/WebKitGTK/webkit-2.10/ > > Source/WebKit2/UIProcess/Storage/StorageManager.cpp > > I suppose that't the thing, then, right? > > If you are sure that fixes this bug, this should be closed as DUPLICATED of > bug 150315 and that one proposed for merge in 2.10.4 No, I'm not sure it fixes it, because that ASSERT shouldn't happen in 2.10. It should happen only in trunk between r191333 and r191342. That's why I was surprised this happened in 2.10.0. That merge was already included in 2.10.3
Andres Gomez Garcia
Comment 5 2015-10-30 04:46:53 PDT
Created attachment 264391 [details] Another similar BT from gdb This was obtained using MiniBrowser, not Epiphany, and after hitting bug 150716
Andres Gomez Garcia
Comment 6 2015-10-30 08:16:33 PDT
If we remove this assert, then we hit the assert at: Source/WebKit2/UIProcess/Storage/StorageManager.cpp @@ -182,7 +182,7 @@ StorageManager::StorageArea::StorageArea(LocalStorageNamespace* localStorageName StorageManager::StorageArea::~StorageArea() { ASSERT(m_eventListeners.isEmpty());
Note You need to log in before you can comment on or make changes to this bug.