Bug 175681 - [GTK] webkitgtk 2.17.90 crash on armhf
Summary: [GTK] webkitgtk 2.17.90 crash on armhf
Status: RESOLVED DUPLICATE of bug 175667
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKitGTK (show other bugs)
Version: WebKit Nightly Build
Hardware: PC Linux
: P3 Normal
Assignee: Nobody
URL:
Keywords: Gtk
Depends on:
Blocks:
 
Reported: 2017-08-17 12:49 PDT by Jeremy Bicha
Modified: 2017-08-17 13:48 PDT (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jeremy Bicha 2017-08-17 12:49:54 PDT 
webkit2gtk 2.17.90
Ubuntu 17.10 Alpha

Ubuntu's autopkgtest infrastructure detected a regression in a testsuite run by the Debian sphinx package. The maintainer of that testsuite suspects that this is a webkitgtk bug so I'm filing this issue here.

The test suite can be found at https://anonscm.debian.org/cgit/python-modules/packages/sphinx.git/tree/debian/jstest
Comment 1 Jeremy Bicha 2017-08-17 12:50:20 PDT 
#0  g_utf8_validate (str=str@entry=0xe <error: Cannot access memory at address 0xe>, max_len=max_len@entry=-1, end=end@entry=0x0)
    at ../../../../glib/gutf8.c:1670
#1  0xf6c3a44c in g_variant_new_string (string=0xe <error: Cannot access memory at address 0xe>) at ../../../../glib/gvariant.c:1257
#2  0xf6c3d134 in g_variant_valist_new_nnp (str=0xfffee574, ptr=0xe) at ../../../../glib/gvariant.c:4770
#3  0xf6c3dffe in g_variant_valist_new_leaf (app=0xfffee588, str=0xfffee574) at ../../../../glib/gvariant.c:4962
#4  g_variant_valist_new (str=str@entry=0xfffee574, app=app@entry=0xfffee588) at ../../../../glib/gvariant.c:5144
#5  0xf6c3df4e in g_variant_valist_new (str=str@entry=0xfffee574, app=app@entry=0xfffee588) at ../../../../glib/gvariant.c:5196
#6  0xf6c3e15a in g_variant_new_va (format_string=<optimized out>, endptr=0x0, app=0xfffee588) at ../../../../glib/gvariant.c:5372
#7  0xf6c3e1e6 in g_variant_new (format_string=0xf33335cc "(tsssb)") at ../../../../glib/gvariant.c:5307
#8  0xf3278e70 in Inspector::RemoteInspector::listingForInspectionTarget ()
    at ./Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorGlib.cpp:192
#9  0xf327713c in Inspector::RemoteInspector::listingForTarget () at ./Source/JavaScriptCore/inspector/remote/RemoteInspector.cpp:203
#10 0xf3279af8 in Inspector::RemoteInspector::updateAutomaticInspectionCandidate ()
    at ./Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorGlib.cpp:251
#11 0xf2a4ecc0 in JSGlobalContextCreateInGroup () at ./Source/JavaScriptCore/API/JSContextRef.cpp:144
#12 0xf38d0288 in webkit_web_view_get_javascript_global_context () at ./Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:3154
#13 0xf38d0350 in webkitWebViewRunJavaScriptCallback () at ./Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:3183
#14 0xf38d06e8 in operator() () at ./Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:3210
#15 call () at ./Source/WTF/wtf/Function.h:102
#16 0xf36eb534 in WTF::Function<void (API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&, WebKit::CallbackBase::Error)>::operator()(API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&, WebKit::CallbackBase::Error) const () at ./Source/WTF/wtf/Function.h:56
#17 WebKit::GenericCallback<API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&>::performCallbackWithReturnValue ()
    at ./Source/WebKit/UIProcess/GenericCallback.h:108
#18 WebKit::WebPageProxy::scriptValueCallback () at ./Source/WebKit/UIProcess/WebPageProxy.cpp:5123
#19 0xf3a058b0 in IPC::callMemberFunctionImpl<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(IPC::DataReference const&, bool, WebCore::ExceptionDetails const&, WebKit::CallbackID), std::tuple<IPC::DataReference, bool, WebCore::ExceptionDetails, WebKit::CallbackID>, 0u, 1u, 2u, 3u>(WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(IPC::DataReference const&, bool, WebCore::ExceptionDetails const&, WebKit::CallbackID), std::tuple<IPC::DataReference, bool, WebCore::ExceptionDetails, WebKit::CallbackID>&&, std::integer_sequence<unsigned int, 0u, 1u, 2u, 3u>) ()
    at ./Source/WebKit/Platform/IPC/HandleMessage.h:40
#20 IPC::callMemberFunction<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(IPC::DataReference const&, bool, WebCore::ExceptionDetails const&, WebKit::CallbackID), std::tuple<IPC::DataReference, bool, WebCore::ExceptionDetails, WebKit::CallbackID>, std::integer_sequence<unsigned int, 0u, 1u, 2u, 3u> >(std::tuple<IPC::DataReference, bool, WebCore::ExceptionDetails, WebKit::CallbackID>&&, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(IPC::DataReference const&, bool, WebCore::ExceptionDetails const&, WebKit::CallbackID)) () at ./Source/WebKit/Platform/IPC/HandleMessage.h:46
#21 IPC::handleMessage<Messages::WebPageProxy::ScriptValueCallback, WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(IPC::DataReference const&, bool, WebCore::ExceptionDetails const&, WebKit::CallbackID)> () at ./Source/WebKit/Platform/IPC/HandleMessage.h:126
#22 0xf39fece8 in WebKit::WebPageProxy::didReceiveMessage () at ./obj-arm-linux-gnueabihf/DerivedSources/WebKit2/WebPageProxyMessageReceiver.cpp:666
#23 0xf363afd4 in IPC::MessageReceiverMap::dispatchMessage () at ./Source/WebKit/Platform/IPC/MessageReceiverMap.cpp:123
#24 0xf370f6a8 in WebKit::WebProcessProxy::didReceiveMessage () at ./Source/WebKit/UIProcess/WebProcessProxy.cpp:590
#25 0xf3636ba0 in IPC::Connection::dispatchMessage () at ./Source/WebKit/Platform/IPC/Connection.cpp:928
#26 0xf3637498 in IPC::Connection::dispatchOneMessage () at ./Source/WebKit/Platform/IPC/Connection.cpp:959
#27 0xf3293080 in WTF::Function<void ()>::operator()() const () at ./Source/WTF/wtf/Function.h:56
#28 WTF::RunLoop::performWork () at ./Source/WTF/wtf/RunLoop.cpp:106
#29 0xf32baf10 in operator() () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:68
#30 _FUN () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:70
#31 0xf6c149da in g_main_dispatch (context=0xab0f49f8) at ../../../../glib/gmain.c:3148
#32 g_main_context_dispatch (context=context@entry=0xab0f49f8) at ../../../../glib/gmain.c:3813
#33 0xf6c14c6a in g_main_context_iterate (context=0xab0f49f8, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>)
    at ../../../../glib/gmain.c:3886
#34 0xf6c14f04 in g_main_loop_run (loop=0xab102798) at ../../../../glib/gmain.c:4082
#35 0xf58e71f8 in gtk_main () at ././gtk/gtkmain.c:1322
#36 0xf6bc9c60 in ffi_call_VFP () from /usr/lib/arm-linux-gnueabihf/libffi.so.6
#37 0xf6bca312 in ffi_call () from /usr/lib/arm-linux-gnueabihf/libffi.so.6
#38 0xf6d675ce in ?? () from /usr/lib/python3/dist-packages/gi/_gi.cpython-35dm-arm-linux-gnueabihf.so
Comment 2 Jeremy Bicha 2017-08-17 12:50:48 PDT 
#0  g_log (log_domain=0xf6c483b0 "GLib", log_level=log_level@entry=G_LOG_LEVEL_CRITICAL, format=0xf32ec774 "null")
    at ../../../../glib/gmessages.c:1394
#1  0xf6c198fe in g_return_if_fail_warning (log_domain=<optimized out>, pretty_function=<optimized out>, expression=<optimized out>)
    at ../../../../glib/gmessages.c:2690
#2  0xf6c3a48a in g_variant_new_string (string=<optimized out>) at ../../../../glib/gvariant.c:1256
#3  0xf6c3d134 in g_variant_valist_new_nnp (str=0xfffee574, ptr=0x0) at ../../../../glib/gvariant.c:4770
#4  0xf6c3dffe in g_variant_valist_new_leaf (app=0xfffee588, str=0xfffee574) at ../../../../glib/gvariant.c:4962
#5  g_variant_valist_new (str=str@entry=0xfffee574, app=app@entry=0xfffee588) at ../../../../glib/gvariant.c:5144
#6  0xf6c3df4e in g_variant_valist_new (str=str@entry=0xfffee574, app=app@entry=0xfffee588) at ../../../../glib/gvariant.c:5196
#7  0xf6c3e15a in g_variant_new_va (format_string=<optimized out>, endptr=0x0, app=0xfffee588) at ../../../../glib/gvariant.c:5372
#8  0xf6c3e1e6 in g_variant_new (format_string=0xf33335cc "(tsssb)") at ../../../../glib/gvariant.c:5307
#9  0xf3278e70 in Inspector::RemoteInspector::listingForInspectionTarget ()
    at ./Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorGlib.cpp:192
#10 0xf327713c in Inspector::RemoteInspector::listingForTarget () at ./Source/JavaScriptCore/inspector/remote/RemoteInspector.cpp:203
#11 0xf3279af8 in Inspector::RemoteInspector::updateAutomaticInspectionCandidate ()
    at ./Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorGlib.cpp:251
#12 0xf2a4ecc0 in JSGlobalContextCreateInGroup () at ./Source/JavaScriptCore/API/JSContextRef.cpp:144
#13 0xf38d0288 in webkit_web_view_get_javascript_global_context () at ./Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:3154
#14 0xf38d0350 in webkitWebViewRunJavaScriptCallback () at ./Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:3183
#15 0xf38d06e8 in operator() () at ./Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:3210
#16 call () at ./Source/WTF/wtf/Function.h:102
#17 0xf36eb534 in WTF::Function<void (API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&, WebKit::CallbackBase::Error)>::operator()(API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&, WebKit::CallbackBase::Error) const () at ./Source/WTF/wtf/Function.h:56
#18 WebKit::GenericCallback<API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&>::performCallbackWithReturnValue ()
    at ./Source/WebKit/UIProcess/GenericCallback.h:108
#19 WebKit::WebPageProxy::scriptValueCallback () at ./Source/WebKit/UIProcess/WebPageProxy.cpp:5123
#20 0xf3a058b0 in IPC::callMemberFunctionImpl<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(IPC::DataReference const&, bool, WebCore::ExceptionDetails const&, WebKit::CallbackID), std::tuple<IPC::DataReference, bool, WebCore::ExceptionDetails, WebKit::CallbackID>, 0u, 1u, 2u, 3u>(WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(IPC::DataReference const&, bool, WebCore::ExceptionDetails const&, WebKit::CallbackID), std::tuple<IPC::DataReference, bool, WebCore::ExceptionDetails, WebKit::CallbackID>&&, std::integer_sequence<unsigned int, 0u, 1u, 2u, 3u>) ()
    at ./Source/WebKit/Platform/IPC/HandleMessage.h:40
#21 IPC::callMemberFunction<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(IPC::DataReference const&, bool, WebCore::ExceptionDetails const&, WebKit::CallbackID), std::tuple<IPC::DataReference, bool, WebCore::ExceptionDetails, WebKit::CallbackID>, std::integer_sequence<unsigned int, 0u, 1u, 2u, 3u> >(std::tuple<IPC::DataReference, bool, WebCore::ExceptionDetails, WebKit::CallbackID>&&, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(IPC::DataReference const&, bool, WebCore::ExceptionDetails const&, WebKit::CallbackID)) () at ./Source/WebKit/Platform/IPC/HandleMessage.h:46
#22 IPC::handleMessage<Messages::WebPageProxy::ScriptValueCallback, WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(IPC::DataReference const&, bool, WebCore::ExceptionDetails const&, WebKit::CallbackID)> () at ./Source/WebKit/Platform/IPC/HandleMessage.h:126
#23 0xf39fece8 in WebKit::WebPageProxy::didReceiveMessage () at ./obj-arm-linux-gnueabihf/DerivedSources/WebKit2/WebPageProxyMessageReceiver.cpp:666
#24 0xf363afd4 in IPC::MessageReceiverMap::dispatchMessage () at ./Source/WebKit/Platform/IPC/MessageReceiverMap.cpp:123
#25 0xf370f6a8 in WebKit::WebProcessProxy::didReceiveMessage () at ./Source/WebKit/UIProcess/WebProcessProxy.cpp:590
#26 0xf3636ba0 in IPC::Connection::dispatchMessage () at ./Source/WebKit/Platform/IPC/Connection.cpp:928
#27 0xf3637498 in IPC::Connection::dispatchOneMessage () at ./Source/WebKit/Platform/IPC/Connection.cpp:959
#28 0xf3293080 in WTF::Function<void ()>::operator()() const () at ./Source/WTF/wtf/Function.h:56
#29 WTF::RunLoop::performWork () at ./Source/WTF/wtf/RunLoop.cpp:106
#30 0xf32baf10 in operator() () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:68
#31 _FUN () at ./Source/WTF/wtf/glib/RunLoopGLib.cpp:70
#32 0xf6c149da in g_main_dispatch (context=0xab0f57a8) at ../../../../glib/gmain.c:3148
#33 g_main_context_dispatch (context=context@entry=0xab0f57a8) at ../../../../glib/gmain.c:3813
#34 0xf6c14c6a in g_main_context_iterate (context=0xab0f57a8, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>)
    at ../../../../glib/gmain.c:3886
#35 0xf6c14f04 in g_main_loop_run (loop=0xab1abee8) at ../../../../glib/gmain.c:4082
#36 0xf58e71f8 in gtk_main () at ././gtk/gtkmain.c:1322
#37 0xf6bc9c60 in ffi_call_VFP () from /usr/lib/arm-linux-gnueabihf/libffi.so.6
#38 0xf6bca312 in ffi_call () from /usr/lib/arm-linux-gnueabihf/libffi.so.6
#39 0xf6d675ce in ?? () from /usr/lib/python3/dist-packages/gi/_gi.cpython-35dm-arm-linux-gnueabihf.so
Comment 3 Jeremy Bicha 2017-08-17 12:52:02 PDT 
Quoting the Debian maintainer:

"I am attaching two stacktraces: one for when the actual crash happens,
and another one for the first call of g_log() in the main process, which
happens just before the crash. I could not figure out how to break on
warnings in WebKitWebProcess."
Comment 4 Michael Catanzaro 2017-08-17 13:48:52 PDT 
Thanks for reporting. Should be fixed by r220860 http://trac.webkit.org/changeset/220860/webkit.

*** This bug has been marked as a duplicate of bug 175667 ***