Closing a tab in Epiphany makes WebKitGTK crash: [340549.969001] epiphany[497780]: segfault at 0 ip 00007fe241add5cb sp 00007fff599bc3e8 error 4 in libwebkit2gtk-4.0.so.37.38.2[7fe241196000+2c31000] [340549.969008] Code: c3 66 0f 1f 44 00 00 48 89 ee 4c 89 e7 ff d3 eb df 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 47 28 48 8b b8 90 01 00 00 <48> 8b 07 48 8b 40 20 48 3b 05 cf 42 4d 02 75 05 31 c0 c3 66 90 ff It happens at least with 2.25.3 and 2.25.4, only with the Wayland GTK backend (works on X11), only when using hardware acceleration. My GPU: Intel HD Graphics 520 (Skylake GT2).
It also happens when closing the web inspector.
You need to attach a backtrace for developers to be able to look at this.
Here it is: #0 0x00007ffff45f2cbb in webkitWebViewBaseMakeGLContextCurrent(_WebKitWebViewBase*) (webkitWebViewBase=<optimized out>) at /usr/lib/gcc/x86_64-pc-linux-gnu/9.1.0/include/g++-v9/bits/unique_ptr.h:357 #1 0x00007ffff46608e4 in WebKit::WebPageProxy::makeGLContextCurrent() (this=<optimized out>) at /var/tmp/portage/net-libs/webkit-gtk-2.25.4/work/webkitgtk-2.25.4/Source/WebKit/UIProcess/gtk/WebPageProxyGtk.cpp:161 #2 0x00007ffff46595fc in WebKit::WaylandCompositor::Surface::setWebPage(WebKit::WebPageProxy*) (this=0x7fff94016a80, webPage=webPage@entry=0x0) at /var/tmp/portage/net-libs/webkit-gtk-2.25.4/work/webkitgtk-2.25.4/Source/WebKit/UIProcess/gtk/WaylandCompositor.cpp:176 #3 0x00007ffff465a599 in WebKit::WaylandCompositor::unregisterWebPage(WebKit::WebPageProxy&) (this=<optimized out>, webPage=...) at /var/tmp/portage/net-libs/webkit-gtk-2.25.4/work/webkitgtk-2.25.4/Source/WebKit/UIProcess/gtk/WaylandCompositor.cpp:574 #4 0x00007ffff4650988 in WebKit::AcceleratedBackingStoreWayland::~AcceleratedBackingStoreWayland() (this=0x7fff940320c0, __in_chrg=<optimized out>) at /var/tmp/portage/net-libs/webkit-gtk-2.25.4/work/webkitgtk-2.25.4/Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreWayland.cpp:144 #5 0x00007ffff46509e9 in WebKit::AcceleratedBackingStoreWayland::~AcceleratedBackingStoreWayland() (this=0x7fff940320c0, __in_chrg=<optimized out>) at /var/tmp/portage/net-libs/webkit-gtk-2.25.4/work/webkitgtk-2.25.4/Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreWayland.cpp:131 #6 0x00007ffff45f1abe in std::default_delete<WebKit::AcceleratedBackingStore>::operator()(WebKit::AcceleratedBackingStore*) const (this=<optimized out>, __ptr=<optimized out>) at /usr/lib/gcc/x86_64-pc-linux-gnu/9.1.0/include/g++-v9/bits/unique_ptr.h:75 #7 0x00007ffff45f1abe in std::unique_ptr<WebKit::AcceleratedBackingStore, std::default_delete<WebKit::AcceleratedBackingStore> >::reset(WebKit::AcceleratedBackingStore*) (__p=<optimized out>, this=<optimized out>) at /usr/lib/gcc/x86_64-pc-linux-gnu/9.1.0/include/g++-v9/bits/unique_ptr.h:399 #8 0x00007ffff45f1abe in std::unique_ptr<WebKit::AcceleratedBackingStore, std::default_delete<WebKit::AcceleratedBackingStore> >::operator=(decltype(nullptr)) (this=<optimized out>) at /usr/lib/gcc/x86_64-pc-linux-gnu/9.1.0/include/g++-v9/bits/unique_ptr.h:333 #9 0x00007ffff45f1abe in webkitWebViewBaseDispose(GObject*) (gobject=0x555556e63c20) at /var/tmp/portage/net-libs/webkit-gtk-2.25.4/work/webkitgtk-2.25.4/Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp:553 #10 0x00007ffff72ee169 in g_object_run_dispose () at /usr/lib64/libgobject-2.0.so.0 #11 0x00007ffff7a053a0 in () at /usr/lib64/libgtk-3.so.0 #12 0x00007ffff7912366 in () at /usr/lib64/libgtk-3.so.0 #13 0x00007ffff72e7b49 in g_closure_invoke () at /usr/lib64/libgobject-2.0.so.0 #14 0x00007ffff72fa4e6 in () at /usr/lib64/libgobject-2.0.so.0 #15 0x00007ffff7302c85 in g_signal_emit_valist () at /usr/lib64/libgobject-2.0.so.0 #16 0x00007ffff73032aa in g_signal_emit () at /usr/lib64/libgobject-2.0.so.0 #17 0x00007ffff7b16b00 in () at /usr/lib64/libgtk-3.so.0 #18 0x00007ffff72ee169 in g_object_run_dispose () at /usr/lib64/libgobject-2.0.so.0 #19 0x00007ffff7a0b272 in () at /usr/lib64/libgtk-3.so.0 #20 0x00007ffff7912366 in () at /usr/lib64/libgtk-3.so.0 #21 0x00007ffff72e7b49 in g_closure_invoke () at /usr/lib64/libgobject-2.0.so.0 #22 0x00007ffff72fa4e6 in () at /usr/lib64/libgobject-2.0.so.0 #23 0x00007ffff7302c85 in g_signal_emit_valist () at /usr/lib64/libgobject-2.0.so.0 #24 0x00007ffff73032aa in g_signal_emit () at /usr/lib64/libgobject-2.0.so.0 #25 0x00007ffff7b16b00 in () at /usr/lib64/libgtk-3.so.0 #26 0x00007ffff72ee169 in g_object_run_dispose () at /usr/lib64/libgobject-2.0.so.0 #27 0x00007ffff78c95ef in () at /usr/lib64/libgtk-3.so.0 #28 0x00007ffff7912366 in () at /usr/lib64/libgtk-3.so.0 #29 0x00007ffff72e7c2b in g_closure_invoke () at /usr/lib64/libgobject-2.0.so.0 #30 0x00007ffff72fa4e6 in () at /usr/lib64/libgobject-2.0.so.0 #31 0x00007ffff7302c85 in g_signal_emit_valist () at /usr/lib64/libgobject-2.0.so.0 #32 0x00007ffff73032aa in g_signal_emit () at /usr/lib64/libgobject-2.0.so.0 #33 0x00007ffff7b16b00 in () at /usr/lib64/libgtk-3.so.0 #34 0x00007ffff72ee169 in g_object_run_dispose () at /usr/lib64/libgobject-2.0.so.0 #35 0x00007ffff7f59ed3 in () at /usr/lib64/epiphany/libephymain.so #36 0x00007ffff7f5a02e in () at /usr/lib64/epiphany/libephymain.so #37 0x00007ffff73d1bc3 in () at /usr/lib64/libgio-2.0.so.0 #38 0x00007ffff73d256d in () at /usr/lib64/libgio-2.0.so.0 #39 0x00007ffff7f7d6b0 in () at /usr/lib64/epiphany/libephymain.so #40 0x00007ffff73d1bc3 in () at /usr/lib64/libgio-2.0.so.0 #41 0x00007ffff73d256d in () at /usr/lib64/libgio-2.0.so.0 #42 0x00007ffff45d2e6f in webkitWebViewRunJavaScriptCallback(API::SerializedScriptValue*, WebCore::ExceptionDetails const&, GTask*) (wkSerializedScriptValue=0x7fff74474990, exceptionDetails=..., task=0x555555dc6490) at DerivedSources/ForwardingHeaders/wtf/DumbPtrTraits.h:43 #43 0x00007ffff4512808 in WTF::Function<void (API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&, WebKit::CallbackBase::Error)>::operator()(API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&, WebKit::CallbackBase::Error) const (in#3=WebKit::CallbackBase::Error::None, in#2=..., in#1=false, in#0=0x7fff74474990, this=0x7fffffffe1b8) at /usr/lib/gcc/x86_64-pc-linux-gnu/9.1.0/include/g++-v9/bits/unique_ptr.h:357 #44 0x00007ffff4512808 in WebKit::GenericCallback<API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&>::performCallbackWithReturnValue(API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&) (returnValue#2=..., returnValue#1=false, returnValue#0=0x7fff74474990, this=0x7fff744a1038) at /var/tmp/portage/net-libs/webkit-gtk-2.25.4/work/webkitgtk-2.25.4/Source/WebKit/UIProcess/GenericCallback.h:109 #45 0x00007ffff4512808 in WebKit::GenericCallback<API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&>::performCallbackWithReturnValue(API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&) (returnValue#2=..., returnValue#1=false, returnValue#0=0x7fff74474990, this=0x7fff744a1038) at /var/tmp/portage/net-libs/webkit-gtk-2.25.4/work/webkitgtk-2.25.4/Source/WebKit/UIProcess/GenericCallback.h:101 #46 0x00007ffff4512808 in WebKit::WebPageProxy::scriptValueCallback(IPC::DataReference const&, bool, WebCore::ExceptionDetails const&, WebKit::CallbackID) (this=<optimized out>, dataReference=..., hadException=<optimized out>, details=..., callbackID=...) at /var/tmp/portage/net-libs/webkit-gtk-2.25.4/work/webkitgtk-2.25.4/Source/WebKit/UIProcess/WebPageProxy.cpp:6554
We have 78 reports of this in Fedora 31 and Fedora 32 so far; that might not seem like much, but before Fedora 31 beta has been released it's pretty bad.
Oh you won't be able to reproduce in Epiphany anymore because I disabled AC mode again due to bug #200575. Current reports are coming from gnome-control-center/gnome-online-accounts.
This is in my TODO already, I know how to fix it, it's not trivial fix, though.
Can you describe what you know? It's probably going to be a F31 release blocker since it happens in gnome-initial-setup, so it will be getting a lot of attention....
Created attachment 378850 [details] Patch
Thanks for the patch. If this patch contains new public API please make sure it follows the guidelines for new WebKit2 GTK+ API. See http://trac.webkit.org/wiki/WebKitGTK/AddingNewWebKit2API
Created attachment 378851 [details] Patch
I've tried attachment 378851 [details] with Epiphany (hardware acceleration enabled) and I get no rendering at all, the pages are white. Closing a tab works.
(In reply to Guilaume Ayoub from comment #11) > I've tried attachment 378851 [details] with Epiphany (hardware acceleration > enabled) and I get no rendering at all, the pages are white. > > Closing a tab works. Weird, I've used ephy for testing it, because this also fixes detaching the a tab from a window (it makes an unrealize -> realize) which was also broken on accelerated compositing mode. Does it work if you resize the window? or if you reload the page?
Are you building with USE_WPE_RENDERER=OFF?
(In reply to Carlos Garcia Campos from comment #12) > Does it work if you resize the window? or if you reload the page? It doesn't. When I activate hardware acceleration with DConf, the content is blank as soon as Epiphany gets the focus. Resizing the window or reloading the page doesn't change anything. I get this error: Cannot create EGL window surface: EGL_BAD_ALLOC When I deactivate hardware acceleration, I have to reload the page to make it appear. Resizing or giving focus doesn't change anything. > Are you building with USE_WPE_RENDERER=OFF? It's OFF.
(In reply to Guilaume Ayoub from comment #14) > (In reply to Carlos Garcia Campos from comment #12) > > Does it work if you resize the window? or if you reload the page? > > It doesn't. > > When I activate hardware acceleration with DConf, the content is blank as > soon as Epiphany gets the focus. Resizing the window or reloading the page > doesn't change anything. Does it happen if you start ephy with AC mode already ondemand or always? > I get this error: > Cannot create EGL window surface: EGL_BAD_ALLOC hmm, and this doesn't happen without the patch? > When I deactivate hardware acceleration, I have to reload the page to make > it appear. Resizing or giving focus doesn't change anything. > > > Are you building with USE_WPE_RENDERER=OFF? > > It's OFF. why?
(In reply to Carlos Garcia Campos from comment #15) > (In reply to Guilaume Ayoub from comment #14) > > (In reply to Carlos Garcia Campos from comment #12) > > > Does it work if you resize the window? or if you reload the page? > > > > It doesn't. > > > > When I activate hardware acceleration with DConf, the content is blank as > > soon as Epiphany gets the focus. Resizing the window or reloading the page > > doesn't change anything. > > Does it happen if you start ephy with AC mode already ondemand or always? It does. > > I get this error: > > Cannot create EGL window surface: EGL_BAD_ALLOC > > hmm, and this doesn't happen without the patch? Actually, I have the same problem without the patch (error and blank page). Something probably happened between 2.25.4 and 2.26.0. I'll try with versions between 2.25.4 and 2.26.0. > > When I deactivate hardware acceleration, I have to reload the page to make > > it appear. Resizing or giving focus doesn't change anything. > > > > > Are you building with USE_WPE_RENDERER=OFF? > > > > It's OFF. > > why? libwpe is not packaged on my system.
OK, the blank page is a different issue, see: https://bugs.webkit.org/show_bug.cgi?id=201505 https://bugzilla.redhat.com/show_bug.cgi?id=1748817 I'll try to reopen this issue, as it also happens on Gentoo. Good news: without your patch, closing a tab makes Epiphany crash, even with blank pages. It's fixed with your patch. So it works for me, even if I now get blank pages because of another bug.
The blank-page bug was caused by a recent version of Mesa. With the older version of Mesa and with your patch, everything seems to work well. I'll try to use Epiphany for hours tomorrow and confirm that everything works fine. Thanks a lot for the hard work!
Committed r249947: <https://trac.webkit.org/changeset/249947>
Looks like we are crashing here again, see bug #200856
Comment 20 should have mentioned Bug 239429 instead of Bug 200856