RESOLVED DUPLICATE of bug 290175283070
[GTK] web process crash when opening inspector in WebCore::AccessibilityAtspi::registerObject 
https://bugs.webkit.org/show_bug.cgi?id=283070
Summary [GTK] web process crash when opening inspector in WebCore::AccessibilityAtspi...
two
Reported 2024-11-13 11:55:11 PST
1. press ctrl+shift+i or inspect element nothing is printed in console/journal (besides the browser's own "web process crashed" message) core dump: ``` (gdb) bt #0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 #1 0x00007ffa4189ae03 in __pthread_kill_internal (threadid=<optimized out>, signo=6) at pthread_kill.c:78 #2 0x00007ffa4184208e in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #3 0x00007ffa41829882 in __GI_abort () at abort.c:79 #4 0x00007ffa4211800f in WTFCrashWithInfo () at WTF/Headers/wtf/Assertions.h:912 #5 0x00007ffa437fad1a in WebCore::AccessibilityAtspi::registerObject (this=<optimized out>, atspiObject=..., interfaces=...) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/accessibility/atspi/AccessibilityAtspi.cpp:347 #6 0x00007ffa437ff786 in WebCore::AccessibilityObjectAtspi::registerObject (this=0x7ffa220088a0) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/accessibility/atspi/AccessibilityObjectAtspi.cpp:496 #7 0x00007ffa437fbd3d in WebCore::AccessibilityObjectAtspi::path (this=0x7ffa220088a0) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/accessibility/atspi/AccessibilityObjectAtspi.cpp:508 #8 WebCore::AccessibilityAtspi::parentChanged (this=<optimized out>, atspiObject=...) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/accessibility/atspi/AccessibilityAtspi.cpp:421 #9 0x00007ffa437ffbc6 in WebCore::AccessibilityObjectAtspi::setParent (this=0x7ffa220088a0, atspiParent=std::optional = {...}) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/accessibility/atspi/AccessibilityObjectAtspi.cpp:536 --Type <RET> for more, q to quit, c to continue without paging-- #10 0x00007ffa437f6dda in WebCore::AXObjectCache::platformPerformDeferredCacheUpdate()::$_0::operator()(WebCore::AXCoreObject const&) const (axObject=..., this=<optimized out>) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/accessibility/atspi/AXObjectCacheAtspi.cpp:55 #11 WebCore::AXObjectCache::platformPerformDeferredCacheUpdate (this=0x7ffa22173200) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/accessibility/atspi/AXObjectCacheAtspi.cpp:64 #12 0x00007ffa437986d9 in WebCore::AXObjectCache::performDeferredCacheUpdate (this=0x7ffa22173200, forceLayout=<optimized out>) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/accessibility/AXObjectCache.cpp:4344 #13 0x00007ffa444f9daf in WebCore::ThreadTimers::sharedTimerFiredInternal (this=0x7ffa220f08d0) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebCore/platform/ThreadTimers.cpp:128 #14 0x00007ffa410d9095 in WTF::RunLoop::TimerBase::TimerBase(WTF::Ref<WTF::RunLoop, WTF::RawPtrTraits<WTF::RunLoop>, WTF::DefaultRefDerefTraits<WTF::RunLoop> >&&)::$_0::operator()(void*) const (userData=0x7ffa467cb120 <WebCore::MainThreadSharedTimer::singleton()::instance+16>, this=<optimized out>) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WTF/wtf/glib/RunLoopGLib.cpp:177 #15 WTF::RunLoop::TimerBase::TimerBase(WTF::Ref<WTF::RunLoop, WTF::RawPtrTraits<WTF::RunLoop>, WTF::DefaultRefDerefTraits<WTF::RunLoop> >&&)::$_0::__invoke(void*) (userData=0x7ffa467cb120 <WebCore::MainThreadSharedTimer::singleton()::instance+16>) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WTF/wtf/glib/RunLoopGLib.cpp:169 #16 0x00007ffa410d8071 in WTF::RunLoop::$_0::operator() (source=0x55d51604e9e0, callback=0x7ffa410d9000 <WTF::RunLoop::TimerBase::TimerBase(WTF::Ref<WTF::RunLoop, WTF::RawPtrTraits<WTF::RunLoop>, WTF::DefaultRefDerefTraits<WTF::RunLoop> >&&)::$_0::__invoke(void*)>, userData=0x7ffa467cb120 <WebCore::MainThreadSharedTimer::singleton()::instance+16>, this=<optimized out>) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WTF/wtf/glib/RunLoopGLib.cpp:53 #17 WTF::RunLoop::$_0::__invoke (source=0x55d51604e9e0, callback=0x7ffa410d9000 <WTF::RunLoop::TimerBase::TimerBase(WTF::Ref<WTF::RunLoop, WTF::RawPtrTraits<WTF::RunLoop>, WTF::DefaultRefDerefTraits<WTF::RunLoop> >&&)::$_0::__invoke(void*)>, userData=0x7ffa467cb120 <WebCore::MainThreadSharedTimer::singleton()::instance+16>) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WTF/wtf/glib/RunLoopGLib.cpp:45 #18 0x00007ffa3d2a2477 in g_main_dispatch (context=context@entry=0x55d5160024b0) at ../glib/gmain.c:3361 #19 0x00007ffa3d2a4787 in g_main_context_dispatch_unlocked (context=0x55d5160024b0) at ../glib/gmain.c:4212 #20 g_main_context_iterate_unlocked (context=0x55d5160024b0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4277 #21 0x00007ffa3d2a5277 in g_main_loop_run (loop=0x55d515ffacd0) at ../glib/gmain.c:4479 #22 0x00007ffa410d86c2 in WTF::RunLoop::run () at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WTF/wtf/glib/RunLoopGLib.cpp:108 #23 0x00007ffa42ac986f in WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess, true>::run (this=0x7ffc7be9c210, argc=<optimized out>, argv=<optimized out>) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebKit/Shared/AuxiliaryProcessMain.h:72 #24 WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainGtk> (argc=<optimized out>, argv=<optimized out>) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebKit/Shared/AuxiliaryProcessMain.h:98 #25 WebKit::WebProcessMain (argc=4, argv=0x7ffc7be9c3a8) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebKit/WebProcess/gtk/WebProcessMainGtk.cpp:106 #26 0x00007ffa4182b188 in __libc_start_call_main (main=main@entry=0x55d4e1b0b150 <main(int, char**)>, argc=argc@entry=4, argv=argv@entry=0x7ffc7be9c3a8) at ../sysdeps/nptl/libc_start_call_main.h:58 #27 0x00007ffa4182b24b in __libc_start_main_impl (main=0x55d4e1b0b150 <main(int, char**)>, argc=4, argv=0x7ffc7be9c3a8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffc7be9c3--Type <RET> for more, q to quit, c to continue without paging--c 98) at ../csu/libc-start.c:360 #28 0x000055d4e1b0b085 in _start () at ../sysdeps/x86_64/start.S:115 (gdb) ```
Attachments
Add attachment proposed patch, testcase, etc.
Milan Crha
Comment 1 2025-09-23 23:20:55 PDT
I get a similar crash when using Flatpak version of Evolution from Flathub.org at (flathub) commit ab8cf90cad6c and org.gnome.Platform/x86_64/48 at commit 0816888983b8, interestingly only when I right-click a message in the Mail view and pick Add Note (or "Edit Note" when the message has a note already), which opens a window with an editor and shortly after I start typing a text into the Plain text body the WebKitWebProcess crashes with the below backtrace. That org.gnome.Platform provides WebKitGTK 2.50.0. When I downgrade the org.gnome.Platform to commit ea15b4a059d247693f633c90db1daa43f9f52e944a1f2bb06fea1f41c57ba206, which has WebKitGTK 2.48.5, then no crash happens. Thread 1 "WebKitWebProces" received signal SIGABRT, Aborted. 0x00007ff40909b344 in __pthread_kill_implementation () from /usr/lib/x86_64-linux-gnu/libc.so.6 (gdb) bt #0 0x00007ff40909b344 in __pthread_kill_implementation () at /usr/lib/x86_64-linux-gnu/libc.so.6 #1 0x00007ff40904250e in raise () at /usr/lib/x86_64-linux-gnu/libc.so.6 #2 0x00007ff409029882 in abort () at /usr/lib/x86_64-linux-gnu/libc.so.6 #3 0x00007ff40992d03f in WTFCrashWithInfo(int, char const*, char const*, int) () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #4 0x00007ff40b33ef43 in WebCore::AccessibilityAtspi::registerObject(WebCore::AccessibilityObjectAtspi&, WTF::Vector<std::pair<_GDBusInterfaceInfo*, _GDBusInterfaceVTable*>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&) () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #5 0x00007ff40b346658 in WebCore::AccessibilityObjectAtspi::registerObject() () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #6 0x00007ff40b346722 in WebCore::AccessibilityObjectAtspi::path() () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #7 0x00007ff40b33fd8d in WebCore::AccessibilityAtspi::parentChanged(WebCore::AccessibilityObjectAtspi&) () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #8 0x00007ff40b3469ce in WebCore::AccessibilityObjectAtspi::setParent(std::optional<WebCore::AccessibilityObjectAtspi*>) () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #9 0x00007ff40b33b70a in WebCore::AXObjectCache::platformPerformDeferredCacheUpdate() () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #10 0x00007ff40b2df644 in WebCore::AXObjectCache::performDeferredCacheUpdate(WebCore::ForceLayout) () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #11 0x00007ff40b7f566d in WebCore::Document::flushDeferredAXObjectCacheUpdate() () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #12 0x00007ff40b81d6c8 in WTF::Detail::CallableWrapper<WebCore::Document::scheduleDeferredAXObjectCacheUpdate()::$_0, void>::call() () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #13 0x00007ff40b874450 in WebCore::EventLoop::run(std::optional<WTF::ApproximateTime>) () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #14 0x00007ff40b9213cf in WebCore::WindowEventLoop::didReachTimeToRun() () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #15 0x00007ff40b922baf in WTF::Detail::CallableWrapper<WebCore::Timer::Timer<WebCore::WindowEventLoop, WebCore::WindowEventLoop>(WebCore::WindowEventLoop&, void (WebCore::WindowEventLoop::*)()) requires WTF::HasRefPtrMemberFunctions<WebCore::WindowEventLoop>::value::{lambda()#1}, void>::call() () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #16 0x00007ff40c081c0c in WebCore::ThreadTimers::sharedTimerFiredInternal() () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #17 0x00007ff4089154f5 in WTF::RunLoop::TimerBase::TimerBase(WTF::Ref<WTF::RunLoop, WTF::RawPtrTraits<WTF::RunLoop>, WTF::DefaultRefDerefTraits<WTF::RunLoop> >&&, WTF::ASCIILiteral)::$_0::__invoke(void*) () at /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.1.so.0 #18 0x00007ff408914581 in WTF::RunLoop::$_0::__invoke(_GSource*, int (*)(void*), void*) () at /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.1.so.0 #19 0x00007ff404bfdbba in g_main_dispatch () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #20 0x00007ff404bffed7 in g_main_context_iterate_unlocked.isra () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 --Type <RET> for more, q to quit, c to continue without paging-- #21 0x00007ff404c009d7 in g_main_loop_run () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #22 0x00007ff408914ae4 in WTF::RunLoop::run() () at /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.1.so.0 #23 0x00007ff40a470c04 in int WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainGtk>(int, char**) () at /usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0 #24 0x00007ff40902b3c8 in __libc_start_call_main () at /usr/lib/x86_64-linux-gnu/libc.so.6 #25 0x00007ff40902b48b in __libc_start_main () at /usr/lib/x86_64-linux-gnu/libc.so.6 #26 0x0000556118912085 in _start ()
Michael Catanzaro
Comment 2 2026-01-06 16:35:36 PST
*** This bug has been marked as a duplicate of bug 290175 ***
Note You need to log in before you can comment on or make changes to this bug.