+1. This has been a blocking regression for my application that relies on offscreen windows to generate web view snapshots.

Please attach a stack trace taken using the environment variable G_DEBUG=fatal-criticals.

Created attachment 475422 [details] Crash backtrace WebKit: 2.48.1-0ubuntu0.24.04.1 GTK: 3.24.41-4ubuntu1.2 Application code: #include <gtk/gtk.h> #include <webkit2/webkit2.h> int main (int argc, char *argv[]) { gtk_init(&argc, &argv); auto *window = GTK_OFFSCREEN_WINDOW(gtk_offscreen_window_new()); auto *web_view = WEBKIT_WEB_VIEW(webkit_web_view_new()); gtk_container_add(GTK_CONTAINER(window), GTK_WIDGET(web_view)); gtk_widget_show_all(GTK_WIDGET(window)); gtk_main(); return 0; }

Try following these instructions to take the stack trace: https://handbook.gnome.org/issues/stack-traces.html

Created attachment 475424 [details] stack trace

Created attachment 475425 [details] stack trace

Created attachment 475426 [details] stack trace

I think this is a GTK 3 bug, because gdk_window_new() is not documented to be nullable. Not worth reporting, because this API is gone in GTK 4.

Also, this WebKit code hasn't been touched in a couple years, so I have no clue why it regressed recently. But whatever.

Pull request: https://github.com/WebKit/WebKit/pull/46091

Hi, I re-built the latest Debian package libwebkit2gtk-4.1-0_2.48.3-1~deb12u1_amd64.deb with a slightly modified version your patch/PR (as I think calling gdk_window_new() with a NULL arg might cause the CRITICAL on Trixie, see my message https://lists.webkit.org/pipermail/webkit-gtk/2025-June/004052.html) <snip> --- webkit2gtk-2.48.1/Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp.orig 2025-06-05 13:39:24.056402262 +0000 +++ webkit2gtk-2.48.1/Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp 2025-06-05 13:44:41.788305280 +0000 @@ -651,12 +651,14 @@ gint attributesMask = GDK_WA_X | GDK_WA_Y | GDK_WA_VISUAL; - GdkWindow* window = gdk_window_new(gtk_widget_get_parent_window(widget), &attributes, attributesMask); - gtk_widget_set_window(widget, window); - gdk_window_set_user_data(window, widget); + if (gtk_widget_get_parent_window(widget) != NULL) { + GdkWindow* window = gdk_window_new(gtk_widget_get_parent_window(widget), &attributes, attributesMask); + gtk_widget_set_window(widget, window); + gdk_window_set_user_data(window, widget); - auto* monitor = gdk_display_get_monitor_at_window(gtk_widget_get_display(widget), window); - webkitWebViewBaseUpdateDisplayID(webView, monitor); + auto* monitor = gdk_display_get_monitor_at_window(gtk_widget_get_display(widget), window); + webkitWebViewBaseUpdateDisplayID(webView, monitor); + } #endif auto* imContext = priv->inputMethodFilter.context(); </snip> Now, the sample code from my aforementioned messages crashed at a different place, but at least I now can provide a BT: <snip> #0 WebKit::ToplevelWindow::isInMonitor() const () at ./build-soup3/./Source/WebKit/UIProcess/API/gtk/ToplevelWindow.cpp:147 #1 0x00007ffff366c43a in webkitWebViewBaseUpdateVisibility() () at ./build-soup3/./Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp:491 #2 0x00007ffff366f330 in webkitWebViewBaseMap() () at ./build-soup3/./Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp:1085 #3 0x00007ffff7f4e4e0 in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #4 0x00007ffff7f67bbf in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #5 0x00007ffff7f67dbf in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #6 0x00007ffff2179fa2 in gtk_widget_map () at /lib/x86_64-linux-gnu/libgtk-3.so.0 #7 0x00007ffff2193050 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0 #8 0x00007ffff7f4e5a9 in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #9 0x00007ffff7f67bbf in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #10 0x00007ffff7f67dbf in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #11 0x00007ffff2179fa2 in gtk_widget_map () at /lib/x86_64-linux-gnu/libgtk-3.so.0 #12 0x00007ffff203d793 in () at /lib/x86_64-linux-gnu/libgtk-3.so.0 #13 0x00007ffff7f4e3b0 in g_closure_invoke () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #14 0x00007ffff7f60d2d in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #15 0x00007ffff7f67bf5 in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #16 0x00007ffff7f67dbf in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #17 0x00007ffff2173d16 in gtk_widget_show () at /lib/x86_64-linux-gnu/libgtk-3.so.0 #18 0x0000555555555446 in activate (app=<optimized out>, user_data=<optimized out>) at sample.c:37 context = 0x555555769190 offline_window = 0x5555558b6520 view = 0x55555562f8e0 surface = 0x0 #19 0x00007ffff7f4e3b0 in g_closure_invoke () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #20 0x00007ffff7f61076 in () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #21 0x00007ffff7f67bf5 in g_signal_emit_valist () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #22 0x00007ffff7f67dbf in g_signal_emit () at /lib/x86_64-linux-gnu/libgobject-2.0.so.0 #23 0x00007ffff1bc5438 in () at /lib/x86_64-linux-gnu/libgio-2.0.so.0 #24 0x00007ffff1bc55c6 in g_application_run () at /lib/x86_64-linux-gnu/libgio-2.0.so.0 #25 0x0000555555555251 in main (argc=<optimized out>, argv=<optimized out>) at sample.c:75 app = 0x5555555860f0 status = <optimized out> </snip> Thanks, Albrecht.

(In reply to Michael Catanzaro from comment #8) > I think this is a GTK 3 bug, because gdk_window_new() is not documented to > be nullable. Not worth reporting, because this API is gone in GTK 4. At least in Debian Bookworm, the last update of libgtk-3-0 was <snip> gtk+3.0 (3.24.38-2~deb12u3) bookworm; urgency=medium * Non-maintainer upload. * d/p/atk_focus_tracker_notify.deprecated.patch: Fix letting Orca announce initial focus (Closes: #1084489) -- Samuel Thibault <sthibault@debian.org> Fri, 25 Oct 2024 20:17:45 +0200 </snip> but as I noted in https://lists.webkit.org/pipermail/webkit-gtk/2025-June/004052.html, the crashes occur since the update to libwebkit2gtk-4.1-0 2.48, i.e. after 2025-03-14. Thus IMHO a Gtk bug is unlikely.

Pull request: https://github.com/WebKit/WebKit/pull/46494

Committed 296038@main (bee121586080): <https://commits.webkit.org/296038@main> Reviewed commits have been landed. Closing PR #46494 and removing active labels.