Context Navigation

← Previous Ticket
Next Ticket →

#50339 closed defect (fixed)

webkit2-gtk @2.11.3_1: causes yelp, epiphany to segfault on startup

Reported by:	dbevans (David B. Evans)	Owned by:	jeremyhu (Jeremy Huddleston Sequoia)
Priority:	Normal	Milestone:
Component:	ports	Version:
Keywords:		Cc:
Port:	webkit2-gtk

Description (last modified by dbevans (David B. Evans))

After upgrading webkit2-gtk to version @2.11.3_1 (r144682), yelp emits the following output on startup and segfaults

$ yelp
1   0x1102f0c8f
2   0x1102cb598
3   0x10f471af1
4   0x10f4c2c86
5   0x10f4c2b18
6   0x10f5e0e0d
7   0x11220da8b
8   0x1121fb5d0
9   0x1121fb4c7
10  0x10f5dc65b
11  0x10f0366ae
12  0x10f036646
13  0x10f001234
14  0x10f0010fa
15  0x1121fc024
16  0x1121fb691
17  0x1121fb4c7
18  0x1121fae66
19  0x10f000bf8
20  0x10f000534
21  0x1121f5b57
22  0x11220b2af
23  0x11220bc22
24  0x10f06f2e2
25  0x112b49663
26  0x112b4994d
27  0x112b499a5
28  0x1120f1ce2
29  0x10f00460c
30  0x7fff935a25ad
31  0x1
Segmentation fault: 11

running in the debugger yields

(lldb) run
Process 5953 launched: '/opt/local/bin/yelp' (x86_64)
1   0x1012d1c8f
2   0x1012ac598
3   0x100452af1
4   0x1004a3c86
5   0x1004a3b18
6   0x1005c1e0d
7   0x1031c6a8b
8   0x1031b45d0
9   0x1031b44c7
10  0x1005bd65b
11  0x10003b6ae
12  0x10003b646
13  0x10000a234
14  0x10000a0fa
15  0x1031b5024
16  0x1031b4691
17  0x1031b44c7
18  0x1031b3e66
19  0x100009bf8
20  0x100009534
21  0x1031aeb57
22  0x1031c42af
23  0x1031c4c22
24  0x10006d2e2
25  0x103afa663
26  0x103afa94d
27  0x103afa9a5
28  0x1030aace2
29  0x10000d60c
30  0x7fff935a25ad
Process 5953 stopped
* thread #1: tid = 0x118ff1, 0x00000001012a72c4 libwebkit2gtk-4.0.37.dylib`WTFCrash + 62, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xbbadbeef)
    frame #0: 0x00000001012a72c4 libwebkit2gtk-4.0.37.dylib`WTFCrash + 62
libwebkit2gtk-4.0.37.dylib`WTFCrash:
->  0x1012a72c4 <+62>: movl   $0x0, (%rax)
    0x1012a72ca <+68>: ud2    

libwebkit2gtk-4.0.37.dylib`WTFCrashWithSecurityImplication:
    0x1012a72cc <+0>:  pushq  %rbp
    0x1012a72cd <+1>:  movq   %rsp, %rbp
(lldb) bt
* thread #1: tid = 0x118ff1, 0x00000001012a72c4 libwebkit2gtk-4.0.37.dylib`WTFCrash + 62, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xbbadbeef)
  * frame #0: 0x00000001012a72c4 libwebkit2gtk-4.0.37.dylib`WTFCrash + 62
    frame #1: 0x00000001012d170b libwebkit2gtk-4.0.37.dylib`WTF::ThreadIdentifierData::initialize(unsigned int) + 63
    frame #2: 0x00000001012d1c8f libwebkit2gtk-4.0.37.dylib`WTF::currentThread() + 44
    frame #3: 0x00000001012ac598 libwebkit2gtk-4.0.37.dylib`WTF::initializeMainThread() + 28
    frame #4: 0x0000000100452af1 libwebkit2gtk-4.0.37.dylib`WebKit::InitializeWebKit2() + 14
    frame #5: 0x00000001004a3c86 libwebkit2gtk-4.0.37.dylib`WebKit::WebPreferences::WebPreferences(WTF::String const&, WTF::String const&, WTF::String const&) + 28
    frame #6: 0x00000001004a3b18 libwebkit2gtk-4.0.37.dylib`WebKit::WebPreferences::create(WTF::String const&, WTF::String const&, WTF::String const&) + 56
    frame #7: 0x00000001005c1e0d libwebkit2gtk-4.0.37.dylib`_WebKitSettingsPrivate::_WebKitSettingsPrivate() + 85
    frame #8: 0x00000001031c6a8b libgobject-2.0.0.dylib`g_type_create_instance + 662
    frame #9: 0x00000001031b45d0 libgobject-2.0.0.dylib`g_object_new_internal + 52
    frame #10: 0x00000001031b44c7 libgobject-2.0.0.dylib`g_object_new_valist + 961
    frame #11: 0x00000001005bd65b libwebkit2gtk-4.0.37.dylib`webkit_settings_new_with_settings + 164
    frame #12: 0x000000010003b6ae libyelp.0.dylib`yelp_view_get_global_settings + 46
    frame #13: 0x000000010003b646 libyelp.0.dylib`yelp_view_new + 22
    frame #14: 0x000000010000a234 yelp`window_construct + 132
    frame #15: 0x000000010000a0fa yelp`yelp_window_set_property + 106
    frame #16: 0x00000001031b5024 libgobject-2.0.0.dylib`object_set_property + 358
    frame #17: 0x00000001031b4691 libgobject-2.0.0.dylib`g_object_new_internal + 245
    frame #18: 0x00000001031b44c7 libgobject-2.0.0.dylib`g_object_new_valist + 961
    frame #19: 0x00000001031b3e66 libgobject-2.0.0.dylib`g_object_new + 179
    frame #20: 0x0000000100009bf8 yelp`yelp_window_new + 40
    frame #21: 0x0000000100009534 yelp`application_uri_resolved + 244
    frame #22: 0x00000001031aeb57 libgobject-2.0.0.dylib`_g_closure_invoke_va + 267
    frame #23: 0x00000001031c42af libgobject-2.0.0.dylib`g_signal_emit_valist + 1201
    frame #24: 0x00000001031c4c22 libgobject-2.0.0.dylib`g_signal_emit + 134
    frame #25: 0x000000010006d2e2 libyelpcommon.dylib`resolve_final + 210
    frame #26: 0x0000000103afa663 libglib-2.0.0.dylib`g_main_context_dispatch + 276
    frame #27: 0x0000000103afa94d libglib-2.0.0.dylib`g_main_context_iterate + 413
    frame #28: 0x0000000103afa9a5 libglib-2.0.0.dylib`g_main_context_iteration + 55
    frame #29: 0x00000001030aace2 libgio-2.0.0.dylib`g_application_run + 410
    frame #30: 0x000000010000d60c yelp`main + 156
    frame #31: 0x00007fff935a25ad libdyld.dylib`start + 1
    frame #32: 0x00007fff935a25ad libdyld.dylib`start + 1

After reverting to webkit2-gtk @2.11.3_0, yelp once again runs as expected.

Observed running El Capitan 10.11.3 beta

Change History (10)

comment:1 Changed 9 years ago by dbevans (David B. Evans)

Description:	modified (diff)

comment:2 Changed 9 years ago by dbevans (David B. Evans)

Although epiphany now builds without error, it fails identically at start up in WebKit::InitializeWebKit2().

comment:3 Changed 9 years ago by dbevans (David B. Evans)

Summary:	webkit2-gtk @2.11.3_1: causes yelp to segfault on startup → webkit2-gtk @2.11.3_1: causes yelp, epiphany to segfault on startup

comment:4 Changed 9 years ago by jeremyhu (Jeremy Huddleston Sequoia)

void ThreadIdentifierData::initialize(ThreadIdentifier id)
{
    ASSERT(!identifier());
    // Ideally we'd have this as a release assert everywhere, but that would hurt performane.
    // Having this release assert here means that we will catch "didn't call
    // WTF::initializeThreading() soon enough" bugs in release mode.
    RELEASE_ASSERT(m_key != PTHREAD_KEYS_MAX);
    pthread_setspecific(m_key, new ThreadIdentifierData(id));
}

It looks like this is built with -NDEBUG, so the ASSERT() should be a no-op. I suspect the (m_key != PTHREAD_KEYS_MAX) is failing for some reason.

comment:5 Changed 9 years ago by jeremyhu (Jeremy Huddleston Sequoia)

Yep. I replaced that with a real assert() and that's indeed what is failing:

$ /opt/local/bin/MiniBrowser 
Assertion failed: (m_key != PTHREAD_KEYS_MAX), function identifier, file /opt/local/var/macports/build/_Volumes_Home_jeremy_src_macports_trunk_dports_www_webkit2-gtk/webkit2-gtk/work/webkitgtk-2.11.3/Source/WTF/wtf/ThreadIdentifierDataPthreads.cpp, line 64.
Abort trap: 6

Last edited 9 years ago by jeremyhu (Jeremy Huddleston Sequoia) (previous) (diff)

comment:6 Changed 9 years ago by jeremyhu (Jeremy Huddleston Sequoia)

https://bugs.webkit.org/show_bug.cgi?id=153176

comment:7 Changed 9 years ago by jeremyhu (Jeremy Huddleston Sequoia)

r144747

comment:8 Changed 9 years ago by jeremyhu (Jeremy Huddleston Sequoia)

Ugg. And it looks like there are other places that this needs to be fixed. I see WebKitWebProcess has a static copy of libWTFGTK.a linked into it as well. sigh.

comment:9 Changed 9 years ago by jeremyhu (Jeremy Huddleston Sequoia)

Resolution:	→ fixed
Status:	new → closed

Ok, I think we're finally in business with r144750. MiniBrowser is working well for me. I didn't test +quartz.

comment:10 Changed 9 years ago by dbevans (David B. Evans)

Looks good to me. Latest stable versions of yelp, epiphany and devhelp using webkit2-gtk all working as expected and pushed to trunk. Thanks.

Note: See TracTickets for help on using tickets.

Download in other formats: