Ubuntu
webkit2gtk package

GNOME Shell browser plugin is crashy

Bug #1636616 reported by errors.ubuntu.com bug bridge
30
This bug affects 3 people
Affects Status Importance Assigned to Milestone
GNOME Shell
Confirmed
Wishlist
Ubuntu GNOME
Fix Released
High
Unassigned
WebKit
Invalid
Medium
gnome-shell (Ubuntu)
Fix Released
High
Unassigned
Trusty
Triaged
High
Unassigned
Xenial
Fix Released
High
Unassigned
Yakkety
Fix Released
High
Unassigned
webkit2gtk (Ubuntu)
Invalid
High
Unassigned
Trusty
Invalid
Undecided
Unassigned
Xenial
Invalid
Undecided
Unassigned
Yakkety
Invalid
Undecided
Unassigned

Bug Description

Impact
======
The GNOME Shell browser plugin is unstable when Epiphany (the GNOME Web browser app) access https://extensions.gnome.org/

Steps to Reproduce
==================

- From Ubuntu GNOME 16.04 LTS or 16.10, install epiphany-browser
- Browse to https://extensions.gnome.org/
- Click around. Eventually, the gnome-shell plugin will crash. This might be triggered by visiting https://extensions.gnome.org/local/
- You can tell it crashed because /var/crash/ will get a file that looks something like _usr_lib_x86_64-linux-gnu_webkit2gtk-4.0_WebKitPluginProcess.1000.crash

Also, the website may display this message:

"We cannot detect a running copy of GNOME on this system, so some parts of the interface may be disabled. See our troubleshooting entry for more information."

- Reloading the page seems to work.

Regression Potential
====================
Minimal. This one-line change was applied to GNOME Shell 3.18+'s git branches.

Other Notes
===========
errors.ubuntu.com title: /usr/lib/x86_64-linux-gnu/webkit2gtk-4.0/WebKitPluginProcess:11:WebKit::NPN_InvokeDefault:on_shell_signal:ffi_call_unix64:ffi_call:g_cclosure_marshal_generic

The Ubuntu Error Tracker has been receiving reports about a problem regarding webkit2gtk. This problem was most recently seen with package version 2.14.1-0ubuntu1, the problem page at https://errors.ubuntu.com/problem/18b5e69225bd63387d958707585693d52919b7c4 contains more details, including versions of packages affected, stacktrace or traceback, and individual crash reports.
If you do not have access to the Ubuntu Error Tracker you can request it at http://forms.canonical.com/reports/.

For Ubuntu 14.04 LTS, this looks like
https://errors.ubuntu.com/problem/d82fc6307d154215a430d8db285e274636e5ccc3

See original description
Revision history for this message
In , Mcatanzaro (mcatanzaro) wrote :

Tracker for GNOME Shell browser plugin crashes, since we still have many of these even after all the fixes that went into 3.18.3.

Since this plugin is going away, these crashes are only important if they turn out to be WebKit bugs and not GNOME Shell bugs.

Jeremy Bícha (jbicha)
description: updated
Changed in webkit2gtk (Ubuntu):
importance: Undecided → High
Changed in gnome-shell (Ubuntu):
importance: Undecided → High
status: New → Confirmed
Changed in webkit2gtk (Ubuntu):
status: New → Confirmed
Changed in ubuntu-gnome:
importance: Undecided → High
status: New → Confirmed
Jeremy Bícha (jbicha)
description: updated
description: updated
description: updated
summary: - /usr/lib/x86_64-linux-
- gnu/webkit2gtk-4.0/WebKitPluginProcess:11:WebKit::NPN_InvokeDefault:on_shell_signal:ffi_call_unix64:ffi_call:g_cclosure_marshal_generic
+ GNOME Shell browser plugin is crashy
Jeremy Bícha (jbicha)
Changed in gnome-shell (Ubuntu):
status: Confirmed → Triaged
Changed in webkit2gtk (Ubuntu):
status: Confirmed → Triaged
Changed in ubuntu-gnome:
status: Confirmed → Triaged
description: updated
tags: added: zesty
Bug Watch Updater (bug-watch-updater)
Changed in gnome-shell:
importance: Unknown → Wishlist
status: Unknown → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in webkit-open-source:
importance: Unknown → Medium
status: Unknown → Confirmed
Revision history for this message
In , Mcatanzaro (mcatanzaro) wrote :

(In reply to comment #0)
> Since this plugin is going away, these crashes are only important if they
> turn out to be WebKit bugs and not GNOME Shell bugs.

This plugin is still alive. :(

Revision history for this message
In , Cgarcia-f (cgarcia-f) wrote :

All the crashes are actually the same problem in the end, but the crash happens at different moments. It's not a bug in WebKit, even though we could protect WebKit from crashing due to buggy plugins in some cases like in bug #137425. The bug in in the plugin that is not retaining the np object when returning it from NPP_GetValue. WebKit assumes the the plugin does the right think and releases that given reference. At some point the object is released and deallocated and both the plugin and WebKit still have references to the object thinking that it's still alive. That's why the crash is sometimes in the plugin when it tries to use the np object, or in WebKit for the very same reason. I don't know why it doesn't happen in other browsers, looking at firefox code they also release the object right after creating the internal wrapper in NPP_GetValue, I guess they keep another reference somewhere else. In WebKit, the mac port has a quirk PluginQuirks::ReturnsNonRetainedScriptableNPObject for this. In our case I'll just fix the plugin.

Bug Watch Updater (bug-watch-updater)
Changed in webkit-open-source:
status: Confirmed → Invalid
Jeremy Bícha (jbicha)
Changed in webkit2gtk (Ubuntu):
status: Triaged → Invalid
Changed in gnome-shell (Ubuntu):
status: Triaged → Fix Committed
Changed in webkit2gtk (Ubuntu Xenial):
status: New → Invalid
Changed in webkit2gtk (Ubuntu Yakkety):
status: New → Invalid
Changed in gnome-shell (Ubuntu Xenial):
status: New → Triaged
importance: Undecided → High
Changed in gnome-shell (Ubuntu Yakkety):
status: New → Triaged
importance: Undecided → High
Jeremy Bícha (jbicha)
Changed in webkit2gtk (Ubuntu Trusty):
status: New → Invalid
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-shell (Ubuntu Trusty):
status: New → Confirmed
Jeremy Bícha (jbicha)
Changed in gnome-shell (Ubuntu Trusty):
importance: Undecided → High
status: Confirmed → Triaged
tags: added: trusty
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnome-shell - 3.22.1-1ubuntu2

---------------
gnome-shell (3.22.1-1ubuntu2) zesty; urgency=medium

  * Add git_fix-browser-plugin-crash.patch:
    - Fix crash in browser plugin (LP: #1636616)

 -- Jeremy Bicha <email address hidden> Sat, 29 Oct 2016 15:05:29 -0400

Changed in gnome-shell (Ubuntu):
status: Fix Committed → Fix Released
Jeremy Bícha (jbicha)
Changed in gnome-shell (Ubuntu Yakkety):
status: Triaged → In Progress
Changed in gnome-shell (Ubuntu Xenial):
status: Triaged → In Progress
Revision history for this message
Chris Halse Rogers (raof) wrote : Please test proposed package

Hello errors.ubuntu.com, or anyone else affected,

Accepted gnome-shell into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gnome-shell/3.18.5-0ubuntu0.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in gnome-shell (Ubuntu Xenial):
status: In Progress → Fix Committed
tags: added: verification-needed
Revision history for this message
Chris Halse Rogers (raof) wrote :

Hello errors.ubuntu.com, or anyone else affected,

Accepted gnome-shell into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gnome-shell/3.20.4-0ubuntu2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in gnome-shell (Ubuntu Yakkety):
status: In Progress → Fix Committed
Revision history for this message
Jeremy Bícha (jbicha) wrote :

I tested gnome-shell in Ubuntu GNOME 16.04 LTS and 16.10. I was able to reproduce the crash with epiphany-browser (very easily in 16.10). After updating gnome-shell to the version in xenial-proposed and yakkety-proposed, I was unable to reproduce the crash so I'm marking this bug fix as verified.

tags: added: verification-done
removed: verification-needed
Revision history for this message
Brian Murray (brian-murray) wrote : Update Released

The verification of the Stable Release Update for gnome-shell has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnome-shell - 3.20.4-0ubuntu2

---------------
gnome-shell (3.20.4-0ubuntu2) yakkety; urgency=medium

  * Add git_fix-browser-plugin-crash.patch:
    - Fix crash in browser plugin (LP: #1636616)

 -- Jeremy Bicha <email address hidden> Sat, 29 Oct 2016 16:15:41 -0400

Changed in gnome-shell (Ubuntu Yakkety):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnome-shell - 3.18.5-0ubuntu0.2

---------------
gnome-shell (3.18.5-0ubuntu0.2) xenial; urgency=medium

  * Add git_fix-browser-plugin-crash.patch:
    - Fix crash in browser plugin (LP: #1636616)

 -- Jeremy Bicha <email address hidden> Sat, 29 Oct 2016 16:19:15 -0400

Changed in gnome-shell (Ubuntu Xenial):
status: Fix Committed → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in gnome-shell:
status: Confirmed → Won't Fix
Bug Watch Updater (bug-watch-updater)
Changed in gnome-shell:
status: Won't Fix → Confirmed
Revision history for this message
Jeremy Bícha (jbicha) wrote :

I'm closing the Ubuntu GNOME task since Ubuntu GNOME 14.04 LTS will no longer be supported in one week. If you are affected by this issue, please upgrade to Ubuntu GNOME 16.04 LTS.

Changed in ubuntu-gnome:
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.