Ubuntu
webkit2gtk package

WebKitWebProcess crashed with SIGSEGV in add<WTF::IdentityHashTranslator<WTF::HashTraits<JSC::MarkedArgumentBuffer>, WTF::PtrHash<JSC::MarkedArgumentBuffer> >, JSC::MarkedArgumentBuffer* const&, JSC::MarkedArgumentBuffer*>()

Bug #1668655 reported by Jeremy Bícha on 2017-02-28

14

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	Epiphany Browser	Unknown	Critical	gnome-bugs #779345
	webkit2gtk (Ubuntu)	Triaged	Medium	Unassigned

Bug Description

Test Case
---------
epiphany-browser -i
Type test in the address bar and select Duck Duck Go.

Page partially loads, then hangs and crashes.

ProblemType: Crash
DistroRelease: Ubuntu 17.04
Package: libwebkit2gtk-4.0-37 2.15.90-1
ProcVersionSignature: Ubuntu 4.10.0-8.10-generic 4.10.0-rc8
Uname: Linux 4.10.0-8-generic x86_64
ApportVersion: 2.20.4-0ubuntu2
Architecture: amd64
CurrentDesktop: GNOME
Date: Tue Feb 28 10:05:04 2017
EcryptfsInUse: Yes
ExecutablePath: /usr/lib/x86_64-linux-gnu/webkit2gtk-4.0/WebKitWebProcess
InstallationDate: Installed on 2017-02-23 (4 days ago)
InstallationMedia: Ubuntu-GNOME 17.04 "Zesty Zapus" - Alpha amd64 (20170219)
ProcCmdline: /usr/lib/x86_64-linux-gnu/webkit2gtk-4.0/WebKitWebProcess 26
ProcEnviron:
TERM=xterm-256color
PATH=(custom, user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SegvAnalysis:
Segfault happened at: 0x7f4944aefb13 <_ZN3JSC20MarkedArgumentBuffer10addMarkSetENS_7JSValueE+99>: mov 0x0(%rbp),%rax
PC (0x7f4944aefb13) ok
source "0x0(%rbp)" (0x00000001) not located in a known VMA region (needed readable region)!
destination "%rax" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: webkit2gtk
StacktraceTop:
JSC::MarkedArgumentBuffer::addMarkSet(JSC::JSValue) () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
JSC::MarkedArgumentBuffer::expandCapacity(int) () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
JSC::CachedCall::CachedCall(JSC::ExecState*, JSC::JSFunction*, int) () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
JSC::operationStringProtoFuncReplaceGeneric(JSC::ExecState*, long, long, long) () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
?? ()
Title: WebKitWebProcess crashed with SIGSEGV in JSC::MarkedArgumentBuffer::addMarkSet()
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sbuild sudo

Tags:

Revision history for this message

Jeremy Bícha (jbicha) wrote on 2017-02-28:

#1

Dependencies.txt Edit (7.5 KiB, text/plain; charset="utf-8")
Disassembly.txt Edit (1.6 KiB, text/plain; charset="utf-8")
JournalErrors.txt Edit (159.5 KiB, text/plain; charset="utf-8")
ProcMaps.txt Edit (87.1 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (1.3 KiB, text/plain; charset="utf-8")
Registers.txt Edit (881 bytes, text/plain; charset="utf-8")
Stacktrace.txt Edit (865 bytes, text/plain; charset="utf-8")
ThreadStacktrace.txt Edit (29.4 KiB, text/plain; charset="utf-8")

Revision history for this message

Apport retracing service (apport) wrote on 2017-02-28:

#2

StacktraceTop:
add<WTF::IdentityHashTranslator<WTF::HashTraits<JSC::MarkedArgumentBuffer*>, WTF::PtrHash<JSC::MarkedArgumentBuffer*> >, JSC::MarkedArgumentBuffer* const&, JSC::MarkedArgumentBuffer*> (extra=<optimized out>, key=<optimized out>, this=0x1) at ./Source/WTF/wtf/HashTable.h:868
add (value=<optimized out>, this=0x1) at ./Source/WTF/wtf/HashTable.h:387
add (value=<optimized out>, this=<optimized out>) at ./Source/WTF/wtf/HashSet.h:223
JSC::MarkedArgumentBuffer::addMarkSet (this=this@entry=0x7ffd38414e68, v=...) at ./Source/JavaScriptCore/runtime/ArgList.cpp:42
JSC::MarkedArgumentBuffer::expandCapacity (this=this@entry=0x7ffd38414e68, newCapacity=newCapacity@entry=9) at ./Source/JavaScriptCore/runtime/ArgList.cpp:85

Revision history for this message

Apport retracing service (apport) wrote on 2017-02-28: Stacktrace.txt

#3

Stacktrace.txt Edit (7.9 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2017-02-28: StacktraceSource.txt

#4

StacktraceSource.txt Edit (8.0 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2017-02-28: ThreadStacktrace.txt

#5

ThreadStacktrace.txt Edit (111.2 KiB, text/plain)

Changed in webkit2gtk (Ubuntu):
importance:	Undecided → Medium
summary:	WebKitWebProcess crashed with SIGSEGV in - JSC::MarkedArgumentBuffer::addMarkSet() + add<WTF::IdentityHashTranslator<WTF::HashTraits<JSC::MarkedArgumentBuffer>, + WTF::PtrHash<JSC::MarkedArgumentBuffer> >, JSC::MarkedArgumentBuffer* + const&, JSC::MarkedArgumentBuffer*>()
tags:	removed: need-amd64-retrace

Bug Watch Updater (bug-watch-updater) on 2017-02-28

Changed in epiphany-browser:
importance:	Unknown → Critical
status:	Unknown → Incomplete

Jeremy Bícha (jbicha) on 2017-02-28

information type:	Private → Public
Changed in webkit2gtk (Ubuntu):
status:	New → Triaged

Bug Watch Updater (bug-watch-updater) on 2017-03-01

Changed in epiphany-browser:
status:	Incomplete → Unknown

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

gnome-bugs #779345
[RESOLVED NOTGNOME] Edit

Bug watches keep track of this bug in other bug trackers.