[Webkit-unassigned] [Bug 183289] New: Crash when using Wayland and QXL or VirtIO graphics

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Mar 2 08:14:23 PST 2018


https://bugs.webkit.org/show_bug.cgi?id=183289

            Bug ID: 183289
           Summary: Crash when using Wayland and QXL or VirtIO graphics
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Gtk
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: fcrozat at suse.com
                CC: bugs-noreply at webkitgtk.org

When starting Evolution 3.26.5 on a VM running Wayland with QXL / VirtIO driver, evolution crashes (there is similar bug report when using yelp : https://bugzilla.gnome.org/show_bug.cgi?id=790811 )

Stacktrace: 

This is a crash in Mesa code, but probably due to Webkit wayland code with a NULL display_name. 

Thread 1 "evolution" received signal SIGSEGV, Segmentation fault.
__strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:120
120             movdqu  (%rax), %xmm4
(gdb) bt
#0  __strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:120
#1  0x00007ffff2b3f20e in __GI___strdup (s=s at entry=0x0) at strdup.c:41
#2  0x00007fffbc3eb02a in wayland_drm_init (display=display at entry=0x5555559a3320, device_name=0x0, 
    callbacks=callbacks at entry=0x7fffffffc130, user_data=user_data at entry=0x5555569ae5e0, flags=0)
    at wayland-drm.c:252
#3  0x00007fffbc3de491 in dri2_bind_wayland_display_wl (drv=<optimized out>, disp=0x5555569ae5e0, 
    wl_dpy=0x5555559a3320) at drivers/dri2/egl_dri2.c:2771
#4  0x00007fffbc3d4368 in eglBindWaylandDisplayWL (dpy=0x5555569ae5e0, display=0x5555559a3320)
    at main/eglapi.c:2178
#5  0x00007ffff3da5e22 in WebKit::WaylandCompositor::WaylandCompositor ()
    at /usr/src/debug/webkit2gtk3-2.18.6-2.19.x86_64/Source/WebKit/UIProcess/gtk/WaylandCompositor.cpp:514
#6  0x00007ffff3da60d8 in WTF::NeverDestroyed<WebKit::WaylandCompositor>::NeverDestroyed<>() ()
    at /usr/src/debug/webkit2gtk3-2.18.6-2.19.x86_64/Source/WTF/wtf/NeverDestroyed.h:50
#7  WebKit::WaylandCompositor::singleton ()
    at /usr/src/debug/webkit2gtk3-2.18.6-2.19.x86_64/Source/WebKit/UIProcess/gtk/WaylandCompositor.cpp:84
#8  0x00007ffff3b814e5 in WebKit::WebProcessPool::createNewWebProcess ()
    at /usr/src/debug/webkit2gtk3-2.18.6-2.19.x86_64/Source/WebKit/UIProcess/WebProcessPool.cpp:758
#9  0x00007ffff3b81b59 in WebKit::WebProcessPool::createWebPage ()
    at /usr/src/debug/webkit2gtk3-2.18.6-2.19.x86_64/Source/WebKit/UIProcess/WebProcessPool.cpp:954
#10 0x00007ffff3d84f21 in webkitWebViewBaseCreateWebPage ()
    at /usr/src/debug/webkit2gtk3-2.18.6-2.19.x86_64/Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp:1183
#11 0x00007ffff3d62e44 in webkitWebContextCreatePageForWebView ()
    at /usr/src/debug/webkit2gtk3-2.18.6-2.19.x86_64/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp:1656
#12 0x00007ffff3d69db0 in webkitWebViewConstructed ()
    at /usr/src/debug/webkit2gtk3-2.18.6-2.19.x86_64/Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:641
#13 0x00007ffff32478ad in web_view_constructed (object=0x5555569a0f30)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/e-util/e-web-view.c:1248
#14 0x00007fffcd29c9da in mail_display_constructed (object=0x5555569a0f30)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/mail/e-mail-display.c:1541
#15 0x00007ffff642f865 in g_object_new_with_custom_constructor (n_params=2, params=0x7fffffffc820, 
    class=<error reading variable: Cannot access memory at address 0xfffffffffffffe52>) at gobject.c:1769
#16 g_object_new_internal (class=class at entry=0x5555561dacb0, params=params at entry=0x7fffffffc820, 
    n_params=n_params at entry=2) at gobject.c:1795
#17 0x00007ffff643117e in g_object_new_valist (object_type=<optimized out>, 
    first_property_name=first_property_name at entry=0x7fffcd3053ca "headers-collapsable", 
    var_args=var_args at entry=0x7fffffffc970) at gobject.c:2120
#18 0x00007ffff64314f9 in g_object_new (object_type=<optimized out>, 
    first_property_name=first_property_name at entry=0x7fffcd3053ca "headers-collapsable") at gobject.c:1640
#19 0x00007fffcd2abd6f in mail_paned_view_constructed (object=0x5555561a1400)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/mail/e-mail-paned-view.c:740
#20 0x00007ffff642f410 in g_object_new_internal (class=class at entry=0x5555561cf0f0, 
    params=params at entry=0x7fffffffcc50, n_params=n_params at entry=1) at gobject.c:1837
#21 0x00007ffff643117e in g_object_new_valist (object_type=<optimized out>, 
    first_property_name=first_property_name at entry=0x7fffcd30698c "shell-view", 
    var_args=var_args at entry=0x7fffffffcda0) at gobject.c:2120
#22 0x00007ffff64314f9 in g_object_new (object_type=<optimized out>, 
    first_property_name=first_property_name at entry=0x7fffcd30698c "shell-view") at gobject.c:1640
#23 0x00007fffcd2ac246 in e_mail_paned_view_new (shell_view=shell_view at entry=0x5555560a9450)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/mail/e-mail-paned-view.c:1236
#24 0x00007fffc2ba1f7a in mail_shell_content_constructed (object=0x5555557b2610)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/modules/mail/e-mail-shell-content.c:275
#25 0x00007ffff642f410 in g_object_new_internal (class=class at entry=0x5555561ccc00, 
    params=params at entry=0x7fffffffd060, n_params=n_params at entry=1) at gobject.c:1837
#26 0x00007ffff643117e in g_object_new_valist (object_type=<optimized out>, 
    first_property_name=<optimized out>, var_args=var_args at entry=0x7fffffffd1b0) at gobject.c:2120
#27 0x00007ffff64314f9 in g_object_new (object_type=<optimized out>, first_property_name=<optimized out>)
    at gobject.c:1640
#28 0x00007ffff7bbf32f in shell_view_constructed (object=0x5555560a9450)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/shell/e-shell-view.c:615
#29 0x00007fffc2ba509b in mail_shell_view_constructed (object=0x5555560a9450)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/modules/mail/e-mail-shell-view.c:305
#30 0x00007ffff642f410 in g_object_new_internal (class=class at entry=0x555555fcaff0, 
    params=params at entry=0x7fffffffd4e0, n_params=n_params at entry=3) at gobject.c:1837
#31 0x00007ffff643117e in g_object_new_valist (object_type=<optimized out>, 
    first_property_name=first_property_name at entry=0x7ffff7bc9252 "action", 
    var_args=var_args at entry=0x7fffffffd630) at gobject.c:2120
#32 0x00007ffff64314f9 in g_object_new (object_type=object_type at entry=93824997900112, 
    first_property_name=first_property_name at entry=0x7ffff7bc9252 "action") at gobject.c:1640
#33 0x00007ffff7bc1f04 in shell_window_create_shell_view (shell_window=0x555555a84770, 
    view_name=<optimized out>) at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/shell/e-shell-window.c:782
#34 0x00007ffff7bc18b7 in e_shell_window_get_shell_view (shell_window=shell_window at entry=0x555555a84770, 
    view_name=view_name at entry=0x5555560a2720 "mail")
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/shell/e-shell-window.c:1309
#35 0x00007ffff7bc27d2 in e_shell_window_set_active_view (shell_window=0x555555a84770, 
    view_name=0x5555560a2720 "mail")
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/shell/e-shell-window.c:1551
#36 0x00007ffff7bc32b6 in shell_window_set_property (object=0x555555a84770, property_id=<optimized out>, 
    value=<optimized out>, pspec=<optimized out>)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/shell/e-shell-window.c:267
#37 0x00007ffff643176e in object_set_property (nqueue=0x555555f545c0, value=<optimized out>, 
    pspec=0x5555560d42b0, object=0x555555a84770) at gobject.c:1439
#38 g_object_setv (object=0x555555a84770, n_properties=<optimized out>, names=<optimized out>, 
    values=<optimized out>) at gobject.c:2245
#39 0x00007ffff64326fe in g_object_set_property (object=<optimized out>, property_name=<optimized out>, 
    value=value at entry=0x7fffffffd8b0) at gobject.c:2529
#40 0x00007ffff677ff13 in g_settings_binding_key_changed (settings=settings at entry=0x555555864f00, 
    key=<optimized out>, user_data=user_data at entry=0x5555561a93a0) at gsettings.c:2680
#41 0x00007ffff6782c61 in g_settings_bind_with_mapping (settings=0x555555864f00, 
    key=0x7ffff7bc7b80 "default-component-id", object=0x555555a84770, property=<optimized out>, 
    flags=<optimized out>, get_mapping=<optimized out>, set_mapping=0x0, user_data=0x0, destroy=0x0)
    at gsettings.c:2977
#42 0x00007ffff6782f8a in g_settings_bind (settings=settings at entry=0x555555864f00, 
    key=key at entry=0x7ffff7bc7b80 "default-component-id", object=object at entry=0x555555a84770, 
    property=property at entry=0x7ffff7bcb893 "active-view", flags=<optimized out>, 
    flags at entry=G_SETTINGS_BIND_GET_NO_CHANGES) at gsettings.c:2805
#43 0x00007ffff7bc494b in e_shell_window_private_constructed (shell_window=0x555555a84770)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/shell/e-shell-window-private.c:533
#44 0x00007ffff7bc11fc in shell_window_constructed (object=0x555555a84770)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/shell/e-shell-window.c:424
#45 0x00007ffff642f410 in g_object_new_internal (class=class at entry=0x5555560c4c90, 
    params=params at entry=0x7fffffffdbf0, n_params=n_params at entry=3) at gobject.c:1837
#46 0x00007ffff643117e in g_object_new_valist (object_type=<optimized out>, 
    first_property_name=first_property_name at entry=0x7ffff7bc7739 "shell", 
    var_args=var_args at entry=0x7fffffffdd40) at gobject.c:2120
#47 0x00007ffff64314f9 in g_object_new (object_type=<optimized out>, 
    first_property_name=first_property_name at entry=0x7ffff7bc7739 "shell") at gobject.c:1640
#48 0x00007ffff7bc12eb in e_shell_window_new (shell=shell at entry=0x5555559a8190, safe_mode=1, geometry=0x0)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/shell/e-shell-window.c:1234
#49 0x00007ffff7bb18a5 in e_shell_create_shell_window (shell=0x5555559a8190, view_name=0x0)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/shell/e-shell.c:2356
#50 0x00005555555587ff in idle_cb (uris=0x0) at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/shell/main.c:257
#51 0x00007ffff6150dc5 in g_main_dispatch (context=0x5555557b8da0) at gmain.c:3142
#52 g_main_context_dispatch (context=context at entry=0x5555557b8da0) at gmain.c:3795
#53 0x00007ffff6151190 in g_main_context_iterate (context=0x5555557b8da0, block=block at entry=1, 
    dispatch=dispatch at entry=1, self=<optimized out>) at gmain.c:3868
#54 0x00007ffff61514a2 in g_main_loop_run (loop=0x5555560bbd30) at gmain.c:4064
#55 0x00007ffff6c49cf5 in gtk_main () at gtkmain.c:1323
#56 0x0000555555558614 in main (argc=<optimized out>, argv=<optimized out>)
    at /usr/src/debug/evolution-3.26.5-2.2.x86_64/src/shell/main.c:670

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180302/8b1ee3ed/attachment-0001.html>


More information about the webkit-unassigned mailing list