[Webkit-unassigned] [Bug 259530] New: [GTK] UI process crash in webkit_favicon_database_get_favicon_uri

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Jul 26 12:29:47 PDT 2023 

https://bugs.webkit.org/show_bug.cgi?id=259530

            Bug ID: 259530
           Summary: [GTK] UI process crash in
                    webkit_favicon_database_get_favicon_uri
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKitGTK
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at redhat.com
                CC: bugs-noreply at webkitgtk.org

Created attachment 467123

  --> https://bugs.webkit.org/attachment.cgi?id=467123&action=review

UI process backtrace

This is probably memory corruption unfortunately, but here's a backtrace anyway:

Program terminated with signal SIGSEGV, Segmentation fault.
#0  WTF::StringImpl::deref (this=0x2020202020200a20)
    at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WTF/wtf/text/StringImpl.h:1138
1138    /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WTF/wtf/text/StringImpl.h: No such file or directory.
[Current thread is 1 (Thread 0x7feb37d33400 (LWP 2))]
(gdb) bt
#0  WTF::StringImpl::deref() (this=0x2020202020200a20)
    at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WTF/wtf/text/StringImpl.h:1138
#1  WTF::StringImpl::~StringImpl() (this=<optimized out>)
    at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WTF/wtf/text/StringImpl.cpp:148
#2  0x00007feb3eafc172 in WTF::StringImpl::destroy(WTF::StringImpl*) (stringImpl=0x7feb1e6dc900)
    at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WTF/wtf/text/StringImpl.cpp:155
#3  0x00007feb3fc2bf33 in WTF::StringImpl::deref() (this=<optimized out>) at WTF/Headers/wtf/text/StringImpl.h:1140
#4  WTF::DefaultRefDerefTraits<WTF::StringImpl>::derefIfNotNull(WTF::StringImpl*) (ptr=0x7feb1e6dc900)
    at WTF/Headers/wtf/RefPtr.h:43
#5  WTF::RefPtr<WTF::StringImpl, WTF::RawPtrTraits<WTF::StringImpl>, WTF::DefaultRefDerefTraits<WTF::StringImpl> >::~RefPtr() (this=0x7ffe3f149b68) at WTF/Headers/wtf/RefPtr.h:75
#6  WTF::String::~String() (this=0x7ffe3f149b68) at WTF/Headers/wtf/text/WTFString.h:89
#7  webkit_favicon_database_get_favicon_uri(WebKitFaviconDatabase*, gchar const*)
    (database=<optimized out>, pageURL=<optimized out>)
    at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebKit/UIProcess/API/glib/WebKitFaviconDatabase.cpp:280
#8  0x00007feb3fc5cdd8 in webkitWebViewLoadChanged(_WebKitWebView*, WebKitLoadEvent)
    (webView=0x55bed5b84d50 [EphyWebView], loadEvent=WEBKIT_LOAD_COMMITTED)
    at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:2459
#9  0x00007feb3fb63d02 in WebKit::WebPageProxy::didCommitLoadForFrame(WebCore::ProcessQualified<WTF::ObjectIdentifierGeneric<WebCore::FrameIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits> >, WebKit::FrameInfoData&&, WebCore::ResourceRequest&&, unsigned long, WTF::String const&, bool, WebCore::FrameLoadType, WebCore::CertificateInfo const&, bool, bool, bool, WebCore::HasInsecureContent, WebCore::MouseEventPolicy, WebKit::UserData const&)
    (this=0x7feb1e536f40, frameID=..., frameInfo=..., request=..., navigationID=<optimized out>, mimeType="text/html", frameHasCustomContentProvider=<optimized out>, frameLoadType=WebCore::FrameLoadType::IndexedBackForward, certificateInfo=..., usedLegacyTLS=<optimized out>, wasPrivateRelayed=<optimized out>, containsPluginDocument=<optimized out>, hasInsecureContent=<optimized out>, mouseEventPolicy=WebCore::MouseEventPolicy::Default, userData=...)
    at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebKit/UIProcess/WebPageProxy.cpp:5743
#10 0x00007feb3f7b1f20 in _ZZN3IPC18callMemberFunctionIN6WebKit12WebPageProxyES2_FvN7WebCore16ProcessQualifiedIN3WTF23ObjectIdentifierGenericINS3_19FrameIdentifierTypeENS5_38ObjectIdentifierMainThreadAccessTraitsEEEEEONS1_13FrameInfoDataEONS3_15ResourceRequestEmRKNS5_6StringEbNS3_13FrameLoadTypeERKNS3_15CertificateInfoEbbbNS3_18HasInsecureContentENS3_16MouseEventPolicyERKNS1_8UserDataEESt5tupleIJSA_SB_SD_mSF_bSI_SJ_bbbSM_SN_SO_EEEEvPT_MT0_T1_OT2_ENKUlDpOT_E_clIJSA_SB_SD_mSF_bSI_SJ_bbbSM_SN_SO_EEEDaS13_
    (args=<optimized out>, args=..., args=..., args=<optimized out>, args=<optimized out>, args=<optimized out>, args=<optimized out>, args=<optimized out>, args=<optimized out>, args=<optimized out>, args=<optimized out>, args=<optimized out>, args=<optimized out>, args=..., this=<optimized out>)
    at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebKit/Platform/IPC/HandleMessage.h:136

Full backtrace attached.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230726/497351b3/attachment.htm>

More information about the webkit-unassigned mailing list