<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - [GTK] Crash in WebCore::CoordinatedGraphicsLayer::notifyFlushRequired"
href="https://bugs.webkit.org/show_bug.cgi?id=166420">166420</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>[GTK] Crash in WebCore::CoordinatedGraphicsLayer::notifyFlushRequired
</td>
</tr>
<tr>
<th>Classification</th>
<td>Unclassified
</td>
</tr>
<tr>
<th>Product</th>
<td>WebKit
</td>
</tr>
<tr>
<th>Version</th>
<td>WebKit Nightly Build
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>Normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P2
</td>
</tr>
<tr>
<th>Component</th>
<td>WebKit Gtk
</td>
</tr>
<tr>
<th>Assignee</th>
<td>webkit-unassigned@lists.webkit.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>mcatanzaro@igalia.com
</td>
</tr>
<tr>
<th>CC</th>
<td>bugs-noreply@webkitgtk.org
</td>
</tr></table>
<p>
<div>
<pre>Downstream reporter says "This issue happens with WebKit rendering mails inside evolution. It is probably related to <a href="https://bugzilla.gnome.org/show_bug.cgi?id=776391">https://bugzilla.gnome.org/show_bug.cgi?id=776391</a>". Indeed, I see a bunch of web inspector stuff in the backtrace.
Thread 1 (Thread 0x7f8d612cdfc0 (LWP 2745)):
#0 0x00007f8d6003226b in WebCore::CoordinatedGraphicsLayer::notifyFlushRequired() (this=0x7f8cd859a800) at /usr/src/debug/webkitgtk-2.14.2/Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:57
#1 0x00007f8d60032a79 in WebCore::CoordinatedGraphicsLayer::didChangeGeometry() (this=0x7f8cd859a800) at /usr/src/debug/webkitgtk-2.14.2/Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:104
#2 0x00007f8d5fa67218 in WebCore::PageOverlayController::installPageOverlay(WTF::PassRefPtr<WebCore::PageOverlay>, WebCore::PageOverlay::FadeMode) (this=0x7f8d499f44b0, pageOverlay=..., fadeMode=fadeMode@entry=WebCore::PageOverlay::FadeMode::Fade) at /usr/src/debug/webkitgtk-2.14.2/Source/WebCore/page/PageOverlayController.cpp:110
overlay = {static isRefPtr = <optimized out>, m_ptr = 0x7f8d499828a0}
layer = std::unique_ptr<WebCore::GraphicsLayer> containing 0x7f8cd859a800
#3 0x00007f8d5f1486c2 in WebKit::WebInspectorClient::highlight() (this=0x55b67236a3c0) at /usr/src/debug/webkitgtk-2.14.2/Source/WebKit2/WebProcess/WebCoreSupport/WebInspectorClient.cpp:112
highlightOverlay = {static isRef = <optimized out>, m_ptr = 0x0}
this = 0x55b67236a3c0
#4 0x00007f8d5f90d268 in WebCore::InspectorOverlay::update() (this=0x7f8d499ca000) at /usr/src/debug/webkitgtk-2.14.2/Source/WebCore/inspector/InspectorOverlay.cpp:346
viewportSize = {m_width = 1653, m_height = 320}
frameViewFullSize = <optimized out>
#5 0x00007f8d5f8cc12d in WebCore::InspectorDOMAgent::highlightNode(WTF::String&, Inspector::InspectorObject const&, int const*, WTF::String const*) (this=0x7f8d499a7000, errorString=..., highlightInspectorObject=..., nodeId=<optimized out>, objectId=<optimized out>) at /usr/src/debug/webkitgtk-2.14.2/Source/WebCore/inspector/InspectorDOMAgent.cpp:1141
node = 0x7f8d498f4840
highlightConfig = std::unique_ptr<WebCore::HighlightConfig> containing 0x7f8cd85e3d20
#6 0x00007f8d5e60e0ea in Inspector::DOMBackendDispatcher::highlightNode(long, WTF::RefPtr<Inspector::InspectorObject>&&) (this=0x7f8d499ae8e0, requestId=43, parameters=<optimized out>) at /usr/src/debug/webkitgtk-2.14.2/x86_64-redhat-linux-gnu/DerivedSources/JavaScriptCore/inspector/InspectorBackendDispatchers.cpp:1585
in_highlightConfig = {static isRefPtr = <optimized out>, m_ptr = 0x7f8cd85ccf80}
opt_in_nodeId_valueFound = true
opt_in_nodeId = 2
opt_in_objectId_valueFound = false
opt_in_objectId = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f8d5e86d1d0 <WTF::StringImpl::empty()::emptyString>}}
error = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}
result = {static isRef = <optimized out>, m_ptr = 0x7f8cd85d04c0}
#7 0x00007f8d5e61b4fb in Inspector::DOMBackendDispatcher::dispatch(long, WTF::String const&, WTF::Ref<Inspector::InspectorObject>&&) (this=0x7f8d499ae8e0, requestId=43, method=..., message=<optimized out>) at /usr/src/debug/webkitgtk-2.14.2/x86_64-redhat-linux-gnu/DerivedSources/JavaScriptCore/inspector/InspectorBackendDispatchers.cpp:936
parameters = {static isRefPtr = <optimized out>, m_ptr = 0x7f8cd85ccf40}
dispatchMap = {m_storage = {__data = "\000\344\276\362\214\177\000\000\200\000\000\000\177\000\000\000#\000\000\000\000\000\000", __align = {<No data fields>}}}
findResult = <optimized out>
#8 0x00007f8d5e1f2408 in Inspector::BackendDispatcher::dispatch(WTF::String const&) (this=0x7f8d499ef360, message=...) at /usr/src/debug/webkitgtk-2.14.2/Source/JavaScriptCore/inspector/InspectorBackendDispatcher.cpp:181
methodString = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f8cd85bdc30}}
scopedRequestId = {m_scopedVariable = @0x7f8d499ef398, m_originalValue = {m_isEngaged = false, m_value = {__data = "\200l\207I\215\177\000", __align = {<No data fields>}}}}
methodValue = {static isRefPtr = <optimized out>, m_ptr = 0x7f8cd85cdd38}
domainAndMethod = {<WTF::VectorBuffer<WTF::String, 0ul>> = {<WTF::VectorBufferBase<WTF::String>> = {m_buffer = 0x7f8cd85b9d80, m_capacity = 16, m_size = 2}, <No data fields>}, <No data fields>}
method = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f8cd85bdc80}}
protect = {static isRef = <optimized out>, m_ptr = 0x7f8d499ef360}
requestId = 43
messageObject = {static isRefPtr = <optimized out>, m_ptr = 0x0}
#9 0x00007f8d5f2a9304 in IPC::callMemberFunctionImpl<WebKit::WebInspector, void (WebKit::WebInspector::*)(WTF::String const&), std::tuple<WTF::String>, 0ul>(WebKit::WebInspector*, void (WebKit::WebInspector::*)(WTF::String const&), std::tuple<WTF::String>&&, std::integer_sequence<unsigned long, 0ul>) (args=<optimized out>, function=<optimized out>, object=0x7f8d498ef188) at /usr/src/debug/webkitgtk-2.14.2/Source/WebKit2/Platform/IPC/HandleMessage.h:13
arguments = std::tuple containing = {[1] = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f8d49876c80}}}
#10 0x00007f8d5f2a9304 in IPC::callMemberFunction<WebKit::WebInspector, void (WebKit::WebInspector::*)(WTF::String const&), std::tuple<WTF::String>, std::integer_sequence<unsigned long, 0ul> >(std::tuple<WTF::String>&&, WebKit::WebInspector*, void (WebKit::WebInspector::*)(WTF::String const&)) (function=<optimized out>, object=0x7f8d498ef188, args=<unknown type in /usr/lib/debug/usr/lib64/libwebkit2gtk-4.0.so.37.14.9.debug, CU 0xf44375b, DIE 0xf464bcf>) at /usr/src/debug/webkitgtk-2.14.2/Source/WebKit2/Platform/IPC/HandleMessage.h:19
arguments = std::tuple containing = {[1] = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f8d49876c80}}}
#11 0x00007f8d5f2a9304 in IPC::handleMessage<Messages::WebInspector::SendMessageToBackend, WebKit::WebInspector, void (WebKit::WebInspector::*)(WTF::String const&)>(IPC::Decoder&, WebKit::WebInspector*, void (WebKit::WebInspector::*)(WTF::String const&)) (decoder=..., object=object@entry=0x7f8d498ef188, function=(void (WebKit::WebInspector::*)(WebKit::WebInspector * const, const WTF::String &)) 0x7f8d5f158530 <WebKit::WebInspector::sendMessageToBackend(WTF::String const&)>) at /usr/src/debug/webkitgtk-2.14.2/Source/WebKit2/Platform/IPC/HandleMessage.h:99
arguments = std::tuple containing = {[1] = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x7f8d49876c80}}}
#12 0x00007f8d5f2a9248 in WebKit::WebInspector::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (this=0x7f8d498ef188, connection=..., decoder=...) at /usr/src/debug/webkitgtk-2.14.2/x86_64-redhat-linux-gnu/DerivedSources/WebKit2/WebInspectorMessageReceiver.cpp:88
#13 0x00007f8d5ef952b6 in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (this=this@entry=0x7f8d499e85a0, message=std::unique_ptr<IPC::Decoder> containing 0x7f8d49891948) at /usr/src/debug/webkitgtk-2.14.2/Source/WebKit2/Platform/IPC/Connection.cpp:858
oldDidReceiveInvalidMessage = false
#14 0x00007f8d5ef95f48 in IPC::Connection::dispatchOneMessage() (this=0x7f8d499e85a0) at /usr/src/debug/webkitgtk-2.14.2/Source/WebKit2/Platform/IPC/Connection.cpp:889
#15 0x00007f8d5e656825 in WTF::Function<void ()>::operator()() const (this=<synthetic pointer>) at /usr/src/debug/webkitgtk-2.14.2/Source/WTF/wtf/Function.h:50
function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f8d498b1ea0}
functionsToHandle = <optimized out>
#16 0x00007f8d5e656825 in WTF::RunLoop::performWork() (this=0x7f8d499f7000) at /usr/src/debug/webkitgtk-2.14.2/Source/WTF/wtf/RunLoop.cpp:105
function = {m_callableWrapper = std::unique_ptr<WTF::Function<void()>::CallableWrapperBase> containing 0x7f8d498b1ea0}
functionsToHandle = <optimized out>
#17 0x00007f8d5e67d2b9 in WTF::RunLoop::<lambda(gpointer)>::operator() (__closure=0x0, userData=<optimized out>) at /usr/src/debug/webkitgtk-2.14.2/Source/WTF/wtf/glib/RunLoopGLib.cpp:66
#18 0x00007f8d5e67d2b9 in WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer) () at /usr/src/debug/webkitgtk-2.14.2/Source/WTF/wtf/glib/RunLoopGLib.cpp:68
#19 0x00007f8d57d1ae42 in g_main_dispatch (context=0x55b67226ea10) at gmain.c:3203
dispatch = 0x7f8d5e67d2d0 <WTF::<lambda(GSource*, GSourceFunc, gpointer)>::_FUN(GSource *, GSourceFunc, gpointer)>
prev_source = 0x0
was_in_call = 0
user_data = 0x7f8d499f7000
callback = 0x7f8d5e67d2b0 <WTF::RunLoop::<lambda(gpointer)>::_FUN(gpointer)>
cb_funcs = 0x7f8d57fe2280 <g_source_callback_funcs>
cb_data = 0x55b6722e46c0
need_destroy = <optimized out>
source = 0x55b6722e5000
current = 0x55b6722a8a90
i = 0
#20 0x00007f8d57d1ae42 in g_main_context_dispatch (context=context@entry=0x55b67226ea10) at gmain.c:3856
#21 0x00007f8d57d1b1c0 in g_main_context_iterate (context=0x55b67226ea10, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3929
max_priority = 2147483647
timeout = 6
some_ready = 1
nfds = 4
allocated_nfds = 4
fds = <optimized out>
#22 0x00007f8d57d1b4e2 in g_main_loop_run (loop=0x55b6722e4fe0) at gmain.c:4125
__func__ = "g_main_loop_run"
#23 0x00007f8d5e67db70 in WTF::RunLoop::run() () at /usr/src/debug/webkitgtk-2.14.2/Source/WTF/wtf/glib/RunLoopGLib.cpp:94
runLoop = @0x7f8d499f7000: {<WTF::FunctionDispatcher> = {<WTF::ThreadSafeRefCounted<WTF::FunctionDispatcher>> = {<WTF::ThreadSafeRefCountedBase> = {m_refCount = {<std::__atomic_base<int>> = {static _S_alignment = 4, _M_i = 1}, <No data fields>}}, <No data fields>}, _vptr.FunctionDispatcher = 0x7f8d5e83cba0 <vtable for WTF::RunLoop+16>}, m_functionQueueLock = {m_mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 512, __spins = 0, __elision = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 17 times>, "\002", '\000' <repeats 21 times>, __align = 0}}, m_functionQueue = {m_start = 8, m_end = 8, m_buffer = {<WTF::VectorBufferBase<WTF::Function<void()> >> = {m_buffer = 0x7f8d499da0a8, m_capacity = 21, m_size = 0}, <No data fields>}}, m_mainContext = {m_ptr = 0x55b67226ea10}, m_mainLoops = {<WTF::VectorBuffer<WTF::GRefPtr<_G
nestedMainLoop = <optimized out>
#24 0x00007f8d5f2508a9 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) (argc=<optimized out>, argv=0x7ffc09a82f98) at /usr/src/debug/webkitgtk-2.14.2/Source/WebKit2/Shared/unix/ChildProcessMain.h:61
childMain = {<WebKit::ChildProcessMainBase> = {_vptr.ChildProcessMainBase = 0x7f8d60fddbe0 <vtable for WebKit::WebProcessMain+16>, m_parameters = {uiProcessName = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, clientIdentifier = {m_impl = {static isRefPtr = <optimized out>, m_ptr = 0x0}}, connectionIdentifier = 57, extraInitializationData = {m_impl = {static m_maxLoad = <optimized out>, static m_minLoad = <optimized out>, m_table = 0x0, m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0, m_deletedCount = 0}}}}, <No data fields>}
#25 0x00007f8d52e71401 in __libc_start_main (main=0x55b670ebfc00 <main(int, char**)>, argc=2, argv=0x7ffc09a82f98, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffc09a82f88) at ../csu/libc-start.c:289
result = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, 5904416883543918654, 94242066922544, 140720470503312, 0, 0, 388507317331839038, 398278049944455230}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x7ffc09a82fb0, 0x7f8d613b8128}, data = {prev = 0x0, cleanup = 0x0, canceltype = 162017200}}}
not_first_call = <optimized out>
#26 0x000055b670ebfc5a in _start ()</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>