Bug 1252264 - [abrt] webkitgtk4: WTFCrash(): WebKitWebProcess killed by SIGSEGV
Summary: [abrt] webkitgtk4: WTFCrash(): WebKitWebProcess killed by SIGSEGV
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: webkitgtk4
Version: 22
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Tomas Popela
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:257fbf4cf7193d51e0c005e8f7e...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-08-11 06:00 UTC by Joshua Rich
Modified: 2015-09-01 12:19 UTC (History)
4 users (show)

Fixed In Version: 2.8.5-2.fc22
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-09-01 12:19:34 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
File: backtrace (98.42 KB, text/plain)
2015-08-11 06:00 UTC, Joshua Rich
no flags Details
File: cgroup (190 bytes, text/plain)
2015-08-11 06:00 UTC, Joshua Rich
no flags Details
File: core_backtrace (76.06 KB, text/plain)
2015-08-11 06:00 UTC, Joshua Rich
no flags Details
File: dso_list (18.17 KB, text/plain)
2015-08-11 06:00 UTC, Joshua Rich
no flags Details
File: environ (2.13 KB, text/plain)
2015-08-11 06:01 UTC, Joshua Rich
no flags Details
File: limits (1.29 KB, text/plain)
2015-08-11 06:01 UTC, Joshua Rich
no flags Details
File: maps (477.72 KB, text/plain)
2015-08-11 06:01 UTC, Joshua Rich
no flags Details
File: mountinfo (3.64 KB, text/plain)
2015-08-11 06:01 UTC, Joshua Rich
no flags Details
File: namespaces (85 bytes, text/plain)
2015-08-11 06:01 UTC, Joshua Rich
no flags Details
File: open_fds (2.89 KB, text/plain)
2015-08-11 06:01 UTC, Joshua Rich
no flags Details
File: proc_pid_status (1.02 KB, text/plain)
2015-08-11 06:01 UTC, Joshua Rich
no flags Details
File: var_log_messages (28 bytes, text/plain)
2015-08-11 06:01 UTC, Joshua Rich
no flags Details

Description Joshua Rich 2015-08-11 06:00:51 UTC
Version-Release number of selected component:
webkitgtk4-2.8.4-3.fc22

Additional info:
reporter:       libreport-2.6.2
backtrace_rating: 4
cmdline:        /usr/libexec/webkit2gtk-4.0/WebKitWebProcess 22
crash_function: WTFCrash
executable:     /usr/libexec/webkit2gtk-4.0/WebKitWebProcess
global_pid:     30751
kernel:         4.1.3-201.fc22.x86_64
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 WTFCrash at /usr/src/debug/webkitgtk-2.8.4/Source/WTF/wtf/Assertions.cpp:321
 #1 WTF::OSAllocator::reserveUncommitted at /usr/src/debug/webkitgtk-2.8.4/Source/WTF/wtf/OSAllocatorPosix.cpp:48
 #2 WTF::PageAllocationAligned::allocate at /usr/src/debug/webkitgtk-2.8.4/Source/WTF/wtf/PageAllocationAligned.cpp:55
 #3 create at /usr/src/debug/webkitgtk-2.8.4/Source/JavaScriptCore/heap/Region.h:181
 #5 allocate<JSC::CopiedBlock> at /usr/src/debug/webkitgtk-2.8.4/Source/JavaScriptCore/heap/BlockAllocator.h:157
 #6 allocateBlock at /usr/src/debug/webkitgtk-2.8.4/Source/JavaScriptCore/heap/CopiedSpaceInlines.h:146
 #7 JSC::CopiedSpace::tryAllocateSlowCase at /usr/src/debug/webkitgtk-2.8.4/Source/JavaScriptCore/heap/CopiedSpace.cpp:92
 #8 tryAllocate at /usr/src/debug/webkitgtk-2.8.4/Source/JavaScriptCore/heap/CopiedSpaceInlines.h:160
 #9 JSC::CopiedSpace::tryReallocate at /usr/src/debug/webkitgtk-2.8.4/Source/JavaScriptCore/heap/CopiedSpace.cpp:133
 #10 tryReallocateStorage at /usr/src/debug/webkitgtk-2.8.4/Source/JavaScriptCore/heap/HeapInlines.h:253

Comment 1 Joshua Rich 2015-08-11 06:00:54 UTC
Created attachment 1061316 [details]
File: backtrace

Comment 2 Joshua Rich 2015-08-11 06:00:55 UTC
Created attachment 1061317 [details]
File: cgroup

Comment 3 Joshua Rich 2015-08-11 06:00:57 UTC
Created attachment 1061318 [details]
File: core_backtrace

Comment 4 Joshua Rich 2015-08-11 06:00:59 UTC
Created attachment 1061319 [details]
File: dso_list

Comment 5 Joshua Rich 2015-08-11 06:01:00 UTC
Created attachment 1061320 [details]
File: environ

Comment 6 Joshua Rich 2015-08-11 06:01:02 UTC
Created attachment 1061321 [details]
File: limits

Comment 7 Joshua Rich 2015-08-11 06:01:05 UTC
Created attachment 1061322 [details]
File: maps

Comment 8 Joshua Rich 2015-08-11 06:01:07 UTC
Created attachment 1061323 [details]
File: mountinfo

Comment 9 Joshua Rich 2015-08-11 06:01:08 UTC
Created attachment 1061324 [details]
File: namespaces

Comment 10 Joshua Rich 2015-08-11 06:01:09 UTC
Created attachment 1061325 [details]
File: open_fds

Comment 11 Joshua Rich 2015-08-11 06:01:10 UTC
Created attachment 1061326 [details]
File: proc_pid_status

Comment 12 Joshua Rich 2015-08-11 06:01:12 UTC
Created attachment 1061327 [details]
File: var_log_messages

Comment 13 Michael Catanzaro 2015-08-11 08:10:08 UTC
OOM

Comment 14 Joshua Rich 2015-08-13 04:14:11 UTC
Hey Michael,

I don't think this is necessarily an OOM, I had this happen again today and I don't see an OOM reported in dmesg.  Instead I see this:

[Thu Aug 13 13:42:21 2015] WebKitWebProces[10726]: segfault at bbadbeef ip 00007ff454273ffc sp 00007ffd451a7de0 error 6 in libjavascriptcoregtk-4.0.so.18.1.11[7ff453bea000+7ac000]

This happens often with a web site I've made into a Epiphany web app.  It'll be sitting in the background and I'll go back to it to find it crashed.

I can't upload the data from the crash at the date/time above because this bug is closed (and Abrt thinks this latest crash is a duplicate of this bug).  Let me know if you need it, it's still in Abrt.

Comment 15 Michael Catanzaro 2015-08-14 17:54:21 UTC
The code in question is allocating with mmap:

    void* result = mmap(0, bytes, PROT_NONE, MAP_NORESERVE | MAP_PRIVATE | MAP_ANON, -1, 0);
    if (result == MAP_FAILED)
        CRASH();

Note that it can happen if you still have plenty of system memory left, if the web process exceeds its 5 GiB address space limit (should happen around ~2.5 GiB of allocated memory, way more than should ever be required).

Comment 16 Michael Catanzaro 2015-08-24 19:45:55 UTC
Reopening bugs that are probably caused by the address space limit....

Comment 17 Fedora Update System 2015-08-25 15:39:54 UTC
webkitgtk4-2.8.5-2.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2015-14258

Comment 18 Fedora Update System 2015-08-26 17:27:07 UTC
webkitgtk4-2.8.5-2.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report.\nIf you want to test the update, you can install it with \n su -c 'yum --enablerepo=updates-testing update webkitgtk4'. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-14258

Comment 19 Fedora Update System 2015-09-01 12:19:16 UTC
webkitgtk4-2.8.5-2.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.