Version-Release number of selected component: 1:epiphany-runtime-3.30.3-1.fc29 Additional info: reporter: libreport-2.10.0 backtrace_rating: 4 cmdline: epiphany crash_function: ephy_embed_event_new executable: /usr/bin/epiphany journald_cursor: s=2c7941ff6ceb40ce8dc8bec9c9216333;i=cce;b=e019931372024ab693336e09ea3720a5;m=17324018;t=583c157e85669;x=b81539c8c40307fc kernel: 4.20.13-200.fc29.x86_64 rootdir: / runlevel: N 5 type: CCpp uid: 1000 Truncated backtrace: Thread no. 1 (10 frames) #0 ephy_embed_event_new at ../embed/ephy-embed-event.c:68 #1 populate_context_menu at ../src/ephy-window.c:1459 #2 ffi_call_unix64 at ../src/x86/unix64.S:76 #3 ffi_call at ../src/x86/ffi64.c:525 #4 g_cclosure_marshal_generic at gclosure.c:1496 #9 webkitWebViewPopulateContextMenu at /usr/src/debug/webkit2gtk3-2.22.6-1.fc29.x86_64/Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:2319 #10 ContextMenuClient::getContextMenuFromProposedMenu at /usr/src/debug/webkit2gtk3-2.22.6-1.fc29.x86_64/Source/WebKit/UIProcess/API/glib/WebKitContextMenuClient.cpp:50 #11 WebKit::WebContextMenuProxyGtk::show at /usr/src/debug/webkit2gtk3-2.22.6-1.fc29.x86_64/x86_64-redhat-linux-gnu/DerivedSources/ForwardingHeaders/wtf/Vector.h:365 #12 WebKit::WebPageProxy::showContextMenu at /usr/src/debug/webkit2gtk3-2.22.6-1.fc29.x86_64/x86_64-redhat-linux-gnu/DerivedSources/ForwardingHeaders/wtf/DumbPtrTraits.h:41 #13 IPC::callMemberFunctionImpl<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(WebKit::ContextMenuContextData&&, WebKit::UserData const&), std::tuple<WebKit::ContextMenuContextData, WebKit::UserData>, 0ul, 1ul> at /usr/src/debug/webkit2gtk3-2.22.6-1.fc29.x86_64/Source/WebKit/Platform/IPC/HandleMessage.h:45
Created attachment 1542674 [details] File: backtrace
Created attachment 1542675 [details] File: cgroup
Created attachment 1542676 [details] File: core_backtrace
Created attachment 1542677 [details] File: cpuinfo
Created attachment 1542678 [details] File: dso_list
Created attachment 1542679 [details] File: environ
Created attachment 1542680 [details] File: exploitable
Created attachment 1542681 [details] File: limits
Created attachment 1542682 [details] File: maps
Created attachment 1542683 [details] File: mountinfo
Created attachment 1542684 [details] File: open_fds
Created attachment 1542685 [details] File: proc_pid_status
Created attachment 1542686 [details] File: var_log_messages
This looks like a WebKit bug (or a GTK bug). The documentation of WebKitWebView's context-menu signal says this of the event parameter: """ The event is expected to be one of the following types: a GdkEventButton of type GDK_BUTTON_PRESS when the context menu was triggered with mouse. a GdkEventKey of type GDK_KEY_PRESS if the keyboard was used to show the menu. a generic GdkEvent of type GDK_NOTHING when the “popup-menu” signal was used to show the context menu. """ Epiphany just assumes it's non-NULL, but here WebKit is emitting context-menu with a NULL event. It's not Epiphany's job to handle that: it's WebKit's job to ensure it doesn't happen.
(Actually, Epiphany is wrong to cast it to a GdkEventButton without checking the type of the event. So there is an Epiphany bug here too. But that can't cause this crash, and it's not what happened in this backtrace.)
kxra, if you know any way to reproduce this, we need help figuring out how WebKit got into this weird state.