Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 369285

Summary: [Browser] libjavascriptcoregtk can crash at shutdown in WebKitGTK >= 1.4.x
Product: [Eclipse Project] Platform Reporter: Grant Gayed <grant_gayed>
Component: SWTAssignee: Platform-SWT-Inbox <platform-swt-inbox>
Status: CLOSED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: ericwill, gautier.desaintmartinlacaze, lufimtse
Version: 3.7.1Keywords: triaged
Target Milestone: ---   
Hardware: PC   
OS: Linux-GTK   
Whiteboard:
Attachments:
Description Flags
dump
none
minimal WebKit Browser implementation, still shows the problem none

Description Grant Gayed CLA 2012-01-20 15:15:35 EST 
Created attachment 209852 [details]
dump

- observed on 64-bit Fedora 15 (WebKitGTK 1.4.x) and 16 (WebKitGTK 1.6.x)
- not a problem on 64-bit Ubuntu 10.04 (WebKitGTK 1.2.x)
- don't currently have access to a 32-bit WebKitGTK >= 1.4.x to try this on

- open eclipse's Internal Web Browser view
- navigate it to eclipse.org
- give focus to the eclipse.org page's search field, type some characters
- shut down eclipse and a crash occurs, dump is attached

It appears that a string is being invalidly freed as libjavascriptcoregtk is shutting down.  I strongly suspect that this is a bug in JavaScriptCore, because the problem still happens if swt's WebKit class is reduced to its bare minimum (will attach it in the next comment), and it appears that a similar problem may be happening on win32 (bug 368648), even though swt's Browser implementations on gtk and win32 are different (JavaScriptCore is common across the platforms).

However I have not been able to get WebKitGTK's stand-alone GtkLauncher example to show the crash.  No bug has been logged with WebKit yet as I am working on getting more compelling evidence of that being where the problem is.  Stand-alone Snippet128 only shows the crash ~20% of the time, but when run within Eclipse's process it shows it 100% of the time, so it could just be a case of JavaScriptCore getting lucky in lower-memory-usage contexts.
Comment 1 Grant Gayed CLA 2012-01-20 15:17:20 EST 
Created attachment 209854 [details]
minimal WebKit Browser implementation, still shows the problem
Comment 2 Eric Williams CLA 2016-12-19 15:42:10 EST 
I can't get the snippet to run, maybe Leo can shed some light on this (when time permits).
Comment 3 Leo Ufimtsev CLA 2016-12-20 12:10:31 EST 
(In reply to Eric Williams from comment #2)
> I can't get the snippet to run, maybe Leo can shed some light on this (when
> time permits).

Thank you for pointing this out. I will investigate once webkit2 port is complete.
Comment 4 Leo Ufimtsev CLA 2018-04-10 09:17:51 EDT 
In the meantime this crash is resolved in Webkit2 in recent Eclipse builds.