Skip to content

fix(v3/linux): fix crash on panic in JS-bound Go methods #4856

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
leaanthony merged 5 commits into from
Jan 8, 2026
Merged

fix(v3/linux): fix crash on panic in JS-bound Go methods #4856

leaanthony merged 5 commits into from
Jan 8, 2026
+15 −2

Conversation

@leaanthony
Copy link
Member

@leaanthony leaanthony commented Jan 4, 2026
edited by coderabbitai bot
Loading

Summary

  • Fix Linux crash when Go code panics in JS-bound methods (e.g., nil pointer dereference)
  • Root cause: WebKit2GTK installs signal handlers without SA_ONSTACK, overriding Go's signal setup
  • Solution: Install signal handler fix AFTER WebKit WebView is created (matches v2 approach)

Problem

When Go code called from JavaScript panics (e.g., nil pointer dereference), the app crashes with:

fatal error: non-Go code set up signal handler without SA_ONSTACK flag

This happens because:

  1. WebKit2GTK installs its own signal handlers when creating WebViews
  2. These handlers may not have SA_ONSTACK set
  3. Go runtime expects SA_ONSTACK on all signal handlers to properly handle signals on the alternate stack

Solution

Call install_signal_handlers() AFTER webkit_web_view_new_with_user_content_manager() returns, ensuring we add SA_ONSTACK to signal handlers AFTER WebKit has installed its own. This matches the approach used in v2.

Known Limitation

Note: This fix may not fully resolve all signal-related crashes. There is a known Go runtime limitation (golang/go#7227, open since 2014) where signals may still be delivered on the wrong stack when C libraries (like WebKit/GTK) are involved, even with SA_ONSTACK correctly set. This is a fundamental Go/C interop issue that requires Go runtime changes to fully resolve.

Type of change

  • Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

  • Compilation verified on Linux with webkit2gtk-4.1
  • Test application created in v3/test/3965-signal-handler/

Fixes #3965

Note: This is the v3 version of the fix. See #4855 for the v2 version.

Summary by CodeRabbit

  • Bug Fixes
    • Fixed a Linux-specific crash that could occur during JS-bound native method execution when using the embedded web runtime, improving stability and reliability of web views on Linux systems.

✏️ Tip: You can customize this high-level summary in your review settings.

@leaanthony
fix(v3/linux): fix crash on panic in JS-bound Go methods
ecb3428 
WebKit2GTK installs signal handlers after gtk_main() starts, overriding
our SA_ONSTACK fix. This causes Go panics (e.g., nil pointer dereference)
in JS-bound methods to crash with 'non-Go code set up signal handler
without SA_ONSTACK flag'.

Fix by deferring signal handler installation via g_idle_add() to run
after GTK main loop starts, ensuring we fix handlers AFTER WebKit
has installed its own.

Fixes #3965
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 4, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

Walkthrough

A signal-handler installation fix for Linux WebKit compatibility was implemented by deferring handler registration from application initialization to the first WebView creation, ensuring registration occurs after GTK/WebKit initialization completes.

Changes

Cohort / File(s) Summary
Changelog
v3/UNRELEASED_CHANGELOG.md		 Added a Fixed entry noting a Linux crash on panic in JS-bound Go methods due to WebKit overriding signal handlers.
Signal handler deferral
v3/pkg/application/linux_cgo.go		 Added package-level sync.Once variable fixSignalHandlers; removed immediate installation in appNew and deferred signal-handler installation to the first WebView creation (windowNewWebview) via fixSignalHandlers.Do(...).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I hopped in code where signals collided,
Deferred my leap till WebKit decided.
With one small Once, the handlers align—
GTK and Go now share the same vine. 🥕✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 20.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and concisely summarizes the main fix: resolving a Linux crash when panics occur in JS-bound Go methods.
Description check ✅ Passed The description comprehensively covers the problem, solution, testing, and known limitations. However, it does not update the changelog file as required by the template checklist.
✨ Finishing touches
  • 📝 Generate docstrings
📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ab6752e and c91f029.

📒 Files selected for processing (2)
  • v3/UNRELEASED_CHANGELOG.md
  • v3/pkg/application/linux_cgo.go

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Jan 4, 2026
edited
Loading

Deploying wails with  Cloudflare Pages  Cloudflare Pages

Latest commit: c91f029
Status:⚡️  Build in progress...

View logs

@leaanthony
test(v3/linux): add test case for signal handler fix
29d5936 
Adds a test application that can trigger panics from JS-bound Go methods
to verify the signal handler fix for issue #3965 works correctly.

The test app has buttons to:
- Trigger a panic in a goroutine
- Trigger an immediate panic
- Call a safe method

Before the fix, clicking 'Trigger Panic' would crash the app.
After the fix, panics are recovered and logged.
@leaanthony
chore: remove test case from PR
9f18c74
@leaanthony
fix(linux): call signal handler fix after WebKit init, not in idle ca…
ab6752e 
…llback

Move install_signal_handlers() call to after webkit_web_view_new_with_user_content_manager()
to ensure WebKit has finished setting up its signal handlers before we add SA_ONSTACK.

The previous g_idle_add approach was still too early - WebKit initialization continues
after GTK init. This matches the v2 approach which waits for actual webview creation.

Also add documentation about the known Go limitation (golang/go#7227) where signals
may still be delivered on the wrong stack in some C interop scenarios.
@leaanthony
Merge branch 'v3-alpha' into fix/3965-signal-handler-crash
c91f029
@leaanthony leaanthony merged commit 0abad1f into v3-alpha Jan 8, 2026
10 of 13 checks passed
@leaanthony leaanthony deleted the fix/3965-signal-handler-crash branch January 8, 2026 10:20
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 8, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@leaanthony