[Webkit-unassigned] [Bug 127576] New: WebKit2GTK - WebKitWebProcess assertion fails when dragging and dropping a file into the view

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jan 24 13:08:50 PST 2014 

https://bugs.webkit.org/show_bug.cgi?id=127576

           Summary: WebKit2GTK - WebKitWebProcess assertion fails when
                    dragging and dropping a file into the view
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Gtk
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: Daniel.Wyatt at gmail.com


Epiphany and Midori both crash WebKitWebProcess (assertion fails) when dragging and dropping a .html (or other) file into the web view.
This only happens if we have not previously opened a .html file through the menu.
I've tested this with SVN 162714.

In WebProcessProxy::checkURLReceivedFromWebProcess I see:
    // Any file URL is also OK if we've loaded a file URL through API before, granting universal read access.
    if (m_mayHaveUniversalFileReadSandboxExtension)
        return true;

Are Epiphany and Midori are just doing something wrong (failing to grant universal read access somehow)?


Output from a release build:
Received an unexpected URL from the web process: 'file:///home/daniel/tmp.html'
Received an invalid message "WebPageProxy.DecidePolicyForNavigationAction" from the web process.

Output from a debug build:
Received an unexpected URL from the web process: 'file:///home/daniel/tmp.html'
Received an unexpected URL from the web process: 'file:///home/daniel/tmp.html'
ASSERTION FAILED: m_process->checkURLReceivedFromWebProcess(request.url())
Source/WebKit2/UIProcess/WebPageProxy.cpp(2446) : void WebKit::WebPageProxy::decidePolicyForNavigationAction(uint64_t, uint32_t, uint32_t, int32_t, uint64_t, const WebCore::ResourceRequest&, const WebCore::ResourceRequest&, uint64_t, IPC::MessageDecoder&, bool&, uint64_t&, uint64_t&)


Backtrace (debug build):
1   0x7f62248f7176 /usr/lib/libjavascriptcoregtk-3.0.so.0(WTFCrash+0x1e) [0x7f62248f7176]

2   0x7f6226fa3592 /usr/lib/libwebkit2gtk-3.0.so.25(WebKit::WebPageProxy::decidePolicyForNavigationAction(unsigned long, unsigned int, unsigned int, int, unsigned long, WebCore::ResourceRequest const&, WebCore::ResourceRequest const&, unsigned long, IPC::MessageDecoder&, bool&, unsigned long&, unsigned long&)+0x208) [0x7f6226fa3592]

3   0x7f622715984c /usr/lib/libwebkit2gtk-3.0.so.25(_ZN3IPC22callMemberFunctionImplIN6WebKit12WebPageProxyEMS2_FvmjjimRKN7WebCore15ResourceRequestES6_mRNS_14MessageDecoderERbRmSA_ESt5tupleIJmjjimS4_S4_mEEJLm0ELm1ELm2ELm3ELm4ELm5ELm6ELm7EESD_IJbmmEEJLm0ELm1ELm2EEEEvPT_T0_S8_OT1_RT3_St14index_sequenceIJXspT2_EEESN_IJXspT4_EEE+0x1b4) [0x7f622715984c]

4   0x7f62271530b3 /usr/lib/libwebkit2gtk-3.0.so.25(_ZN3IPC18callMemberFunctionIN6WebKit12WebPageProxyEMS2_FvmjjimRKN7WebCore15ResourceRequestES6_mRNS_14MessageDecoderERbRmSA_ESt5tupleIJmjjimS4_S4_mEESt19make_index_sequenceILm8EESD_IJbmmEESF_ILm3EEEEvOT1_S8_RT3_PT_T0_+0x5c) [0x7f62271530b3]

5   0x7f622714fd76 /usr/lib/libwebkit2gtk-3.0.so.25(void IPC::handleMessageVariadic<Messages::WebPageProxy::DecidePolicyForNavigationAction, WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(unsigned long, unsigned int, unsigned int, int, unsigned long, WebCore::ResourceRequest const&, WebCore::ResourceRequest const&, unsigned long, IPC::MessageDecoder&, bool&, unsigned long&, unsigned long&)>(IPC::MessageDecoder&, IPC::MessageEncoder&, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(unsigned long, unsigned int, unsigned int, int, unsigned long, WebCore::ResourceRequest const&, WebCore::ResourceRequest const&, unsigned long, IPC::MessageDecoder&, bool&, unsigned long&, unsigned long&))+0xce) [0x7f622714fd76]

6   0x7f6227148b92 /usr/lib/libwebkit2gtk-3.0.so.25(WebKit::WebPageProxy::didReceiveSyncMessage(IPC::Connection*, IPC::MessageDecoder&, std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >&)+0x9f4) [0x7f6227148b92]

7   0x7f62287a7cae /usr/lib/libwebkit2gtk-3.0.so.25(IPC::MessageReceiverMap::dispatchSyncMessage(IPC::Connection*, IPC::MessageDecoder&, std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >&)+0x126) [0x7f62287a7cae]

8   0x7f6226e326f2 /usr/lib/libwebkit2gtk-3.0.so.25(WebKit::ChildProcessProxy::dispatchSyncMessage(IPC::Connection*, IPC::MessageDecoder&, std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >&)+0x34) [0x7f6226e326f2]

9   0x7f6226fe2500 /usr/lib/libwebkit2gtk-3.0.so.25(WebKit::WebProcessProxy::didReceiveSyncMessage(IPC::Connection*, IPC::MessageDecoder&, std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >&)+0x30) [0x7f6226fe2500]

10  0x7f6228796d55 /usr/lib/libwebkit2gtk-3.0.so.25(IPC::Connection::dispatchSyncMessage(IPC::MessageDecoder&)+0xdf) [0x7f6228796d55]

11  0x7f6228797118 /usr/lib/libwebkit2gtk-3.0.so.25(IPC::Connection::dispatchMessage(std::unique_ptr<IPC::MessageDecoder, std::default_delete<IPC::MessageDecoder> >)+0xaa) [0x7f6228797118]

12  0x7f62287972f9 /usr/lib/libwebkit2gtk-3.0.so.25(IPC::Connection::dispatchOneMessage()+0xcd) [0x7f62287972f9]

13  0x7f62287a6eeb /usr/lib/libwebkit2gtk-3.0.so.25(+0x37afeeb) [0x7f62287a6eeb]

14  0x7f62287a6a72 /usr/lib/libwebkit2gtk-3.0.so.25(+0x37afa72) [0x7f62287a6a72]

15  0x7f6226e04d8f /usr/lib/libwebkit2gtk-3.0.so.25(+0x1e0dd8f) [0x7f6226e04d8f]

16  0x7f6226e03a8b /usr/lib/libwebkit2gtk-3.0.so.25(std::_Function_handler<void (), WTF::Function<void ()> >::_M_invoke(std::_Any_data const&)+0x20) [0x7f6226e03a8b]

17  0x7f6226dfdd5e /usr/lib/libwebkit2gtk-3.0.so.25(std::function<void ()>::operator()() const+0x32) [0x7f6226dfdd5e]

18  0x7f622490d4cd /usr/lib/libjavascriptcoregtk-3.0.so.0(WTF::RunLoop::performWork() 0xe1)+[0x7f622490d4cd]

19  0x7f622492531e /usr/lib/libjavascriptcoregtk-3.0.so.0(WTF::RunLoop::queueWork(WTF::RunLoop*)+0x18) [0x7f622492531e]

20  0x7f622082b8d5 /usr/lib/libglib-2.0.so.0(g_main_context_dispatch 0x135)+[0x7f622082b8d5]

21  0x7f622082bc38 /usr/lib/libglib-2.0.so.0(+0x48c38) [0x7f622082bc38]

22  0x7f622082bcdc /usr/lib/libglib-2.0.so.0(g_main_context_iteration+0x2c) [0x7f622082bcdc]

23  0x7f6220ddc85c /usr/lib/libgio-2.0.so.0(g_application_run+0x24c) [0x7f6220ddc85c]

24  0x42f21f epiphany(main+0x41f) [0x42f21f]

25  0x7f621f789b05 /usr/lib/libc.so.6(__libc_start_main+0xf5) [0x7f621f789b05]

26  0x42f613 epiphany() [0x42f613]
LEAK: 202 RenderObject
LEAK: 1 Page
LEAK: 1 Frame
LEAK: 8 CachedResource
LEAK: 293 WebCoreNode
LEAK: 28 JSLazyEventListener
LEAK: 1 WebPage
LEAK: 1 WebFrame

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list