[Webkit-unassigned] [Bug 146949] New: [GTK] Web process crash in WebKit::NetscapePlugin::platformGeometryDidChange

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jul 14 16:31:48 PDT 2015 

https://bugs.webkit.org/show_bug.cgi?id=146949

            Bug ID: 146949
           Summary: [GTK] Web process crash in
                    WebKit::NetscapePlugin::platformGeometryDidChange
    Classification: Unclassified
           Product: WebKit
           Version: 528+ (Nightly build)
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Gtk
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at igalia.com

In the web process, WebKit::NetscapePlugin::platformGeometryDidChange calls gdk_x11_window_get_xid with a null GdkWindow:

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 _gdk_window_has_impl at gdkwindow.c:593
 #1 gdk_x11_window_get_xid at gdkwindow-x11.c:5527
 #2 WebKit::NetscapePlugin::platformGeometryDidChange at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/WebProcess/Plugins/Netscape/x11/NetscapePluginX11.cpp:264
 #3 WebKit::NetscapePlugin::geometryDidChange at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/WebProcess/Plugins/Netscape/NetscapePlugin.cpp:767
 #4 WebKit::PluginControllerProxy::geometryDidChange at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/PluginProcess/PluginControllerProxy.cpp:437
 #5 callMemberFunctionImpl<WebKit::PluginControllerProxy, void (WebKit::PluginControllerProxy::*)(WebCore::IntSize const&, WebCore::IntRect const&, WebCore::AffineTransform const&, float, WebKit::ShareableBitmap::Handle const&), std::tuple<WebCore::IntSize, WebCore::IntRect, WebCore::AffineTransform, float, WebKit::ShareableBitmap::Handle>, 0ul, 1ul, 2ul, 3ul, 4ul> at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/Platform/IPC/HandleMessage.h:16
 #6 callMemberFunction<WebKit::PluginControllerProxy, void (WebKit::PluginControllerProxy::*)(WebCore::IntSize const&, WebCore::IntRect const&, WebCore::AffineTransform const&, float, WebKit::ShareableBitmap::Handle const&), std::tuple<WebCore::IntSize, WebCore::IntRect, WebCore::AffineTransform, float, WebKit::ShareableBitmap::Handle>, std::make_index_sequence<5ul> > at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/Platform/IPC/HandleMessage.h:22
 #7 handleMessage<Messages::PluginControllerProxy::GeometryDidChange, WebKit::PluginControllerProxy, void (WebKit::PluginControllerProxy::*)(WebCore::IntSize const&, WebCore::IntRect const&, WebCore::AffineTransform const&, float, WebKit::ShareableBitmap::Handle const&)> at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/Platform/IPC/HandleMessage.h:92
 #8 WebKit::PluginControllerProxy::didReceivePluginControllerProxyMessage at /usr/src/debug/webkitgtk-2.8.3/x86_64-redhat-linux-gnu/DerivedSources/WebKit2/PluginControllerProxyMessageReceiver.cpp:77
 #9 WebKit::WebProcessConnection::didReceiveMessage at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/PluginProcess/WebProcessConnection.cpp:140

This is with the Google Talk plugin. Full backtrace downstream, as usual.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150714/9d4b2b56/attachment.html>

More information about the webkit-unassigned mailing list