[Webkit-unassigned] [Bug 213885] New: [GTK] Crash in WebKit::DropTarget::didPerformAction
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jul 2 08:22:36 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=213885
Bug ID: 213885
Summary: [GTK] Crash in WebKit::DropTarget::didPerformAction
Product: WebKit
Version: WebKit Nightly Build
Hardware: PC
OS: Linux
Status: NEW
Severity: Normal
Priority: P2
Component: WebKitGTK
Assignee: webkit-unassigned at lists.webkit.org
Reporter: mcatanzaro at gnome.org
CC: bugs-noreply at webkitgtk.org
I habitually click and drag text. This has long sometimes caused WebKit to crash (bug #190787, which I've never been able to figure out), but now we have a new crash as well:
(gdb) bt full
#0 0x00007fb3fab2ba15 in __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
set =
{__val = {0, 140410885067625, 93841847900496, 93842098070624, 0, 16, 140732286382400, 140410986429520, 140732286382616, 140732286382592, 0, 93842095324864, 140732286382464, 140410928956517, 93841852346096, 1}}
pid = <optimized out>
tid = <optimized out>
#1 0x00007fb3fab14855 in __GI_abort () at abort.c:79
save_stage = 1
act =
{__sigaction_handler = {sa_handler = 0x1, sa_sigaction = 0x1}, sa_mask = {__val = {140404907110656, 140732286382816, 140732286382656, 1, 140410926886456, 0, 0, 0, 0, 4294967296, 93841848715248, 93841848715424, 93842096080304, 1, 140410986544751, 0}}, sa_flags = -1119520440, sa_restorer = 0x0}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007fb3f75b9305 in WTF::Optional<WebCore::DragOperation>::operator*() & (this=<synthetic pointer>)
at DerivedSources/ForwardingHeaders/wtf/Optional.h:534
page = <optimized out>
operation = <optimized out>
#3 0x00007fb3f75b9305 in WebKit::DropTarget::didPerformAction() (this=0x7fb2bd457948)
at ../Source/WebKit/UIProcess/API/gtk/DropTargetGtk3.cpp:220
page = <optimized out>
operation = <optimized out>
#4 0x00007fb3f76b70a8 in IPC::callMemberFunctionImpl<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect const&, WebCore::IntRect const&), std::tuple<WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect, WebCore::IntRect>, 0ul, 1ul, 2ul, 3ul, 4ul, 5ul>(WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect const&, WebCore::IntRect const&), std::tuple<WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect, WebCore::IntRect>&&, std::integer_sequence<unsigned long, 0ul, 1ul, 2ul, 3ul, 4ul, 5ul>)
(args=..., function=
(void (WebKit::WebPageProxy::*)(class WebKit::WebPageProxy * const, class WTF::Optional<WebCore::DragOperation>, enum WebCore::DragHandlingMethod, bool, unsigned int, const class WebCore::IntRect &, const class WebCore::IntRect &)) 0x7fb3f7972e90 <WebKit::WebPageProxy::didPerformDragControllerAction(WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect const&, WebCore::IntRect const&)>, object=0x7fb3e8051b00)
at DerivedSources/ForwardingHeaders/wtf/Optional.h:386
arguments =
{<WTF::constexpr_Optional_base<std::tuple<WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect, WebCore::IntRect> >> = {init_ = true, storage_ = {dummy_ = 0 '\000', value_ = std::tuple containing = {[1] = {<WTF::constexpr_Optional_base<WebCore::DragOperation>> = {init_ = false, storage_ = {dummy_ = 1 '\001', value_ = WebCore::DragOperation::Copy}}, <No data fields>}, [2] = WebCore::DragHandlingMethod::EditPlainText, [3] = false, [4] = 0, [5] = {m_location = {m_x = 0, m_y = 0}, m_size = {m_width = 0, m_height = 0}}, [6] = {m_location = {m_x = 0, m_y = 0}, m_size = {m_width = 0, m_height = 0}}}}}, <No data fields>}
#5 0x00007fb3f76b70a8 in IPC::callMemberFunction<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect const&, WebCore::IntRect const&), std::tuple<WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect, WebCore::IntRect>, std::integer_sequence<unsigned long, 0ul, 1ul, 2ul, 3ul, 4ul, 5ul> >(std::tuple<WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect, WebCore::IntRect>&&, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect const&, WebCore::IntRect const&)) (function=
(void (WebKit::WebPageProxy::*)(class WebKit::WebPageProxy * const, class WTF::Optional<WebCore::DragOperation>, enum WebCore::DragHandlingMethod, bool, unsigned int, const class WebCore::IntRect &, const class WebCore::IntRect &)) 0x7fb3f7972e90 <WebKit::WebPageProxy::didPerformDragControllerAction(WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect const&, WebCore::IntRect const&)>, object=0x7fb3e8051b00, args=...) at ../Source/WebKit/Platform/IPC/HandleMessage.h:47
arguments =
{<WTF::constexpr_Optional_base<std::tuple<WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect, WebCore::IntRect> >> = {init_ = true, storage_ = {dummy_ = 0 '\000', value_ = std::tuple containing = {[1] = {<WTF::constexpr_Optional_base<WebCore::DragOperation>> = {init_ = false, storage_ = {dummy_ = 1 '\001', value_ = WebCore::DragOperation::Copy}}, <No data fields>}, [2] = WebCore::DragHandlingMethod::EditPlainText, [3] = false, [4] = 0, [5] = {m_location = {m_x = 0, m_y = 0}, m_size = {m_width = 0, m_height = 0}}, [6] = {m_location = {m_x = 0, m_y = 0}, m_size = {m_width = 0, m_height = 0}}}}}, <No data fields>}
#6 0x00007fb3f76b70a8 in IPC::handleMessage<Messages::WebPageProxy::DidPerformDragControllerAction, WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect const&, WebCore::IntRect const&)>(IPC::Decoder&, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect const&, WebCore::IntRect const&)) (decoder=..., object=object at entry=0x7fb3e8051b00, function=(void (WebKit::WebPageProxy::*)(class WebKit::WebPageProxy * const, class WTF::Optional<WebCore::DragOperation>, enum WebCore::DragHandlingMethod, bool, unsigned int, const class WebCore::IntRect &, const class WebCore::IntRect &)) 0x7fb3f7972e90 <WebKit::WebPageProxy::didPerformDragControllerAction(WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect const&, WebCore::IntRect const&)>) at ../Source/WebKit/Platform/IPC/HandleMessage.h:114
arguments = {<WTF::constexpr_Optional_base<std::tuple<WTF::Optional<WebCore::DragOperation>, WebCore::DragHandlingMethod, bool, unsigned int, WebCore::IntRect, WebCore::IntRect> >> = {init_ = true, storage_ = {dummy_ = 0 '\000', value_ = std::tuple containing = {[1] = {<WTF::constexpr_Optional_base<WebCore::DragOperation>> = {init_ = false, storage_ = {dummy_ = 1 '\001', value_ = WebCore::DragOperation::Copy}}, <No data fields>}, [2] = WebCore::DragHandlingMethod::EditPlainText, [3] = false, [4] = 0, [5] = {m_location = {m_x = 0, m_y = 0}, m_size = {m_width = 0, m_height = 0}}, [6] = {m_location = {m_x = 0, m_y = 0}, m_size = {m_width = 0, m_height = 0}}}}}, <No data fields>}
#7 0x00007fb3f7698a2c in WebKit::WebPageProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (this=0x7fb3e8051b00, connection=..., decoder=...) at DerivedSources/WebKit/WebPageProxyMessageReceiver.cpp:1553
protectedThis = {static isRef = <optimized out>, m_ptr = 0x7fb3e8051b00}
#8 0x00007fb3f78b13a9 in IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) (this=this at entry=0x7fb3e825c370, connection=..., decoder=...) at ../Source/WebKit/Platform/IPC/MessageReceiverMap.cpp:123
messageReceiver = <optimized out>
#9 0x00007fb3f7939add in WebKit::AuxiliaryProcessProxy::dispatchMessage(IPC::Connection&, IPC::Decoder&) (this=this at entry=0x7fb3e825c340, connection=..., decoder=...) at ../Source/WebKit/UIProcess/AuxiliaryProcessProxy.cpp:209
#10 0x00007fb3f79836c7 in WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (this=0x7fb3e825c340, connection=..., decoder=...) at ../Source/WebKit/UIProcess/WebProcessProxy.cpp:772
#11 0x00007fb3f78ab98d in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (this=0x7fb2bd473300, message=std::unique_ptr<class IPC::Decoder> = {...}) at /usr/include/c++/10.1.0/bits/unique_ptr.h:420
isDispatchingMessageWhileWaitingForSyncReply = <optimized out>
oldDidReceiveInvalidMessage = false
#12 0x00007fb3f78ac189 in IPC::Connection::dispatchIncomingMessages() (this=0x7fb2bd473300) at /usr/include/c++/10.1.0/bits/unique_ptr.h:171
message = std::unique_ptr<class IPC::Decoder> = {get() = 0x0}
messagesToProcess = 0
__func__ = "dispatchIncomingMessages"
#13 0x00007fb3f6bb78e9 in WTF::Function<void ()>::operator()() const (this=<synthetic pointer>) at ../Source/WTF/wtf/Vector.h:341
function = {m_callableWrapper = std::unique_ptr<class WTF::Detail::CallableWrapperBase<void>> = {get() = 0x7fb29072d330}}
functionsHandled = 0
functionsToHandle = 1
didSuspendFunctions = false
#14 0x00007fb3f6bb78e9 in WTF::RunLoop::performWork() (this=0x7fb3f01f9000) at ../Source/WTF/wtf/RunLoop.cpp:140
function = {m_callableWrapper = std::unique_ptr<class WTF::Detail::CallableWrapperBase<void>> = {get() = 0x7fb29072d330}}
functionsHandled = 0
functionsToHandle = 1
didSuspendFunctions = false
#15 0x00007fb3f6c0558d in operator() (userData=<optimized out>, __closure=0x0) at ../Source/WTF/wtf/glib/RunLoopGLib.cpp:68
#16 0x00007fb3f6c0558d in _FUN(gpointer) () at ../Source/WTF/wtf/glib/RunLoopGLib.cpp:70
#17 0x00007fb3fae87e6f in g_main_dispatch (context=0x555941fdac20) at ../glib/gmain.c:3322
dispatch = 0x7fb3f6c055a0 <_FUN(GSource*, GSourceFunc, gpointer)>
prev_source = 0x0
was_in_call = 0
user_data = 0x7fb3f01f9000
callback = 0x7fb3f6c05580 <_FUN(gpointer)>
cb_funcs = <optimized out>
cb_data = 0x5559420f5180
need_destroy = <optimized out>
source = 0x5559420a7f50
current = 0x555941fe3950
i = 0
__func__ = "g_main_dispatch"
#18 0x00007fb3fae87e6f in g_main_context_dispatch (context=0x555941fdac20) at ../glib/gmain.c:3987
#19 0x00007fb3fae88218 in g_main_context_iterate (context=context at entry=0x555941fdac20, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at ../glib/gmain.c:4060
max_priority = 2147483647
timeout = 39
some_ready = 1
nfds = <optimized out>
allocated_nfds = <optimized out>
fds = 0x555950d6b3b0
#20 0x00007fb3fae882e3 in g_main_context_iteration (context=context at entry=0x555941fdac20, may_block=may_block at entry=1) at ../glib/gmain.c:4121
retval = <optimized out>
#21 0x00007fb3fb0ab7cd in g_application_run (application=0x555942290230 [EphyShell], argc=-907004380, argv=<optimized out>) at ../gio/gapplication.c:2559
arguments = 0x5559420e92a0
status = 0
context = 0x555941fdac20
acquired_context = <optimized out>
__func__ = "g_application_run"
#22 0x0000555940ea10b3 in main (argc=<optimized out>, argv=<optimized out>) at ../src/ephy-main.c:432
option_context = <optimized out>
option_group = <optimized out>
error = 0x0
user_time = 202242
arbitrary_url = <optimized out>
ctx = <optimized out>
mode = <optimized out>
status = <optimized out>
flags = <optimized out>
desktop_info = <optimized out>
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200702/4e9ab2b7/attachment-0001.htm>
More information about the webkit-unassigned
mailing list