<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - [GTK] Crash when handling NPAPI plugin"
href="https://bugs.webkit.org/show_bug.cgi?id=145114">145114</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>[GTK] Crash when handling NPAPI plugin
</td>
</tr>
<tr>
<th>Classification</th>
<td>Unclassified
</td>
</tr>
<tr>
<th>Product</th>
<td>WebKit
</td>
</tr>
<tr>
<th>Version</th>
<td>528+ (Nightly build)
</td>
</tr>
<tr>
<th>Hardware</th>
<td>Unspecified
</td>
</tr>
<tr>
<th>OS</th>
<td>Unspecified
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>Normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P2
</td>
</tr>
<tr>
<th>Component</th>
<td>WebKit Gtk
</td>
</tr>
<tr>
<th>Assignee</th>
<td>webkit-unassigned@lists.webkit.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>tpopela@redhat.com
</td>
</tr></table>
<p>
<div>
<pre>As reported on <a href="https://bugzilla.redhat.com/show_bug.cgi?id=1222241">https://bugzilla.redhat.com/show_bug.cgi?id=1222241</a> the WebProcess (WebKitGTK+ 2.8.1) crashed when handling the libgnome-shell-browser-plugin plugin. I'm curious if we can simply early return from WebKit::NetscapePlugin::platformVisibilityDidChange if we cannot obtain valid GdkWindow with gtk_plug_get_socket_window.
#0 0x00007f5f2dbc2b82 in _gdk_window_has_impl (window=window@entry=0x0) at gdkwindow.c:593
No locals.
#1 0x00007f5f2dbf39ee in gdk_x11_window_get_xid (window=0x0) at gdkwindow-x11.c:5527
No locals.
#2 0x00007f5f3594c28d in WebKit::NetscapePlugin::platformVisibilityDidChange (this=0x7f5f117fb158) at /usr/src/debug/webkitgtk-2.8.1/Source/WebKit2/WebProcess/Plugins/Netscape/x11/NetscapePluginX11.cpp:291
windowID = 0
#3 0x00007f5f357515a6 in WebKit::PluginControllerProxy::visibilityDidChange (this=0x7f5f396c3eb0, isVisible=<optimized out>) at /usr/src/debug/webkitgtk-2.8.1/Source/WebKit2/PluginProcess/PluginControllerProxy.cpp:445
No locals.
#4 0x00007f5f3595e8ac in callMemberFunctionImpl<WebKit::PluginControllerProxy, void (WebKit::PluginControllerProxy::*)(bool), std::tuple<bool>, 0ul> (args=<optimized out>, function=<optimized out>, object=0x7f5f396c3eb0) at /usr/src/debug/webkitgtk-2.8.1/Source/WebKit2/Platform/IPC/HandleMessage.h:16
No locals.
#5 callMemberFunction<WebKit::PluginControllerProxy, void (WebKit::PluginControllerProxy::*)(bool), std::tuple<bool>, std::make_index_sequence<1ul> > (function=<optimized out>, object=0x7f5f396c3eb0, args=<unknown type in /usr/lib/debug/usr/lib64/libwebkit2gtk-4.0.so.37.6.4.debug, CU 0xbbd7d6e, DIE 0xbc148d3>) at /usr/src/debug/webkitgtk-2.8.1/Source/WebKit2/Platform/IPC/HandleMessage.h:22
No locals.
#6 IPC::handleMessage<Messages::PluginControllerProxy::MutedStateChanged, WebKit::PluginControllerProxy, void (WebKit::PluginControllerProxy::*)(bool)> (decoder=..., object=object@entry=0x7f5f396c3eb0, function=(void (WebKit::PluginControllerProxy::*)(WebKit::PluginControllerProxy * const, bool)) 0x7f5f35751590 <WebKit::PluginControllerProxy::visibilityDidChange(bool)>) at /usr/src/debug/webkitgtk-2.8.1/Source/WebKit2/Platform/IPC/HandleMessage.h:92
arguments = std::tuple containing = {[1] = false}
#7 0x00007f5f3595d9f4 in WebKit::PluginControllerProxy::didReceivePluginControllerProxyMessage (this=this@entry=0x7f5f396c3eb0, connection=..., decoder=...) at /usr/src/debug/webkitgtk-2.8.1/x86_64-redhat-linux-gnu/DerivedSources/WebKit2/PluginControllerProxyMessageReceiver.cpp:81
No locals.
#8 0x00007f5f35754d88 in WebKit::WebProcessConnection::didReceiveMessage (this=<optimized out>, connection=..., decoder=...) at /usr/src/debug/webkitgtk-2.8.1/Source/WebKit2/PluginProcess/WebProcessConnection.cpp:140
protector = {m_pluginController = 0x7f5f396c3eb0}
#9 0x00007f5f3574bcfb in IPC::Connection::dispatchMessage (this=this@entry=0x7f5f117ff3f0, message=std::unique_ptr<IPC::MessageDecoder> containing 0x7f5f11fd5420) at /usr/src/debug/webkitgtk-2.8.1/Source/WebKit2/Platform/IPC/Connection.cpp:860
oldDidReceiveInvalidMessage = false
#10 0x00007f5f3574c551 in IPC::Connection::dispatchOneMessage (this=0x7f5f117ff3f0) at /usr/src/debug/webkitgtk-2.8.1/Source/WebKit2/Platform/IPC/Connection.cpp:888
message = std::unique_ptr<IPC::MessageDecoder> containing 0x0
#11 0x00007f5f36b3bf21 in operator() (this=0x7ffde75c4570) at /usr/include/c++/5.0.0/functional:2271
No locals.
#12 WTF::RunLoop::performWork (this=0x7f5f11ff8000) at /usr/src/debug/webkitgtk-2.8.1/Source/WTF/wtf/RunLoop.cpp:104
function = {<std::_Maybe_unary_or_binary_function<void>> = {<No data fields>}, <std::_Function_base> = {static _M_max_size = 16, static _M_max_align = 8, _M_functor = {_M_unused = {_M_object = 0x7f5ec4001e00, _M_const_object = 0x7f5ec4001e00, _M_function_pointer = 0x7f5ec4001e00, _M_member_pointer = (void (std::_Undefined_class::*)(std::_Undefined_class * const)) 0x7f5ec4001e00, this adjustment 140046412330767}, _M_pod_data = "\000\036\000\304^\177\000\000\017\267\250\030_\177\000"}, _M_manager = 0x7f5f3574d280 <std::_Function_base::_Base_manager<WTF::Function<void ()> >::_M_manager(std::_Any_data&, std::_Any_data const&, std::_Manager_operation)>}, _M_invoker = 0x7f5f3574d1e0 <std::_Function_handler<void (), WTF::Function<void ()> >::_M_invoke(std::_Any_data const&)>}
functionsToHandle = <optimized out>
#13 0x00007f5f34f4b225 in operator() (this=0x7ffde75c4638) at /usr/include/c++/5.0.0/functional:2271
No locals.
#14 WTF::GMainLoopSource::voidCallback (this=0x7f5f11fd82c0) at /usr/src/debug/webkitgtk-2.8.1/Source/WTF/wtf/gobject/GMainLoopSource.cpp:365
context = {source = {m_ptr = 0x7f5ec4001e60}, cancellable = {m_ptr = 0x0}, socketCancellable = {m_ptr = 0x0}, voidCallback = {<std::_Maybe_unary_or_binary_function<void>> = {<No data fields>}, <std::_Function_base> = {static _M_max_size = 16, static _M_max_align = 8, _M_functor = {_M_unused = {_M_object = 0x7f5ec4001e40, _M_const_object = 0x7f5ec4001e40, _M_function_pointer = 0x7f5ec4001e40, _M_member_pointer = (void (std::_Undefined_class::*)(std::_Undefined_class * const)) 0x7f5ec4001e40, this adjustment 140046961219824}, _M_pod_data = "@\036\000\304^\177\000\000\360\030`9_\177\000"}, _M_manager = 0x7f5f36b3fdc0 <std::_Function_base::_Base_manager<WTF::RunLoop::wakeUp()::<lambda()> >::_M_manager(std::_Any_data &, const std::_Any_data &, std::_Manager_operation)>}, _M_invoker = 0x7f5f36b3fd80 <std::_Function_handler<void(), WTF::RunLoop::wakeUp()::<lambda()> >::_M_invoke(const std::_Any_data &
#15 0x00007f5f34f4742a in WTF::GMainLoopSource::voidSourceCallback (source=<optimized out>) at /usr/src/debug/webkitgtk-2.8.1/Source/WTF/wtf/gobject/GMainLoopSource.cpp:456
No locals.
#16 0x00007f5f31e84a8a in g_main_dispatch (context=0x7f5f396018f0) at gmain.c:3122
dispatch = 0x7f5f31e81530 <g_idle_dispatch>
prev_source = 0x0
was_in_call = 0
user_data = 0x7f5f11fd82c0
callback = 0x7f5f34f47420 <WTF::GMainLoopSource::voidSourceCallback(WTF::GMainLoopSource*)>
cb_funcs = 0x7f5f321738a0 <g_source_callback_funcs>
cb_data = 0x7f5ec4001ef0
need_destroy = <optimized out>
source = 0x7f5ec4001e60
current = 0x7f5f395e9500
i = 0
#17 g_main_context_dispatch (context=context@entry=0x7f5f396018f0) at gmain.c:3737
No locals.
#18 0x00007f5f31e84e20 in g_main_context_iterate (context=0x7f5f396018f0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3808
max_priority = 2147483647
timeout = 1133
some_ready = 1
nfds = <optimized out>
allocated_nfds = 3
fds = 0x7f5f3968e920
#19 0x00007f5f31e85142 in g_main_loop_run (loop=0x7f5f3968e860) at gmain.c:4002
__func__ = "g_main_loop_run"
#20 0x00007f5f358e1e4b in WebKit::ChildProcessMain<WebKit::PluginProcess, WebKit::PluginProcessMain> (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/webkitgtk-2.8.1/Source/WebKit2/Shared/unix/ChildProcessMain.h:61
childMain = {<WebKit::ChildProcessMainBase> = {_vptr.ChildProcessMainBase = 0x7f5f3723fd50 <vtable for WebKit::PluginProcessMain+16>, m_parameters = {uiProcessName = {m_impl = {m_ptr = 0x0}}, clientIdentifier = {m_impl = {m_ptr = 0x0}}, connectionIdentifier = 34, extraInitializationData = {m_impl = {static m_maxLoad = <optimized out>, static m_minLoad = <optimized out>, m_table = 0x7f5f11ffb200, m_tableSize = 8, m_tableSizeMask = 7, m_keyCount = 1, m_deletedCount = 0}}}}, <No data fields>}
#21 0x00007f5f2c4b8790 in __libc_start_main (main=0x7f5f37600bd0 <main(int, char**)>, argc=3, argv=0x7ffde75c4998, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffde75c4988) at libc-start.c:289
result = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -5599487145779380534, 140046927662048, 140728485038480, 0, 0, -5544212190049583414, -5599497930774659382}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x7ffde75c49b8, 0x7f5f375ff148}, data = {prev = 0x0, cleanup = 0x0, canceltype = -413382216}}}
not_first_call = <optimized out>
#22 0x00007f5f37600c09 in _start ()</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>