195886 2019-03-18 08:01:24 -0700 webkitWebViewPopulateContextMenu emits context-menu signal with NULL event (illegal) 2019-10-22 01:38:42 -0700 1 1 1 Unclassified WebKit WebKitGTK WebKit Nightly Build PC Linux NEW https://bugzilla.redhat.com/show_bug.cgi?id=1687185 P2 Normal --- 1 mcatanzaro webkit-unassigned aperez bugs-noreply cgarcia mcatanzaro oldest_to_newest 1517682 0 mcatanzaro 2019-03-18 08:01:24 -0700 Truncated backtrace: Thread no. 1 (10 frames) #0 ephy_embed_event_new at ../embed/ephy-embed-event.c:68 #1 populate_context_menu at ../src/ephy-window.c:1459 #2 ffi_call_unix64 at ../src/x86/unix64.S:76 #3 ffi_call at ../src/x86/ffi64.c:525 #4 g_cclosure_marshal_generic at gclosure.c:1496 #9 webkitWebViewPopulateContextMenu at /usr/src/debug/webkit2gtk3-2.22.6-1.fc29.x86_64/Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:2319 #10 ContextMenuClient::getContextMenuFromProposedMenu at /usr/src/debug/webkit2gtk3-2.22.6-1.fc29.x86_64/Source/WebKit/UIProcess/API/glib/WebKitContextMenuClient.cpp:50 #11 WebKit::WebContextMenuProxyGtk::show at /usr/src/debug/webkit2gtk3-2.22.6-1.fc29.x86_64/x86_64-redhat-linux-gnu/DerivedSources/ForwardingHeaders/wtf/Vector.h:365 #12 WebKit::WebPageProxy::showContextMenu at /usr/src/debug/webkit2gtk3-2.22.6-1.fc29.x86_64/x86_64-redhat-linux-gnu/DerivedSources/ForwardingHeaders/wtf/DumbPtrTraits.h:41 #13 IPC::callMemberFunctionImpl<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(WebKit::ContextMenuContextData&&, WebKit::UserData const&), std::tuple<WebKit::ContextMenuContextData, WebKit::UserData>, 0ul, 1ul> at /usr/src/debug/webkit2gtk3-2.22.6-1.fc29.x86_64/Source/WebKit/Platform/IPC/HandleMessage.h:45 (full backtrace in the downstream bug) This looks like a WebKit bug (or a GTK bug). The documentation of WebKitWebView's context-menu signal says this of the event parameter: """ The event is expected to be one of the following types: a GdkEventButton of type GDK_BUTTON_PRESS when the context menu was triggered with mouse. a GdkEventKey of type GDK_KEY_PRESS if the keyboard was used to show the menu. a generic GdkEvent of type GDK_NOTHING when the “popup-menu” signal was used to show the context menu. """ Epiphany just assumes it's non-NULL, but here WebKit is emitting context-menu with a NULL event. It's not Epiphany's job to handle that: it's WebKit's job to ensure it doesn't happen. (Actually, Epiphany is wrong to cast it to a GdkEventButton without checking the type of the event. So there is an Epiphany bug here too. But that can't cause this crash, and it's not what happened in this backtrace.) 1521656 1 cgarcia 2019-03-27 04:25:29 -0700 We need a way to reproduce this. The web process is sending the ShowContextMenu message without a right click event. We need to understand why. 1521683 2 mcatanzaro 2019-03-27 08:29:07 -0700 I've asked in the downstream bug, but usually reporters don't know anything about how it crashes. Jan-Michael asked elsewhere about what happens when the context menu is opened via a touch event (long press or something?). Maybe this is related to touch? The documentation seems to indicate this can't happen, but perhaps the documentation is outdated. 1582110 3 aperez 2019-10-21 16:06:57 -0700 (In reply to Michael Catanzaro from comment #2) > I've asked in the downstream bug, but usually reporters don't know anything > about how it crashes. > > Jan-Michael asked elsewhere about what happens when the context menu is > opened via a touch event (long press or something?). Maybe this is related > to touch? The documentation seems to indicate this can't happen, but perhaps > the documentation is outdated. I *suppose* that another way of opening a context menu without using a mouse event would be with the menu key from the keyboard ¬_¬ 1582297 4 cgarcia 2019-10-22 01:38:42 -0700 (In reply to Adrian Perez from comment #3) > (In reply to Michael Catanzaro from comment #2) > > I've asked in the downstream bug, but usually reporters don't know anything > > about how it crashes. > > > > Jan-Michael asked elsewhere about what happens when the context menu is > > opened via a touch event (long press or something?). Maybe this is related > > to touch? The documentation seems to indicate this can't happen, but perhaps > > the documentation is outdated. > > I *suppose* that another way of opening a context menu without using > a mouse event would be with the menu key from the keyboard ¬_¬ In that case we pass the keyboard event, see the first comment: """ The event is expected to be one of the following types: a GdkEventButton of type GDK_BUTTON_PRESS when the context menu was triggered with mouse. a GdkEventKey of type GDK_KEY_PRESS if the keyboard was used to show the menu. a generic GdkEvent of type GDK_NOTHING when the “popup-menu” signal was used to show the context menu. """