Bug 146949

Summary: [GTK] Web process crash in WebKit::NetscapePlugin::platformGeometryDidChange
Product: WebKit Reporter: Michael Catanzaro <mcatanzaro>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: RESOLVED INVALID    
Severity: Normal CC: bugs-noreply, cgarcia, mcatanzaro
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: Linux   
See Also: https://bugzilla.redhat.com/show_bug.cgi?id=1243159
https://bugzilla.redhat.com/show_bug.cgi?id=1297617

Description Michael Catanzaro 2015-07-14 16:31:48 PDT 
In the web process, WebKit::NetscapePlugin::platformGeometryDidChange calls gdk_x11_window_get_xid with a null GdkWindow:

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 _gdk_window_has_impl at gdkwindow.c:593
 #1 gdk_x11_window_get_xid at gdkwindow-x11.c:5527
 #2 WebKit::NetscapePlugin::platformGeometryDidChange at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/WebProcess/Plugins/Netscape/x11/NetscapePluginX11.cpp:264
 #3 WebKit::NetscapePlugin::geometryDidChange at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/WebProcess/Plugins/Netscape/NetscapePlugin.cpp:767
 #4 WebKit::PluginControllerProxy::geometryDidChange at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/PluginProcess/PluginControllerProxy.cpp:437
 #5 callMemberFunctionImpl<WebKit::PluginControllerProxy, void (WebKit::PluginControllerProxy::*)(WebCore::IntSize const&, WebCore::IntRect const&, WebCore::AffineTransform const&, float, WebKit::ShareableBitmap::Handle const&), std::tuple<WebCore::IntSize, WebCore::IntRect, WebCore::AffineTransform, float, WebKit::ShareableBitmap::Handle>, 0ul, 1ul, 2ul, 3ul, 4ul> at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/Platform/IPC/HandleMessage.h:16
 #6 callMemberFunction<WebKit::PluginControllerProxy, void (WebKit::PluginControllerProxy::*)(WebCore::IntSize const&, WebCore::IntRect const&, WebCore::AffineTransform const&, float, WebKit::ShareableBitmap::Handle const&), std::tuple<WebCore::IntSize, WebCore::IntRect, WebCore::AffineTransform, float, WebKit::ShareableBitmap::Handle>, std::make_index_sequence<5ul> > at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/Platform/IPC/HandleMessage.h:22
 #7 handleMessage<Messages::PluginControllerProxy::GeometryDidChange, WebKit::PluginControllerProxy, void (WebKit::PluginControllerProxy::*)(WebCore::IntSize const&, WebCore::IntRect const&, WebCore::AffineTransform const&, float, WebKit::ShareableBitmap::Handle const&)> at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/Platform/IPC/HandleMessage.h:92
 #8 WebKit::PluginControllerProxy::didReceivePluginControllerProxyMessage at /usr/src/debug/webkitgtk-2.8.3/x86_64-redhat-linux-gnu/DerivedSources/WebKit2/PluginControllerProxyMessageReceiver.cpp:77
 #9 WebKit::WebProcessConnection::didReceiveMessage at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/PluginProcess/WebProcessConnection.cpp:140

This is with the Google Talk plugin. Full backtrace downstream, as usual.
Comment 1 Carlos Garcia Campos 2015-07-15 05:49:44 PDT 
Any way to reproduce it? does it happen just loading a page with hangouts plugin? We could just check that the window is not null, but I prefer to understand the problem to avoid hiding another issue with a null check workaround.
Comment 2 Michael Catanzaro 2015-07-15 06:13:57 PDT 
(In reply to comment #1)
> Any way to reproduce it?

I will ask downstream, but generally the answer is "random crash."

> does it happen just loading a page with hangouts plugin?

I have unhappily used Hangouts in Epiphany before and it has always worked fine (actually you were in the room for that once :), so probably not, but it's a new crash if so.
Comment 3 Michael Catanzaro 2015-07-30 13:24:29 PDT 
(In reply to comment #1)
> Any way to reproduce it? does it happen just loading a page with hangouts
> plugin? We could just check that the window is not null, but I prefer to
> understand the problem to avoid hiding another issue with a null check
> workaround.

Got a response: "Unfortunately I cannot reliably reproduce it: it happens randomly. I have several crashes with Epiphany, so it's also hard for me to say if this specific crash is related to the Hangouts plugin or if it happens in other instances. Sorry :-|."
Comment 4 Carlos Garcia Campos 2020-08-17 06:47:48 PDT 
Plugins are no longer supported.