Bug 154882

Summary: [GTK] Plugin process crash in WebKit::NPObjectMessageReceiver::hasMethod
Product: WebKit Reporter: Michael Catanzaro <mcatanzaro>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: RESOLVED INVALID    
Severity: Normal CC: bugs-noreply, cgarcia, mcatanzaro
Priority: P2    
Version: Other   
Hardware: PC   
OS: Linux   
See Also: https://bugzilla.redhat.com/show_bug.cgi?id=1312686
https://bugs.webkit.org/show_bug.cgi?id=154883
https://bugs.webkit.org/show_bug.cgi?id=154888
Bug Depends on:    
Bug Blocks: 154891    

Michael Catanzaro
Reported 2016-03-01 15:27:44 PST
Description of problem: Tried to update an extension from extensions.gnome.org/local Version-Release number of selected component: webkitgtk4-2.10.7-1.fc23 Additional info: reporter: libreport-2.6.4 backtrace_rating: 3 cmdline: /usr/libexec/webkit2gtk-4.0/WebKitPluginProcess 25 /usr/lib64/mozilla/plugins/libgnome-shell-browser-plugin.so executable: /usr/libexec/webkit2gtk-4.0/WebKitPluginProcess global_pid: 6625 kernel: 4.4.2-301.fc23.x86_64 runlevel: N 5 type: CCpp uid: 1000 Truncated backtrace: Thread no. 1 (10 frames) #0 ?? #1 WebKit::NPObjectMessageReceiver::hasMethod at /usr/src/debug/webkitgtk-2.10.7/Source/WebKit2/Shared/Plugins/NPObjectMessageReceiver.cpp:68 #2 IPC::callMemberFunctionImpl<WebKit::NPObjectMessageReceiver, void (WebKit::NPObjectMessageReceiver::*)(WebKit::NPIdentifierData const&, bool&), std::tuple<WebKit::NPIdentifierData>, 0ul, std::tuple<bool>, 0ul>(WebKit::NPObjectMessageReceiver*, void (WebKit::NPObjectMessageReceiver::*)(WebKit::NPIdentifierData const&, bool&), std::tuple<WebKit::NPIdentifierData>&&, std::tuple<bool>&, std::index_sequence<0ul>, std::index_sequence<0ul>) at /usr/src/debug/webkitgtk-2.10.7/Source/WebKit2/Platform/IPC/HandleMessage.h:30 #3 IPC::callMemberFunction<WebKit::NPObjectMessageReceiver, void (WebKit::NPObjectMessageReceiver::*)(WebKit::NPIdentifierData const&, bool&), std::tuple<WebKit::NPIdentifierData>, std::make_index_sequence<1ul>, std::tuple<bool>, std::make_index_sequence<1ul> >(std::tuple<WebKit::NPIdentifierData>&&, std::tuple<bool>&, WebKit::NPObjectMessageReceiver*, void (WebKit::NPObjectMessageReceiver::*)(WebKit::NPIdentifierData const&, bool&)) at /usr/src/debug/webkitgtk-2.10.7/Source/WebKit2/Platform/IPC/HandleMessage.h:36 #4 IPC::handleMessage<Messages::NPObjectMessageReceiver::RemoveProperty, WebKit::NPObjectMessageReceiver, void (WebKit::NPObjectMessageReceiver::*)(WebKit::NPIdentifierData const&, bool&)> at /usr/src/debug/webkitgtk-2.10.7/Source/WebKit2/Platform/IPC/HandleMessage.h:105 #5 WebKit::NPObjectMessageReceiver::didReceiveSyncNPObjectMessageReceiverMessage at /usr/src/debug/webkitgtk-2.10.7/x86_64-redhat-linux-gnu/DerivedSources/WebKit2/NPObjectMessageReceiverMessageReceiver.cpp:73 #6 WebKit::NPRemoteObjectMap::didReceiveSyncMessage at /usr/src/debug/webkitgtk-2.10.7/Source/WebKit2/Shared/Plugins/NPRemoteObjectMap.cpp:226 #7 WebKit::WebProcessConnection::didReceiveSyncMessage at /usr/src/debug/webkitgtk-2.10.7/Source/WebKit2/PluginProcess/WebProcessConnection.cpp:156 #8 IPC::Connection::dispatchSyncMessage at /usr/src/debug/webkitgtk-2.10.7/Source/WebKit2/Platform/IPC/Connection.cpp:838 #9 IPC::Connection::dispatchMessage at /usr/src/debug/webkitgtk-2.10.7/Source/WebKit2/Platform/IPC/Connection.cpp:901 Full backtrace downstream. This is almost surely with the latest fixes for that plugin (GNOME Shell 3.18.3).
Attachments
Add attachment proposed patch, testcase, etc.
Carlos Garcia Campos
Comment 1 2016-10-28 06:21:03 PDT
This is a bug in the plugin, see the meta bug.
Note You need to log in before you can comment on or make changes to this bug.