Bug 161385

Summary:

REGRESSION(r194846): [GTK] UI process crash visiting sites protected with HTTP auth when using GTK+ < 3.14

Product:

WebKit

Reporter:

Carlos Garcia Campos <cgarcia>

Component:

WebKitGTK

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

berto, bugs-noreply, commit-queue, gustavo, mario, mcatanzaro, mrobinson

Priority:

Keywords:

Gtk, Regression

Version:

WebKit Local Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	tonikitoo: review+

Carlos Garcia Campos

Reported 2016-08-30 09:10:12 PDT

Since r194846, we are chaining up webkitWebViewBaseMotionNotifyEvent, but before GTK+ 3.14 GtkWidget::motion_notify_event was NULL, so it can't be used unconditionally. Program received signal SIGSEGV, Segmentation fault. 0x00000000 in ?? () (gdb) bt #0 0x00000000 in ?? () #1 0xb5fe46b8 in webkitWebViewBaseMotionNotifyEvent(_GtkWidget*, _GdkEventMotion*) () from libwebkit2gtk-4.0.so.37 #2 0xb4b33f46 in _gtk_marshal_BOOLEAN__BOXEDv (closure=0x8106168, return_value=0xbfffe36c, instance=0x83084c8, args=0xbfffe43c "`&4\b\\\344\377\277\230\002\020\b\004", marshal_data=0xb5fe4660 <webkitWebViewBaseMotionNotifyEvent(_GtkWidget*, _GdkEventMotion*)>, n_params=1, param_types=0x81058d0) at gtkmarshalers.c:130 #3 0xb4474db7 in g_type_class_meta_marshalv (closure=0x8106168, return_value=0xbfffe36c, instance=0x83084c8, args=0xbfffe43c "`&4\b\\\344\377\277\230\002\020\b\004", marshal_data=0xcc, n_params=1, param_types=0x81058d0) at gclosure.c:1024 #4 0xb447689e in _g_closure_invoke_va (closure=closure@entry=0x8106168, return_value=return_value@entry=0xbfffe36c, instance=instance@entry=0x83084c8, args=args@entry=0xbfffe43c "`&4\b\\\344\377\277\230\002\020\b\004", n_params=1, param_types=0x81058d0) at gclosure.c:867 #5 0xb448fde2 in g_signal_emit_valist (instance=instance@entry=0x83084c8, signal_id=signal_id@entry=32, detail=detail@entry=0, var_args=var_args@entry=0xbfffe43c "`&4\b\\\344\377\277\230\002\020\b\004") at gsignal.c:3294 #6 0xb4490913 in g_signal_emit (instance=instance@entry=0x83084c8, signal_id=32, detail=detail@entry=0) at gsignal.c:3441 #7 0xb4c739db in gtk_widget_event_internal (widget=widget@entry=0x83084c8, event=event@entry=0x8342660) at gtkwidget.c:6721 #8 0xb4c73cb5 in gtk_widget_event (widget=widget@entry=0x83084c8, event=event@entry=0x8342660) at gtkwidget.c:6378 #9 0xb4b31d55 in propagate_event_up (topmost=<optimized out>, event=<optimized out>, widget=0x83084c8) at gtkmain.c:2393 #10 propagate_event (widget=<optimized out>, event=0x8342660, captured=0, topmost=0x0) at gtkmain.c:2501 #11 0xb4b33b40 in gtk_main_do_event (event=0x8342660) at gtkmain.c:1716 #12 0xb48aafec in _gdk_event_emit (event=event@entry=0x8342660) at gdkevents.c:69 #13 0xb48a9b78 in _gdk_display_flush_events (display=display@entry=0x8121828) at gdkdisplay.c:2035 #14 0xb48b66b6 in gdk_window_flush_events (clock=0x812b720, data=0x82b9a10) at gdkwindow.c:11610 #15 0xb44782a9 in g_cclosure_marshal_VOID__VOIDv (closure=0x8328698, return_value=0x0, instance=0x812b720, args=0xbfffe798 "", marshal_data=0x0, n_params=0, param_types=0x0) at gmarshal.c:905 #16 0xb447689e in _g_closure_invoke_va (closure=closure@entry=0x8328698, return_value=return_value@entry=0x0, instance=instance@entry=0x812b720, args=args@entry=0xbfffe798 "", n_params=0, param_types=0x0) at gclosure.c:867 #17 0xb448fde2 in g_signal_emit_valist (instance=instance@entry=0x812b720, signal_id=signal_id@entry=134, detail=detail@entry=0, var_args=var_args@entry=0xbfffe798 "") at gsignal.c:3294 #18 0xb4490dbc in g_signal_emit_by_name (instance=instance@entry=0x812b720, detailed_signal=detailed_signal@entry=0xb48e815a "flush-events") at gsignal.c:3481 #19 0xb48affbd in gdk_frame_clock_flush_idle (data=0x812b720) at gdkframeclockidle.c:312 #20 0xb48a1a75 in gdk_threads_dispatch (data=data@entry=0x81a1340) at gdk.c:788 #21 0xb4372d61 in g_timeout_dispatch (source=source@entry=0x83484c0, callback=0xb48a1a40 <gdk_threads_dispatch>, user_data=0x81a1340) at gmain.c:4577 #22 0xb4372257 in g_main_dispatch (context=0x8126490, context@entry=0x83484c0) at gmain.c:3154 #23 g_main_context_dispatch (context=context@entry=0x8126490) at gmain.c:3769 #24 0xb4372618 in g_main_context_iterate (context=context@entry=0x8126490, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3840 #25 0xb43726d8 in g_main_context_iteration (context=context@entry=0x8126490, may_block=may_block@entry=1) at gmain.c:3901 #26 0xb45c11d8 in g_application_run (application=0x8113120, argc=argc@entry=1, argv=argv@entry=0xbfffea54) at gapplication.c:2381 #27 0x080696a5 in main (argc=1, argv=0xbfffea54) at ephy-main.c:472

Attachments
Patch (1.88 KB, patch) 2016-08-30 09:23 PDT, Carlos Garcia Campos	tonikitoo: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Carlos Garcia Campos

Comment 1 2016-08-30 09:23:34 PDT

Created attachment 287399 [details] Patch

WebKit Commit Bot

Comment 2 2016-08-30 09:24:52 PDT

Thanks for the patch. If this patch contains new public API please make sure it follows the guidelines for new WebKit2 GTK+ API. See http://trac.webkit.org/wiki/WebKitGTK/AddingNewWebKit2API

Carlos Garcia Campos

Comment 3 2016-08-30 09:36:14 PDT

Committed r205182: <http://trac.webkit.org/changeset/205182>

Note You need to log in before you can comment on or make changes to this bug.