Bug 185818

Summary: [GTK][Wayland] UI process crash when closing the window
Product: WebKit Reporter: Carlos Garcia Campos <cgarcia>
Component: WebKitGTKAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: bugs-noreply, ews-watchlist, mcatanzaro
Priority: P2 Keywords: Gtk
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
mcatanzaro: review+, ews-watchlist: commit-queue-
Archive of layout-test-results from ews205 for win-future none

Carlos Garcia Campos
Reported 2018-05-21 03:02:13 PDT
This happens when a page containing a text field is loaded but the focus remains in the url bar when the window is closed. It can be easily reproducible with MiniBrowser: 1 - Open MiniBrowser 2 - Load google by typing the url in the bar 3 - Close the window. Make sure the focus remains in the url bar, don't click the view mor move the mouse outside the window. Thread 1 "MiniBrowser" received signal SIGSEGV, Segmentation fault. __GI___libc_free (mem=0xaaaaaaaaaaaaaaaa) at malloc.c:3103 3103 malloc.c: No existe el fichero o el directorio. (gdb) bt #0 __GI___libc_free (mem=0xaaaaaaaaaaaaaaaa) at malloc.c:3103 #1 0x00007fff8e185dbd in reset_preedit (context=0x55555586ef10) at imwayland.c:107 #2 0x00007fffe5518fce in ffi_call_unix64 () from /usr/lib/x86_64-linux-gnu/libffi.so.6 #3 0x00007fffe551893f in ffi_call () from /usr/lib/x86_64-linux-gnu/libffi.so.6 #4 0x00007fffe8ce3184 in ?? () from /usr/lib/x86_64-linux-gnu/libwayland-client.so.0 #5 0x00007fffe8cdf9d9 in ?? () from /usr/lib/x86_64-linux-gnu/libwayland-client.so.0 #6 0x00007fffe8ce0ea4 in wl_display_dispatch_queue_pending () from /usr/lib/x86_64-linux-gnu/libwayland-client.so.0 #7 0x00007fffe8ce12cb in wl_display_roundtrip_queue () from /usr/lib/x86_64-linux-gnu/libwayland-client.so.0 #8 0x00007ffff36cfd5c in gdk_flush () at gdkdisplay.c:598 #9 0x00007ffff3bbbe7f in gtk_main () at gtkmain.c:1327 #10 0x0000555555561464 in main () This is because we are sending a notify-in to the IM context, but the focus is still in the URL bar. That confuses the wayland input manager that tries to free the text of the web view IM context that has already been deleted, instead of the URL bar one.
Attachments
Patch (1.55 KB, patch)
2018-05-21 03:08 PDT, Carlos Garcia Campos 		mcatanzaro: review+
ews-watchlist: commit-queue-
DetailsFormatted DiffDiff
Archive of layout-test-results from ews205 for win-future (12.75 MB, application/zip)
2018-05-21 19:57 PDT, EWS Watchlist 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Carlos Garcia Campos
Comment 1 2018-05-21 03:08:08 PDT
Created attachment 340839 [details] Patch
Michael Catanzaro
Comment 2 2018-05-21 07:01:19 PDT
(Previously reported as https://gitlab.gnome.org/GNOME/gtk/issues/1067.)
Michael Catanzaro
Comment 3 2018-05-21 07:05:31 PDT
Comment on attachment 340839 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=340839&action=review > Source/WebKit/UIProcess/gtk/InputMethodFilter.cpp:93 > + if (enabled && m_page->isViewFocused()) > notifyFocusedIn(); Do you think there's a GTK+ bug here, too? I guess so, because it seems really odd that this could avoid a crash deep in GTK+.
Carlos Garcia Campos
Comment 4 2018-05-21 07:07:56 PDT
(In reply to Michael Catanzaro from comment #3) > Comment on attachment 340839 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=340839&action=review > > > Source/WebKit/UIProcess/gtk/InputMethodFilter.cpp:93 > > + if (enabled && m_page->isViewFocused()) > > notifyFocusedIn(); > > Do you think there's a GTK+ bug here, too? I guess so, because it seems > really odd that this could avoid a crash deep in GTK+. No, we are confusing GTK+ by saying our im context is the one with the focus when it's not.
EWS Watchlist
Comment 5 2018-05-21 19:57:05 PDT
Comment on attachment 340839 [details] Patch Attachment 340839 [details] did not pass win-ews (win): Output: http://webkit-queues.webkit.org/results/7760092 New failing tests: http/tests/security/canvas-remote-read-remote-video-localhost.html
EWS Watchlist
Comment 6 2018-05-21 19:57:16 PDT
Created attachment 340947 [details] Archive of layout-test-results from ews205 for win-future The attached test failures were seen while running run-webkit-tests on the win-ews. Bot: ews205 Port: win-future Platform: CYGWIN_NT-6.1-2.9.0-0.318-5-3-x86_64-64bit
Carlos Garcia Campos
Comment 7 2018-05-21 23:09:03 PDT
Committed r232049: <https://trac.webkit.org/changeset/232049>
Note You need to log in before you can comment on or make changes to this bug.