Bug 216727

Summary:

[GTK] REGRESSION(r267250) API test /webkit/WebKitWebView/usermedia-enumeratedevices-permission-check is crashing

Product:

WebKit

Reporter:

Diego Pino <dpino>

Component:

WebKitGTK

Assignee:

Lauro Moura <lmoura>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

berto, bugs-noreply, cgarcia, ews-watchlist, gustavo, lmoura, pnormand, sihui_liu, vjaquez

Priority:

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
Updated using dispose	none
Patch for landing	none

Diego Pino

Reported 2020-09-18 23:25:40 PDT

According to post-commit bot log, the test started crashing in the interval [r267249-r267251]. Within the range, the most likely cause for the regression seems to be r267250. Unexpected crashes (1) /WebKit2Gtk/TestUIClient /webkit/WebKitWebView/usermedia-enumeratedevices-permission-check ERROR:../../Tools/TestWebKitAPI/Tests/WebKitGLib/TestUIClient.cpp:817:void testWebViewMouseTarget(UIClientTest *, gconstpointer): 'webkit_hit_test_result_context_is_media(hitTestResult)' should be TRUE /webkit/WebKitWebView/geolocation-permission-requests: PASS GLib-GIO-DEBUG: _g_io_module_get_default: Found default implementation local (GLocalVfs) for ‘gio-vfs’ /webkit/WebKitWebView/usermedia-enumeratedevices-permission-check: CRASH See: https://build.webkit.org/builders/GTK%20Linux%2064-bit%20Release%20%28Tests%29/builds/15910/steps/API%20tests/logs/stdio

Attachments
Patch (4.31 KB, patch) 2020-11-05 19:28 PST, Lauro Moura	no flags	Details Formatted Diff Diff
Updated using dispose (3.57 KB, patch) 2020-11-06 07:59 PST, Lauro Moura	no flags	Details Formatted Diff Diff
Patch for landing (3.69 KB, patch) 2020-11-08 19:55 PST, Lauro Moura	no flags	Details Formatted Diff Diff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.

Diego Pino

Comment 1 2020-09-18 23:46:24 PDT

The interval is actually [r267250-r267251]. Considering r267251 is a WPT re-sync the cause has to be r267250.

Philippe Normand

Comment 2 2020-09-21 04:34:07 PDT

Can you share the backtrace?

Philippe Normand

Comment 3 2020-10-07 06:37:40 PDT

Seems related with the geolocation test running just before: Program terminated with signal SIGSEGV, Segmentation fault. #0 g_type_check_instance (type_instance=type_instance@entry=0x216ee20) at ../gobject/gtype.c:4134 4134 TypeNode *node = lookup_type_node_I (type_instance->g_class->g_type); [Current thread is 1 (Thread 0x7fdebd5999c0 (LWP 852))] (gdb) bt #0 g_type_check_instance (type_instance=type_instance@entry=0x216ee20) at ../gobject/gtype.c:4134 #1 0x00007fdebeec7bff in g_signal_emit_valist (instance=0x216ee20, signal_id=182, detail=0, var_args=var_args@entry=0x7ffc4d560210) at ../gobject/gsignal.c:3273 #2 0x00007fdebeec8d43 in g_signal_emit (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>) at ../gobject/gsignal.c:3550 #3 0x00007fdec65448b9 in GeolocationProvider::stopUpdating(WebKit::WebGeolocationManagerProxy&) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #4 0x00007fdec64722bb in WebKit::WebGeolocationManagerProxy::stopUpdating(IPC::Connection&) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #5 0x00007fdec6199269 in WebKit::WebGeolocationManagerProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #6 0x00007fdec63d8dff in IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #7 0x00007fdec64d2a91 in non-virtual thunk to WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #8 0x00007fdec63d2de9 in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #9 0x00007fdec63d230f in IPC::Connection::dispatchIncomingMessages() () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 #10 0x00007fdec3c13856 in WTF::RunLoop::performWork() () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #11 0x00007fdec3c6e7c6 in WTF::RunLoop::RunLoop()::$_1::__invoke(void*) () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #12 0x00007fdec3c6dcba in WTF::RunLoop::$_0::__invoke(_GSource*, int (*)(void*), void*) () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #13 0x00007fdec9bc504f in g_main_dispatch (context=0x200bb30) at ../glib/gmain.c:3325 #14 g_main_context_dispatch (context=0x200bb30) at ../glib/gmain.c:4016 #15 0x00007fdec9bc53f8 in g_main_context_iterate (context=context@entry=0x200bb30, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4092 #16 0x00007fdec9bc54c3 in g_main_context_iteration (context=0x200bb30, may_block=1) at ../glib/gmain.c:4157 #17 0x00000000004106bc in () at elf-init.c:87 #18 0x0000000000000002 in () #19 0x000000000247e3f0 in () #20 0x00000000024812a0 in () #21 0x00000000020d4f80 in () #22 0x00000000023bce80 in () #23 0x0000000000000000 in ()

Philippe Normand

Comment 4 2020-10-07 06:53:30 PDT

#0 g_type_check_instance (type_instance=type_instance@entry=0x1535620) at ../gobject/gtype.c:4134 4134 TypeNode *node = lookup_type_node_I (type_instance->g_class->g_type); [Current thread is 1 (Thread 0x7f7b6093a9c0 (LWP 853))] (gdb) bt #0 g_type_check_instance (type_instance=type_instance@entry=0x1535620) at ../gobject/gtype.c:4134 #1 0x00007f7b62268bff in g_signal_emit_valist (instance=0x1535620, signal_id=182, detail=0, var_args=var_args@entry=0x7ffd50133d50) at ../gobject/gsignal.c:3273 #2 0x00007f7b62269d43 in g_signal_emit (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>) at ../gobject/gsignal.c:3550 #3 0x00007f7b76f6662a in webkitGeolocationManagerStop(_WebKitGeolocationManager*) (manager=0x1535620) at ../../Source/WebKit/UIProcess/API/glib/WebKitGeolocationManager.cpp:269 #4 0x00007f7b76f66fdd in GeolocationProvider::stopUpdating(WebKit::WebGeolocationManagerProxy&) (this=0x7f7b600fa1a0) at ../../Source/WebKit/UIProcess/API/glib/WebKitGeolocationManager.cpp:301 #5 0x00007f7b76d0229e in WebKit::WebGeolocationManagerProxy::removeRequester(IPC::Connection::Client const*) (this=0x7f7b600e7000, client=0x7f7afc2fc488) at ../../Source/WebKit/UIProcess/WebGeolocationManagerProxy.cpp:149 #6 0x00007f7b76d02820 in WebKit::WebGeolocationManagerProxy::stopUpdating(IPC::Connection&) (this=0x7f7b600e7000, connection=...) at ../../Source/WebKit/UIProcess/WebGeolocationManagerProxy.cpp:137 #7 0x00007f7b76340f5c in IPC::callMemberFunctionImpl<WebKit::WebGeolocationManagerProxy, void (WebKit::WebGeolocationManagerProxy::*)(IPC::Connection&), std::tuple<>>(WebKit::WebGeolocationManagerProxy*, void (WebKit::WebGeolocationManagerProxy::*)(IPC::Connection&), IPC::Connection&, std::tuple<>&&, std::integer_sequence<unsigned long>) (object=0x7f7b600e7000, function= (void (WebKit::WebGeolocationManagerProxy::*)(class WebKit::WebGeolocationManagerProxy * const, class IPC::Connection &)) 0x7f7b76d027f0 <WebKit::WebGeolocationManagerProxy::stopUpdating(IPC::Connection&)>, connection=..., args=...) at ../../Source/WebKit/Platform/IPC/HandleMessage.h:83 #8 0x00007f7b76340ec0 in IPC::callMemberFunction<WebKit::WebGeolocationManagerProxy, void (WebKit::WebGeolocationManagerProxy::*)(IPC::Connection&), std::tuple<>, std::integer_sequence<unsigned long> >(IPC::Connection&, std::tuple<>&&, WebKit::WebGeolocationManagerProxy*, void (WebKit::WebGeolocationManagerProxy::*)(IPC::Connection&)) (connection=..., args=..., object=0x7f7b600e7000, function= (void (WebKit::WebGeolocationManagerProxy::*)(class WebKit::WebGeolocationManagerProxy * const, class IPC::Connection &)) 0x7f7b76d027f0 <WebKit::WebGeolocationManagerProxy::stopUpdating(IPC::Connection&)>) at ../../Source/WebKit/Platform/IPC/HandleMessage.h:89 #9 0x00007f7b7633ffb9 in IPC::handleMessage<Messages::WebGeolocationManagerProxy::StopUpdating, WebKit::WebGeolocationManagerProxy, void (WebKit::WebGeolocationManagerProxy::*)(IPC::Connection&)>(IPC::Connection&, IPC::Decoder&, WebKit::WebGeolocationManagerProxy*, void (WebKit::WebGeolocationManagerProxy::*)(IPC::Connection&)) (connection=..., decoder=..., object=0x7f7b600e7000, function= (void (WebKit::WebGeolocationManagerProxy::*)(class WebKit::WebGeolocationManagerProxy * const, class IPC::Connection &)) 0x7f7b76d027f0 <WebKit::WebGeolocationManagerProxy::stopUpdating(IPC::Connection&)>) at ../../Source/WebKit/Platform/IPC/HandleMessage.h:132 #10 0x00007f7b7633fd0a in WebKit::WebGeolocationManagerProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (this=0x7f7b600e7000, connection=..., decoder=...) at DerivedSources/WebKit/WebGeolocationManagerProxyMessageReceiver.cpp:46 #11 0x00007f7b76b47cfc in IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) (this=0x7f7b600f4038, connection=..., decoder=...) at ../../Source/WebKit/Platform/IPC/MessageReceiverMap.cpp:118 #12 0x00007f7b76d6636e in WebKit::WebProcessPool::dispatchMessage(IPC::Connection&, IPC::Decoder&) (this=0x7f7b600f4000, connection=..., decoder=...) at ../../Source/WebKit/UIProcess/WebProcessPool.cpp:1377 #13 0x00007f7b76d6bbd3 in WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (this=0x7f7afc2fc480, connection=..., decoder=...) at ../../Source/WebKit/UIProcess/WebProcessProxy.cpp:796 #14 0x00007f7b76b23a3f in IPC::Connection::dispatchMessage(IPC::Decoder&) (this=0x7f7b600ce1c0, decoder=...) at ../../Source/WebKit/Platform/IPC/Connection.cpp:1001 #15 0x00007f7b76b23fd0 in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) (this=0x7f7b600ce1c0, message=std::unique_ptr<class IPC::Decoder> = {...}) at ../../Source/WebKit/Platform/IPC/Connection.cpp:1070 #16 0x00007f7b76b22ee1 in IPC::Connection::dispatchIncomingMessages() (this=0x7f7b600ce1c0) at ../../Source/WebKit/Platform/IPC/Connection.cpp:1174 #17 0x00007f7b76b2986f in IPC::Connection::MessagesThrottler::scheduleMessagesDispatch()::$_10::operator()() (this=0x7f7b6007fc20) at ../../Source/WebKit/Platform/IPC/Connection.cpp:1106 #18 0x00007f7b76b297de in WTF::Detail::CallableWrapper<IPC::Connection::MessagesThrottler::scheduleMessagesDispatch()::$_10, void>::call() (this=0x7f7b6007fc18) at DerivedSources/ForwardingHeaders/wtf/Function.h:52 #19 0x00007f7b75fd9a82 in WTF::Function<void ()>::operator()() const (this=0x7ffd50134408) at DerivedSources/ForwardingHeaders/wtf/Function.h:83 #20 0x00007f7b698d2995 in WTF::RunLoop::performWork() (this=0x7f7b600f9000) at ../../Source/WTF/wtf/RunLoop.cpp:123 #21 0x00007f7b6996ba5c in WTF::RunLoop::RunLoop()::$_1::operator()(void*) const (this=0x7f7b600f9000, userData=0x7f7b600f9000) at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:80 #22 0x00007f7b6996ba35 in WTF::RunLoop::RunLoop()::$_1::__invoke(void*) (userData=0x7f7b600f9000) at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:79 #23 0x00007f7b6996b9e9 in WTF::RunLoop::$_0::operator()(_GSource*, int (*)(void*), void*) const (this=0x14beaa0, source=0x14beaa0, callback=0x7f7b6996ba20 <WTF::RunLoop::RunLoop()::$_1::__invoke(void*)>, userData=0x7f7b600f9000) at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:53 #24 0x00007f7b6996aa65 in WTF::RunLoop::$_0::__invoke(_GSource*, int (*)(void*), void*) (source=0x14beaa0, callback=0x7f7b6996ba20 <WTF::RunLoop::RunLoop()::$_1::__invoke(void*)>, userData=0x7f7b600f9000) at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:45 #25 0x00007f7b81eb804f in g_main_dispatch (context=0x13d2ca0) at ../glib/gmain.c:3325 #26 g_main_context_dispatch (context=0x13d2ca0) at ../glib/gmain.c:4016 #27 0x00007f7b81eb83f8 in g_main_context_iterate (context=context@entry=0x13d2ca0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4092 #28 0x00007f7b81eb84c3 in g_main_context_iteration (context=0x13d2ca0, may_block=1) at ../glib/gmain.c:4157 #29 0x000000000042ad2b in WebViewTest::showInWindow(int, int) (this=0x13eba40, width=0, height=0) at ../../Tools/TestWebKitAPI/glib/WebKitGLib/gtk/WebViewTestGtk.cpp:88 #30 0x00000000004148a6 in testWebViewUserMediaEnumerateDevicesPermissionCheck(UIClientTest*, void const*) (test=0x13eba40) at ../../Tools/TestWebKitAPI/Tests/WebKitGLib/TestUIClient.cpp:908 #31 0x00007f7b81ee092e in test_case_run (tc=0x1539960) at ../glib/gtestutils.c:2652 #32 g_test_run_suite_internal (suite=suite@entry=0x153b0e0, path=path@entry=0x0) at ../glib/gtestutils.c:2740 #33 0x00007f7b81ee072b in g_test_run_suite_internal (suite=suite@entry=0x153b100, path=path@entry=0x0) at ../glib/gtestutils.c:2752 #34 0x00007f7b81ee072b in g_test_run_suite_internal (suite=suite@entry=0x153b1a0, path=path@entry=0x0) at ../glib/gtestutils.c:2752 --Type <RET> for more, q to quit, c to continue without paging-- #35 0x00007f7b81ee0e1a in g_test_run_suite (suite=0x153b1a0) at ../glib/gtestutils.c:2827 #36 0x00007f7b81ee0e35 in g_test_run () at ../glib/gtestutils.c:2061 #37 0x0000000000421141 in main(int, char**) (argc=1, argv=0x7ffd50134b68) at ../../Tools/TestWebKitAPI/glib/WebKitGLib/TestMain.cpp:138 (gdb) f 3 #3 0x00007f7b76f6662a in webkitGeolocationManagerStop (manager=0x1535620) at ../../Source/WebKit/UIProcess/API/glib/WebKitGeolocationManager.cpp:269 269 g_signal_emit(manager, signals[STOP], 0, nullptr); (gdb) p manager $1 = 0x1535620 (gdb) p *manager $2 = {parent = {g_type_instance = {g_class = <error reading variable: Cannot access memory at address 0x1>}, ref_count = 25341984, qdata = 0x1823150}, priv = 0x1535600}

Lauro Moura

Comment 5 2020-11-05 19:28:53 PST

Created attachment 413385 [details] Patch

EWS Watchlist

Comment 6 2020-11-05 19:29:42 PST

Thanks for the patch. If this patch contains new public API please make sure it follows the guidelines for new WebKit2 GTK+ API. See https://trac.webkit.org/wiki/WebKitGTK/AddingNewWebKit2API

Carlos Garcia Campos

Comment 7 2020-11-05 21:48:56 PST

Comment on attachment 413385 [details] Patch I don't think this is the right fix. The provider is set on construction, and it doesn't make sense to keep it alive after the manager is deleted, so I think we should just call setProvider(nullptr) on WebKitGeolocationManager dispose

Lauro Moura

Comment 8 2020-11-06 07:59:40 PST

Created attachment 413431 [details] Updated using dispose

Carlos Garcia Campos

Comment 9 2020-11-07 00:13:46 PST

Comment on attachment 413431 [details] Updated using dispose View in context: https://bugs.webkit.org/attachment.cgi?id=413431&action=review > Source/WebKit/ChangeLog:16 > + (webkit_geolocation_manager_class_init): Register dispose CB. Don't use abbreviations, I guess CB means callback in this case? > Source/WebKit/UIProcess/API/glib/WebKitGeolocationManager.cpp:336 > + if (manager->priv->manager) > + manager->priv->manager->setProvider(nullptr); How can be manager->priv->manager nullptr at this point? we take a reference on construction.

Lauro Moura

Comment 10 2020-11-08 19:55:29 PST

Created attachment 413554 [details] Patch for landing

EWS

Comment 11 2020-11-08 20:26:28 PST

Committed r269573: <https://trac.webkit.org/changeset/269573> All reviewed patches have been landed. Closing bug and clearing flags on attachment 413554 [details].

Note You need to log in before you can comment on or make changes to this bug.