116311 – [EFL][WK2] Make Ewk_Context_Menu_Item Ewk_Object

Bug 116311 - [EFL][WK2] Make Ewk_Context_Menu_Item Ewk_Object

Summary: [EFL][WK2] Make Ewk_Context_Menu_Item Ewk_Object

Status:	RESOLVED WONTFIX

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit EFL (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Michal Pakula vel Rutka

URL:
Keywords:

Depends on:	116549
Blocks:
	Show dependency tree / graph

Reported:	2013-05-17 06:34 PDT by Michal Pakula vel Rutka
Modified:	2013-05-22 05:16 PDT (History)
CC List:	6 users (show)

See Also:

Attachments
proposed patch (17.30 KB, patch) 2013-05-21 02:45 PDT, Michal Pakula vel Rutka	cdumez: review-	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michal Pakula vel Rutka 2013-05-17 06:34:05 PDT

SSIA

Comment 1 Michal Pakula vel Rutka 2013-05-21 02:45:10 PDT

Created attachment 202400 [details]
proposed patch

Comment 2 Chris Dumez 2013-05-21 03:14:47 PDT

I applied your patch, lunched Google and did a right click to show the context menu and experienced the following crash:

chris@cdumez-samsung:~/devel/WebKit$ WebKitBuild/Debug/bin/MiniBrowser 
HTML5 local storage is enabled for this view.
ASSERTION FAILED: !m_adoptionIsRequired
/home/chris/devel/WebKit/Source/WTF/wtf/RefCounted.h(59) : void WTF::RefCountedBase::ref()
1   0x7fb0b7d1f3f7 WTFCrash
2   0x7fb0b79fd153 WTF::RefCountedBase::ref()
3   0x7fb0b7c8f0d2 void WTF::refIfNotNull<EwkContextMenu>(EwkContextMenu*)
4   0x7fb0b7c8efe7 WTF::PassRefPtr<EwkContextMenu>::PassRefPtr(EwkContextMenu*)
5   0x7fb0b7c8e05e EwkContextMenu::EwkContextMenu(EwkView*, OpaqueWKArray const*)
6   0x7fb0b7c81389 EwkContextMenu::create(EwkView*, OpaqueWKArray const*)
7   0x7fb0b7c7eee8 EwkView::showContextMenu(WKPoint, OpaqueWKArray const*)
8   0x7fb0b7ca76c9
9   0x7fb0b7ada688 WebKit::WebPageContextMenuClient::showContextMenu(WebKit::WebPageProxy*, WebCore::IntPoint const&, WTF::Vector<WebKit::WebContextMenuItemData, 0ul, WTF::CrashOnOverflow> const&)
10  0x7fb0b7aee224 WebKit::WebPageProxy::internalShowContextMenu(WebCore::IntPoint const&, WebKit::WebHitTestResult::Data const&, WTF::Vector<WebKit::WebContextMenuItemData, 0ul, WTF::CrashOnOverflow> const&, CoreIPC::MessageDecoder&)
11  0x7fb0b7aedfe4 WebKit::WebPageProxy::showContextMenu(WebCore::IntPoint const&, WebKit::WebHitTestResult::Data const&, WTF::Vector<WebKit::WebContextMenuItemData, 0ul, WTF::CrashOnOverflow> const&, CoreIPC::MessageDecoder&)
12  0x7fb0b7cf9558 void CoreIPC::callMemberFunction<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(WebCore::IntPoint const&, WebKit::WebHitTestResult::Data const&, WTF::Vector<WebKit::WebContextMenuItemData, 0ul, WTF::CrashOnOverflow> const&, CoreIPC::MessageDecoder&), WebCore::IntPoint, WebKit::WebHitTestResult::Data, WTF::Vector<WebKit::WebContextMenuItemData, 0ul, WTF::CrashOnOverflow> >(CoreIPC::Arguments3<WebCore::IntPoint, WebKit::WebHitTestResult::Data, WTF::Vector<WebKit::WebContextMenuItemData, 0ul, WTF::CrashOnOverflow> > const&, CoreIPC::MessageDecoder&, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(WebCore::IntPoint const&, WebKit::WebHitTestResult::Data const&, WTF::Vector<WebKit::WebContextMenuItemData, 0ul, WTF::CrashOnOverflow> const&, CoreIPC::MessageDecoder&))
13  0x7fb0b7cf54ad void CoreIPC::handleMessageVariadic<Messages::WebPageProxy::ShowContextMenu, WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(WebCore::IntPoint const&, WebKit::WebHitTestResult::Data const&, WTF::Vector<WebKit::WebContextMenuItemData, 0ul, WTF::CrashOnOverflow> const&, CoreIPC::MessageDecoder&)>(CoreIPC::MessageDecoder&, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(WebCore::IntPoint const&, WebKit::WebHitTestResult::Data const&, WTF::Vector<WebKit::WebContextMenuItemData, 0ul, WTF::CrashOnOverflow> const&, CoreIPC::MessageDecoder&))
14  0x7fb0b7cf00a3 WebKit::WebPageProxy::didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageDecoder&)
15  0x7fb0b7a1525a CoreIPC::MessageReceiverMap::dispatchMessage(CoreIPC::Connection*, CoreIPC::MessageDecoder&)
16  0x7fb0b7a2a079 WebKit::ChildProcessProxy::dispatchMessage(CoreIPC::Connection*, CoreIPC::MessageDecoder&)
17  0x7fb0b7b29ef1 WebKit::WebProcessProxy::didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageDecoder&)
18  0x7fb0b7a03468 CoreIPC::Connection::dispatchMessage(CoreIPC::MessageDecoder&)
19  0x7fb0b7a03548 CoreIPC::Connection::dispatchMessage(WTF::PassOwnPtr<CoreIPC::MessageDecoder>)
20  0x7fb0b7a03759 CoreIPC::Connection::dispatchOneMessage()
21  0x7fb0b7a14639 WTF::FunctionWrapper<void (CoreIPC::Connection::*)()>::operator()(CoreIPC::Connection*)
22  0x7fb0b7a141be WTF::BoundFunctionImpl<WTF::FunctionWrapper<void (CoreIPC::Connection::*)()>, void (CoreIPC::Connection*)>::operator()()
23  0x7fb0b7c2a63d WTF::Function<void ()>::operator()() const
24  0x7fb0b32f5eeb WebCore::RunLoop::performWork()
25  0x7fb0b3e5eb3c WebCore::RunLoop::wakeUpEvent(void*, void*, unsigned int)
26  0x7fb0b83a6a07
27  0x7fb0b83a5a21
28  0x7fb0b83a5e97 ecore_main_loop_begin
29  0x409b56 elm_main
30  0x409b98 main
31  0x7fb0b6cfeea5 __libc_start_main
Segmentation fault (core dumped)
chris@cdumez-samsung:~/devel/WebKit$ LEAK: 1 XMLHttpRequest

Comment 3 Chris Dumez 2013-05-21 03:16:59 PDT

Comment on attachment 202400 [details]
proposed patch

r- due to blocker crash.

Comment 4 Michal Pakula vel Rutka 2013-05-21 10:48:37 PDT

(In reply to comment #3)
> (From update of attachment 202400 [details])
> r- due to blocker crash.

I prepared a fix for that in patch 116549

Comment 5 Chris Dumez 2013-05-22 02:42:08 PDT

This patch is probably not a good idea since an item is owned by its parent and it keeps a raw pointer to its parent. It the parent menu is destroyed and someone else keeps a ref to the item, then the parent_menu pointer will be invalid.