RESOLVED FIXED Bug 131357
[GTK] Plugin process crashes when loading totem plugin 
https://bugs.webkit.org/show_bug.cgi?id=131357
Summary [GTK] Plugin process crashes when loading totem plugin
Carlos Garcia Campos
Reported 2014-04-08 06:54:30 PDT
The problem is that totem plugin uses functions NPN_Foo, that are defined inside totem as wrappers for NPNetscapeFuncs. Those functions are also defined in WebCore (npapi.cpp), and it seems the plugin process ends up calling the WebCore ones, and crashes because the NPNetscapeFuncs in WebCore are not initialized (and conflicts with the ones defined in Source/WebKit2/WebProcess/Plugins/Netscape/NetscapeBrowserFuncs.cpp which are passed to the plugin in NP_Initialize). Most of the plugins functions in WebCore are actually only used WebKit1, so I think we shouldn't build some of those files in WebKit2. Maybe we can split WebCore more and add WebCorePlugins library, for example.
Attachments
Patch (72.21 KB, patch)
2014-04-09 08:39 PDT, Carlos Garcia Campos 		mrobinson: review+
DetailsFormatted DiffDiff
Try to fix EFL build (72.25 KB, patch)
2014-04-09 09:17 PDT, Carlos Garcia Campos 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Martin Robinson
Comment 1 2014-04-08 08:32:30 PDT
Could we just wait until we remove the WebKit1 port and the files to the platform source lists?
Carlos Garcia Campos
Comment 2 2014-04-08 08:36:53 PDT
(In reply to comment #1) > Could we just wait until we remove the WebKit1 port and the files to the platform source lists? I want to fix this in the stable branches as well. Are browsers supposed to export NPN functions? or should plugins use the NPNetscapeFuncs struct passed?
Carlos Garcia Campos
Comment 3 2014-04-08 08:37:51 PDT
Note that this is not specific to totem plugin, but to any plugin that defines the NPN functions
Martin Robinson
Comment 4 2014-04-08 08:44:38 PDT
I wonder if there's a way to hide all WebCore symbols from the plugin. Perhaps this is an issue with the way we are linking.
Carlos Garcia Campos
Comment 5 2014-04-08 09:13:57 PDT
Forgot the bt: Program received signal SIGSEGV, Segmentation fault. 0x00007ffff640ea5d in WebCore::PluginView::getValue(NPNVariable, void*) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 (gdb) bt #0 0x00007ffff640ea5d in WebCore::PluginView::getValue(NPNVariable, void*) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #1 0x00007fffe157e12e in totemPlugin::Init(char*, unsigned short, short, char**, char**, _NPSavedData*) () from /usr/lib/mozilla/plugins/libtotem-mully-plugin.so #2 0x00007fffe157b973 in ?? () from /usr/lib/mozilla/plugins/libtotem-mully-plugin.so #3 0x00007ffff5a8e968 in WebKit::NetscapePlugin::initialize(WebKit::Plugin::Parameters const&) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #4 0x00007ffff596158c in WebKit::PluginControllerProxy::initialize(WebKit::PluginCreationParameters const&) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #5 0x00007ffff596566d in WebKit::WebProcessConnection::createPluginInternal(WebKit::PluginCreationParameters const&, bool&, bool&, unsigned int&) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #6 0x00007ffff5965890 in WebKit::WebProcessConnection::createPlugin(WebKit::PluginCreationParameters const&, WTF::PassRefPtr<Messages::WebProcessConnection::CreatePlugin::DelayedReply>) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #7 0x00007ffff5b468a1 in void IPC::handleMessageDelayed<Messages::WebProcessConnection::CreatePlugin, WebKit::WebProcessConnection, void (WebKit::WebProcessConnection::*)(WebKit::PluginCreationParameters const&, WTF::PassRefPtr<Messages::WebProcessConnection::CreatePlugin::DelayedReply>)>(IPC::Connection*, IPC::MessageDecoder&, std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >&, WebKit::WebProcessConnection*, void (WebKit::WebProcessConnection::*)(WebKit::PluginCreationParameters const&, WTF::PassRefPtr<Messages::WebProcessConnection::CreatePlugin::DelayedReply>)) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #8 0x00007ffff5b46690 in WebKit::WebProcessConnection::didReceiveSyncWebProcessConnectionMessage(IPC::Connection*, IPC::MessageDecoder&, std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >&) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #9 0x00007ffff5964b6b in WebKit::WebProcessConnection::didReceiveSyncMessage(IPC::Connection*, IPC::MessageDecoder&, std::unique_ptr<IPC::MessageEncoder, std::default_delete<IPC::MessageEncoder> >&) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #10 0x00007ffff59588da in IPC::Connection::dispatchSyncMessage(IPC::MessageDecoder&) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #11 0x00007ffff59589f5 in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::MessageDecoder, std::default_delete<IPC::MessageDecoder> >) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #12 0x00007ffff5959c2d in IPC::Connection::SyncMessageState::dispatchMessages(IPC::Connection*) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #13 0x00007ffff5b8ad87 in WTF::RunLoop::performWork() () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #14 0x00007ffff5bbc4f8 in WTF::GMainLoopSource::voidCallback() () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #15 0x00007ffff5bbc529 in WTF::GMainLoopSource::voidSourceCallback(WTF::GMainLoopSource*) () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #16 0x00007ffff136e715 in g_main_dispatch (context=0x64b020) at gmain.c:3066 #17 g_main_context_dispatch (context=context@entry=0x64b020) at gmain.c:3641 #18 0x00007ffff136ea78 in g_main_context_iterate (context=0x64b020, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3712 #19 0x00007ffff136ed3a in g_main_loop_run (loop=0x6f8fa0) at gmain.c:3906 #20 0x00007ffff5ad4ecf in PluginProcessMainUnix () from WebKit/WebKitBuild/Release/lib/libwebkit2gtk-3.0.so.25 #21 0x00007ffff3facb45 in __libc_start_main (main=0x400700 <main>, argc=3, argv=0x7fffffffd818, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffd808) at libc-start.c:287 #22 0x0000000000400733 in _start ()
Carlos Garcia Campos
Comment 6 2014-04-08 09:20:57 PDT
(In reply to comment #4) > I wonder if there's a way to hide all WebCore symbols from the plugin. Perhaps this is an issue with the way we are linking. That depends on whether browsers are expected to export NPN API or not
Martin Robinson
Comment 7 2014-04-08 09:24:23 PDT
(In reply to comment #3) > Note that this is not specific to totem plugin, but to any plugin that defines the NPN functions What NPN function is totem implementing? I believe that NPN_Whatever is reserved for the browser. The Mozilla plugin documentation says: "Browser methods are functions implemented by Gecko; the plug-in calls these functions. The names of all the browser functions in the API begin with NPN_, for example, NPN_Write."
Carlos Garcia Campos
Comment 8 2014-04-08 09:31:38 PDT
(In reply to comment #7) > (In reply to comment #3) > > Note that this is not specific to totem plugin, but to any plugin that defines the NPN functions > > What NPN function is totem implementing? I believe that NPN_Whatever is reserved for the browser. The Mozilla plugin documentation says: > > "Browser methods are functions implemented by Gecko; the plug-in calls these functions. The names of all the browser functions in the API begin with NPN_, for example, NPN_Write." All of them, they are just wrappers around the NPNetscapeFuncs. The problem is that the NPN functions we are currently exporting in WebKit2 are the WebCore ones, so even if totem didn't implement those functions, it would end up calling the wrong methods. Only plugins using the NPNetscapeFuncs struct directly currently work in WebKit2.
Carlos Garcia Campos
Comment 9 2014-04-09 08:39:18 PDT
Created attachment 228963 [details] Patch
Martin Robinson
Comment 10 2014-04-09 08:42:43 PDT
Comment on attachment 228963 [details] Patch I'm really glad to see Source/WebCore/plugins/gtk/gtk2xtbin.c finally bite the dust, though perhaps one day we will need Xt plugin support in WebKit2 :(.
Carlos Garcia Campos
Comment 11 2014-04-09 09:17:57 PDT
Created attachment 228964 [details] Try to fix EFL build
Carlos Garcia Campos
Comment 12 2014-04-09 09:54:00 PDT
Committed r167016: <http://trac.webkit.org/changeset/167016>
Carlos Garcia Campos
Comment 13 2014-04-09 09:56:49 PDT
I'll rework it in the stable branches to move the implementation to Source/WebKit/gtk like mac does
Note You need to log in before you can comment on or make changes to this bug.