RESOLVED WORKSFORME 189847
[GTK] Crash in TreeScope::documentScope when exiting fullscreen video 
https://bugs.webkit.org/show_bug.cgi?id=189847
Summary [GTK] Crash in TreeScope::documentScope when exiting fullscreen video
Michael Catanzaro
Reported 2018-09-21 12:24:06 PDT
Happens randomly and not only rarely: Program terminated with signal SIGSEGV, Segmentation fault. #0 WebCore::TreeScope::documentScope () at /run/build-runtime/WebKitGTK+/Source/WebCore/dom/TreeScope.h:73 73 Document& documentScope() const { return m_documentScope.get(); } [Current thread is 1 (Thread 0x7fb836da6a40 (LWP 3036))] (gdb) bt full #0 WebCore::TreeScope::documentScope () at /run/build-runtime/WebKitGTK+/Source/WebCore/dom/TreeScope.h:73 No locals. #1 WebCore::Node::document () at /run/build-runtime/WebKitGTK+/Source/WebCore/dom/Node.h:364 No locals. #2 WebKit::WebFullScreenManager::requestExitFullScreen () at /run/build-runtime/WebKitGTK+/Source/WebKit/WebProcess/FullScreen/WebFullScreenManager.cpp:198 No locals. #3 0x00007fb83cf4e5d5 in IPC::callMemberFunctionImpl<WebKit::WebFullScreenManager, void (WebKit::WebFullScreenManager::*)(), std::tuple<>>(WebKit::WebFullScreenManager*, void (WebKit::WebFullScreenManager::*)(), std::tuple<>&&, std::integer_sequence<unsigned long>) () at /run/build-runtime/WebKitGTK+/Source/WebKit/Platform/IPC/HandleMessage.h:41 No locals. #4 IPC::callMemberFunction<WebKit::WebFullScreenManager, void (WebKit::WebFullScreenManager::*)(), std::tuple<>, std::integer_sequence<unsigned long> >(std::tuple<>&&, WebKit::WebFullScreenManager*, void (WebKit::WebFullScreenManager::*)()) () at /run/build-runtime/WebKitGTK+/Source/WebKit/Platform/IPC/HandleMessage.h:47 No locals. #5 IPC::handleMessage<Messages::WebFullScreenManager::RequestExitFullScreen, WebKit::WebFullScreenManager, void (WebKit::WebFullScreenManager::*)()> () at /run/build-runtime/WebKitGTK+/Source/WebKit/Platform/IPC/HandleMessage.h:127 No locals. #6 WebKit::WebFullScreenManager::didReceiveWebFullScreenManagerMessage () at /run/build-runtime/WebKitGTK+/DerivedSources/WebKit/WebFullScreenManagerMessageReceiver.cpp:43 No locals. #7 0x00007fb83cffa147 in IPC::MessageReceiverMap::dispatchMessage () at /run/build-runtime/WebKitGTK+/Source/WebKit/Platform/IPC/MessageReceiverMap.cpp:123 No locals. #8 0x00007fb83d23a3a6 in WebKit::WebProcess::didReceiveMessage () at /run/build-runtime/WebKitGTK+/Source/WebKit/WebProcess/WebProcess.cpp:645 No locals. #9 0x00007fb83cff55ab in IPC::Connection::dispatchMessage () at /run/build-runtime/WebKitGTK+/Source/WebKit/Platform/IPC/Connection.cpp:984 No locals. #10 0x00007fb83cff5fca in IPC::Connection::dispatchOneIncomingMessage () at /run/build-runtime/WebKitGTK+/Source/WebKit/Platform/IPC/Connection.cpp:1053 No locals. #11 0x00007fb83c3b17dd in WTF::Function<void ()>::operator()() const () at /run/build-runtime/WebKitGTK+/Source/WTF/wtf/Function.h:56 No locals. #12 WTF::RunLoop::performWork () at /run/build-runtime/WebKitGTK+/Source/WTF/wtf/RunLoop.cpp:106 No locals. #13 0x00007fb83c3e70e9 in operator() () at /run/build-runtime/WebKitGTK+/Source/WTF/wtf/glib/RunLoopGLib.cpp:68 No locals. #14 _FUN () at /run/build-runtime/WebKitGTK+/Source/WTF/wtf/glib/RunLoopGLib.cpp:70 No locals. #15 0x00007fb838923948 in g_main_dispatch (context=0x55bf01be1990) at gmain.c:3182 dispatch = 0x7fb83c3e7100 <_FUN()> prev_source = 0x0 was_in_call = 0 user_data = 0x7fb827efb000 callback = 0x7fb83c3e70e0 <_FUN()> cb_funcs = <optimized out> cb_data = 0x55bf01c14ca0 need_destroy = <optimized out> source = 0x55bf01d4f100 current = 0x55bf01b7d830 i = 0 current = <optimized out> i = <optimized out> __func__ = "g_main_dispatch" source = <optimized out> _g_boolean_var_ = <optimized out> was_in_call = <optimized out> user_data = <optimized out> callback = <optimized out> cb_funcs = <optimized out> cb_data = <optimized out> need_destroy = <optimized out> dispatch = <optimized out> prev_source = <optimized out> _g_boolean_var_ = <optimized out> #16 g_main_context_dispatch (context=context@entry=0x55bf01be1990) at gmain.c:3847 No locals. #17 0x00007fb838923d38 in g_main_context_iterate (context=0x55bf01be1990, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3920 max_priority = 100 timeout = 0 some_ready = 1 nfds = <optimized out> allocated_nfds = 3 fds = 0x55bf01d5cb90 #18 0x00007fb838924032 in g_main_loop_run (loop=0x55bf01bbf9c0) at gmain.c:4116 self = <optimized out> __func__ = "g_main_loop_run" #19 0x00007fb83c3e7bb0 in WTF::RunLoop::run () at /run/build-runtime/WebKitGTK+/Source/WTF/wtf/glib/RunLoopGLib.cpp:96 No locals. #20 0x00007fb83d3d8330 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> () at /run/build-runtime/WebKitGTK+/Source/WebKit/Shared/unix/ChildProcessMain.h:61 No locals. #21 0x00007fb8380e800b in __libc_start_main (main=0x55bf00497ca0 <main()>, argc=3, argv=0x7ffe08a7b2e8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffe08a7b2d8) at ../csu/libc-start.c:308 self = <optimized out> result = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, 3120100870632780641, 94278831930624, 140729043628768, 0, 0, 9209512591350838113, 9170071819033654113}, mask_was_saved = 0}}, priv = {pad = { 0x0, 0x0, 0x7ffe08a7b308, 0x7fb83f58e170}, data = {prev = 0x0, cleanup = 0x0, canceltype = 145208072}}} not_first_call = <optimized out> #22 0x000055bf00497d2a in _start () at ../sysdeps/x86_64/start.S:120 No locals.
Attachments
Updated backtrace (264.16 KB, text/plain)
2019-05-01 10:21 PDT, Michael Catanzaro 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Michael Catanzaro
Comment 1 2019-05-01 10:21:32 PDT
Created attachment 368682 [details] Updated backtrace User reports: "I tried to put a youtube video in full screen and webkitgtk stopped working, this was reproducible 2x in a row."
Michael Catanzaro
Comment 2 2019-05-01 10:21:36 PDT
Truncated backtrace: Thread no. 1 (10 frames) #0 WebCore::TreeScope::documentScope at ../Source/WebCore/dom/TreeScope.h:73 #1 WebCore::Node::document at ../Source/WebCore/dom/Node.h:361 #2 WebKit::WebFullScreenManager::requestExitFullScreen at ../Source/WebKit/WebProcess/FullScreen/WebFullScreenManager.cpp:211 #3 IPC::callMemberFunctionImpl<WebKit::WebFullScreenManager, void (WebKit::WebFullScreenManager::*)(), std::tuple<>>(WebKit::WebFullScreenManager*, void (WebKit::WebFullScreenManager::*)(), std::tuple<>&&, std::integer_sequence<unsigned long>) at ../Source/WebKit/Platform/IPC/HandleMessage.h:139 #4 IPC::callMemberFunction<WebKit::WebFullScreenManager, void (WebKit::WebFullScreenManager::*)(), std::tuple<>, std::integer_sequence<unsigned long> >(std::tuple<>&&, WebKit::WebFullScreenManager*, void (WebKit::WebFullScreenManager::*)()) at ../Source/WebKit/Platform/IPC/HandleMessage.h:47 #5 IPC::handleMessage<Messages::WebFullScreenManager::RequestExitFullScreen, WebKit::WebFullScreenManager, void (WebKit::WebFullScreenManager::*)()> at ../Source/WebKit/Platform/IPC/HandleMessage.h:147 #6 WebKit::WebFullScreenManager::didReceiveWebFullScreenManagerMessage at DerivedSources/WebKit/WebFullScreenManagerMessageReceiver.cpp:43 #7 IPC::MessageReceiverMap::dispatchMessage at ../Source/WebKit/Platform/IPC/MessageReceiverMap.cpp:123 #8 WebKit::WebProcess::didReceiveMessage at ../Source/WebKit/Shared/AuxiliaryProcess.h:76 #9 IPC::Connection::dispatchMessage at ../Source/WebKit/Platform/IPC/Connection.cpp:978
Xabier Rodríguez Calvar
Comment 3 2021-04-06 07:33:19 PDT
I tried this some times and I can't repro this. Can we close it?
Michael Catanzaro
Comment 4 2021-04-06 07:58:46 PDT
I think so. Haven't seen this in a couple years.
Note You need to log in before you can comment on or make changes to this bug.