RESOLVED FIXED 25042
destroying webview widget directly causes crash. 
https://bugs.webkit.org/show_bug.cgi?id=25042
Summary destroying webview widget directly causes crash.
James Su
Reported 2009-04-03 16:57:04 PDT
Following code causes crash: #include <gtk/gtk.h> #include <webkit/webkit.h> int main(int argc, char *argv[]) { GtkWidget *window, *webview; gtk_init(&argc, &argv); window = gtk_window_new(GTK_WINDOW_TOPLEVEL); webview = GTK_WIDGET(webkit_web_view_new()); gtk_container_add(GTK_CONTAINER(window), webview); gtk_widget_show(window); gtk_widget_show(webview); gtk_widget_destroy(webview); return 0; } backtrace: Program received signal SIGSEGV, Segmentation fault. webkit_web_view_screen_changed (this=<value optimized out>) at WebKit/gtk/webkit/webkitwebview.cpp:1624 1624 Settings* settings = core(webView)->settings(); Current language: auto; currently c++ (gdb) bt #0 0x000000389ae6fb8b in webkit_web_view_screen_changed (this=<value optimized out>) from /usr/lib64/libwebkit-1.0.so.2 #1 0x000000388ba0b8ee in IA__g_closure_invoke (closure=0x692770, return_value=0x0, n_param_values=2, param_values=0x6796d0, invocation_hint=0x7fffffffd9b0) at gclosure.c:767 #2 0x000000388ba21f18 in signal_emit_unlocked_R (node=0x65e040, detail=<value optimized out>, instance=<value optimized out>, emission_return=<value optimized out>, instance_and_params=<value optimized out>) at gsignal.c:3244 #3 0x000000388ba232fe in IA__g_signal_emit_valist (instance=0x690030, signal_id=<value optimized out>, detail=0, var_args=0x7fffffffdba0) at gsignal.c:2977 #4 0x000000388ba23893 in IA__g_signal_emit (instance=0x690030, signal_id=6488272, detail=0) at gsignal.c:3034 #5 0x000000389343602a in gtk_widget_propagate_hierarchy_changed_recurse (widget=0x690030, client_data=0x7fffffffdca0) at gtkwidget.c:6185 #6 0x0000003893439a80 in _gtk_widget_propagate_hierarchy_changed (widget=0x690030, previous_toplevel=0x681090) at gtkwidget.c:6225 #7 0x0000003893443899 in IA__gtk_widget_unparent (widget=0x690030) at gtkwidget.c:2916 #8 0x000000389327a600 in gtk_bin_remove (container=0x681090, child=0x6300d0) at gtkbin.c:109 #9 0x000000388ba0b8ee in IA__g_closure_invoke (closure=0x6615d0, return_value=0x0, n_param_values=2, param_values=0x679800, invocation_hint=0x7fffffffdf00) at gclosure.c:767 #10 0x000000388ba21715 in signal_emit_unlocked_R (node=0x661640, detail=<value optimized out>, instance=<value optimized out>, emission_return=<value optimized out>, instance_and_params=<value optimized out>) at gsignal.c:3174 #11 0x000000388ba232fe in IA__g_signal_emit_valist (instance=0x681090, signal_id=<value optimized out>, detail=0, var_args=0x7fffffffe0f0) at gsignal.c:2977 #12 0x000000388ba23893 in IA__g_signal_emit (instance=0x690030, signal_id=6488272, detail=0) at gsignal.c:3034 #13 0x000000389343ed85 in gtk_widget_dispose (object=0x690030) at gtkwidget.c:7898 #14 0x000000388ba0ddd0 in IA__g_object_run_dispose (object=0x690030) at gobject.c:789 #15 0x0000000000400a23 in main (argc=1, argv=0x7fffffffe308) at webkit.c:12 (gdb)
Attachments
Test pack, show and destroy early (937 bytes, patch)
2009-04-04 03:29 PDT, Christian Dywan 		zecke: review+
DetailsFormatted DiffDiff
dispose-screen-changed.patch (1.90 KB, patch)
2009-04-05 01:44 PDT, Xan Lopez 		zecke: review+
DetailsFormatted DiffDiff
default-handler-screen-changed.patch (7.59 KB, patch)
2009-04-05 02:07 PDT, Xan Lopez 		zecke: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Christian Dywan
Comment 1 2009-04-04 03:29:26 PDT
Created attachment 29252 [details] Test pack, show and destroy early This patch adds the test case to our destroy unit test.
Xan Lopez
Comment 2 2009-04-05 01:44:30 PDT
Created attachment 29265 [details] dispose-screen-changed.patch This fixes the crasher.
Xan Lopez
Comment 3 2009-04-05 02:07:10 PDT
Created attachment 29266 [details] default-handler-screen-changed.patch While I'm at it, avoid the weirdness of the view connecting to its own screen-changed signal.
Holger Freyther
Comment 4 2009-04-06 01:40:32 PDT
Comment on attachment 29252 [details] Test pack, show and destroy early > diff --git a/WebKit/gtk/tests/testwebframe.c b/WebKit/gtk/tests/testwebframe.c > index e2da29c..2797fa0 100644 > --- a/WebKit/gtk/tests/testwebframe.c > +++ b/WebKit/gtk/tests/testwebframe.c > @@ -26,14 +26,22 @@ > static void test_webkit_web_frame_create_destroy(void) > { > WebKitWebView* webView; > - g_test_bug("21837"); > + GtkWidget *window; placement of '*' is inconsistent. Please make it consistent when landing. :)
Holger Freyther
Comment 5 2009-04-06 03:00:39 PDT
Comment on attachment 29266 [details] default-handler-screen-changed.patch Nice!
Christian Dywan
Comment 6 2009-04-16 15:02:50 PDT
Comment on attachment 29252 [details] Test pack, show and destroy early Committed with revision 42591.
Note You need to log in before you can comment on or make changes to this bug.