RESOLVED FIXED 252264
[GTK] Criticals from webkitOptionMenuSetEvent when opening any combo box 
https://bugs.webkit.org/show_bug.cgi?id=252264
Summary [GTK] Criticals from webkitOptionMenuSetEvent when opening any combo box
Michael Catanzaro
Reported 2023-02-14 13:36:24 PST
Set G_DEBUG=fatal-criticals in your environment, visit https://dor.mo.gov/forms/?formName=&category=&year=99 and try to select any of the combo boxes. Crash: (gdb) bt #0 _g_log_abort (breakpoint=1) at ../../../../Projects/glib/glib/gmessages.c:558 #1 0x00007f06c3292739 in g_logv (log_domain=0x7f06b9b77f0f "GLib-GObject", log_level=G_LOG_LEVEL_CRITICAL, format=0x7f06c331160f "%s: assertion '%s' failed", args=0x7ffd83346a18) at ../../../../Projects/glib/glib/gmessages.c:1418 #2 0x00007f06c3292830 in g_log (log_domain=0x7f06b9b77f0f "GLib-GObject", log_level=G_LOG_LEVEL_CRITICAL, format=0x7f06c331160f "%s: assertion '%s' failed") at ../../../../Projects/glib/glib/gmessages.c:1460 #3 0x00007f06c329588d in g_return_if_fail_warning (log_domain=0x7f06b9b77f0f "GLib-GObject", pretty_function=0x7f06b9b79800 <__func__.33> "g_object_ref_sink", expression=0x7f06b9b78386 "G_IS_OBJECT (object)") at ../../../../Projects/glib/glib/gmessages.c:2930 #4 0x00007f06b9b49e73 in g_object_ref_sink (_object=0x1d3a480) at ../../../../Projects/glib/gobject/gobject.c:3498 #5 0x00007f06bfaa2d7d in WTF::refGPtr<_GdkEvent> (ptr=0x1d3a480) at WTF/Headers/wtf/glib/GRefPtr.h:264 #6 WTF::GRefPtr<_GdkEvent>::operator= (this=0x1d2c138, optr=0x1d3a480) at WTF/Headers/wtf/glib/GRefPtr.h:159 #7 webkitOptionMenuSetEvent (menu=<optimized out>, event=0x1d3a480) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/UIProcess/API/glib/WebKitOptionMenu.cpp:102 #8 0x00007f06bfad247f in WebKit::WebKitPopupMenu::showPopupMenu (this=0x7f06a20940c0, rect=..., direction=WebCore::TextDirection::LTR, pageScaleFactor=<error reading variable: That operation is not available on integers of more than 8 bytes.>, items=..., platformData=..., selectedIndex=0) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/UIProcess/API/gtk/WebKitPopupMenu.cpp:44 #9 0x00007f06bfa00f18 in WebKit::WebPageProxy::showPopupMenu (this=0x7f0632020c00, rect=..., textDirection=0, items=..., selectedIndex=0, data=...) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/UIProcess/WebPageProxy.cpp:7298 #10 0x00007f06bf6dc799 in _ZZN3IPC18callMemberFunctionIN6WebKit12WebPageProxyES2_FvRKN7WebCore7IntRectEmRKN3WTF6VectorINS1_12WebPopupItemELm0ENS7_15CrashOnOverflowELm16ENS7_10FastMallocEEEiRKNS1_21PlatformPopupMenuDataEESt5tupleIJS4_mSC_iSF_EEEEvPT_MT0_T1_OT2_ENKUlDpOT_E_clIJS4_mSC_iSF_EEEDaSU_ (args=..., args=..., args=..., args=..., args=..., this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:136 #11 _ZSt13__invoke_implIvZN3IPC18callMemberFunctionIN6WebKit12WebPageProxyES3_FvRKN7WebCore7IntRectEmRKN3WTF6VectorINS2_12WebPopupItemELm0ENS8_15CrashOnOverflowELm16ENS8_10FastMallocEEEiRKNS2_21PlatformPopupMenuDataEESt5tupleIJS5_mSD_iSG_EEEEvPT_MT0_T1_OT2_EUlDpOT_E_JS5_mSD_iSG_EESM_St14__invoke_otherOSO_DpOT1_ (__args=..., __args=..., __args=..., __args=..., __args=..., __f=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/12/../../../../include/c++/12/bits/invoke.h:61 #12 _ZSt8__invokeIZN3IPC18callMemberFunctionIN6WebKit12WebPageProxyES3_FvRKN7WebCore7IntRectEmRKN3WTF6VectorINS2_12WebPopupItemELm0ENS8_15CrashOnOverflowELm16ENS8_10FastMallocEEEiRKNS2_21PlatformPopupMenuDataEESt5tupleIJS5_mSD_iSG_EEEEvPT_MT0_T1_OT2_EUlDpOT_E_JS5_mSD_iSG_EENSt15__invoke_resultISM_JDpT0_EE4typeEOSM_DpOSY_ (__args=..., __args=..., __args=..., __args=..., __args=..., __fn=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/12/../../../../include/c++/12/bits/invoke.h:96 #13 _ZSt12__apply_implIZN3IPC18callMemberFunctionIN6WebKit12WebPageProxyES3_FvRKN7WebCore7IntRectEmRKN3WTF6VectorINS2_12WebPopupItemELm0ENS8_15CrashOnOverflowELm16ENS8_10FastMallocEEEiRKNS2_21PlatformPopupMenuDataEESt5tupleIJS5_mSD_iSG_EEEEvPT_MT0_T1_OT2_EUlDpOT_E_SL_JLm0ELm1ELm2ELm3ELm4EEEDcOSM_OSO_St16integer_sequenceImJXspT1_EEE (__t=..., __f=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/12/../../../../include/c++/12/tuple:1852 #14 _ZSt5applyIZN3IPC18callMemberFunctionIN6WebKit12WebPageProxyES3_FvRKN7WebCore7IntRectEmRKN3WTF6VectorINS2_12WebPopupItemELm0ENS8_15CrashOnOverflowELm16ENS8_10FastMallocEEEiRKNS2_21PlatformPopupMenuDataEESt5tupleIJS5_mSD_iSG_EEEEvPT_MT0_T1_OT2_EUlDpOT_E_SL_EDcOSM_OSO_ (__t=..., __f=...) at /usr/bin/../lib/gcc/x86_64-redhat-linux/12/../../../../include/c++/12/tuple:1863 #15 IPC::callMemberFunction<WebKit::WebPageProxy, WebKit::WebPageProxy, void (WebCore::IntRect const&, unsigned long, WTF::Vector<WebKit::WebPopupItem, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, int, WebKit::PlatformPopupMenuData const&), std::tuple<WebCore::IntRect, unsigned long, WTF::Vector<WebKit::WebPopupItem, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>, int, WebKit::PlatformPopupMenuData> >(WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(WebCore::IntRect const&, unsigned long, WTF::Vector<WebKit::WebPopupItem, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, int, WebKit::PlatformPopupMenuData const&), std::tuple<WebCore::IntRect, unsigned long, WTF::Vector<WebKit::WebPopupItem, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>, int, WebKit::PlatformPopupMenuData>&&) ( object=0x7f0632020c00, function=<optimized out>, tuple=...) --Type <RET> for more, q to quit, c to continue without paging--c at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:134 #16 IPC::handleMessage<Messages::WebPageProxy::ShowPopupMenu, WebKit::WebPageProxy, WebKit::WebPageProxy, void (WebCore::IntRect const&, unsigned long, WTF::Vector<WebKit::WebPopupItem, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, int, WebKit::PlatformPopupMenuData const&)>(IPC::Connection&, IPC::Decoder&, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(WebCore::IntRect const&, unsigned long, WTF::Vector<WebKit::WebPopupItem, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, int, WebKit::PlatformPopupMenuData const&)) (connection=..., decoder=..., object=0x7f0632020c00, function=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:236 #17 WebKit::WebPageProxy::didReceiveMessage (this=0x7f0632020c00, connection=..., decoder=...) at DerivedSources/WebKit/WebPageProxyMessageReceiver.cpp:576 #18 0x00007f06bf94549d in IPC::MessageReceiverMap::dispatchMessage (this=<optimized out>, connection=..., decoder=...) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/MessageReceiverMap.cpp:129 #19 0x00007f06bfa3f71d in non-virtual thunk to WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) () at /home/mcatanzaro/Projects/WebKit/Source/WebKit/UIProcess/WebProcessProxy.cpp:965 #20 0x00007f06bf93e476 in IPC::Connection::dispatchMessage (this=0x7f06a2028680, message=std::unique_ptr<IPC::Decoder> = {...}) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/Connection.cpp:1245 #21 0x00007f06bf93e9f2 in IPC::Connection::dispatchIncomingMessages (this=0x7f06a2028680) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/Connection.cpp:1355 #22 0x00007f06bdcb6efc in WTF::Function<void ()>::operator()() const (this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/Function.h:82 #23 WTF::RunLoop::performWork (this=0x7f06a20100e0) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/RunLoop.cpp:147 #24 0x00007f06bdd184a6 in WTF::RunLoop::RunLoop()::$_1::operator()(void*) const (userData=0x1, userData@entry=0x7f06a20100e0, this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:80 #25 WTF::RunLoop::RunLoop()::$_1::__invoke(void*) (userData=0x1, userData@entry=0x7f06a20100e0) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:79 #26 0x00007f06bdd179da in WTF::RunLoop::$_0::operator() (source=0xa72f80, callback=0x7f06bdd184a0 <WTF::RunLoop::RunLoop()::$_1::__invoke(void*)>, userData=0x7f06a20100e0, this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:53 #27 WTF::RunLoop::$_0::__invoke (source=0xa72f80, callback=0x7f06bdd184a0 <WTF::RunLoop::RunLoop()::$_1::__invoke(void*)>, userData=0x7f06a20100e0) at /home/mcatanzaro/Projects/WebKit/Source/WTF/wtf/glib/RunLoopGLib.cpp:45 #28 0x00007f06c328571b in g_main_dispatch (context=0xa1b9d0) at ../../../../Projects/glib/glib/gmain.c:3460 #29 0x00007f06c328668f in g_main_context_dispatch (context=0xa1b9d0) at ../../../../Projects/glib/glib/gmain.c:4200 #30 0x00007f06c3286882 in g_main_context_iterate (context=0xa1b9d0, block=1, dispatch=1, self=0xde3eb0) at ../../../../Projects/glib/glib/gmain.c:4276 #31 0x00007f06c3286946 in g_main_context_iteration (context=0xa1b9d0, may_block=1) at ../../../../Projects/glib/glib/gmain.c:4343 #32 0x00007f06b991edc2 in g_application_run (application=0xde24c0, argc=0, argv=0x0) at ../../../../Projects/glib/gio/gapplication.c:2573 #33 0x0000000000414316 in main (argc=1, argv=0x7ffd83347818) at /home/mcatanzaro/Projects/WebKit/Tools/MiniBrowser/gtk
Attachments
Add attachment proposed patch, testcase, etc.
Michael Catanzaro
Comment 1 2023-02-14 13:40:17 PST
Probably caused by 256927@main
Michael Catanzaro
Comment 2 2023-02-14 13:42:39 PST
Probably just a missing #include. This file does not #include <WebCore/GRefPtrGtk.h> and therefore the template specialization for GdkEvent is missing so it the GRefPtr treats it as a GObject though it is not.
Michael Catanzaro
Comment 3 2023-02-15 10:08:13 PST
Pull request: https://github.com/WebKit/WebKit/pull/10151
EWS
Comment 4 2023-02-16 09:17:49 PST
Committed 260374@main (587cb602ebdd): <https://commits.webkit.org/260374@main> Reviewed commits have been landed. Closing PR #10151 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.