chrome: Linux: 4430+ cefclient IME crashes with --multi-threaded-message-loop

magreenblatt commented 3 years ago

Original report by wujh (Bitbucket: wujh, GitHub: wujh).

1.What steps will reproduce the problem?

Using ime to input text in the text box with --multi-threaded-message-loop and --enable-chrome-runtime at the same time

2.What is the expected output? What do you see instead?

I expect cefclient to be able to input using the input method normally when execute with --enable-chrome-runtime and --multi-threaded-message-loop at the same time

3.What version of the product are you using? On what operating system?

The cef version is cef_binary_90.6.5+g7a604aa+chromium-90.0.4430.93_linux. the operating system is Linux

4.Does the problem reproduce with the cefclient or cefsimple sample application at the same version? How about with a newer or older version

I didn’t test on other versions

5.Does the problem reproduce with Google Chrome at the same version? How about with a newer or older version?

no test

‌

Call stack for this crash:

‌

[327939:327939:1018/023024.281140:ERROR:sandbox_linux.cc(374)] InitializeSandbox() called with multiple threads in process gpu-process.
[327939:327939:1018/023026.338024:ERROR:gl_surface_presentation_helper.cc(259)] GetVSyncParametersIfAvailable() failed for 1 times!
[327939:327939:1018/023026.349525:ERROR:gl_surface_presentation_helper.cc(259)] GetVSyncParametersIfAvailable() failed for 2 times!
[327939:327939:1018/023028.161497:ERROR:gl_surface_presentation_helper.cc(259)] GetVSyncParametersIfAvailable() failed for 3 times!
[327910:327910:1018/023032.980908:ERROR:browser_main_loop.cc(271)] Gtk: gtk_text_attributes_ref: assertion 'values != NULL' failed
[327910:327910:1018/023032.980926:ERROR:browser_main_loop.cc(271)] Gtk: gtk_text_attributes_ref: assertion 'values != NULL' failed

(cefclient:327910): Pango-CRITICAL **: 02:30:32.981: pango_layout_new: assertion 'context != NULL' failed
Received signal 11 SEGV_MAPERR [000000000038 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/000000000038)
#0 0x7f59ba9fd899 base::debug::CollectStackTrace()
#1 0x7f59ba9698e3 base::debug::StackTrace::StackTrace()
#2 0x7f59ba9fd440 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x7f59b2907b20 (/usr/lib64/libpthread-2.28.so+0x12b1f)
#4 0x7f59b393f869 (/usr/lib64/libgtk-3.so.0.2200.30+0x31e868)
#5 0x7f59b39421d1 gtk_text_layout_get_line_display
#6 0x7f59b3942f06 (/usr/lib64/libgtk-3.so.0.2200.30+0x321f05)
#7 0x7f59b392307d (/usr/lib64/libgtk-3.so.0.2200.30+0x30207c)
#8 0x7f59b3940c1e gtk_text_layout_validate_yrange
#9 0x7f59b3952593 (/usr/lib64/libgtk-3.so.0.2200.30+0x331592)
#10 0x7f59b3953123 (/usr/lib64/libgtk-3.so.0.2200.30+0x332122)
#11 0x7f59b395355d (/usr/lib64/libgtk-3.so.0.2200.30+0x33255c)
#12 0x7f59b33558fc (/usr/lib64/libgdk-3.so.0.2200.30+0x2f8fb)
#13 0x7f59b3f8b0bb (/usr/lib64/libglib-2.0.so.0.5600.4+0x4a0ba)
#14 0x7f59b3f8e77d g_main_context_dispatch
#15 0x7f59b3f8eb48 (/usr/lib64/libglib-2.0.so.0.5600.4+0x4db47)
#16 0x7f59b3f8ee72 g_main_loop_run
#17 0x000000482cb5 client::MainMessageLoopMultithreadedGtk::Run()
#18 0x0000004769d4 client::(anonymous namespace)::RunMain()
#19 0x7f59b2553493 __libc_start_main
#20 0x000000416b4e _start
  r8: [00007f59b28f1850 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/00007f59b28f1850)  r9: [00007f59c0934e00 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/00007f59c0934e00) r10: [0000000000000000 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000000000000000) r11: [0000000000000000 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000000000000000)
 r12: [0000000000000001 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000000000000001) r13: [00002804006b12c0 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/00002804006b12c0) r14: [00002804006b12c0 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/00002804006b12c0) r15: [00002804007f42c0 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/00002804007f42c0)
  di: [0000000000000000 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000000000000000)  si: [00007f59c0587aa8 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/00007f59c0587aa8)  bp: [0000000000000000 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000000000000000)  bx: [0000280401b18ad0 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000280401b18ad0)
  dx: [0000000000000080 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000000000000080)  ax: [0000000000000000 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000000000000000)  cx: [bfe6a0fffbd7ffff (bb)](https://bitbucket.org/chromiumembedded/cef/commits/bfe6a0fffbd7ffff)  sp: [00007ffe48308d30 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/00007ffe48308d30)
  ip: [00007f59b393f869 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/00007f59b393f869) efl: [0000000000010206 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000000000010206) cgf: [002b000000000033 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/002b000000000033) erf: [0000000000000004 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000000000000004)
 trp: [000000000000000e (bb)](https://bitbucket.org/chromiumembedded/cef/commits/000000000000000e) msk: [0000000000000000 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000000000000000) cr2: [0000000000000038 (bb)](https://bitbucket.org/chromiumembedded/cef/commits/0000000000000038)
[end of stack trace]
Calling _exit(1). Core file will not be generated.

‌

magreenblatt commented 3 years ago

Does the problem reproduce with a supported CEF version?

magreenblatt commented 3 years ago

Original comment by wujh (Bitbucket: wujh, GitHub: wujh).

I did the same test on M95, but still crashed and reported the same error

magreenblatt commented 3 years ago

Original comment by wujh (Bitbucket: wujh, GitHub: wujh).

The phenomenon is that English characters cannot be input in the text box, and it will crash when switching to Chinese input

magreenblatt commented 2 years ago

Original comment by Cheng Zhiping (Bitbucket: Cheng Zhiping).

@Marshall Greenblatt

Are you planning to solve this issue? Since I have been waiting for months.

Thank you.

magreenblatt commented 2 years ago

This issue is currently unassigned. You are welcome to debug it and submit a proposed fix.

magreenblatt commented 2 years ago

See issue #2969 for background on the Chrome runtime.

magreenblatt commented 3 years ago

changed title from "Linux: 4430+ cefclient crashes when using ime to input text in the text box with --multi-threaded-message-loop and --enable-chrome-runtime at the same time" to "chrome: Linux: 4430+ cefclient IME crashes with --multi-threaded-message-loop"
changed component from "Unclassified" to "Framework"

chromiumembedded / cef

chrome: Linux: 4430+ cefclient IME crashes with --multi-threaded-message-loop #3199