81166 2012-03-14 15:55:09 -0700 Repro crash in compositing/iframes/page-cache-layer-tree.html 2012-03-14 16:09:28 -0700 1 1 1 Unclassified WebKit Page Loading 528+ (Nightly build) All All RESOLVED FIXED InRadar P2 Normal --- 1 beidson beidson sam oldest_to_newest 578876 0 beidson 2012-03-14 15:55:09 -0700 Repro crash in compositing/iframes/page-cache-layer-tree.html ASSERTION FAILED: m_suspendedForPageCache Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x000000010b23e31b WebCore::DOMWindow::reconnectDOMWindowProperties() + 91 (DOMWindow.cpp:543) 1 com.apple.WebCore 0x000000010b23e2a9 WebCore::DOMWindow::resumeFromPageCache() + 25 (DOMWindow.cpp:522) 2 com.apple.WebCore 0x000000010b369e6a WebCore::FrameLoader::open(WebCore::CachedFrameBase&) + 970 (FrameLoader.cpp:2060) 3 com.apple.WebCore 0x000000010adf6957 WebCore::CachedFrame::open() + 183 (CachedFrame.cpp:212) 4 com.apple.WebCore 0x000000010adf67ba WebCore::CachedFrameBase::restore() + 762 (CachedFrame.cpp:127) 5 com.apple.WebCore 0x000000010b369ee5 WebCore::FrameLoader::open(WebCore::CachedFrameBase&) + 1093 (FrameLoader.cpp:2065) 6 com.apple.WebCore 0x000000010adf6957 WebCore::CachedFrame::open() + 183 (CachedFrame.cpp:212) 7 com.apple.WebCore 0x000000010adfd499 WebCore::CachedPage::restore(WebCore::Page*) + 377 (CachedPage.cpp:83) 8 com.apple.WebCore 0x000000010b368345 WebCore::FrameLoader::commitProvisionalLoad() + 1253 (FrameLoader.cpp:1789) 9 com.apple.WebCore 0x000000010b36c167 WebCore::FrameLoader::loadProvisionalItemFromCachedPage() + 311 (FrameLoader.cpp:3041) 10 com.apple.WebCore 0x000000010b36698b WebCore::FrameLoader::continueLoadAfterNavigationPolicy(WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 843 (FrameLoader.cpp:2912) 11 com.apple.WebCore 0x000000010b366a87 WebCore::FrameLoader::callContinueLoadAfterNavigationPolicy(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 87 (FrameLoader.cpp:2788) 12 com.apple.WebCore 0x000000010bd43132 WebCore::PolicyChecker::checkNavigationPolicy(WebCore::ResourceRequest const&, WebCore::DocumentLoader*, WTF::PassRefPtr<WebCore::FormState>, void (*)(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool), void*) + 370 (PolicyChecker.cpp:69) 13 com.apple.WebCore 0x000000010b366460 WebCore::FrameLoader::loadWithDocumentLoader(WebCore::DocumentLoader*, WebCore::FrameLoadType, WTF::PassRefPtr<WebCore::FormState>) + 1472 (FrameLoader.cpp:1389) 14 com.apple.WebCore 0x000000010b362921 WebCore::FrameLoader::loadDifferentDocumentItem(WebCore::HistoryItem*, WebCore::FrameLoadType) + 161 (FrameLoader.cpp:3098) 15 com.apple.WebCore 0x000000010b36cc11 WebCore::FrameLoader::loadItem(WebCore::HistoryItem*, WebCore::FrameLoadType) + 161 (FrameLoader.cpp:3186) 16 com.apple.WebCore 0x000000010b41c6ae WebCore::HistoryController::recursiveGoToItem(WebCore::HistoryItem*, WebCore::HistoryItem*, WebCore::FrameLoadType) + 638 (HistoryController.cpp:732) 17 com.apple.WebCore 0x000000010b41c183 WebCore::HistoryController::goToItem(WebCore::HistoryItem*, WebCore::FrameLoadType) + 435 (HistoryController.cpp:274) 18 com.apple.WebCore 0x000000010bce8e49 WebCore::Page::goToItem(WebCore::HistoryItem*, WebCore::FrameLoadType) + 201 (Page.cpp:346) 19 com.apple.WebCore 0x000000010bce90c8 WebCore::Page::goBackOrForward(int) + 328 (Page.cpp:335) 20 com.apple.WebCore 0x000000010adb520e WebCore::BackForwardController::goBackOrForward(int) + 30 (BackForwardController.cpp:60) 21 com.apple.WebCore 0x000000010bc8d938 WebCore::ScheduledHistoryNavigation::fire(WebCore::Frame*) + 312 (NavigationScheduler.cpp:206) 22 com.apple.WebCore 0x000000010bc8b742 WebCore::NavigationScheduler::timerFired(WebCore::Timer<WebCore::NavigationScheduler>*) + 178 (NavigationScheduler.cpp:419) It's a Frame whose ScriptController has no WindowShells, so we can't pull out the DOMWindow for the page cache. But that also means we have no DOMWindow to restore so we create a new one implicitly, and its not ready to "restore from page cache" obviously. The way we've always saved the DOMWindow before was bogus. I'm doing it correctly now. In radar as <rdar://problem/11045584> 578885 1 131946 beidson 2012-03-14 16:00:43 -0700 Created attachment 131946 Patch v1 578892 2 beidson 2012-03-14 16:09:28 -0700 http://trac.webkit.org/changeset/110776 131946 2012-03-14 16:00:43 -0700 2012-03-14 16:03:06 -0700 Patch v1 patch.txt text/plain 4703 beidson ZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZyBiL1NvdXJjZS9XZWJDb3JlL0No YW5nZUxvZwppbmRleCBkOWI3OGIxLi5kYTRkZjRiIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29y ZS9DaGFuZ2VMb2cKKysrIGIvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMjUg QEAKKzIwMTItMDMtMTQgIEJyYWR5IEVpZHNvbiAgPGJlaWRzb25AYXBwbGUuY29tPgorCisgICAg ICAgIDxyZGFyOi8vcHJvYmxlbS8xMTA0NTU4ND4gYW5kIGh0dHBzOi8vYnVncy53ZWJraXQub3Jn L3Nob3dfYnVnLmNnaT9pZD04MTE2NgorICAgICAgICBSZXBybyBjcmFzaCBpbiBjb21wb3NpdGlu Zy9pZnJhbWVzL3BhZ2UtY2FjaGUtbGF5ZXItdHJlZS5odG1sCisKKyAgICAgICAgUmV2aWV3ZWQg YnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgTm8gbmV3IHRlc3RzLiAoRGlzY292ZXJlZCBm cm9tIGFuZCBjb3ZlcmVkIGJ5IGV4aXN0aW5nIHRlc3QpCisKKyAgICAgICAgU2NyaXB0Q2FjaGVk RnJhbWVEYXRhIGRvZXNuJ3QgbmVlZCB0byBrZWVwIGEgRE9NV2luZG93OgorICAgICAgICAqIGJp bmRpbmdzL2pzL1NjcmlwdENhY2hlZEZyYW1lRGF0YS5jcHA6CisgICAgICAgIChXZWJDb3JlOjpT Y3JpcHRDYWNoZWRGcmFtZURhdGE6OlNjcmlwdENhY2hlZEZyYW1lRGF0YSk6CisgICAgICAgICog YmluZGluZ3MvanMvU2NyaXB0Q2FjaGVkRnJhbWVEYXRhLmg6CisgICAgICAgIChTY3JpcHRDYWNo ZWRGcmFtZURhdGEpOgorCisgICAgICAgIENhY2hlZEZyYW1lIHNob3VsZCBncmFiIGl0IG9mZiB0 aGUgRnJhbWUgZGlyZWN0bHkgYW5kIHN0b3JlIGl0IGxvY2FsbHk6CisgICAgICAgICogaGlzdG9y eS9DYWNoZWRGcmFtZS5jcHA6CisgICAgICAgIChXZWJDb3JlOjpDYWNoZWRGcmFtZTo6Q2FjaGVk RnJhbWUpOgorICAgICAgICAqIGhpc3RvcnkvQ2FjaGVkRnJhbWUuaDoKKyAgICAgICAgKFdlYkNv cmU6OkNhY2hlZEZyYW1lQmFzZTo6ZG9tV2luZG93KToKKyAgICAgICAgKENhY2hlZEZyYW1lQmFz ZSk6CisKIDIwMTItMDMtMTIgIEJyYWR5IEVpZHNvbiAgPGJlaWRzb25AYXBwbGUuY29tPgogCiAg ICAgICAgIDxyZGFyOi8vcHJvYmxlbS83OTA4ODMwPiBhbmQgaHR0cHM6Ly9idWdzLndlYmtpdC5v cmcvc2hvd19idWcuY2dpP2lkPTM0Njc5CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9iaW5k aW5ncy9qcy9TY3JpcHRDYWNoZWRGcmFtZURhdGEuY3BwIGIvU291cmNlL1dlYkNvcmUvYmluZGlu Z3MvanMvU2NyaXB0Q2FjaGVkRnJhbWVEYXRhLmNwcAppbmRleCAyODk4OGJlLi4yMTAwYzZiIDEw MDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29yZS9iaW5kaW5ncy9qcy9TY3JpcHRDYWNoZWRGcmFtZURh dGEuY3BwCisrKyBiL1NvdXJjZS9XZWJDb3JlL2JpbmRpbmdzL2pzL1NjcmlwdENhY2hlZEZyYW1l RGF0YS5jcHAKQEAgLTQ1LDcgKzQ1LDYgQEAgdXNpbmcgbmFtZXNwYWNlIEpTQzsKIG5hbWVzcGFj ZSBXZWJDb3JlIHsKIAogU2NyaXB0Q2FjaGVkRnJhbWVEYXRhOjpTY3JpcHRDYWNoZWRGcmFtZURh dGEoRnJhbWUqIGZyYW1lKQotICAgIDogbV9kb21XaW5kb3coMCkKIHsKICAgICBKU0xvY2sgbG9j ayhTaWxlbmNlQXNzZXJ0aW9uc09ubHkpOwogCkBAIC01NiwxNyArNTUsMTEgQEAgU2NyaXB0Q2Fj aGVkRnJhbWVEYXRhOjpTY3JpcHRDYWNoZWRGcmFtZURhdGEoRnJhbWUqIGZyYW1lKQogICAgIGZv ciAoU2NyaXB0Q29udHJvbGxlcjo6U2hlbGxNYXA6Oml0ZXJhdG9yIGl0ZXIgPSB3aW5kb3dTaGVs bHMuYmVnaW4oKTsgaXRlciAhPSB3aW5kb3dTaGVsbHNFbmQ7ICsraXRlcikgewogICAgICAgICBK U0RPTVdpbmRvdyogd2luZG93ID0gaXRlci0+c2Vjb25kLT53aW5kb3coKTsKICAgICAgICAgbV93 aW5kb3dzLmFkZChpdGVyLT5maXJzdC5nZXQoKSwgU3Ryb25nPEpTRE9NV2luZG93Pih3aW5kb3ct Pmdsb2JhbERhdGEoKSwgd2luZG93KSk7Ci0gICAgICAgIG1fZG9tV2luZG93ID0gd2luZG93LT5p bXBsKCk7CiAgICAgfQogCiAgICAgc2NyaXB0Q29udHJvbGxlci0+YXR0YWNoRGVidWdnZXIoMCk7 CiB9CiAKLURPTVdpbmRvdyogU2NyaXB0Q2FjaGVkRnJhbWVEYXRhOjpkb21XaW5kb3coKSBjb25z dAotewotICAgIHJldHVybiBtX2RvbVdpbmRvdzsKLX0KLQogU2NyaXB0Q2FjaGVkRnJhbWVEYXRh Ojp+U2NyaXB0Q2FjaGVkRnJhbWVEYXRhKCkKIHsKICAgICBjbGVhcigpOwpkaWZmIC0tZ2l0IGEv U291cmNlL1dlYkNvcmUvYmluZGluZ3MvanMvU2NyaXB0Q2FjaGVkRnJhbWVEYXRhLmggYi9Tb3Vy Y2UvV2ViQ29yZS9iaW5kaW5ncy9qcy9TY3JpcHRDYWNoZWRGcmFtZURhdGEuaAppbmRleCBhODVl MTZmLi4wNWMxMDllIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29yZS9iaW5kaW5ncy9qcy9TY3Jp cHRDYWNoZWRGcmFtZURhdGEuaAorKysgYi9Tb3VyY2UvV2ViQ29yZS9iaW5kaW5ncy9qcy9TY3Jp cHRDYWNoZWRGcmFtZURhdGEuaApAQCAtMzgsNyArMzgsNiBAQAogbmFtZXNwYWNlIFdlYkNvcmUg ewogICAgIGNsYXNzIEZyYW1lOwogICAgIGNsYXNzIEpTRE9NV2luZG93OwotICAgIGNsYXNzIERP TVdpbmRvdzsKICAgICBjbGFzcyBET01XcmFwcGVyV29ybGQ7CiAKICAgICBjbGFzcyBTY3JpcHRD YWNoZWRGcmFtZURhdGEgewpAQCAtNTEsMTEgKzUwLDkgQEAgbmFtZXNwYWNlIFdlYkNvcmUgewog CiAgICAgICAgIHZvaWQgcmVzdG9yZShGcmFtZSopOwogICAgICAgICB2b2lkIGNsZWFyKCk7Ci0g ICAgICAgIERPTVdpbmRvdyogZG9tV2luZG93KCkgY29uc3Q7CiAKICAgICBwcml2YXRlOgogICAg ICAgICBKU0RPTVdpbmRvd1NldCBtX3dpbmRvd3M7Ci0gICAgICAgIERPTVdpbmRvdyogbV9kb21X aW5kb3c7CiAgICAgfTsKIAogfSAvLyBuYW1lc3BhY2UgV2ViQ29yZQpkaWZmIC0tZ2l0IGEvU291 cmNlL1dlYkNvcmUvaGlzdG9yeS9DYWNoZWRGcmFtZS5jcHAgYi9Tb3VyY2UvV2ViQ29yZS9oaXN0 b3J5L0NhY2hlZEZyYW1lLmNwcAppbmRleCAzNGY5MTNmLi5kMjNkNDZhIDEwMDY0NAotLS0gYS9T b3VyY2UvV2ViQ29yZS9oaXN0b3J5L0NhY2hlZEZyYW1lLmNwcAorKysgYi9Tb3VyY2UvV2ViQ29y ZS9oaXN0b3J5L0NhY2hlZEZyYW1lLmNwcApAQCAtMTcyLDkgKzE3MiwxMCBAQCBDYWNoZWRGcmFt ZTo6Q2FjaGVkRnJhbWUoRnJhbWUqIGZyYW1lKQogICAgIG1fZG9jdW1lbnQtPnN1c3BlbmRTY3Jp cHRlZEFuaW1hdGlvbkNvbnRyb2xsZXJDYWxsYmFja3MoKTsKICAgICBtX2RvY3VtZW50LT5zdXNw ZW5kQWN0aXZlRE9NT2JqZWN0cyhBY3RpdmVET01PYmplY3Q6OkRvY3VtZW50V2lsbEJlY29tZUlu YWN0aXZlKTsKICAgICBtX2NhY2hlZEZyYW1lU2NyaXB0RGF0YSA9IGFkb3B0UHRyKG5ldyBTY3Jp cHRDYWNoZWRGcmFtZURhdGEoZnJhbWUpKTsKLSAgICAKLSAgICBpZiAoRE9NV2luZG93KiBkb21X aW5kb3cgPSBtX2NhY2hlZEZyYW1lU2NyaXB0RGF0YS0+ZG9tV2luZG93KCkpCi0gICAgICAgIGRv bVdpbmRvdy0+c3VzcGVuZEZvclBhZ2VDYWNoZSgpOworCisgICAgbV9kb21XaW5kb3cgPSBmcmFt ZS0+ZG9tV2luZG93KCk7CisgICAgQVNTRVJUKG1fZG9tV2luZG93KTsKKyAgICBtX2RvbVdpbmRv dy0+c3VzcGVuZEZvclBhZ2VDYWNoZSgpOwogCiAgICAgZnJhbWUtPmxvYWRlcigpLT5jbGllbnQo KS0+c2F2ZVBsYXRmb3JtRGF0YVRvQ2FjaGVkRnJhbWUodGhpcyk7CiAKZGlmZiAtLWdpdCBhL1Nv dXJjZS9XZWJDb3JlL2hpc3RvcnkvQ2FjaGVkRnJhbWUuaCBiL1NvdXJjZS9XZWJDb3JlL2hpc3Rv cnkvQ2FjaGVkRnJhbWUuaAppbmRleCBhYTE3OTg5Li4wMmY4NjZhIDEwMDY0NAotLS0gYS9Tb3Vy Y2UvV2ViQ29yZS9oaXN0b3J5L0NhY2hlZEZyYW1lLmgKKysrIGIvU291cmNlL1dlYkNvcmUvaGlz dG9yeS9DYWNoZWRGcmFtZS5oCkBAIC0yNiw2ICsyNiw3IEBACiAjaWZuZGVmIENhY2hlZEZyYW1l X2gKICNkZWZpbmUgQ2FjaGVkRnJhbWVfaAogCisjaW5jbHVkZSAiRE9NV2luZG93LmgiCiAjaW5j bHVkZSAiS1VSTC5oIgogI2luY2x1ZGUgIlNjcmlwdENhY2hlZEZyYW1lRGF0YS5oIgogI2luY2x1 ZGUgPHd0Zi9QYXNzT3duUHRyLmg+CkBAIC01MCw3ICs1MSw3IEBAIHB1YmxpYzoKICAgICBEb2N1 bWVudCogZG9jdW1lbnQoKSBjb25zdCB7IHJldHVybiBtX2RvY3VtZW50LmdldCgpOyB9CiAgICAg RnJhbWVWaWV3KiB2aWV3KCkgY29uc3QgeyByZXR1cm4gbV92aWV3LmdldCgpOyB9CiAgICAgY29u c3QgS1VSTCYgdXJsKCkgY29uc3QgeyByZXR1cm4gbV91cmw7IH0KLSAgICBET01XaW5kb3cqIGRv bVdpbmRvdygpIGNvbnN0IHsgcmV0dXJuIG1fY2FjaGVkRnJhbWVTY3JpcHREYXRhLT5kb21XaW5k b3coKTsgfQorICAgIERPTVdpbmRvdyogZG9tV2luZG93KCkgY29uc3QgeyByZXR1cm4gbV9kb21X aW5kb3cuZ2V0KCk7IH0KICAgICBib29sIGlzTWFpbkZyYW1lKCkgeyByZXR1cm4gbV9pc01haW5G cmFtZTsgfQogCiBwcm90ZWN0ZWQ6CkBAIC01OSw2ICs2MCw3IEBAIHByb3RlY3RlZDoKICAgICAK ICAgICBSZWZQdHI8RG9jdW1lbnQ+IG1fZG9jdW1lbnQ7CiAgICAgUmVmUHRyPERvY3VtZW50TG9h ZGVyPiBtX2RvY3VtZW50TG9hZGVyOworICAgIFJlZlB0cjxET01XaW5kb3c+IG1fZG9tV2luZG93 OwogICAgIFJlZlB0cjxGcmFtZVZpZXc+IG1fdmlldzsKICAgICBSZWZQdHI8Tm9kZT4gbV9tb3Vz ZVByZXNzTm9kZTsKICAgICBLVVJMIG1fdXJsOwo=