Bug 139136

Summary:

Web Inspector: Crash in WebInspectorClient::hideHighlight when page is destroyed

Product:

WebKit

Reporter:

Joseph Pecoraro <joepeck>

Component:

Web Inspector

Assignee:

Joseph Pecoraro <joepeck>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

commit-queue, graouts, joepeck, simon.fraser, timothy, webkit-bug-importer

Priority:

Keywords:

DoNotImportToRadar

Version:

528+ (Nightly build)

Hardware:

All

OS:

All

Attachments:

Description	Flags
[PATCH] Proposed Fix	none

Description Joseph Pecoraro 2014-12-01 10:58:20 PST

Seen a few crashes in WebInspectorClient::hideHighlight when the page is destroyed.

Process:               com.apple.WebKit.WebContent [4849]
Crashed Thread:        0  Dispatch queue: com.apple.main-thread
Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x0000000000000328

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.WebKit              	0x00007fff908fbc47 WebKit::WebInspectorClient::hideHighlight() + 25
1   com.apple.WebCore             	0x00007fff9573e8d9 WebCore::InspectorOverlay::update() + 505 (InspectorOverlay.cpp:338)
2   com.apple.WebCore             	0x00007fff9571bf4c WebCore::InspectorDOMAgent::willDestroyFrontendAndBackend(Inspector::InspectorDisconnectReason) + 220 (InspectorDOMAgent.cpp:261)
3   com.apple.JavaScriptCore      	0x00007fff97229f50 Inspector::InspectorAgentRegistry::willDestroyFrontendAndBackend(Inspector::InspectorDisconnectReason) + 48 (InspectorAgentRegistry.cpp:53)
4   com.apple.WebCore             	0x00007fff9570d3ec WebCore::InspectorController::disconnectFrontend(Inspector::InspectorDisconnectReason) + 28 (InspectorController.cpp:267)
5   com.apple.WebCore             	0x00007fff951b87a0 WebCore::InspectorController::inspectedPageDestroyed() + 16 (InspectorController.cpp:192)
6   com.apple.WebCore             	0x00007fff951b7f13 WebCore::Page::~Page() + 323 (Page.cpp:256)
7   com.apple.WebKit              	0x00007fff908b3c3b WebKit::WebPage::close() + 715
8   com.apple.WebKit              	0x00007fff90a246f4 WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection*, IPC::MessageDecoder&) + 5316
9   com.apple.WebKit              	0x00007fff90962dc2 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection*, IPC::MessageDecoder&) + 120
10  com.apple.WebKit              	0x00007fff90a5841c WebKit::WebProcess::didReceiveMessage(IPC::Connection*, IPC::MessageDecoder&) + 28
11  com.apple.WebKit              	0x00007fff909164dc IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >) + 94
12  com.apple.WebKit              	0x00007fff90918654 IPC::Connection::dispatchOneMessage() + 114
13  com.apple.JavaScriptCore      	0x00007fff97379337 WTF::RunLoop::performWork() + 423 (RunLoop.cpp:106)

Was not able to reproduce, but I have a speculative fix.

Comment 1 Joseph Pecoraro 2014-12-01 10:58:34 PST

<rdar://problem/18988495>

Comment 2 Joseph Pecoraro 2014-12-01 11:01:18 PST

Created attachment 242321 [details]
[PATCH] Proposed Fix

Comment 3 WebKit Commit Bot 2014-12-01 11:59:25 PST

Comment on attachment 242321 [details]
[PATCH] Proposed Fix

Clearing flags on attachment: 242321

Committed r176596: <http://trac.webkit.org/changeset/176596>

Comment 4 WebKit Commit Bot 2014-12-01 11:59:28 PST

All reviewed patches have been landed.  Closing bug.