Bug 160563

Summary: Crash under NavigationState::NavigationClient::processDidCrash()
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: WebKit2Assignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: andersca, beidson, sam, webkit-bug-importer
Priority: P1 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 160587    
Bug Blocks:    
Attachments:
Description Flags
Patch none

Description Chris Dumez 2016-08-04 12:32:42 PDT 
Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x3032373245313424
Crash under NavigationState::NavigationClient::processDidCrash():

Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [0]
Triggered by Thread:  0

Filtered syslog:
None found
Thread 0 name:  Dispatch queue: com.apple.main-thread
Thread 0 Crashed ↩:
0   libobjc.A.dylib               	0x000000018fc90ab4 objc_loadWeakRetained + 148 (objc-object.h:161)
1   WebKit                        	0x000000019a78e7e4 WebKit::NavigationState::NavigationClient::processDidCrash(WebKit::WebPageProxy&) + 48 (WeakObjCPtr.h:90)
2   WebKit                        	0x000000019a78e7e4 WebKit::NavigationState::NavigationClient::processDidCrash(WebKit::WebPageProxy&) + 48 (WeakObjCPtr.h:90)
3   WebKit                        	0x000000019a8b64d0 WebKit::WebPageProxy::processDidCrash() + 88 (WebPageProxy.cpp:5188)
4   WebKit                        	0x000000019a90b754 WebKit::WebProcessProxy::didClose(IPC::Connection&) + 244 (WebProcessProxy.cpp:541)
5   JavaScriptCore                	0x00000001959dea04 WTF::RunLoop::performWork() + 172 (Function.h:50)
6   JavaScriptCore                	0x00000001959dec30 WTF::RunLoop::performWork(void*) + 36 (RunLoopCF.cpp:38)
7   CoreFoundation                	0x00000001911e966c __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24 (CFRunLoop.c:1943)
8   CoreFoundation                	0x00000001911e8fb4 __CFRunLoopDoSources0 + 524 (CFRunLoop.c:1989)
9   CoreFoundation                	0x00000001911e6bb4 __CFRunLoopRun + 804 (CFRunLoop.c:2821)
10  CoreFoundation                	0x0000000191115598 CFRunLoopRunSpecific + 444 (CFRunLoop.c:3113)
11  GraphicsServices              	0x0000000192b8f188 GSEventRunModal + 180 (GSEvent.c:2245)
12  UIKit                         	0x00000001971226e8 -[UIApplication _run] + 684 (UIApplication.m:2649)
13  UIKit                         	0x000000019711d420 UIApplicationMain + 208 (UIApplication.m:4091)
14  MobileSafari                  	0x000000010006d000 main + 1996 (main.m:168)
15  libdyld.dylib                 	0x00000001900fc5b8 start + 4
Comment 1 Chris Dumez 2016-08-04 12:33:04 PDT 
<rdar://problem/19814215>
Comment 2 Chris Dumez 2016-08-04 12:43:13 PDT 
Created attachment 285348 [details]
Patch
Comment 3 Sam Weinig 2016-08-04 13:10:20 PDT 
Comment on attachment 285348 [details]
Patch

Can you add an API test for this?
Comment 4 Chris Dumez 2016-08-04 13:11:30 PDT 
(In reply to comment #3)
> Comment on attachment 285348 [details]
> Patch
> 
> Can you add an API test for this?

I can try
Comment 5 Chris Dumez 2016-08-04 13:35:15 PDT 
Comment on attachment 285348 [details]
Patch

Clearing flags on attachment: 285348

Committed r204135: <http://trac.webkit.org/changeset/204135>
Comment 6 Chris Dumez 2016-08-04 13:35:19 PDT 
All reviewed patches have been landed.  Closing bug.
Comment 7 Chris Dumez 2016-08-04 13:35:50 PDT 
I am still working on a test.