Summary: | fast/loader/javascript-url-iframe-remove-on-navigate.html is a flaky crash on iOS with async delegates | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Chris Dumez <cdumez> | ||||||
Component: | Page Loading | Assignee: | Chris Dumez <cdumez> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | Normal | CC: | achristensen, ajuma, beidson, commit-queue, dbates, ews-watchlist, japhet, webkit-bug-importer, youennf | ||||||
Priority: | P2 | Keywords: | InRadar | ||||||
Version: | WebKit Nightly Build | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Bug Depends on: | |||||||||
Bug Blocks: | 180568 | ||||||||
Attachments: |
|
Description
Chris Dumez
2018-03-13 13:30:06 PDT
Created attachment 335744 [details]
Patch
Comment on attachment 335744 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=335744&action=review > Source/WebCore/ChangeLog:9 > + return null due to the load getting cancelled synchronously. If this load the parent frame's last s/load/load is/ > Source/WebCore/ChangeLog:15 > + which crashes flakily. crashes/crashed > Source/WebCore/loader/DocumentLoader.cpp:1725 > + return; I wonder whether some housekeeping would be good to do, hopefully not but hey... For instance, is m_loadingMainResource false when returning early (hopefully yes)? > Source/WebCore/loader/DocumentLoader.cpp:1728 > RELEASE_LOG_IF_ALLOWED("startLoadingMainResource: Unable to load main resource, URL is invalid (frame = %p, main = %d)", m_frame, m_frame->isMainFrame()); I wonder whether we would still want to log this error case even in the case frame is null? Created attachment 335745 [details]
Patch
Comment on attachment 335744 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=335744&action=review >> Source/WebCore/loader/DocumentLoader.cpp:1725 >> + return; > > I wonder whether some housekeeping would be good to do, hopefully not but hey... > For instance, is m_loadingMainResource false when returning early (hopefully yes)? m_loadingMainResource is false. I checked. Comment on attachment 335745 [details] Patch Clearing flags on attachment: 335745 Committed r229596: <https://trac.webkit.org/changeset/229596> All reviewed patches have been landed. Closing bug. |