Bug 189763

Summary: Crash under WebPageProxy::decidePolicyForNavigationAction()
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: WebKit2Assignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, commit-queue, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Chris Dumez
Reported 2018-09-19 13:15:32 PDT
Crash under WebPageProxy::decidePolicyForNavigationAction(): Thread 0 Crashed ↩:: Dispatch queue: com.apple.main-thread 0 com.apple.WebKit 0x00007fff605a5abc API::Object::ref() + 4 1 com.apple.WebKit 0x00007fff608119e0 WebKit::WebPageProxy::decidePolicyForNavigationAction(unsigned long long, WebCore::SecurityOriginData const&, unsigned long long, WebKit::NavigationActionData&&, WebKit::FrameInfoData const&, unsigned long long, WebCore::ResourceRequest const&, WebCore::ResourceRequest&&, WebCore::ResourceResponse&&, unsigned long long, WebKit::UserData const&) + 274 2 com.apple.WebKit 0x00007fff608356f8 void IPC::callMemberFunctionImpl<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(unsigned long long, WebCore::SecurityOriginData const&, unsigned long long, WebKit::NavigationActionData&&, WebKit::FrameInfoData const&, unsigned long long, WebCore::ResourceRequest const&, WebCore::ResourceRequest&&, WebCore::ResourceResponse&&, unsigned long long, WebKit::UserData const&), std::__1::tuple<unsigned long long, WebCore::SecurityOriginData, unsigned long long, WebKit::NavigationActionData, WebKit::FrameInfoData, unsigned long long, WebCore::ResourceRequest, WebCore::ResourceRequest, WebCore::ResourceResponse, unsigned long long, WebKit::UserData>, 0ul, 1ul, 2ul, 3ul, 4ul, 5ul, 6ul, 7ul, 8ul, 9ul, 10ul>(WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(unsigned long long, WebCore::SecurityOriginData const&, unsigned long long, WebKit::NavigationActionData&&, WebKit::FrameInfoData const&, unsigned long long, WebCore::ResourceRequest const&, WebCore::ResourceRequest&&, WebCore::ResourceResponse&&, unsigned long long, WebKit::UserData const&), std::__1::tuple<unsigned long long, WebCore::SecurityOriginData, unsigned long long, WebKit::NavigationActionData, WebKit::FrameInfoData, unsigned long long, WebCore::ResourceRequest, WebCore::ResourceRequest, WebCore::ResourceResponse, unsigned long long, WebKit::UserData>&&, std::__1::integer_sequence<unsigned long, 0ul, 1ul, 2ul, 3ul, 4ul, 5ul, 6ul, 7ul, 8ul, 9ul, 10ul>) + 105 3 com.apple.WebKit 0x00007fff6082fb44 void IPC::handleMessage<Messages::WebPageProxy::DecidePolicyForNavigationAction, WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(unsigned long long, WebCore::SecurityOriginData const&, unsigned long long, WebKit::NavigationActionData&&, WebKit::FrameInfoData const&, unsigned long long, WebCore::ResourceRequest const&, WebCore::ResourceRequest&&, WebCore::ResourceResponse&&, unsigned long long, WebKit::UserData const&)>(IPC::Decoder&, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(unsigned long long, WebCore::SecurityOriginData const&, unsigned long long, WebKit::NavigationActionData&&, WebKit::FrameInfoData const&, unsigned long long, WebCore::ResourceRequest const&, WebCore::ResourceRequest&&, WebCore::ResourceResponse&&, unsigned long long, WebKit::UserData const&)) + 365 4 com.apple.WebKit 0x00007fff6060b55b IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 127 5 com.apple.WebKit 0x00007fff6088fcbc WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 24 6 com.apple.WebKit 0x00007fff605d853e IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 130 7 com.apple.WebKit 0x00007fff605daddd IPC::Connection::dispatchIncomingMessages() + 731 8 com.apple.JavaScriptCore 0x00007fff55029117 WTF::RunLoop::performWork() + 231 9 com.apple.JavaScriptCore 0x00007fff550293a2 WTF::RunLoop::performWork(void*) + 34 10 com.apple.CoreFoundation 0x00007fff51a40405 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 11 com.apple.CoreFoundation 0x00007fff51a403ab __CFRunLoopDoSource0 + 108 12 com.apple.CoreFoundation 0x00007fff51a23e51 __CFRunLoopDoSources0 + 195 13 com.apple.CoreFoundation 0x00007fff51a233fa __CFRunLoopRun + 1219 14 com.apple.CoreFoundation 0x00007fff51a22ce4 CFRunLoopRunSpecific + 463 15 com.apple.HIToolbox 0x00007fff50cbc895 RunCurrentEventLoopInMode + 293 16 com.apple.HIToolbox 0x00007fff50cbc5cb ReceiveNextEventCommon + 618 17 com.apple.HIToolbox 0x00007fff50cbc348 _BlockUntilNextEventMatchingListInModeWithFilter + 64 18 com.apple.AppKit 0x00007fff4ef7995b _DPSNextEvent + 997 19 com.apple.AppKit 0x00007fff4ef786fa -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 1362 20 com.apple.Safari.framework 0x00007fff757b077b -[BrowserApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 273 21 com.apple.AppKit 0x00007fff4ef7275d -[NSApplication run] + 699 22 com.apple.AppKit 0x00007fff4ef61e97 NSApplicationMain + 780 23 libdyld.dylib 0x00007fff7ec47085 start + 1
Attachments
Patch (9.77 KB, patch)
2018-09-19 13:19 PDT, Chris Dumez
no flags
Chris Dumez
Comment 1 2018-09-19 13:15:57 PDT
Chris Dumez
Comment 2 2018-09-19 13:19:37 PDT
Alex Christensen
Comment 3 2018-09-19 14:08:58 PDT
Comment on attachment 350145 [details] Patch You could WTFMove the navigations into the HashMap like I did in https://bugs.webkit.org/show_bug.cgi?id=189765
Alex Christensen
Comment 4 2018-09-19 14:09:26 PDT
*** Bug 189765 has been marked as a duplicate of this bug. ***
WebKit Commit Bot
Comment 5 2018-09-19 14:58:51 PDT
Comment on attachment 350145 [details] Patch Clearing flags on attachment: 350145 Committed r236227: <https://trac.webkit.org/changeset/236227>
WebKit Commit Bot
Comment 6 2018-09-19 14:58:52 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.