Bug 197902

Summary: Constant crashes under WebPage::isThrottleable() after r245299
Product: WebKit Reporter: Tim Horton <thorton>
Component: WebKit2Assignee: youenn fablet <youennf>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, cdumez, commit-queue, dbates, dino, ews-watchlist, simon.fraser, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar, Regression
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch
none
Archive of layout-test-results from ews215 for win-future none

Tim Horton
Reported 2019-05-14 18:43:11 PDT
If you window.open (I can give you exact repro steps offline), you'll often crash under this stack: WebKit::WebPage::isThrottleable() const auto WebKit::WebProcess::areAllPagesThrottleable() bool WTF::allOf<WTF::SizedIteratorRange<WTF::HashMap<unsigned long long, ... WebKit::WebProcess::areAllPagesThrottleable() const WebKit::WebSWClientConnection::updateThrottleState() WebKit::WebPage::updateThrottleState() WebKit::WebPage::WebPage(unsigned long long, WebKit::WebPageCreationParameters&&) WebKit::WebPage::WebPage(unsigned long long, WebKit::WebPageCreationParameters&&) [inlined] WebKit::WebPage::create(unsigned long long, WebKit::WebPageCreationParameters&&) WebKit::WebProcess::createWebPage(unsigned long long, WebKit::WebPageCreationParameters&&) void IPC::handleMessage<Messages::WebProcess::CreateWebPage, WebKit::WebProcess... Because WebProcess::createWebPage has added an item to m_pageMap, and then areAllPagesThrottleable iterates m_pageMap before the new item has been assigned a value.
Attachments
Patch (8.11 KB, patch)
2019-05-14 22:30 PDT, youenn fablet 		no flags
DetailsFormatted DiffDiff
Patch (8.22 KB, patch)
2019-05-15 07:47 PDT, youenn fablet 		no flags
DetailsFormatted DiffDiff
Archive of layout-test-results from ews215 for win-future (13.50 MB, application/zip)
2019-05-15 09:03 PDT, EWS Watchlist 		no flags
Details
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2019-05-14 18:48:47 PDT
<rdar://problem/50793796>
youenn fablet
Comment 2 2019-05-14 22:30:49 PDT
Created attachment 369924 [details] Patch
youenn fablet
Comment 3 2019-05-15 07:47:37 PDT
Created attachment 369951 [details] Patch
EWS Watchlist
Comment 4 2019-05-15 09:03:54 PDT
Comment on attachment 369951 [details] Patch Attachment 369951 [details] did not pass win-ews (win): Output: https://webkit-queues.webkit.org/results/12197730 New failing tests: fast/shadow-dom/svg-use-href-change-in-shadow-tree.html
EWS Watchlist
Comment 5 2019-05-15 09:03:56 PDT
Created attachment 369956 [details] Archive of layout-test-results from ews215 for win-future The attached test failures were seen while running run-webkit-tests on the win-ews. Bot: ews215 Port: win-future Platform: CYGWIN_NT-10.0-17763-3.0.5-338.x86_64-x86_64-64bit
youenn fablet
Comment 6 2019-05-15 09:04:55 PDT
Comment on attachment 369951 [details] Patch Win error unrelated
WebKit Commit Bot
Comment 7 2019-05-15 09:36:04 PDT
Comment on attachment 369951 [details] Patch Clearing flags on attachment: 369951 Committed r245327: <https://trac.webkit.org/changeset/245327>
WebKit Commit Bot
Comment 8 2019-05-15 09:36:06 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.