Bug 253383
| Summary: | REGRESSION (261190@main): Lots of tests crashing in WebPageProxy::createNewPage() | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Simon Fraser (smfr) <simon.fraser> |
| Component: | WebKit Misc. | Assignee: | Simon Fraser (smfr) <simon.fraser> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | achristensen, bfulgham, pascoe, simon.fraser, webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Local Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| See Also: | https://bugs.webkit.org/show_bug.cgi?id=253385 | ||
Simon Fraser (smfr)
Lots of test crashes here:
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000010
Exception Note: EXC_CORPSE_NOTIFY
Termination Signal: Segmentation fault: 11
Termination Reason: Namespace SIGNAL, Code 0xb
Terminating Process: exc handler [842]
VM Regions Near 0x10:
-->
__TEXT 10302d000-1030f5000 [ 800K] r-x/r-x SM=COW /Volumes/*
Application Specific Information:
CRASHING TEST: fast/html/broadcast-channel-between-different-sessions.html
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 com.apple.WebKit 0x0000000105d97369 WebKit::WebProcessProxy::consumeIfNotVerifiablyFromUIProcess(API::UserInitiatedAction&, std::__1::optional<WTF::UUID>) + 95
1 com.apple.WebKit 0x0000000105d541c4 WebKit::WebPageProxy::createNewPage(WebKit::FrameInfoData&&, WTF::ObjectIdentifier<WebKit::WebPageProxyIdentifierType>, WebCore::ResourceRequest&&, WebCore::WindowFeatures&&, WebKit::NavigationActionData&&, WTF::CompletionHandler<void (std::__1::optional<WTF::ObjectIdentifier<WebCore::PageIdentifierType> >, std::__1::optional<WebKit::WebPageCreationParameters>)>&&) + 728
2 com.apple.WebKit 0x00000001060b712e WebKit::WebPageProxy::didReceiveSyncMessage(IPC::Connection&, IPC::Decoder&, WTF::UniqueRef<IPC::Encoder>&) + 704
3 com.apple.WebKit 0x000000010616b59e IPC::MessageReceiverMap::dispatchSyncMessage(IPC::Connection&, IPC::Decoder&, WTF::UniqueRef<IPC::Encoder>&) + 272
4 com.apple.WebKit 0x0000000105d95e0d WebKit::WebProcessProxy::didReceiveSyncMessage(IPC::Connection&, IPC::Decoder&, WTF::UniqueRef<IPC::Encoder>&) + 31
5 com.apple.WebKit 0x0000000106167065 IPC::Connection::dispatchSyncMessage(IPC::Decoder&) + 259
6 com.apple.WebKit 0x000000010616729a IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 216
7 com.apple.WebKit 0x0000000106163d00 IPC::Connection::SyncMessageState::ConnectionAndIncomingMessage::dispatch() + 42
8 com.apple.WebKit 0x0000000106163f13 IPC::Connection::SyncMessageState::dispatchMessagesAndResetDidScheduleDispatchMessagesForConnection(IPC::Connection&) + 493
9 com.apple.JavaScriptCore 0x00000001034bbbc1 WTF::RunLoop::performWork() + 545
10 com.apple.JavaScriptCore 0x00000001034bc5c2 WTF::RunLoop::performWork(void*) + 34
11 com.apple.CoreFoundation 0x00007fff2068ca8c __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
12 com.apple.CoreFoundation 0x00007fff2068c9f4 __CFRunLoopDoSource0 + 180
13 com.apple.CoreFoundation 0x00007fff2068c76a __CFRunLoopDoSources0 + 242
14 com.apple.CoreFoundation 0x00007fff2068b188 __CFRunLoopRun + 897
15 com.apple.CoreFoundation 0x00007fff2068a740 CFRunLoopRunSpecific + 567
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/106227636>
Simon Fraser (smfr)
I am going to commit this to make tests not crash, but I don't know if it's correct:
diff --git a/Source/WebKit/UIProcess/WebPageProxy.cpp b/Source/WebKit/UIProcess/WebPageProxy.cpp
index 27b1e5e2875635df87907564c6fb56647158751a..f629709a4b10642f5f1a702f3181f46d4db55148 100644
--- a/Source/WebKit/UIProcess/WebPageProxy.cpp
+++ b/Source/WebKit/UIProcess/WebPageProxy.cpp
@@ -6298,7 +6298,8 @@ void WebPageProxy::createNewPage(FrameInfoData&& originatingFrameInfoData, WebPa
else
#endif
userInitiatedActivity = m_process->userInitiatedActivity(navigationActionData.userGestureTokenIdentifier);
- if (m_preferences->verifyWindowOpenUserGestureFromUIProcess() && request.url().string() != Quirks::staticRadioPlayerURLString())
+
+ if (userInitiatedActivity && m_preferences->verifyWindowOpenUserGestureFromUIProcess() && request.url().string() != Quirks::staticRadioPlayerURLString())
m_process->consumeIfNotVerifiablyFromUIProcess(*userInitiatedActivity, navigationActionData.userGestureAuthorizationToken);
bool shouldOpenAppLinks = originatingFrameInfo->request().url().host() != request.url().host();
Simon Fraser (smfr)
Pull request: https://github.com/WebKit/WebKit/pull/11065
EWS
Committed 261215@main (5b368793a8c0): <https://commits.webkit.org/261215@main>
Reviewed commits have been landed. Closing PR #11065 and removing active labels.