Bug 121910 - [WK2] Crash at at com.apple.WebKit2: WebKit::VoidCallback::invalidate + 46
Summary: [WK2] Crash at at com.apple.WebKit2: WebKit::VoidCallback::invalidate + 46
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Jer Noble
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-09-25 09:02 PDT by Jer Noble
Modified: 2013-09-26 11:12 PDT (History)
3 users (show)

See Also:

Attachments
Patch (3.99 KB, patch)
2013-09-25 09:07 PDT, Jer Noble 		no flags Details | Formatted Diff | Diff
Patch (3.99 KB, patch)
2013-09-25 10:38 PDT, Jer Noble 		no flags Details | Formatted Diff | Diff
Patch (3.60 KB, patch)
2013-09-25 16:22 PDT, Jer Noble 		no flags Details | Formatted Diff | Diff
Patch (4.66 KB, patch)
2013-09-25 22:28 PDT, Jer Noble 		darin: review+
Details | Formatted Diff | Diff
Show Obsolete (3) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jer Noble 2013-09-25 09:02:44 PDT 
[WK2] Crash at at com.apple.WebKit2: WebKit::VoidCallback::invalidate + 46
Comment 1 Jer Noble 2013-09-25 09:07:45 PDT 
Created attachment 212585 [details]
Patch
Comment 2 Jer Noble 2013-09-25 09:08:20 PDT 
<rdar://problem/13389393>
Comment 3 Build Bot 2013-09-25 09:25:08 PDT 
Comment on attachment 212585 [details]
Patch

Attachment 212585 [details] did not pass mac-wk2-ews (mac-wk2):
Output: http://webkit-queues.appspot.com/results/2181004
Comment 4 Build Bot 2013-09-25 09:47:13 PDT 
Comment on attachment 212585 [details]
Patch

Attachment 212585 [details] did not pass mac-ews (mac):
Output: http://webkit-queues.appspot.com/results/2166250
Comment 5 Jer Noble 2013-09-25 10:38:19 PDT 
Created attachment 212599 [details]
Patch
Comment 6 Build Bot 2013-09-25 11:04:11 PDT 
Comment on attachment 212599 [details]
Patch

Attachment 212599 [details] did not pass mac-wk2-ews (mac-wk2):
Output: http://webkit-queues.appspot.com/results/2266057
Comment 7 Build Bot 2013-09-25 11:22:37 PDT 
Comment on attachment 212599 [details]
Patch

Attachment 212599 [details] did not pass mac-ews (mac):
Output: http://webkit-queues.appspot.com/results/2281054
Comment 8 Jer Noble 2013-09-25 16:22:40 PDT 
Created attachment 212635 [details]
Patch
Comment 9 Darin Adler 2013-09-25 18:53:27 PDT 
Comment on attachment 212635 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=212635&action=review

I would say review+ except for the confusing assertions.

> Source/WebKit2/ChangeLog:10
> +        Store a copy of the VoidCallback passed to WKPage, and cancel the callback
> +        during dealloc by changing it's context to 0. This requires a small change
> +        to CallbackBase to add the ability to change the context post-creation.

You changed the patch to use invalidate, so the comment about CallbackBase is no longer correct.

> Source/WebKit2/ChangeLog:13
> +        * UIProcess/GenericCallback.h:
> +        (WebKit::CallbackBase::setContext): Added; simple setter.

This change is not in the patch.

> Source/WebKit2/UIProcess/mac/WKFullScreenWindowController.mm:115
> +    ASSERT(!_repaintCallback);

This is really confusing. How does calling invalidate on the callback cause it to become a nullptr?

> Source/WebKit2/UIProcess/mac/WKFullScreenWindowController.mm:409
> +    ASSERT(!_repaintCallback);

This is really confusing. How does calling invalidate on the callback cause it to become a nullptr?

> Source/WebKit2/UIProcess/mac/WKFullScreenWindowController.mm:416
> +    _repaintCallback = 0;

We like nullptr for this in newer code.
Comment 10 Jer Noble 2013-09-25 21:57:09 PDT 
(In reply to comment #9)
> (From update of attachment 212635 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=212635&action=review
> 
> I would say review+ except for the confusing assertions.
> 
> > Source/WebKit2/ChangeLog:10
> > +        Store a copy of the VoidCallback passed to WKPage, and cancel the callback
> > +        during dealloc by changing it's context to 0. This requires a small change
> > +        to CallbackBase to add the ability to change the context post-creation.
> 
> You changed the patch to use invalidate, so the comment about CallbackBase is no longer correct.

Whoops; i'll update the ChangeLog.

> > Source/WebKit2/ChangeLog:13
> > +        * UIProcess/GenericCallback.h:
> > +        (WebKit::CallbackBase::setContext): Added; simple setter.
> 
> This change is not in the patch.

And here as well.

> > Source/WebKit2/UIProcess/mac/WKFullScreenWindowController.mm:115
> > +    ASSERT(!_repaintCallback);
> 
> This is really confusing. How does calling invalidate on the callback cause it to become a nullptr?

When you call VoidCallback::invalidate(), it immediately calls the callback method with an error parameter.  The callback method will clear the _repaintCallback.

> > Source/WebKit2/UIProcess/mac/WKFullScreenWindowController.mm:409
> > +    ASSERT(!_repaintCallback);
> 
> This is really confusing. How does calling invalidate on the callback cause it to become a nullptr?

Ditto.

> > Source/WebKit2/UIProcess/mac/WKFullScreenWindowController.mm:416
> > +    _repaintCallback = 0;
> 
> We like nullptr for this in newer code.

Will change.
Comment 11 Jer Noble 2013-09-25 22:28:03 PDT 
Created attachment 212667 [details]
Patch
Comment 12 Jer Noble 2013-09-26 11:12:22 PDT 
Committed r156479: <http://trac.webkit.org/changeset/156479>