WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
132204
REGRESSION (
r167775
): Safari crashes in ViewSnapshotStore::pruneSnapshots after loading 20 pages
https://bugs.webkit.org/show_bug.cgi?id=132204
Summary
REGRESSION (r167775): Safari crashes in ViewSnapshotStore::pruneSnapshots aft...
Tim Horton
Reported
2014-04-25 14:14:38 PDT
Typo (and also a separate mistake not causing a crash but causing the code to run more than it should). <
rdar://problem/16729123
>
Attachments
patch
(4.16 KB, patch)
2014-04-25 14:21 PDT
,
Tim Horton
andersca
: review+
Details
Formatted Diff
Diff
followup
(2.78 KB, patch)
2014-04-26 15:33 PDT
,
Tim Horton
mitz: review+
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Tim Horton
Comment 1
2014-04-25 14:21:27 PDT
Created
attachment 230199
[details]
patch
Anders Carlsson
Comment 2
2014-04-25 14:24:08 PDT
Comment on
attachment 230199
[details]
patch View in context:
https://bugs.webkit.org/attachment.cgi?id=230199&action=review
> Source/WebKit2/UIProcess/mac/ViewSnapshotStore.mm:79 > + const auto& snapshot = m_snapshotMap.find(snapshotUUID);
I don't think you should call this snapshot since it's an iterator. How about auto snapshotIt = m_snapshotMap.find(snapshotUUID)
Tim Horton
Comment 3
2014-04-25 14:29:22 PDT
https://trac.webkit.org/changeset/167822
Tim Horton
Comment 4
2014-04-26 15:28:38 PDT
This didn't fix the problem 100%.
Tim Horton
Comment 5
2014-04-26 15:33:19 PDT
Created
attachment 230245
[details]
followup
mitz
Comment 6
2014-04-26 19:37:21 PDT
Comment on
attachment 230245
[details]
followup View in context:
https://bugs.webkit.org/attachment.cgi?id=230245&action=review
> Source/WebKit2/UIProcess/mac/ViewSnapshotStore.mm:113 > + if (snapshotIter == m_snapshotMap.end()) { > + ASSERT_NOT_REACHED(); > + return; > + }
This is better written as ASSERT(snapshotIter != m_snapshotMap.end()); if (snapshowIter == m_snapshotMap.end()) return; Since the assertion failure message will say what is the condition that was false.
Tim Horton
Comment 7
2014-04-26 19:45:17 PDT
Sam thinks that the early return is sloppy and that we should just keep crashing if it's wrong so that we fix it;
http://trac.webkit.org/changeset/167849
.
Darin Adler
Comment 8
2014-04-27 11:16:46 PDT
Comment on
attachment 230245
[details]
followup View in context:
https://bugs.webkit.org/attachment.cgi?id=230245&action=review
> Source/WebKit2/UIProcess/mac/ViewSnapshotStore.mm:109 > + const auto& snapshotIter = m_snapshotMap.find(oldestSnapshotUUID);
Why const auto& instead of auto?
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug