RESOLVED FIXED 137676
Crash in WebCore::UserGestureIndicator::processingUserGesture with WebWorkers 
https://bugs.webkit.org/show_bug.cgi?id=137676
Summary Crash in WebCore::UserGestureIndicator::processingUserGesture with WebWorkers
Dean Jackson
Reported 2014-10-13 15:25:55 PDT
Crash in WebCore::UserGestureIndicator::processingUserGesture with WebWorkers
Attachments
Patch (10.95 KB, patch)
2014-10-13 15:39 PDT, Dean Jackson 		no flags
DetailsFormatted DiffDiff
Patch (14.06 KB, patch)
2014-10-14 12:43 PDT, Dean Jackson 		ap: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Dean Jackson
Comment 1 2014-10-13 15:39:29 PDT
Created attachment 239753 [details] Patch
Alexey Proskuryakov
Comment 2 2014-10-13 15:48:03 PDT
Comment on attachment 239753 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=239753&action=review Can a regression test be added for this? I'm concerned that this is not right when there are multiple pages served by one process - interacting with one tab doesn't mean that we interacted with another. > Source/WebCore/loader/FrameLoader.cpp:1862 > + if (m_frame.isMainFrame()) > + UserGestureIndicator::resetLastUserGestureTimestamp(); Did you check that this code runs when doing a cached back/forward load?
Alexey Proskuryakov
Comment 3 2014-10-13 23:10:44 PDT
<rdar://problem/15735049>
Alexey Proskuryakov
Comment 4 2014-10-13 23:54:00 PDT
> Can a regression test be added for this? OK, so it looks like the answer is no, and that's because the crash was already fixed, probably in <http://trac.webkit.org/changeset/152238>, which was then polished in <http://trac.webkit.org/changeset/159198>. ScriptController::processingUserGesture() and UserGestureIndicator::processingUserGesture() are now very simple functions that can't crash. I still think that much of the refactoring done in this patch is needed - the code inEventTarget::fireEventListeners() is quite incorrect. Dispatching any arbitrary event shouldn't result in calling resetLastHandledUserGestureTimestamp(), as most events are not user gestures.
Dean Jackson
Comment 5 2014-10-14 12:41:06 PDT
(In reply to comment #2) > > Source/WebCore/loader/FrameLoader.cpp:1862 > > + if (m_frame.isMainFrame()) > > + UserGestureIndicator::resetLastUserGestureTimestamp(); > > Did you check that this code runs when doing a cached back/forward load? In the refactored patch (about to be posted) we don't actually care about this any more.
Dean Jackson
Comment 6 2014-10-14 12:43:51 PDT
Created attachment 239818 [details] Patch
Alexey Proskuryakov
Comment 7 2014-10-14 12:53:47 PDT
Comment on attachment 239818 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=239818&action=review Looks good to me. Please wait to EWS to agree :) > Source/WebCore/dom/UserGestureIndicator.h:46 > + WEBCORE_EXPORT explicit UserGestureIndicator(ProcessingUserGestureState, Document* = nullptr); Maybe add a comment here, explaining that latest user event timestamp is updated in the document if provided?
Dean Jackson
Comment 8 2014-10-14 13:36:13 PDT
Seems like this might be failing as a result: fast/dom/remove-body-during-body-replacement2.html
Alexey Proskuryakov
Comment 9 2014-10-14 13:45:29 PDT
Actually, fast/dom/remove-body-during-body-replacement2.html regressed with r174637. And fast/hidpi/image-srcset-relative-svg-canvas.html has been very flaky on EWS recently (but not on regular bots).
Dean Jackson
Comment 10 2014-10-14 13:58:31 PDT
Great!
Dean Jackson
Comment 11 2014-10-14 14:02:24 PDT
Committed r174700: <http://trac.webkit.org/changeset/174700>
Note You need to log in before you can comment on or make changes to this bug.