Bug 139136 - Web Inspector: Crash in WebInspectorClient::hideHighlight when page is destroyed
Summary: Web Inspector: Crash in WebInspectorClient::hideHighlight when page is destroyed
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Web Inspector (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Joseph Pecoraro
URL:
Keywords: DoNotImportToRadar
Depends on:
Blocks:
 
Reported: 2014-12-01 10:58 PST by Joseph Pecoraro
Modified: 2014-12-01 11:59 PST (History)
6 users (show)

See Also:

Attachments
[PATCH] Proposed Fix (1.73 KB, patch)
2014-12-01 11:01 PST, Joseph Pecoraro 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Joseph Pecoraro 2014-12-01 10:58:20 PST 
Seen a few crashes in WebInspectorClient::hideHighlight when the page is destroyed.

Process:               com.apple.WebKit.WebContent [4849]
Crashed Thread:        0  Dispatch queue: com.apple.main-thread
Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x0000000000000328

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.WebKit              	0x00007fff908fbc47 WebKit::WebInspectorClient::hideHighlight() + 25
1   com.apple.WebCore             	0x00007fff9573e8d9 WebCore::InspectorOverlay::update() + 505 (InspectorOverlay.cpp:338)
2   com.apple.WebCore             	0x00007fff9571bf4c WebCore::InspectorDOMAgent::willDestroyFrontendAndBackend(Inspector::InspectorDisconnectReason) + 220 (InspectorDOMAgent.cpp:261)
3   com.apple.JavaScriptCore      	0x00007fff97229f50 Inspector::InspectorAgentRegistry::willDestroyFrontendAndBackend(Inspector::InspectorDisconnectReason) + 48 (InspectorAgentRegistry.cpp:53)
4   com.apple.WebCore             	0x00007fff9570d3ec WebCore::InspectorController::disconnectFrontend(Inspector::InspectorDisconnectReason) + 28 (InspectorController.cpp:267)
5   com.apple.WebCore             	0x00007fff951b87a0 WebCore::InspectorController::inspectedPageDestroyed() + 16 (InspectorController.cpp:192)
6   com.apple.WebCore             	0x00007fff951b7f13 WebCore::Page::~Page() + 323 (Page.cpp:256)
7   com.apple.WebKit              	0x00007fff908b3c3b WebKit::WebPage::close() + 715
8   com.apple.WebKit              	0x00007fff90a246f4 WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection*, IPC::MessageDecoder&) + 5316
9   com.apple.WebKit              	0x00007fff90962dc2 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection*, IPC::MessageDecoder&) + 120
10  com.apple.WebKit              	0x00007fff90a5841c WebKit::WebProcess::didReceiveMessage(IPC::Connection*, IPC::MessageDecoder&) + 28
11  com.apple.WebKit              	0x00007fff909164dc IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >) + 94
12  com.apple.WebKit              	0x00007fff90918654 IPC::Connection::dispatchOneMessage() + 114
13  com.apple.JavaScriptCore      	0x00007fff97379337 WTF::RunLoop::performWork() + 423 (RunLoop.cpp:106)

Was not able to reproduce, but I have a speculative fix.
Comment 1 Joseph Pecoraro 2014-12-01 10:58:34 PST 
<rdar://problem/18988495>
Comment 2 Joseph Pecoraro 2014-12-01 11:01:18 PST 
Created attachment 242321 [details]
[PATCH] Proposed Fix
Comment 3 WebKit Commit Bot 2014-12-01 11:59:25 PST 
Comment on attachment 242321 [details]
[PATCH] Proposed Fix

Clearing flags on attachment: 242321

Committed r176596: <http://trac.webkit.org/changeset/176596>
Comment 4 WebKit Commit Bot 2014-12-01 11:59:28 PST 
All reviewed patches have been landed.  Closing bug.