WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
167665
com.apple.WebKit.WebContent.Development crashed in com.apple.WebCore: WebCore::FrameView::didDestroyRenderTree
https://bugs.webkit.org/show_bug.cgi?id=167665
Summary
com.apple.WebKit.WebContent.Development crashed in com.apple.WebCore: WebCore...
Chris Dumez
Reported
2017-01-31 13:57:30 PST
com.apple.WebKit.WebContent.Development crashed in com.apple.WebCore: WebCore::FrameView::didDestroyRenderTree: ASSERTION FAILED: m_widgetsInRenderTree.isEmpty() OpenSource/Source/WebCore/page/FrameView.cpp(648) : void WebCore::FrameView::didDestroyRenderTree() 1 0x11182fa5d WTFCrash 2 0x114b0e7f4 WebCore::FrameView::didDestroyRenderTree() 3 0x1147328d7 WebCore::Document::destroyRenderTree() 4 0x114732fed WebCore::Document::prepareForDestruction() 5 0x11429fce9 WebCore::CachedFrame::destroy() 6 0x1142b0da9 WebCore::CachedPage::~CachedPage() 7 0x1142b0e95 WebCore::CachedPage::~CachedPage() 8 0x115dac5dc WebCore::PageCache::prune(WebCore::PruningReason) 9 0x115dac463 WebCore::PageCache::pruneToSizeNow(unsigned int, WebCore::PruningReason) 10 0x1164082d8 WebCore::Settings::setUsesPageCache(bool) 11 0x10c097f50 WebKit::WebPage::updatePreferences(WebKit::WebPreferencesStore const&) 12 0x10c0ab24a WebKit::WebPage::preferencesDidChange(WebKit::WebPreferencesStore const&) 13 0x10c11f746 void IPC::callMemberFunctionImpl<WebKit::WebPage, void (WebKit::WebPage::*)(WebKit::WebPreferencesStore const&), std::__1::tuple<WebKit::WebPreferencesStore>, 0ul>(WebKit::WebPage*, void (WebKit::WebPage::*)(WebKit::WebPreferencesStore const&), std::__1::tuple<WebKit::WebPreferencesStore>&&, std::__1::integer_sequence<unsigned long, 0ul>) 14 0x10c11f5b8 void IPC::callMemberFunction<WebKit::WebPage, void (WebKit::WebPage::*)(WebKit::WebPreferencesStore const&), std::__1::tuple<WebKit::WebPreferencesStore>, std::__1::integer_sequence<unsigned long, 0ul> >(std::__1::tuple<WebKit::WebPreferencesStore>&&, WebKit::WebPage*, void (WebKit::WebPage::*)(WebKit::WebPreferencesStore const&)) 15 0x10c112052 void IPC::handleMessage<Messages::WebPage::PreferencesDidChange, WebKit::WebPage, void (WebKit::WebPage::*)(WebKit::WebPreferencesStore const&)>(IPC::Decoder&, WebKit::WebPage*, void (WebKit::WebPage::*)(WebKit::WebPreferencesStore const&)) 16 0x10c10a604 WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection&, IPC::Decoder&) 17 0x10c0b092e WebKit::WebPage::didReceiveMessage(IPC::Connection&, IPC::Decoder&) 18 0x10c0b0974 non-virtual thunk to WebKit::WebPage::didReceiveMessage(IPC::Connection&, IPC::Decoder&) 19 0x10bacc4e8 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) 20 0x10c2ac4ed WebKit::WebProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&) 21 0x10b9a9fd3 IPC::Connection::dispatchMessage(IPC::Decoder&) 22 0x10b99f6b8 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) 23 0x10b9aa5d0 IPC::Connection::dispatchOneMessage() 24 0x10b9c31ed IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14::operator()() 25 0x10b9c3149 WTF::Function<void ()>::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_14>::call() 26 0x11185c1ae WTF::Function<void ()>::operator()() const 27 0x111877b2d WTF::RunLoop::performWork() 28 0x111878214 WTF::RunLoop::performWork(void*) 29 0x7fff9c4483b1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ 30 0x7fff9c42963c __CFRunLoopDoSources0 31 0x7fff9c428b26 __CFRunLoopRun
Attachments
Patch
(3.11 KB, patch)
2017-01-31 15:11 PST
,
Chris Dumez
no flags
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Chris Dumez
Comment 1
2017-01-31 13:57:53 PST
<
rdar://problem/30241193
>
Chris Dumez
Comment 2
2017-01-31 15:11:52 PST
Created
attachment 300267
[details]
Patch
Andreas Kling
Comment 3
2017-01-31 15:31:41 PST
Comment on
attachment 300267
[details]
Patch Oh, nice approach Chris! Another thing that could also work is having callers pass the relevant FrameView* to destroyRenderTree(). I think the way you've done it here is great though. r=me
WebKit Commit Bot
Comment 4
2017-01-31 15:50:34 PST
Comment on
attachment 300267
[details]
Patch Clearing flags on attachment: 300267 Committed
r211455
: <
http://trac.webkit.org/changeset/211455
>
WebKit Commit Bot
Comment 5
2017-01-31 15:50:39 PST
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug