WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
181031
[GTK] fast/frames/crash-when-iframe-is-remove-in-eventhandler.html crashes sometimes
https://bugs.webkit.org/show_bug.cgi?id=181031
Summary
[GTK] fast/frames/crash-when-iframe-is-remove-in-eventhandler.html crashes so...
Alicia Boya García
Reported
2017-12-20 06:15:20 PST
fast/frames/crash-when-iframe-is-remove-in-eventhandler.html crashes often on GTK. Last runs: CCPPCCCPPCPCPCPCPCCPCCCCCCCPPCCPPPCCCCPPCCCPCPPPCCCPPCCPPCPCCCCCPCPCPPCPCPPPPCPCPCPCPPCCPCCCCCCCPPPP
Attachments
Add attachment
proposed patch, testcase, etc.
Fujii Hironori
Comment 1
2017-12-25 20:06:15 PST
https://build.webkit.org/builders/GTK%20Linux%2064-bit%20Release%20%28Tests%29/builds/4710
> Thread 1 (Thread 0x7fd2c7a03a80 (LWP 12565)): > #0 0x00007fd2d6f6c330 in WebCore::FrameLoader::dispatchDidClearWindowObjectInWorld(WebCore::DOMWrapperWorld&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #1 0x00007fd2d6ab0688 in WebCore::ScriptController::initScript(WebCore::DOMWrapperWorld&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #2 0x00007fd2d6a84afb in WebCore::toJS(JSC::ExecState*, WebCore::Frame&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #3 0x00007fd2d6a84b42 in WebCore::toJS(JSC::ExecState*, WebCore::DOMWindow&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #4 0x00007fd2d6a85c2e in WebCore::cachedDocumentWrapper(JSC::ExecState&, WebCore::JSDOMGlobalObject&, WebCore::Document&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #5 0x00007fd2d6a88f96 in WebCore::toJS(JSC::ExecState*, WebCore::JSDOMGlobalObject*, WebCore::Document&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #6 0x00007fd2d65a1b55 in WebCore::jsHTMLIFrameElementContentDocument(JSC::ExecState*, long, JSC::PropertyName) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #7 0x00007fd2d3bc691f in JSC::PropertySlot::customGetter(JSC::ExecState*, JSC::PropertyName) const () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 > #8 0x00007fd2d3923ffa in llint_slow_path_get_by_id () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 > #9 0x00007fd2d39104db in llint_entry () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 > #10 0x00007fd2d390d420 in vmEntryToJavaScript () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 > #11 0x00007fd2d38b5754 in JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 > #12 0x00007fd2d388d324 in JSC::Interpreter::executeProgram(JSC::SourceCode const&, JSC::ExecState*, JSC::JSObject*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 > #13 0x00007fd2d3a5fb6a in JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 > #14 0x00007fd2d3a5fd61 in JSC::profiledEvaluate(JSC::ExecState*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 > #15 0x00007fd2d6ab087b in WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&, WebCore::ExceptionDetails*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #16 0x00007fd2d6ab0a03 in WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&, WebCore::ExceptionDetails*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #17 0x00007fd2d6cd1417 in WebCore::ScriptElement::executeClassicScript(WebCore::ScriptSourceCode const&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #18 0x00007fd2d6cdc1f5 in WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #19 0x00007fd2d6e9609e in WebCore::HTMLScriptRunner::runScript(WebCore::ScriptElement&, WTF::TextPosition const&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #20 0x00007fd2d6e9696d in WebCore::HTMLScriptRunner::execute(WTF::Ref<WebCore::ScriptElement>&&, WTF::TextPosition const&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #21 0x00007fd2d6e8126a in WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #22 0x00007fd2d6e813d5 in WebCore::HTMLDocumentParser::pumpTokenizerLoop(WebCore::HTMLDocumentParser::SynchronousMode, bool, WebCore::PumpSession&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #23 0x00007fd2d6e826cc in WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #24 0x00007fd2d6e8486a in WebCore::HTMLDocumentParser::append(WTF::RefPtr<WTF::StringImpl>&&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #25 0x00007fd2d6c4b17b in WebCore::DecodedDataDocumentParser::flush(WebCore::DocumentWriter&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #26 0x00007fd2d6f52fcd in WebCore::DocumentWriter::end() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #27 0x00007fd2d6f5bbc9 in WebCore::DocumentLoader::finishedLoading() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #28 0x00007fd2d6fceb14 in WebCore::CachedResource::checkNotify() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #29 0x00007fd2d6fd8fa6 in WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #30 0x00007fd2d6fa96ce in WebCore::SubresourceLoader::didFinishLoading(WebCore::NetworkLoadMetrics const&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #31 0x00007fd2d644eda5 in void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)>(IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #32 0x00007fd2d644e9cf in WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::Decoder&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #33 0x00007fd2d600c04b in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #34 0x00007fd2d600cf6c in IPC::Connection::dispatchOneMessage() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #35 0x00007fd2d3d78c07 in WTF::RunLoop::performWork() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 > #36 0x00007fd2d3dade09 in WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 > #37 0x00007fd2d11f481a in g_main_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.54.2/glib/gmain.c:3148 > #38 g_main_context_dispatch () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.54.2/glib/gmain.c:3813 > #39 0x00007fd2d11f4ba8 in g_main_context_iterate () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.54.2/glib/gmain.c:3886 > #40 0x00007fd2d11f4ec2 in g_main_loop_run () at /home/slave/webkitgtk/gtk-linux-64-release-tests/build/WebKitBuild/DependenciesGTK/Source/glib-2.54.2/glib/gmain.c:4082 > #41 0x00007fd2d3dae7b0 in WTF::RunLoop::run() () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 > #42 0x00007fd2d63dfe52 in int WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain>(int, char**) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37 > #43 0x00007fd2ccbaa2b1 in __libc_start_main (main=0x7fd2d8747d30 <main>, argc=2, argv=0x7ffc537e1b08, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffc537e1af8) at ../csu/libc-start.c:291 > #44 0x00007fd2d8747dba in _start ()
Fujii Hironori
Comment 2
2018-02-02 01:32:00 PST
I can't reproduce this crash in my Ubuntu 17.10.
Diego Pino
Comment 3
2020-06-18 23:16:37 PDT
The test(s) filed under this bug have been consistently passing for the last 4000 revisions. Marking bug as fixed. Committed
r263254
: <
https://trac.webkit.org/changeset/263254
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug