RESOLVED WORKSFORME 62427
Crash in FrameLoader::clear 
https://bugs.webkit.org/show_bug.cgi?id=62427
Summary Crash in FrameLoader::clear
Ryosuke Niwa
Reported 2011-06-09 22:01:38 PDT
Thread 0 *CRASHED* ( SIGSEGV @ 0x64646d54 ) 0x08e653ea [chrome - third_party/WebKit/Source/JavaScriptCore/wtf/RefPtr.h:133] WebCore::Editor::clear 0x08f1f4f9 [chrome - third_party/WebKit/Source/WebCore/loader/FrameLoader.cpp:610] WebCore::FrameLoader::clear 0x08f1ac98 [chrome - third_party/WebKit/Source/WebCore/loader/DocumentWriter.cpp:127] WebCore::DocumentWriter::begin 0x08f1b1ae [chrome - third_party/WebKit/Source/WebCore/loader/DocumentWriter.cpp:70] WebCore::DocumentWriter::replaceDocument 0x08d4fc7e [chrome - third_party/WebKit/Source/WebCore/bindings/ScriptControllerBase.cpp:121] WebCore::ScriptController::executeIfJavaScriptURL 0x08f4fb01 [chrome - third_party/WebKit/Source/WebCore/loader/SubframeLoader.cpp:88] WebCore::SubframeLoader::requestFrame 0x09e10e3a [chrome - third_party/WebKit/Source/WebCore/html/HTMLFrameElementBase.cpp:102] WebCore::HTMLFrameElementBase::openURL 0x09e11349 [chrome - third_party/WebKit/Source/WebCore/html/HTMLFrameElementBase.cpp:153] WebCore::HTMLFrameElementBase::setNameAndOpenURL 0x08dea582 [chrome - third_party/WebKit/Source/WebCore/dom/ContainerNode.cpp:774] WebCore::ContainerNode::insertedIntoDocument 0x08e16313 [chrome - third_party/WebKit/Source/WebCore/dom/Element.cpp:957] WebCore::Element::insertedIntoDocument 0x08dea7ea [chrome - third_party/WebKit/Source/WebCore/dom/ContainerNode.cpp:1069] WebCore::notifyChildInserted 0x08dec9a3 [chrome - third_party/WebKit/Source/WebCore/dom/ContainerNode.cpp:645] WebCore::ContainerNode::appendChild 0x08e2a59c [chrome - third_party/WebKit/Source/WebCore/dom/Node.cpp:668] WebCore::Node::appendChild 0x08d7220f [chrome - third_party/WebKit/Source/WebCore/bindings/v8/custom/V8NodeCustom.cpp:124]
Attachments
Add attachment proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1 2011-06-09 22:02:09 PDT
http://trac.webkit.org/browser/branches/chromium/782/Source/WebCore/loader/FrameLoader.cpp?rev=88129#L610 m_frame->editor()->clear(); We're missing a null pointer check here.
Ryosuke Niwa
Comment 2 2011-06-10 11:27:25 PDT
Mn... on my second thought, this crash isn't as simple as I initially thought. The stack trace indicates that m_frame is not null in DocumentWriter::begin but it is in FrameLoader::clear, which doesn't make much sense. We'll need a reduction for this. http://crbug.com/85452.
Ahmad Saleem
Comment 3 2022-11-29 16:08:04 PST
Is this crash still happening, if not, can we close this since equivalent chrome bug is also closed without any resolution? If someone can point me to crash data like Mozilla has available openly, I can try to see if it is happening else appreciate if someone can mark it close or WONTFIX. Thanks!
Darin Adler
Comment 4 2022-12-01 04:55:47 PST
I think we should close this. Unless Ryosuke can remember how he was reproducing the crash there is nothing valuable in this bug; we aren’t currently seeing this crash.
Note You need to log in before you can comment on or make changes to this bug.