WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
99668
REGRESSION: Crash in WebCore::ScrollingStateScrollingNode::setNonFastScrollableRegion
https://bugs.webkit.org/show_bug.cgi?id=99668
Summary
REGRESSION: Crash in WebCore::ScrollingStateScrollingNode::setNonFastScrollab...
Kevin M. Dean
Reported
2012-10-17 17:53:01 PDT
Go to macupdate.com. Click on a software link to view it's details page, but before the page loads or finishes loading, click the back button. If you already have a page history, you can click right away, but if macupdate.com is the first page for the window, then you click the back button as soon as it enables. The difference yields a slightly different crash report. Clicking when macupdate has no prior page history for the window: Process: WebProcess [21082] Path: /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess Identifier: com.apple.WebProcess Version: 537+ (537.16+) Code Type: X86-64 (Native) Parent Process: SafariForWebKitDevelopment [21080] User ID: 501 Date/Time: 2012-10-17 18:35:49.121 -0400 OS Version: Mac OS X 10.8.2 (12C60) Report Version: 10 Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000058 VM Regions Near 0x58: --> __TEXT 0000000108d84000-0000000108d85000 [ 4K] r-x/rwx SM=COW /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess Application Specific Information: Bundle controller class: BrowserBundleController Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x000000010a01c38d WebCore::ScrollingStateScrollingNode::setNonFastScrollableRegion(WebCore::Region const&) + 13 1 com.apple.WebCore 0x000000010a01a01c WebCore::ScrollingCoordinatorMac::frameViewLayoutUpdated(WebCore::FrameView*) + 92 2 com.apple.WebCore 0x00000001098cd994 WebCore::FrameView::performPostLayoutTasks() + 436 3 com.apple.WebCore 0x00000001098cd409 WebCore::FrameView::layout(bool) + 2489 4 com.apple.WebCore 0x00000001098b7936 WebCore::FrameLoader::commitProvisionalLoad() + 822 5 com.apple.WebCore 0x00000001098b64b6 WebCore::FrameLoader::continueLoadAfterNavigationPolicy(WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 502 6 com.apple.WebCore 0x00000001098b65a0 WebCore::FrameLoader::callContinueLoadAfterNavigationPolicy(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 32 7 com.apple.WebCore 0x0000000109e65fd4 WebCore::PolicyChecker::checkNavigationPolicy(WebCore::ResourceRequest const&, WebCore::DocumentLoader*, WTF::PassRefPtr<WebCore::FormState>, void (*)(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool), void*) + 484 8 com.apple.WebCore 0x00000001098b6167 WebCore::FrameLoader::loadWithDocumentLoader(WebCore::DocumentLoader*, WebCore::FrameLoadType, WTF::PassRefPtr<WebCore::FormState>) + 1287 9 com.apple.WebCore 0x00000001098b22a0 WebCore::FrameLoader::loadDifferentDocumentItem(WebCore::HistoryItem*, WebCore::FrameLoadType) + 96 10 com.apple.WebCore 0x000000010990cfbc WebCore::HistoryController::recursiveGoToItem(WebCore::HistoryItem*, WebCore::HistoryItem*, WebCore::FrameLoadType) + 460 11 com.apple.WebCore 0x000000010990cbc8 WebCore::HistoryController::goToItem(WebCore::HistoryItem*, WebCore::FrameLoadType) + 216 12 com.apple.WebCore 0x0000000109e3d755 WebCore::Page::goToItem(WebCore::HistoryItem*, WebCore::FrameLoadType) + 85 13 com.apple.WebKit2 0x0000000108e71b03 WebKit::WebPage::goBack(unsigned long long) + 39 14 com.apple.WebKit2 0x0000000108e81e22 void CoreIPC::handleMessage<Messages::WebPage::GoBack, WebKit::WebPage, void (WebKit::WebPage::*)(unsigned long long)>(CoreIPC::ArgumentDecoder*, WebKit::WebPage*, void (WebKit::WebPage::*)(unsigned long long)) + 59 15 com.apple.WebKit2 0x0000000108dcc1b1 CoreIPC::Connection::dispatchMessage(CoreIPC::Connection::Message<CoreIPC::ArgumentDecoder>&) + 165 16 com.apple.WebKit2 0x0000000108dcd6b5 CoreIPC::Connection::dispatchOneMessage() + 139 17 com.apple.WebCore 0x0000000109ff346c WebCore::RunLoop::performWork() + 156 18 com.apple.WebCore 0x0000000109ff3b85 WebCore::RunLoop::performWork(void*) + 53 19 com.apple.CoreFoundation 0x00007fff8d998101 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 20 com.apple.CoreFoundation 0x00007fff8d997a25 __CFRunLoopDoSources0 + 245 21 com.apple.CoreFoundation 0x00007fff8d9badc5 __CFRunLoopRun + 789 22 com.apple.CoreFoundation 0x00007fff8d9ba6b2 CFRunLoopRunSpecific + 290 23 com.apple.HIToolbox 0x00007fff8c2370a4 RunCurrentEventLoopInMode + 209 24 com.apple.HIToolbox 0x00007fff8c236e42 ReceiveNextEventCommon + 356 25 com.apple.HIToolbox 0x00007fff8c236cd3 BlockUntilNextEventMatchingListInMode + 62 26 com.apple.AppKit 0x00007fff8b346613 _DPSNextEvent + 685 27 com.apple.AppKit 0x00007fff8b345ed2 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128 28 com.apple.AppKit 0x00007fff8b33d283 -[NSApplication run] + 517 29 com.apple.WebCore 0x0000000109ff4163 WebCore::RunLoop::run() + 67 30 com.apple.WebKit2 0x0000000108ebb820 WebKit::WebProcessMain(WebKit::CommandLine const&) + 3772 31 com.apple.WebKit2 0x0000000108e65f6f WebKitMain + 299 32 com.apple.WebProcess 0x0000000108d84e7b main + 214 33 libdyld.dylib 0x00007fff93a917e1 start + 1 Clicking immediately before the page loads when there's already a history prior to macupdate.com: Process: WebProcess [21168] Path: /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess Identifier: com.apple.WebProcess Version: 537+ (537.16+) Code Type: X86-64 (Native) Parent Process: SafariForWebKitDevelopment [21166] User ID: 501 Date/Time: 2012-10-17 18:39:19.983 -0400 OS Version: Mac OS X 10.8.2 (12C60) Report Version: 10 Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000058 VM Regions Near 0x58: --> __TEXT 0000000109125000-0000000109126000 [ 4K] r-x/rwx SM=COW /Applications/WebKit.app/Contents/Frameworks/10.8/WebKit2.framework/WebProcess.app/Contents/MacOS/WebProcess Application Specific Information: Bundle controller class: BrowserBundleController Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x000000010a3c02dd WebCore::ScrollingStateScrollingNode::setNonFastScrollableRegion(WebCore::Region const&) + 13 1 com.apple.WebCore 0x000000010a3bdf6c WebCore::ScrollingCoordinatorMac::frameViewLayoutUpdated(WebCore::FrameView*) + 92 2 com.apple.WebCore 0x0000000109c6fe54 WebCore::FrameView::performPostLayoutTasks() + 436 3 com.apple.WebCore 0x0000000109c6f8c9 WebCore::FrameView::layout(bool) + 2489 4 com.apple.WebCore 0x0000000109c72c68 WebCore::FrameView::visibleContentsResized() + 104 5 com.apple.WebCore 0x000000010a3c3a50 WebCore::ScrollView::updateScrollbars(WebCore::IntSize const&) + 960 6 com.apple.WebCore 0x000000010a3c449b WebCore::ScrollView::setContentsSize(WebCore::IntSize const&) + 107 7 com.apple.WebCore 0x0000000109c6df0c WebCore::FrameView::setContentsSize(WebCore::IntSize const&) + 60 8 com.apple.WebCore 0x0000000109c6e01c WebCore::FrameView::adjustViewSize() + 172 9 com.apple.WebCore 0x0000000109c6f67a WebCore::FrameView::layout(bool) + 1898 10 com.apple.WebCore 0x0000000109c59df6 WebCore::FrameLoader::commitProvisionalLoad() + 822 11 com.apple.WebCore 0x0000000109c58976 WebCore::FrameLoader::continueLoadAfterNavigationPolicy(WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 502 12 com.apple.WebCore 0x0000000109c58a60 WebCore::FrameLoader::callContinueLoadAfterNavigationPolicy(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 32 13 com.apple.WebCore 0x000000010a209ad4 WebCore::PolicyChecker::checkNavigationPolicy(WebCore::ResourceRequest const&, WebCore::DocumentLoader*, WTF::PassRefPtr<WebCore::FormState>, void (*)(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool), void*) + 484 14 com.apple.WebCore 0x0000000109c58627 WebCore::FrameLoader::loadWithDocumentLoader(WebCore::DocumentLoader*, WebCore::FrameLoadType, WTF::PassRefPtr<WebCore::FormState>) + 1287 15 com.apple.WebCore 0x0000000109c54760 WebCore::FrameLoader::loadDifferentDocumentItem(WebCore::HistoryItem*, WebCore::FrameLoadType) + 96 16 com.apple.WebCore 0x0000000109caf6ac WebCore::HistoryController::recursiveGoToItem(WebCore::HistoryItem*, WebCore::HistoryItem*, WebCore::FrameLoadType) + 460 17 com.apple.WebCore 0x0000000109caf2b8 WebCore::HistoryController::goToItem(WebCore::HistoryItem*, WebCore::FrameLoadType) + 216 18 com.apple.WebCore 0x000000010a1e1135 WebCore::Page::goToItem(WebCore::HistoryItem*, WebCore::FrameLoadType) + 85 19 com.apple.WebKit2 0x0000000109212193 WebKit::WebPage::goBack(unsigned long long) + 39 20 com.apple.WebKit2 0x000000010922243a void CoreIPC::handleMessage<Messages::WebPage::GoBack, WebKit::WebPage, void (WebKit::WebPage::*)(unsigned long long)>(CoreIPC::ArgumentDecoder*, WebKit::WebPage*, void (WebKit::WebPage::*)(unsigned long long)) + 59 21 com.apple.WebKit2 0x000000010916d21b CoreIPC::Connection::dispatchMessage(CoreIPC::Connection::Message<CoreIPC::ArgumentDecoder>&) + 165 22 com.apple.WebKit2 0x000000010916e71f CoreIPC::Connection::dispatchOneMessage() + 139 23 com.apple.WebCore 0x000000010a39736c WebCore::RunLoop::performWork() + 156 24 com.apple.WebCore 0x000000010a397a85 WebCore::RunLoop::performWork(void*) + 53 25 com.apple.CoreFoundation 0x00007fff8d998101 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 26 com.apple.CoreFoundation 0x00007fff8d997a25 __CFRunLoopDoSources0 + 245 27 com.apple.CoreFoundation 0x00007fff8d9badc5 __CFRunLoopRun + 789 28 com.apple.CoreFoundation 0x00007fff8d9ba6b2 CFRunLoopRunSpecific + 290 29 com.apple.HIToolbox 0x00007fff8c2370a4 RunCurrentEventLoopInMode + 209 30 com.apple.HIToolbox 0x00007fff8c236e42 ReceiveNextEventCommon + 356 31 com.apple.HIToolbox 0x00007fff8c236cd3 BlockUntilNextEventMatchingListInMode + 62 32 com.apple.AppKit 0x00007fff8b346613 _DPSNextEvent + 685 33 com.apple.AppKit 0x00007fff8b345ed2 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128 34 com.apple.AppKit 0x00007fff8b33d283 -[NSApplication run] + 517 35 com.apple.WebCore 0x000000010a398063 WebCore::RunLoop::run() + 67 36 com.apple.WebKit2 0x000000010925c980 WebKit::WebProcessMain(WebKit::CommandLine const&) + 3772 37 com.apple.WebKit2 0x00000001092065ff WebKitMain + 299 38 com.apple.WebProcess 0x0000000109125e7b main + 214 39 libdyld.dylib 0x00007fff93a917e1 start + 1
Attachments
Patch
(16.90 KB, patch)
2012-10-17 18:22 PDT
,
Beth Dakin
simon.fraser
: review+
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Beth Dakin
Comment 1
2012-10-17 17:54:27 PDT
<
rdar://problem/12491901
>
Beth Dakin
Comment 2
2012-10-17 17:59:04 PDT
Other ways to repro this bug: 1: go to
http://www.ateliermaitrealbert.com
enter the site in English Close the video pop op on top of the page Click on "pictures" at the top right And 1. Log into iCloud (I'm using this test account: UserID:
yps.j.yaya@me.com
PW: Test1234) 2. Open mail 3. scroll inbox
Beth Dakin
Comment 3
2012-10-17 18:22:25 PDT
Created
attachment 169320
[details]
Patch
Beth Dakin
Comment 4
2012-10-18 14:25:55 PDT
Thanks, Simon!
http://trac.webkit.org/changeset/131804
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug