193915 2019-01-28 11:04:43 -0800 Regression(PSON) Crash under WebPageProxy::didStartProgress() 2019-01-28 13:37:27 -0800 1 1 1 Unclassified WebKit WebKit2 WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 cdumez cdumez achristensen webkit-bug-importer oldest_to_newest 1499088 0 cdumez 2019-01-28 11:04:43 -0800 Crash under WebPageProxy::didStartProgress(): Thread[0] EXC_BAD_ACCESS (SIGSEGV) (KERN_INVALID_ADDRESS at 0x0000000000000008) [ 0] 0x00007fff49942e96 WebKit`WTF::WeakPtrFactory<WebKit::PageClient>::createWeakPtr(WebKit::PageClient&) const [inlined] WTF::RefPtr<WTF::WeakReference<WebKit::PageClient>, WTF::DumbPtrTraits<WTF::WeakReference<WebKit::PageClient> > >::operator!() const at RefPtr.h:81:38 0x00007fff49942e8e: pushq %rbx 0x00007fff49942e8f: pushq %rax 0x00007fff49942e90: movq %rsi, %rbx 0x00007fff49942e93: movq %rdi, %r14 -> 0x00007fff49942e96: cmpq $0x0, (%rsi) 0x00007fff49942e9a: jne 0x259ec8 ; <+66> [inlined] WTF::DumbPtrTraits<WTF::WeakReference<WebKit::PageClient> >::unwrap(WTF::WeakReference<WebKit::PageClient>* const&) at RefPtr.h:78 0x00007fff49942e9c: movq %rdx, %r15 0x00007fff49942e9f: movl $0x10, %edi 0x00007fff49942ea4: callq 0x45b3fc ; symbol stub for: WTF::fastMalloc(unsigned long) [ 0] 0x00007fff49942e96 WebKit`WTF::WeakPtrFactory<WebKit::PageClient>::createWeakPtr(WebKit::PageClient&) const + 16 at WeakPtr.h:108 [ 1] 0x00007fff49700053 WebKit`WebKit::WebPageProxy::didStartProgress() [inlined] WTF::WeakPtr<WebKit::PageClient> WTF::makeWeakPtr<WebKit::PageClient>(WebKit::PageClient&) + 15 at WeakPtr.h:178:72 [ 1] 0x00007fff49700044 WebKit`WebKit::WebPageProxy::didStartProgress() [inlined] WebKit::PageClientProtector::PageClientProtector(WebKit::PageClient&) at WebPageProxy.cpp:376 372 class PageClientProtector { 373 WTF_MAKE_NONCOPYABLE(PageClientProtector); 374 public: 375 PageClientProtector(PageClient& pageClient) -> 376 : m_pageClient(makeWeakPtr(pageClient)) 377 { 378 m_pageClient->refView(); 379 } 380 [ 1] 0x00007fff49700044 WebKit`WebKit::WebPageProxy::didStartProgress() [inlined] WebKit::PageClientProtector::PageClientProtector(WebKit::PageClient&) at WebPageProxy.cpp:377 373 WTF_MAKE_NONCOPYABLE(PageClientProtector); 374 public: 375 PageClientProtector(PageClient& pageClient) 376 : m_pageClient(makeWeakPtr(pageClient)) -> 377 { 378 m_pageClient->refView(); 379 } 380 381 ~PageClientProtector() [ 1] 0x00007fff49700044 WebKit`WebKit::WebPageProxy::didStartProgress() + 24 at WebPageProxy.cpp:3712 3708 } 3709 3710 void WebPageProxy::didStartProgress() 3711 { -> 3712 PageClientProtector protector(pageClient()); 3713 3714 auto transaction = m_pageLoadState.transaction(); 3715 m_pageLoadState.didStartProgress(transaction); 3716 [ 2] 0x00007fff497687c3 WebKit`IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 125 at MessageReceiverMap.cpp:123:26 119 return true; 120 } 121 122 if (MessageReceiver* messageReceiver = m_messageReceivers.get(std::make_pair(decoder.messageReceiverName(), decoder.destinationID()))) { -> 123 messageReceiver->didReceiveMessage(connection, decoder); 124 return true; 125 } 126 127 return false; [ 3] 0x00007fff4993c163 WebKit`WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 23 at WebProcessProxy.cpp:646:9 642 #endif 643 644 void WebProcessProxy::didReceiveMessage(IPC::Connection& connection, IPC::Decoder& decoder) 645 { -> 646 if (dispatchMessage(connection, decoder)) 647 return; 648 649 if (m_processPool->dispatchMessage(connection, decoder)) 650 return; [ 4] 0x00007fff497584d7 WebKit`IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 107 at Connection.cpp:1005:9 1001 1002 if (message->isSyncMessage()) 1003 dispatchSyncMessage(*message); 1004 else -> 1005 dispatchMessage(*message); 1006 1007 m_didReceiveInvalidMessage |= message->isInvalid(); 1008 m_inDispatchMessageCount--; 1009 1499089 1 cdumez 2019-01-28 11:04:59 -0800 <rdar://problem/47560907> 1499092 2 360358 cdumez 2019-01-28 11:11:57 -0800 Created attachment 360358 Patch 1499168 3 cdumez 2019-01-28 13:37:27 -0800 https://trac.webkit.org/r240599 360358 2019-01-28 11:11:57 -0800 2019-01-28 13:09:49 -0800 Patch bug-193915-20190128111156.patch text/plain 4844 cdumez U3VidmVyc2lvbiBSZXZpc2lvbjogMjQwNTgzCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L0No YW5nZUxvZyBiL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCmluZGV4IDMwYTQwZmY0ZDBjZGFlODYx MmExMWQyYjM1N2ZiNzQ2Y2E0MWFmN2EuLmRjMzNkYmVkNmZkODVhNzBlYWJmM2MxNTNjMDgzOWQ4 ZGZlMTUwMWYgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCisrKyBiL1NvdXJj ZS9XZWJLaXQvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMjAgQEAKKzIwMTktMDEtMjggIENocmlzIER1 bWV6ICA8Y2R1bWV6QGFwcGxlLmNvbT4KKworICAgICAgICBSZWdyZXNzaW9uKFBTT04pIENyYXNo IHVuZGVyIFdlYlBhZ2VQcm94eTo6ZGlkU3RhcnRQcm9ncmVzcygpCisgICAgICAgIGh0dHBzOi8v YnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xOTM5MTUKKyAgICAgICAgPHJkYXI6Ly9w cm9ibGVtLzQ3NTYwOTA3PgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgor CisgICAgICAgICogVUlQcm9jZXNzL1dlYlBhZ2VQcm94eS5jcHA6CisgICAgICAgIChXZWJLaXQ6 OldlYlBhZ2VQcm94eTo6Y2xvc2UpOgorICAgICAgICBNYWtlIHN1cmUgd2UgZGVzdHJveSB0aGUg UHJvdmlzaW9uYWxQYWdlUHJveHkgaWYgdGhlIHBhZ2UgZ2V0cyBjbG9zZWQgYXMgd2UgZG8gbm90 IHdhbnQgdG8ga2VlcCByZWNlaXZpbmcKKyAgICAgICAgSVBDIGFmdGVyIHRoaXMgb3IgZXZlbiB3 b3JzZSwgY29tbWl0IHRoZSBwcm92aXNpb25hbCBwYWdlLgorCisgICAgICAgIChXZWJLaXQ6Oldl YlBhZ2VQcm94eTo6ZGlkU3RhcnRQcm9ncmVzcyk6CisgICAgICAgIEFkZCBhbiBhc3NlcnRpb24g aW4gZGlkU3RhcnRQcm9ncmVzcygpIHRvIG1ha2Ugc3VyZSB3ZSBkbyBub3QgcmVjZWl2ZSB0aGlz IElQQyBhZnRlciB0aGUgcGFnZSBoYXMgYmVlbgorICAgICAgICBjbG9zZWQuCisKIDIwMTktMDEt MjggIEFudG9pbmUgUXVpbnQgIDxncmFvdXRzQGFwcGxlLmNvbT4KIAogICAgICAgICBMaW1pdCB1 c2VyLWFnZW50IGludGVyYWN0aW9ucyBiYXNlZCBvbiB0aGUgdG91Y2gtYWN0aW9uIHByb3BlcnR5 IG9uIGlPUwpkaWZmIC0tZ2l0IGEvU291cmNlL1dlYktpdC9VSVByb2Nlc3MvV2ViUGFnZVByb3h5 LmNwcCBiL1NvdXJjZS9XZWJLaXQvVUlQcm9jZXNzL1dlYlBhZ2VQcm94eS5jcHAKaW5kZXggMTIw N2M2N2EyYzJmOThiZmYwOTVmNTY5ZDQyNTM5NDg4ZDY1MDc0My4uNzU2ZjY4Njc4YTBlODFmOWE3 Y2ViYWM4NmExODBlZGQzNzJiYTRhZCAxMDA2NDQKLS0tIGEvU291cmNlL1dlYktpdC9VSVByb2Nl c3MvV2ViUGFnZVByb3h5LmNwcAorKysgYi9Tb3VyY2UvV2ViS2l0L1VJUHJvY2Vzcy9XZWJQYWdl UHJveHkuY3BwCkBAIC05NjUsNiArOTY1LDggQEAgdm9pZCBXZWJQYWdlUHJveHk6OmNsb3NlKCkK ICAgICBtX2FjdGl2ZUNvbnRleHRNZW51ID0gbnVsbHB0cjsKICNlbmRpZgogCisgICAgbV9wcm92 aXNpb25hbFBhZ2UgPSBudWxscHRyOworCiAgICAgbV9pbnNwZWN0b3ItPmludmFsaWRhdGUoKTsK IAogICAgIG1fYmFja0ZvcndhcmRMaXN0LT5wYWdlQ2xvc2VkKCk7CkBAIC0zNzExLDYgKzM3MTMs OCBAQCBkb3VibGUgV2ViUGFnZVByb3h5Ojplc3RpbWF0ZWRQcm9ncmVzcygpIGNvbnN0CiAKIHZv aWQgV2ViUGFnZVByb3h5OjpkaWRTdGFydFByb2dyZXNzKCkKIHsKKyAgICBBU1NFUlQoIW1faXND bG9zZWQpOworCiAgICAgUGFnZUNsaWVudFByb3RlY3RvciBwcm90ZWN0b3IocGFnZUNsaWVudCgp KTsKIAogICAgIGF1dG8gdHJhbnNhY3Rpb24gPSBtX3BhZ2VMb2FkU3RhdGUudHJhbnNhY3Rpb24o KTsKZGlmZiAtLWdpdCBhL1Rvb2xzL0NoYW5nZUxvZyBiL1Rvb2xzL0NoYW5nZUxvZwppbmRleCBl NDBkZTU3ZmRmMzhjNjRlYjg1ZTdhMzNhY2MwM2E0ZGExYWQxN2E5Li44Mjk4ZGZkOGJmYmU1ZGMy ZTY3NGVjZjhiZjFlMjg2OTQwNDQ1YjA0IDEwMDY0NAotLS0gYS9Ub29scy9DaGFuZ2VMb2cKKysr IGIvVG9vbHMvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTUgQEAKKzIwMTktMDEtMjggIENocmlzIER1 bWV6ICA8Y2R1bWV6QGFwcGxlLmNvbT4KKworICAgICAgICBSZWdyZXNzaW9uKFBTT04pIENyYXNo IHVuZGVyIFdlYlBhZ2VQcm94eTo6ZGlkU3RhcnRQcm9ncmVzcygpCisgICAgICAgIGh0dHBzOi8v YnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xOTM5MTUKKyAgICAgICAgPHJkYXI6Ly9w cm9ibGVtLzQ3NTYwOTA3PgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgor CisgICAgICAgIEFkZCBBUEkgdGVzdCBjb3ZlcmFnZS4KKworICAgICAgICAqIFRlc3RXZWJLaXRB UEkvVGVzdHMvV2ViS2l0Q29jb2EvUHJvY2Vzc1N3YXBPbk5hdmlnYXRpb24ubW06CisKIDIwMTkt MDEtMjggIFphbGFuIEJ1anRhcyAgPHphbGFuQGFwcGxlLmNvbT4KIAogICAgICAgICBbTEZDXVtN YXJnaW5Db2xsYXBzaW5nXVtRdWlya3NdIFF1aXJrIG1hcmdpbiB2YWx1ZXMgZ2V0IHByb3BhZ2F0 ZWQgdGhyb3VnaCBtYXJnaW4gY29sbGFwc2luZwpkaWZmIC0tZ2l0IGEvVG9vbHMvVGVzdFdlYktp dEFQSS9UZXN0cy9XZWJLaXRDb2NvYS9Qcm9jZXNzU3dhcE9uTmF2aWdhdGlvbi5tbSBiL1Rvb2xz L1Rlc3RXZWJLaXRBUEkvVGVzdHMvV2ViS2l0Q29jb2EvUHJvY2Vzc1N3YXBPbk5hdmlnYXRpb24u bW0KaW5kZXggMjc0Mjk5MzgxZTFhNmZjYjI0MmM3OWYzMjZjOGU4MjlkYjAzYzA2ZC4uNjJjYWEz ZDBmNzU1ODZiYWM1ZTY2MDhiYmFkZWQyNTBiZDk2YWM1MyAxMDA2NDQKLS0tIGEvVG9vbHMvVGVz dFdlYktpdEFQSS9UZXN0cy9XZWJLaXRDb2NvYS9Qcm9jZXNzU3dhcE9uTmF2aWdhdGlvbi5tbQor KysgYi9Ub29scy9UZXN0V2ViS2l0QVBJL1Rlc3RzL1dlYktpdENvY29hL1Byb2Nlc3NTd2FwT25O YXZpZ2F0aW9uLm1tCkBAIC0zMzUxLDYgKzMzNTEsNDQgQEAgVEVTVChQcm9jZXNzU3dhcCwgTmF2 aWdhdGVUb0Nyb3NzU2l0ZVRoZW5CYWNrRnJvbUpTKQogICAgIEVYUEVDVF9ORShhcHBsZVBJRCwg W3dlYlZpZXcgX3dlYlByb2Nlc3NJZGVudGlmaWVyXSk7CiB9CiAKKworVEVTVChQcm9jZXNzU3dh cCwgQ2xvc2VQYWdlQWZ0ZXJDcm9zc1NpdGVQcm92aXNpb25hbExvYWQpCit7CisgICAgYXV0byBw cm9jZXNzUG9vbENvbmZpZ3VyYXRpb24gPSBhZG9wdE5TKFtbX1dLUHJvY2Vzc1Bvb2xDb25maWd1 cmF0aW9uIGFsbG9jXSBpbml0XSk7CisgICAgcHJvY2Vzc1Bvb2xDb25maWd1cmF0aW9uLmdldCgp LnByb2Nlc3NTd2Fwc09uTmF2aWdhdGlvbiA9IFlFUzsKKyAgICBhdXRvIHByb2Nlc3NQb29sID0g YWRvcHROUyhbW1dLUHJvY2Vzc1Bvb2wgYWxsb2NdIF9pbml0V2l0aENvbmZpZ3VyYXRpb246cHJv Y2Vzc1Bvb2xDb25maWd1cmF0aW9uLmdldCgpXSk7CisKKyAgICBhdXRvIHdlYlZpZXdDb25maWd1 cmF0aW9uID0gYWRvcHROUyhbW1dLV2ViVmlld0NvbmZpZ3VyYXRpb24gYWxsb2NdIGluaXRdKTsK KyAgICBbd2ViVmlld0NvbmZpZ3VyYXRpb24gc2V0UHJvY2Vzc1Bvb2w6cHJvY2Vzc1Bvb2wuZ2V0 KCldOworICAgIGF1dG8gaGFuZGxlciA9IGFkb3B0TlMoW1tQU09OU2NoZW1lIGFsbG9jXSBpbml0 XSk7CisgICAgW3dlYlZpZXdDb25maWd1cmF0aW9uIHNldFVSTFNjaGVtZUhhbmRsZXI6aGFuZGxl ci5nZXQoKSBmb3JVUkxTY2hlbWU6QCJQU09OIl07CisKKyAgICBhdXRvIHdlYlZpZXcgPSBhZG9w dE5TKFtbV0tXZWJWaWV3IGFsbG9jXSBpbml0V2l0aEZyYW1lOk5TTWFrZVJlY3QoMCwgMCwgODAw LCA2MDApIGNvbmZpZ3VyYXRpb246d2ViVmlld0NvbmZpZ3VyYXRpb24uZ2V0KCldKTsKKyAgICBh dXRvIG5hdmlnYXRpb25EZWxlZ2F0ZSA9IGFkb3B0TlMoW1tQU09OTmF2aWdhdGlvbkRlbGVnYXRl IGFsbG9jXSBpbml0XSk7CisgICAgW3dlYlZpZXcgc2V0TmF2aWdhdGlvbkRlbGVnYXRlOm5hdmln YXRpb25EZWxlZ2F0ZS5nZXQoKV07CisKKyAgICBbd2ViVmlldyBjb25maWd1cmF0aW9uXS5wcmVm ZXJlbmNlcy5zYWZlQnJvd3NpbmdFbmFibGVkID0gTk87CisKKyAgICBbd2ViVmlldyBsb2FkUmVx dWVzdDpbTlNVUkxSZXF1ZXN0IHJlcXVlc3RXaXRoVVJMOltOU1VSTCBVUkxXaXRoU3RyaW5nOkAi cHNvbjovL3d3dy53ZWJraXQub3JnL21haW4uaHRtbCJdXV07CisgICAgVGVzdFdlYktpdEFQSTo6 VXRpbDo6cnVuKCZkb25lKTsKKyAgICBkb25lID0gZmFsc2U7CisKKyAgICBkaWRTdGFydFByb3Zp c2lvbmFsTG9hZCA9IGZhbHNlOworICAgIFt3ZWJWaWV3IGxvYWRSZXF1ZXN0OltOU1VSTFJlcXVl c3QgcmVxdWVzdFdpdGhVUkw6W1tOU0J1bmRsZSBtYWluQnVuZGxlXSBVUkxGb3JSZXNvdXJjZTpA InNpbXBsZSIgd2l0aEV4dGVuc2lvbjpAImh0bWwiIHN1YmRpcmVjdG9yeTpAIlRlc3RXZWJLaXRB UEkucmVzb3VyY2VzIl1dXTsKKworICAgIG5hdmlnYXRpb25EZWxlZ2F0ZS0+ZGVjaWRlUG9saWN5 Rm9yTmF2aWdhdGlvbkFjdGlvbiA9IF4oV0tOYXZpZ2F0aW9uQWN0aW9uICosIHZvaWQgKF5kZWNp c2lvbkhhbmRsZXIpKFdLTmF2aWdhdGlvbkFjdGlvblBvbGljeSkpIHsKKyAgICAgICAgZGVjaXNp b25IYW5kbGVyKFdLTmF2aWdhdGlvbkFjdGlvblBvbGljeUFsbG93KTsKKworICAgICAgICBbd2Vi VmlldyBfY2xvc2VdOworICAgICAgICBkb25lID0gdHJ1ZTsKKyAgICB9OworCisgICAgVGVzdFdl YktpdEFQSTo6VXRpbDo6cnVuKCZkb25lKTsKKyAgICBkb25lID0gZmFsc2U7CisKKyAgICBUZXN0 V2ViS2l0QVBJOjpVdGlsOjpzbGVlcCgwLjUpOworfQorCiAjaWYgUExBVEZPUk0oTUFDKQogCiBz dGF0aWMgY29uc3QgY2hhciogc2F2ZU9wZW5lclRlc3RCeXRlcyA9IFIiUFNPTlJFU09VUkNFKAo=