Bug 189199 - Assertion hit in ~CompletionHandler() from ~WebFrame()
Summary: Assertion hit in ~CompletionHandler() from ~WebFrame()
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit2 (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Chris Dumez
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2018-08-31 10:36 PDT by Chris Dumez
Modified: 2018-08-31 13:15 PDT (History)
10 users (show)

See Also:

Attachments
Patch (17.07 KB, patch)
2018-08-31 10:39 PDT, Chris Dumez 		no flags Details | Formatted Diff | Diff
Patch (19.31 KB, patch)
2018-08-31 10:58 PDT, Chris Dumez 		no flags Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Chris Dumez 2018-08-31 10:36:34 PDT 
Assertion hit in ~CompletionHandler() from ~WebFrame():
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore      	0x00000005e8d9bdb0 WTFCrash + 16 (Assertions.cpp:267)
1   com.apple.WebCore             	0x00000005d8b1de83 WTF::CompletionHandler<void ()>::~CompletionHandler() + 115 (CompletionHandler.h:51)
2   com.apple.WebCore             	0x00000005d8b1d6e5 WTF::CompletionHandler<void ()>::~CompletionHandler() + 21 (CompletionHandler.h:52)
3   com.apple.WebCore             	0x00000005da8251f1 WTF::Function<void ()>::CallableWrapper<WTF::CompletionHandler<void ()> >::~CallableWrapper() + 49 (Function.h:91)
4   com.apple.WebCore             	0x00000005da825165 WTF::Function<void ()>::CallableWrapper<WTF::CompletionHandler<void ()> >::~CallableWrapper() + 21 (Function.h:91)
5   com.apple.WebCore             	0x00000005da825189 WTF::Function<void ()>::CallableWrapper<WTF::CompletionHandler<void ()> >::~CallableWrapper() + 25 (Function.h:91)
6   com.apple.WebKit              	0x000000010862319f WTF::Function<void ()>::~Function() + 175 (memory:2598)
7   com.apple.WebKit              	0x0000000108622235 WTF::Function<void ()>::~Function() + 21 (Function.h:33)
8   com.apple.WebKit              	0x00000001086a9a79 WTF::KeyValuePair<unsigned long long, WTF::Function<void ()> >::~KeyValuePair() + 25 (KeyValuePair.h:33)
9   com.apple.WebKit              	0x00000001086a9a45 WTF::KeyValuePair<unsigned long long, WTF::Function<void ()> >::~KeyValuePair() + 21 (KeyValuePair.h:33)
10  com.apple.WebKit              	0x00000001086a99da WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WTF::Function<void ()> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::Function<void ()> > >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WTF::Function<void ()>, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WTF::Function<void ()> > >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> >::deallocateTable(WTF::KeyValuePair<unsigned long long, WTF::Function<void ()> >*, unsigned int) + 90 (HashTable.h:1159)
11  com.apple.WebKit              	0x00000001086a97c9 WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WTF::Function<void ()> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::Function<void ()> > >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WTF::Function<void ()>, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WTF::Function<void ()> > >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> >::~HashTable() + 57
12  com.apple.WebKit              	0x00000001086a9785 WTF::HashTable<unsigned long long, WTF::KeyValuePair<unsigned long long, WTF::Function<void ()> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long long, WTF::Function<void ()> > >, WTF::IntHash<unsigned long long>, WTF::HashMap<unsigned long long, WTF::Function<void ()>, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WTF::Function<void ()> > >::KeyValuePairTraits, WTF::HashTraits<unsigned long long> >::~HashTable() + 21 (HashTable.h:365)
13  com.apple.WebKit              	0x00000001086a9765 WTF::HashMap<unsigned long long, WTF::Function<void ()>, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WTF::Function<void ()> > >::~HashMap() + 21 (HashMap.h:36)
14  com.apple.WebKit              	0x000000010869b7e5 WTF::HashMap<unsigned long long, WTF::Function<void ()>, WTF::IntHash<unsigned long long>, WTF::HashTraits<unsigned long long>, WTF::HashTraits<WTF::Function<void ()> > >::~HashMap() + 21 (HashMap.h:36)
15  com.apple.WebKit              	0x00000001094971ef WebKit::WebFrame::~WebFrame() + 335 (WebFrame.cpp:169)
Comment 1 Chris Dumez 2018-08-31 10:36:44 PDT 
<rdar://problem/42657233>
Comment 2 Chris Dumez 2018-08-31 10:39:05 PDT 
Created attachment 348649 [details]
Patch
Comment 3 youenn fablet 2018-08-31 10:51:06 PDT 
Comment on attachment 348649 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=348649&action=review

> Source/WebCore/loader/EmptyClients.cpp:461
> +void EmptyFrameLoaderClient::dispatchWillSubmitForm(FormState&, CompletionHandler<void(void)>&& completionHandler)

s/void(void)/void()/ here and below?

> Source/WebKit/WebProcess/WebPage/WebFrame.cpp:252
> +        completionHandler();

Should we be safe here and move m_willSubmitFormCompletionHandlers.values in a local variable as well.
Then no need to clear it anymore below.
Comment 4 Chris Dumez 2018-08-31 10:58:09 PDT 
Created attachment 348652 [details]
Patch
Comment 5 Alex Christensen 2018-08-31 11:05:42 PDT 
Comment on attachment 348652 [details]
Patch

Hooray!  CompletionHandlers found and fixed a loading bug!
Comment 6 WebKit Commit Bot 2018-08-31 12:00:30 PDT 
Comment on attachment 348652 [details]
Patch

Clearing flags on attachment: 348652

Committed r235562: <https://trac.webkit.org/changeset/235562>
Comment 7 WebKit Commit Bot 2018-08-31 12:00:32 PDT 
All reviewed patches have been landed.  Closing bug.
Comment 8 Ryan Haddad 2018-08-31 12:52:19 PDT 
This change broke the Windows build:
C:\cygwin\home\buildbot\slave\win-release\build\Source\WebKitLegacy\win\WebCoreSupport\WebFrameLoaderClient.cpp(626): error C3848: expression having type 'const WTF::CompletionHandler<void (void)>' would lose some const-volatile qualifiers in order to call 'void WTF::CompletionHandler<void (void)>::operator ()(void)' [C:\cygwin\home\buildbot\slave\win-release\build\WebKitBuild\Release\Source\WebKitLegacy\WebKitLegacy.vcxproj]

https://build.webkit.org/builders/Apple%20Win%20Release%20%28Build%29/builds/11591/steps/compile-webkit/logs/stdio
Comment 9 Chris Dumez 2018-08-31 13:13:24 PDT 
(In reply to Ryan Haddad from comment #8)
> This change broke the Windows build:
> C:\cygwin\home\buildbot\slave\win-
> release\build\Source\WebKitLegacy\win\WebCoreSupport\WebFrameLoaderClient.
> cpp(626): error C3848: expression having type 'const
> WTF::CompletionHandler<void (void)>' would lose some const-volatile
> qualifiers in order to call 'void WTF::CompletionHandler<void
> (void)>::operator ()(void)'
> [C:\cygwin\home\buildbot\slave\win-
> release\build\WebKitBuild\Release\Source\WebKitLegacy\WebKitLegacy.vcxproj]
> 
> https://build.webkit.org/builders/Apple%20Win%20Release%20%28Build%29/builds/
> 11591/steps/compile-webkit/logs/stdio

Thanks, will fix now.
Comment 10 Chris Dumez 2018-08-31 13:15:48 PDT 
(In reply to Chris Dumez from comment #9)
> (In reply to Ryan Haddad from comment #8)
> > This change broke the Windows build:
> > C:\cygwin\home\buildbot\slave\win-
> > release\build\Source\WebKitLegacy\win\WebCoreSupport\WebFrameLoaderClient.
> > cpp(626): error C3848: expression having type 'const
> > WTF::CompletionHandler<void (void)>' would lose some const-volatile
> > qualifiers in order to call 'void WTF::CompletionHandler<void
> > (void)>::operator ()(void)'
> > [C:\cygwin\home\buildbot\slave\win-
> > release\build\WebKitBuild\Release\Source\WebKitLegacy\WebKitLegacy.vcxproj]
> > 
> > https://build.webkit.org/builders/Apple%20Win%20Release%20%28Build%29/builds/
> > 11591/steps/compile-webkit/logs/stdio
> 
> Thanks, will fix now.

Should be fixed as of  <https://trac.webkit.org/changeset/235566>.