NOTREACHED hit during WebContentsObserver::RenderFrameDeleted |
||
Issue descriptionVersion: 52.0.2739.0 If an observer reacts to RenderFrameDeleted by calling FrameTreeNode::PreviousSibling on the deleted frame, the following NOTREACHED can be hit: https://code.google.com/p/chromium/codesearch#chromium/src/content/browser/frame_host/frame_tree_node.cc&l=288 NOTREACHED() << "FrameTreeNode not found in its parent's children."; This happens if that node's parent is being destructed. The parent clears its children and the children notify the observer of their destruction first. At this time, these children have valid parent pointers but the parent no longer has valid pointers to its children.
,
May 17 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f3119f5f25a242c2c36a58f32ef13328f13712cb commit f3119f5f25a242c2c36a58f32ef13328f13712cb Author: paulmeyer <paulmeyer@chromium.org> Date: Tue May 17 17:37:19 2016 Fix to prevent hitting NOTREACHED in FrameTreeNode::PreviousSibling(). BUG= 612450 CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_site_isolation Review-Url: https://codereview.chromium.org/1987643003 Cr-Commit-Position: refs/heads/master@{#394156} [modify] https://crrev.com/f3119f5f25a242c2c36a58f32ef13328f13712cb/content/browser/frame_host/frame_tree_node.cc
,
May 17 2016
|
||
►
Sign in to add a comment |
||
Comment 1 by creis@chromium.org
, May 17 2016Components: Internals>Sandbox>SiteIsolation