New issue
Advanced search Search tips

Issue 753678 link

Starred by 1 user
Status: Untriaged
Owner: ----
Cc:
yosin@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug



Sign in to add a comment

Find in page, then open a new document hits DCHECK in blink::FrameSelection::SetSelectionDeprecated

Project Member Reported by dominicc@chromium.org, Aug 9 2017 
Chrome Version: ToT commit 242e2067b136691816302d52dd63ac1614f9d843 debug
OS: Linux

What steps will reproduce the problem?
(1) Open a site
(2) Ctrl-F, search for some text in the page
(3) Click on a link

What is the expected result?

Don't crash

What happens instead?

Hit this DCHECK:

[1:1:0809/144946.673997:FATAL:SelectionTemplate.cpp(94)] Check failed: base_.Get
Document() == document (#document vs. #document)Selection(base: #text "Disney ac
quires own streaming facilities, will pull Netflix content"@offsetInAnchor[47], 
extent: #text "Disney acquires own streaming facilities, will pull Netflix conte
nt"@offsetInAnchor[51])
#0 0x7f8de42922fd base::debug::StackTrace::StackTrace()
#1 0x7f8de42906cc base::debug::StackTrace::StackTrace()
#2 0x7f8de4320b8a logging::LogMessage::~LogMessage()
#3 0x7f8dd2bd1d79 blink::SelectionTemplate<>::AssertValidFor()
#4 0x7f8dd2b93f50 blink::FrameSelection::SetSelectionDeprecated()
#5 0x7f8dd2b93e27 blink::FrameSelection::SetSelection()
#6 0x7f8dd2b94724 blink::FrameSelection::SetSelection()
#7 0x7f8dd2bd6cbe blink::TextFinder::SetFindEndstateFocusAndSelection()
#8 0x7f8dd2edaaca blink::WebLocalFrameImpl::StopFinding()
#9 0x7f8ddf1a2ffa content::RenderFrameImpl::OnStopFinding()
#10 0x7f8ddcbff27f _ZN4base20DispatchToMethodImplIPN7content27ChildHistogramMess
ageFilterEMS2_FviERKNSt3__15tupleIJiEEEJLm0EEEEvRKT_T0_OT1_NS_13IndexSequenceIJX
spT2_EEEE
#11 0x7f8ddcbff1d0 _ZN4base16DispatchToMethodIPN7content27ChildHistogramMessageF
ilterEMS2_FviERKNSt3__15tupleIJiEEEEEvRKT_T0_OT1_
#12 0x7f8ddf1e50af _ZN3IPC16DispatchToMethodIN7content15RenderFrameImplEMS2_FvNS
1_14StopFindActionEEvNSt3__15tupleIJS3_EEEEEvPT_T0_PT1_RKT2_
#13 0x7f8ddf1d58b6 _ZN3IPC8MessageTI25FrameMsg_StopFinding_MetaNSt3__15tupleIJN7
content14StopFindActionEEEEvE8DispatchINS4_15RenderFrameImplES9_vMS9_FvS5_EEEbPK
NS_7MessageEPT_PT0_PT1_T2_
#14 0x7f8ddf19adbc content::RenderFrameImpl::OnMessageReceived()

This is slowing down work on  Issue 749397 .

Comment 1 by yosin@chromium.org, Aug 9 2017

Status: Available (was: Untriaged)
This is similar to  issue 719880 .
We should make TextFinder::SetFindEndstateFocusAndSelection() to check
TextFinder::GetDocument() == FrameSelection::GetDocument().
If they use different document, TextFinder should bail out.

Comment 2 by yosin@chromium.org, Aug 10 2017

Cc: yosin@chromium.org
Components: -Blink>Editing Blink>Internals>Frames
Status: Untriaged (was: Available)
Route Blink>Internals>Frames, because it seems Document::Shutdown() isn't called in this case.

Observation:
 - WebLocalFrameImpl::frame_->GetDocument() != FrameSelection::GetDocument()
 - FrameSelection::GetDocument() is resetted at Document::Shutdown()

So, my question is why frame_ has another document without calling Shutdown() for previous
document?

Sign in to add a comment