New issue
Advanced search Search tips

Issue 776043 link

Starred by 1 user
Status: Duplicate
Merged: issue 776378
Owner: ----
Closed: Oct 2017
Cc:
ios-bugs@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: iOS
Pri: 3
Type: Task

Blocking:
issue 734150



Sign in to add a comment

FaviconCallbackTests crash with WKBasedNavigationManager

Project Member Reported by ajuma@chromium.org, Oct 18 2017 
All FaviconCallbackTests are crashing in SetNavigationItemInWKItem since the passed in wk_item is null. This happens because we get a WebKit::NavigationState::NavigationClient::didCommitNavigation callback, but the WKWebView's backForwardList is empty, so WKBasedNavigationManagerImpl::CommitPendingItem passes a null item to SetNavigationItemInWKItem.

I'm not yet sure how didCommitNavigation can get called while the backForwardList is still empty. Looking through the logic in DocumentLoader::commitLoad in WebKit, it looks like the backForwardList should get updated first, as a result of an IPC triggered by the call to commitIfReady, and then the didCommitNavigation callback should happen next, as a result of an IPC triggered by the call to committedLoad. (This assumes that IPCs arrive in the same order that they get sent though.)

Here's the crash stack from one of the tests:
[68950:1027:1018/141538.321704:1826180566492959:FATAL:wk_based_navigation_manager_impl.mm(38)] Check failed: wk_item. 
#0	0x000000010766b1b4 in base::debug::BreakDebugger() at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../base/debug/debugger_posix.cc:269
#1	0x00000001076c6220 in logging::LogMessage::~LogMessage() at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../base/logging.cc:846
#2	0x00000001076c2bf5 in logging::LogMessage::~LogMessage() at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../base/logging.cc:575
#3	0x0000000106f24d54 in (anonymous namespace)::SetNavigationItemInWKItem(WKBackForwardListItem*, std::__1::unique_ptr<web::NavigationItemImpl, std::__1::default_delete<web::NavigationItemImpl> >) at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../ios/web/navigation/wk_based_navigation_manager_impl.mm:38
#4	0x0000000106f2556e in web::WKBasedNavigationManagerImpl::CommitPendingItem() at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../ios/web/navigation/wk_based_navigation_manager_impl.mm:172
#5	0x0000000106fa8da4 in ::-[CRWWebController didStartLoadingURL:](const GURL &) at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../ios/web/web_state/ui/crw_web_controller.mm:2754
#6	0x0000000106fa8b8d in ::-[CRWWebController webPageChanged]() at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../ios/web/web_state/ui/crw_web_controller.mm:2739
#7	0x0000000106fc00dd in ::-[CRWWebController webView:didCommitNavigation:](WKWebView *, WKNavigation *) at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../ios/web/web_state/ui/crw_web_controller.mm:4570
#8	0x000000010ed83509 in WebKit::NavigationState::NavigationClient::didCommitNavigation(WebKit::WebPageProxy&, API::Navigation*, API::Object*) ()
#9	0x000000010eee37a5 in WebKit::WebPageProxy::didCommitLoadForFrame(unsigned long long, unsigned long long, WTF::String const&, bool, unsigned int, WebCore::CertificateInfo const&, bool, std::optional<WebCore::HasInsecureContent>, WebKit::UserData const&) ()
#10	0x000000010ef06614 in void IPC::callMemberFunctionImpl<WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(unsigned long long, unsigned long long, WTF::String const&, bool, unsigned int, WebCore::CertificateInfo const&, bool, std::optional<WebCore::HasInsecureContent>, WebKit::UserData const&), std::__1::tuple<unsigned long long, unsigned long long, WTF::String, bool, unsigned int, WebCore::CertificateInfo, bool, std::optional<WebCore::HasInsecureContent>, WebKit::UserData>, 0ul, 1ul, 2ul, 3ul, 4ul, 5ul, 6ul, 7ul, 8ul>(WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(unsigned long long, unsigned long long, WTF::String const&, bool, unsigned int, WebCore::CertificateInfo const&, bool, std::optional<WebCore::HasInsecureContent>, WebKit::UserData const&), std::__1::tuple<unsigned long long, unsigned long long, WTF::String, bool, unsigned int, WebCore::CertificateInfo, bool, std::optional<WebCore::HasInsecureContent>, WebKit::UserData>&&, std::__1::integer_sequence<unsigned long, 0ul, 1ul, 2ul, 3ul, 4ul, 5ul, 6ul, 7ul, 8ul>) ()
#11	0x000000010eefff3b in void IPC::handleMessage<Messages::WebPageProxy::DidCommitLoadForFrame, WebKit::WebPageProxy, void (WebKit::WebPageProxy::*)(unsigned long long, unsigned long long, WTF::String const&, bool, unsigned int, WebCore::CertificateInfo const&, bool, std::optional<WebCore::HasInsecureContent>, WebKit::UserData const&)>(IPC::Decoder&, WebKit::WebPageProxy*, void (WebKit::WebPageProxy::*)(unsigned long long, unsigned long long, WTF::String const&, bool, unsigned int, WebCore::CertificateInfo const&, bool, std::optional<WebCore::HasInsecureContent>, WebKit::UserData const&)) ()
#12	0x000000010ed7ffcf in IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) ()
#13	0x000000010ef5212a in WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) ()
#14	0x000000010ed42c47 in IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) ()
#15	0x000000010ed454ba in IPC::Connection::dispatchOneMessage() ()
#16	0x0000000118b282a9 in WTF::RunLoop::performWork() ()
#17	0x0000000118b28562 in WTF::RunLoop::performWork(void*) ()
#18	0x000000010d9132b1 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ ()
#19	0x000000010d9b2d31 in __CFRunLoopDoSource0 ()
#20	0x000000010d8f7c19 in __CFRunLoopDoSources0 ()
#21	0x000000010d8f71ff in __CFRunLoopRun ()
#22	0x000000010d8f6a89 in CFRunLoopRunSpecific ()
#23	0x000000010e718e5e in -[NSRunLoop(NSRunLoop) runMode:beforeDate:] ()
#24	0x000000010748240c in base::test::ios::SpinRunLoopWithMaxDelay(base::TimeDelta) at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../base/test/ios/wait_util.mm:57
#25	0x000000010748202b in base::test::ios::TimeUntilCondition(void () block_pointer, bool () block_pointer, bool, base::TimeDelta) at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../base/test/ios/wait_util.mm:32
#26	0x0000000107482488 in base::test::ios::WaitUntilCondition(bool () block_pointer, bool, base::TimeDelta) at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../base/test/ios/wait_util.mm:47
#27	0x00000001074824cf in base::test::ios::WaitUntilCondition(bool () block_pointer) at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../base/test/ios/wait_util.mm:51
#28	0x0000000107071ae7 in web::WebTestWithWebState::LoadHtml(NSString*, GURL const&) at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../ios/web/public/test/web_test_with_web_state.mm:84
#29	0x000000010707216c in web::WebTestWithWebState::LoadHtml(NSString*) at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../ios/web/public/test/web_test_with_web_state.mm:96
#30	0x00000001070e7107 in web::FaviconCallbackTest_ShortcutIconFavicon_Test::TestBody() at /Users/ajuma/chromiumios/src/out/Debug-iphonesimulator/../../ios/web/web_state/favicon_callbacks_inttest.mm:55

Comment 1 by danyao@chromium.org, Oct 19 2017

Mergedinto: 776378
Status: Duplicate (was: Available)
This is a duplicate of crbug/776378. WKWebView doesn't update back-forward list when loading HTML (aka WebUI). I'm curious why and where they are caching the content.

Sign in to add a comment