[Webkit-unassigned] [Bug 138750] [iOS] Crash due to null m_webPageProxyForBackForwardListForCurrentSwipe in ViewGestureController::endSwipeGesture
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Dec 8 14:46:25 PST 2014
https://bugs.webkit.org/show_bug.cgi?id=138750
--- Comment #7 from mitz at webkit.org <mitz at webkit.org> ---
(In reply to comment #6)
> The tracing code revealed that this is probably what’s happening:
>
> 1. A first swipe gesture ends, and endSwipeGesture() schedules a call to
> willCommitPostSwipeTransitionLayerTree() to happen after ensuring drawing,
> and schedules the watchdog timer
> 2. Some time passes and no drawing happens, and the watchdog timer fires
> 3. A second swipe gesture begins
> 4. The second swipe gesture ends
> 4.1. Some drawing happens, so willCommitPostSwipeTransitionLayerTree() is
> finally called
> 4.2. setRenderTreeSize() is called, and it calls removeSwipeSnapshot()
> 4.3. endSwipGesture() is called and the crash happens
It is actually necessary that 4.1 happen before the swipe gesture ends. I was able to reproduce this crash with a page whose loading timing I could control by making the page not load until the swipe in step 3 above started, then letting it load before the swipe ended.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20141208/75d1797a/attachment-0002.html>
More information about the webkit-unassigned
mailing list