RESOLVED FIXED 11439
REGRESSION: Another page loading crash 
https://bugs.webkit.org/show_bug.cgi?id=11439
Summary REGRESSION: Another page loading crash
Matt Lilek
Reported 2006-10-27 13:46:25 PDT
The above url causes WebKit to crash with the following backtrace: 0 com.apple.WebCore 0x013f5130 WebCore::DocumentLoader::originalRequestCopy() const + 0 1 com.apple.WebKit 0x0032c0b0 -[WebFrame(WebInternal) _createItemTreeWithTargetFrame:clippedAtTarget:] + 80 2 com.apple.WebKit 0x0032c13c -[WebFrame(WebInternal) _createItemTreeWithTargetFrame:clippedAtTarget:] + 220 3 com.apple.WebKit 0x0032788c -[WebFrame(WebInternal) _addBackForwardItemClippedAtTarget:] + 108 4 com.apple.WebCore 0x013fa9d4 WebCore::FrameLoader::transitionToCommitted(NSDictionary*) + 372 5 com.apple.WebCore 0x013fc0fc WebCore::FrameLoader::commitProvisionalLoad(NSDictionary*) + 252 6 com.apple.WebCore 0x013f4e98 WebCore::DocumentLoader::commitLoad(NSData*) + 56 7 com.apple.WebCore 0x013f5504 WebCore::DocumentLoader::receivedData(NSData*) + 164 8 com.apple.WebCore 0x013ffedc WebCore::WebResourceLoader::didReceiveData(NSData*, long long, bool) + 76 9 com.apple.WebCore 0x01401c14 WebCore::MainResourceLoader::didReceiveData(NSData*, long long, bool) + 52 10 com.apple.WebCore 0x013ff0d4 -[WebCoreResourceLoaderAsDelegate connection:didReceiveData:lengthReceived:] + 84
Attachments
patch to restore nil-handling behavior (1.50 KB, patch)
2006-10-27 14:31 PDT, John Sullivan 		andersca: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
John Sullivan
Comment 1 2006-10-27 14:07:33 PDT
Crash is here: if (useOriginal) request = [dataSrc _documentLoader]->originalRequestCopy(); else request = [dataSrc request]; I suspect the fix is to fall back to [dataSrc request] in the case where [dataSrc _documentLoader] returns nil, but someone should check what this code used to do in the case where [dataSrc _documentLoader] returned nil.
John Sullivan
Comment 2 2006-10-27 14:22:47 PDT
- (WebHistoryItem *)_createItem:(BOOL)useOriginal { WebDataSource *dataSrc = [self dataSource]; dataSrc is nil here, which is why [dataSrc _documentLoader]->originalRequestCopy() crashes. The crashing line used to be: request = [[dataSrc _documentLoader] originalRequestCopy]; The change was in 17245. I'll test the simple fix of changing this one line.
John Sullivan
Comment 3 2006-10-27 14:31:51 PDT
Created attachment 11261 [details] patch to restore nil-handling behavior
Anders Carlsson
Comment 4 2006-10-27 14:34:10 PDT
Comment on attachment 11261 [details] patch to restore nil-handling behavior r=me
John Sullivan
Comment 5 2006-10-27 14:35:29 PDT
Checked in as svn revision 17388.
Note You need to log in before you can comment on or make changes to this bug.