14548 – REGRESSION (r23987-r24061) : Reproducible crash with a local stylesheet file

Bug 14548 - REGRESSION (r23987-r24061) : Reproducible crash with a local stylesheet file

Summary: REGRESSION (r23987-r24061) : Reproducible crash with a local stylesheet file

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Page Loading (show other bugs)
Version:	523.x (Safari 3)
Hardware:	PC Windows XP

Importance:	P1 Normal
Assignee:	Nobody

URL:	http://www.computerbase.de/forum/
Keywords:	InRadar, PlatformOnly, Regression

Depends on:
Blocks:

Reported:	2007-07-07 05:00 PDT by Alexander Luck
Modified:	2007-09-12 18:30 PDT (History)
CC List:	1 user (show)

See Also:

Attachments
local Ad Blocking Stylesheet file (15.86 KB, text/plain) 2007-07-08 04:38 PDT, Alexander Luck	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Luck 2007-07-07 05:00:45 PDT

7.7.2007:
With the nighty Build r24061 (6.6.2007) crashed Safari.
With the previous nightly Nuild r23987 (5.7.2007) showed Safari the site.

Comment 1 David Kilzer (:ddkilzer) 2007-07-07 13:57:51 PDT

This does not crash for me using a local debug build of WebKit r24089 with Safari 3.0 (522.12) on Mac OS X 10.4.10 (8R218).   Adding PlatformOnly keyword.

Comment 2 Alexander Luck 2007-07-08 03:34:36 PDT

I have found another url, which with r23987 is ok, but with r24061 is crashed.

url: http://www.mediaupload.de/show_30581.html

Description to r24061: 

1. i run the first time the url and Safari crashed
2. i restart Safari and run the url then Safari show the site
3. I empty the cache
4. i close and restart Safari and run the url and Safari crashed

The situation is reproducible.

Comment 3 Alexander Luck 2007-07-08 04:36:29 PDT

I have found the problem of the crashes with build r24061.

I have set in the Safari settings a local stlyesheet file. It is a Ad Blocking css file. If i set in the Build r24061 the local stylesheet in none selected then run normal Safari.

PS: I have because deleted the Keyword "Platformonly". I hope that is ok.

Comment 4 Alexander Luck 2007-07-08 04:38:44 PDT

Created attachment 15443 [details]
local Ad Blocking Stylesheet file 

And here my local stylesheet file, which is the problem with the Build r24061

Comment 5 Matt Lilek 2007-07-08 11:06:00 PDT

Confirmed with my local debug build of r24097. Setting a stylesheet crashes on startup for me (homepage is apple.com/startpage default).

*----> Stack Back Trace <----*
*** ERROR: Module load completed but symbols could not be loaded for c:\Program Files\Safari\Safari.exe
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
0012c6dc 107f7cfe 0012c93c 0012c7c8 01461fc8 WebKit_debug!WebCore__FrameLoader__loadDone+0x26
0012c7bc 109870a1 00000000 0012ca24 0012ca34 WebKit_debug!WebCore__DocLoader__setLoadInProgress+0x5e
0012c93c 10986f51 0394c4c0 00000000 0012cb18 WebKit_debug!WebCore__Loader__didFail+0x121
0012ca24 10a92dcb 0394c4c0 0012cb34 0012cc18 WebKit_debug!WebCore__Loader__didFail+0x31
0012cb18 109935cd 0012cb34 0012cd18 0012cc24 WebKit_debug!WebCore__SubresourceLoader__didCancel+0x9b
0012cc18 1099350e 0012cc34 0012ce44 0012d494 WebKit_debug!WebCore__ResourceLoader__cancel+0x7d
0012cd18 10709109 0012cf28 0012d494 01461fc8 WebKit_debug!WebCore__ResourceLoader__cancel+0x3e
0012ce44 1070af5f 039454a4 0012d07c 0012d494 WebKit_debug!WebCore__cancelAll+0x79
0012cf28 10708f91 0012d15c 0012d494 01461fc8 WebKit_debug!WebCore__DocumentLoader__stopLoadingSubresources+0x2f
0012d07c 106f2b92 0012d288 0012d494 01461fc8 WebKit_debug!WebCore__DocumentLoader__stopLoading+0x161
0012d15c 106f91da 0012d380 0012d494 01461fc8 WebKit_debug!WebCore__FrameLoader__stopAllLoaders+0x92
0012d288 106f8fc0 0012d698 00000000 03944d01 WebKit_debug!WebCore__FrameLoader__continueLoadAfterNavigationPolicy+0x1da
0012d380 106fdbd3 03944db8 0012d698 00000000 WebKit_debug!WebCore__FrameLoader__callContinueLoadAfterNavigationPolicy+0x40
0012d488 106f8e98 00000001 01487818 0012d7d0 WebKit_debug!WebCore__PolicyCheck__call+0x63
0012d7c4 104fe10f 00000000 0018e7f0 03944a78 WebKit_debug!WebCore__FrameLoader__continueAfterNavigationPolicy+0x188
0012d7e0 1050ac5c 00000000 03944910 03944918 WebKit_debug!WebFrame__receivedPolicyDecision+0x10f
0012d808 1050ab5d 00000000 0012d8c4 00489536 WebKit_debug!WebFramePolicyListener__receivedPolicyDecision+0x8c
0012d814 00489536 03945130 01487818 03944910 WebKit_debug!WebFramePolicyListener__use+0xd
0012d8c4 00484116 01461fc8 03872548 01487818 Safari+0x89536
01462528 10dbc660 10dbc600 10dbc5e8 10dbc560 Safari+0x84116
10dbc6e0 10485c62 10484c90 104897a9 10464706 WebKit_debug!keyEntries+0x36f8
10480028 12cee900 29e90009 e9007d3b 004020d4 WebKit_debug!
0b1873e9 00000000 00000000 00000000 00000000 0x12cee900

Comment 6 Alexander Luck 2007-07-08 11:17:15 PDT

But attention:
After set a local stylesheet file in Safari on Windows also change the WebKitPreferences.plist !

i.e.:
<key>WebKitUserStyleSheetLocationPreferenceKey</key>
<string>file://C:\Dokumente und Einstellungen\Alexander\Eigene Dateien\Safari_ad_blocking.css</string>
<key>WebKitUsesPageCachePreferenceKey</key>

Safari on Windows set a wrong string in the options file.

I don't know that this error is known. This wrong set can also create a Safari crash.

Comment 7 Matt Lilek 2007-07-08 11:40:48 PDT

See bug 14561 for a crash when moving the style sheet.

Comment 8 David Kilzer (:ddkilzer) 2007-07-08 15:05:55 PDT

<rdar://problem/5320461>

Comment 9 Alexander Luck 2007-07-09 09:38:18 PDT

The site apple.com/startpage show it the r24096 on my pc. No crash!

I have also create a Back Trace with r24096 with a correct local sheet option in the WebKitPreferences.plist and run the url http://www.computerbase.de/forum/

*----> Stack Back Trace <----*
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\Programme\Safari\CoreFoundation.dll - 
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
0013e434 1019d23d 00000000 00000000 0013e48c WebKit!WebCore__DocLoader__setLoadInProgress+0x24
0013e458 1019d17c 7ff447f4 00000000 1022e608 WebKit!WebCore__Loader__didFail+0xbd
0013e464 1022e608 7ff60380 0013e48c 7ff60380 WebKit!WebCore__Loader__didFail+0xc (FPO: [2,0,0])
0013e478 101a33b0 0013e48c 00000000 7f5364fc WebKit!WebCore__SubresourceLoader__didCancel+0x28 (FPO: [1,0,0])
0013e49c 100bc155 0013e4c0 0013e504 7fdc9780 WebKit!WebCore__ResourceLoader__cancel+0x60 (FPO: [1,5,0])
0013e4ec 100bcb14 7f99ea40 00000007 00000000 WebKit!WebCore__cancelAll+0x95
0013e514 100b568e 7f99ea40 100b843e 6fc38401 WebKit!WebCore__DocumentLoader__stopLoading+0xf4 (FPO: [EBP 0x7f99ea40] [0,6,3])
0013e51c 100b843e 6fc38401 0013e590 0013e7a0 WebKit!WebCore__FrameLoader__stopAllLoaders+0x4e (FPO: [0,0,1])
0013e534 100b8318 00000000 6fc38401 100b8300 WebKit!WebCore__FrameLoader__continueLoadAfterNavigationPolicy+0x11e (FPO: [EBP 0x0013e590] [2,1,4])
0013e544 100baa11 7f99ea40 0013e590 00000000 WebKit!WebCore__FrameLoader__callContinueLoadAfterNavigationPolicy+0x18 (FPO: [4,1,0])
0013e55c 100b82e2 6fc38401 100b8190 7fa23088 WebKit!WebCore__PolicyCheck__call+0x31 (FPO: [1,0,1])
0013e628 6fc0102c 00000010 6fc030ec 02e02001 WebKit!WebCore__FrameLoader__continueAfterNavigationPolicy+0x152
6fc69504 00000280 6fc69504 00000000 00000000 CoreFoundation+0x102c

*----> Stack Back Trace <----*
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll - 
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll - 
ChildEBP RetAddr  Args to Child              
01befd54 7c80a075 00000001 01befd98 00000000 ntdll!KiFastSystemCallRet
01befd70 6fc2ca18 00000001 01befd98 00000000 kernel32!WaitForMultipleObjects+0x18
01befedc 6fc2ccd3 01f31438 01f98da8 00000000 CoreFoundation!CFRunLoopFinished+0x401
01beff10 6fc2cd77 6fc68924 00000000 20000000 CoreFoundation!CFRunLoopFinished+0x6bc
01beff34 100be7d9 01f31438 01fa0290 6fc68924 CoreFoundation!CFRunLoopRun+0x26
01beff78 78132848 00000000 9e5f8f52 7c92056d WebKit!WebCore__runLoaderThread+0x69 (FPO: [1,10,0])
01beffb0 781328c8 7c80b683 00b61ea8 7c92056d MSVCR80!endthread+0x4b
01beffec 00000000 7813286e 00b61ea8 00000000 MSVCR80!endthread+0xcb

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\Programme\Safari\PubSubDLL.dll - 
ChildEBP RetAddr  Args to Child              
03e1f8f4 7c80a075 00000001 03e1f938 00000000 ntdll!KiFastSystemCallRet
03e1f910 6fc2ca18 00000001 03e1f938 00000000 kernel32!WaitForMultipleObjects+0x18
03e1fa7c 6fc2ccd3 01f91128 0299a200 00000000 CoreFoundation!CFRunLoopFinished+0x401
03e1fab0 6fc2cd77 6fc68924 00000000 20000000 CoreFoundation!CFRunLoopFinished+0x6bc
03e1fad4 62c01c39 9bf04429 6fc69504 02033278 CoreFoundation!CFRunLoopRun+0x26
03e1ff6c 62c09d06 0299a3b0 781329bb 02033278 PubSubDLL+0x1c39
03e1ffac 78132a47 0299a3b0 7c80b683 00b61ea8 PubSubDLL+0x9d06
03e1ffec 00000000 781329e1 00b61ea8 00000000 MSVCR80!endthreadex+0xc7

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
045fff58 6181dcba 00000960 00000001 00000004 ntdll!KiFastSystemCallRet
045fff78 78132848 00000000 9bbe8f52 00000000 CFNetwork!CFHTTPGetConnectionInfoForProxyURL+0x8db
045fffb0 781328c8 7c80b683 00b61ea8 00000000 MSVCR80!endthread+0x4b
045fffec 00000000 7813286e 00b61ea8 00000000 MSVCR80!endthread+0xcb

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
047fffb4 7c80b683 001aa478 00000000 00000000 ntdll!KiFastSystemCallRet
047fffec 00000000 71a02b11 001aa478 00000000 kernel32!GetModuleFileNameA+0x1b4

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
048fffb4 7c80b683 719bd8ec 01bef890 7c91ee18 ntdll!KiFastSystemCallRet
048fffec 00000000 719bd5af 001987c0 00000000 kernel32!GetModuleFileNameA+0x1b4

(Unfortunately, I did not know which file was important.)

Comment 10 Bryan Kirk 2007-08-31 19:25:31 PDT

I found out that the crash might be happening because of the backslashes in the path. Replacing them with slashes fixes the problem (at least it does for me).

Comment 11 Matt Lilek 2007-09-12 18:30:01 PDT

Fixed by Anders in r25523.