Bug 14670

Summary: Unreproducible: ASSERTION FAILED: resourceLoader == m_resourceLoader
Product: WebKit Reporter: David Kilzer (:ddkilzer) <ddkilzer>
Component: Page LoadingAssignee: Nobody <webkit-unassigned>
Status: NEW    
Severity: Normal CC: mitz
Priority: P2    
Version: 523.x (Safari 3)   
Hardware: Mac   
OS: OS X 10.4   
URL: http://www.mcafeehelp.com/

David Kilzer (:ddkilzer)
Reported 2007-07-19 09:24:17 PDT
* SUMMARY While browsing, I've gotten this assertion failure twice in recent debug builds of ToT WebKit. I'm not sure how to reproduce it yet. * STEPS TO REPRODUCE This just occurred with a local debug build of WebKit r24443 with Safari 3.0 (522.12) on Mac OS X 10.4.10 (8R218). I was accessing http://www.mcafeehelp.com/, which redirected to http://www.mcafeehelp.com/browserCheck.asp? (note question mark with no query string payload), which then crashed. * NOTES Console output: ASSERTION FAILED: resourceLoader == m_resourceLoader (/path/to/WebKit/WebCore/loader/icon/IconLoader.cpp:112 virtual void WebCore::IconLoader::didFail(WebCore::SubresourceLoader*, const WebCore::ResourceError&)) Segmentation fault Stack trace: Version: 3.0.2 (522.12) Build Version: 1 Project Name: WebBrowser Source Version: 45221200 PID: 15366 Thread: 0 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_INVALID_ADDRESS (0x0001) at 0xbbadbeef Thread 0 Crashed: 0 com.apple.WebCore 0x013d5d8c WebCore::IconLoader::didFail(WebCore::SubresourceLoader*, WebCore::ResourceError const&) + 144 (IconLoader.cpp:112) 1 com.apple.WebCore 0x0148b0fc WebCore::SubresourceLoader::didCancel(WebCore::ResourceError const&) + 188 (SubresourceLoader.cpp:233) 2 com.apple.WebCore 0x01489588 WebCore::ResourceLoader::cancel(WebCore::ResourceError const&) + 156 3 com.apple.WebCore 0x0148964c WebCore::ResourceLoader::cancel() + 68 4 com.apple.WebCore 0x01484fa0 WebCore::cancelAll(WTF::HashSet<WTF::RefPtr<WebCore::ResourceLoader>, WTF::PtrHash<WTF::RefPtr<WebCore::ResourceLoader> >, WTF::HashTraits<WTF::RefPtr<WebCore::ResourceLoader> > > const&) + 108 (DocumentLoader.cpp:111) 5 com.apple.WebCore 0x01485028 WebCore::DocumentLoader::stopLoadingSubresources() + 40 (DocumentLoader.cpp:630) 6 com.apple.WebCore 0x0148529c WebCore::DocumentLoader::stopLoading() + 548 (DocumentLoader.cpp:294) 7 com.apple.WebCore 0x014778b8 WebCore::FrameLoader::stopAllLoaders() + 268 (FrameLoader.cpp:2236) 8 com.apple.WebCore 0x01477bec WebCore::FrameLoader::continueLoadAfterNavigationPolicy(WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 732 (FrameLoader.cpp:3467) 9 com.apple.WebCore 0x01477da8 WebCore::FrameLoader::callContinueLoadAfterNavigationPolicy(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool) + 84 (FrameLoader.cpp:3426) 10 com.apple.WebCore 0x01471558 WebCore::PolicyCheck::call(bool) + 140 (FrameLoader.cpp:4316) 11 com.apple.WebCore 0x01478be0 WebCore::FrameLoader::continueAfterNavigationPolicy(WebCore::PolicyAction) + 480 (FrameLoader.cpp:3419) 12 com.apple.WebKit 0x003c7608 WebFrameLoaderClient::receivedPolicyDecison(WebCore::PolicyAction) + 392 13 com.apple.WebKit 0x003c7db4 -[WebFramePolicyListener receivedPolicyDecision:] + 220 14 com.apple.WebKit 0x003c7418 -[WebFramePolicyListener use] + 64 15 libobjc.A.dylib 0x90a451f4 objc_msgSendv + 180 16 com.apple.Foundation 0x92bddc94 -[NSInvocation invoke] + 944 17 com.apple.Foundation 0x92bde244 -[NSInvocation invokeWithTarget:] + 64 18 com.apple.WebKit 0x00382da8 -[_WebSafeForwarder forwardInvocation:] + 632 (WebView.mm:1596) 19 com.apple.Foundation 0x92bd6040 -[NSObject(NSForwardInvocation) forward::] + 408 20 libobjc.A.dylib 0x90a450b0 _objc_msgForward + 176 21 com.apple.WebKit 0x003c78e4 WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction(void (WebCore::FrameLoader::*)(WebCore::PolicyAction), WebCore::NavigationAction const&, WebCore::ResourceRequest const&) + 252 22 com.apple.WebCore 0x0147947c WebCore::FrameLoader::checkNavigationPolicy(WebCore::ResourceRequest const&, WebCore::DocumentLoader*, WTF::PassRefPtr<WebCore::FormState>, void (*)(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool), void*) + 812 (FrameLoader.cpp:3389) 23 com.apple.WebCore 0x014796f4 WebCore::FrameLoader::load(WebCore::DocumentLoader*, WebCore::FrameLoadType, WTF::PassRefPtr<WebCore::FormState>) + 472 (FrameLoader.cpp:1995) 24 com.apple.WebCore 0x0147a240 WebCore::FrameLoader::load(WebCore::ResourceRequest const&, WebCore::NavigationAction const&, WebCore::FrameLoadType, WTF::PassRefPtr<WebCore::FormState>) + 388 (FrameLoader.cpp:1948) 25 com.apple.WebCore 0x0147ad1c WebCore::FrameLoader::load(WebCore::KURL const&, WebCore::String const&, WebCore::FrameLoadType, WebCore::String const&, WebCore::Event*, WTF::PassRefPtr<WebCore::FormState>) + 1124 (FrameLoader.cpp:1896) 26 com.apple.WebCore 0x0147bd8c WebCore::FrameLoader::load(WebCore::FrameLoadRequest const&, bool, bool, WebCore::Event*, WebCore::HTMLFormElement*, WTF::HashMap<WebCore::String, WebCore::String, WTF::StrHash<WebCore::String>, WTF::HashTraits<WebCore::String>, WTF::StrHash<WebCore::String> > const&) + 1200 (FrameLoader.cpp:1832) 27 com.apple.WebCore 0x0147c144 WebCore::FrameLoader::submitForm(WebCore::FrameLoadRequest const&, WebCore::Event*) + 320 (FrameLoader.cpp:2966) 28 com.apple.WebCore 0x0147e014 WebCore::FrameLoader::submitForm(char const*, WebCore::String const&, WTF::PassRefPtr<WebCore::FormData>, WebCore::String const&, WebCore::String const&, WebCore::String const&, WebCore::Event*) + 2276 (FrameLoader.cpp:563) 29 com.apple.WebCore 0x010e360c WebCore::HTMLFormElement::submit(WebCore::Event*, bool) + 1372 (HTMLFormElement.cpp:464) 30 com.apple.WebCore 0x010e36d4 WebCore::HTMLFormElement::submit() + 40 (HTMLFormElement.cpp:363) 31 com.apple.WebCore 0x013679e8 WebCore::JSHTMLFormElementPrototypeFunction::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 176 (JSHTMLFormElement.cpp:250) 32 com.apple.JavaScriptCore 0x0059a41c KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 288 (object.cpp:98) 33 com.apple.JavaScriptCore 0x005ba024 KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 992 (nodes.cpp:791) 34 com.apple.JavaScriptCore 0x005a5f70 KJS::ExprStatementNode::execute(KJS::ExecState*) + 220 (nodes.cpp:1758) 35 com.apple.JavaScriptCore 0x005a5df8 KJS::IfNode::execute(KJS::ExecState*) + 504 (nodes.cpp:1777) 36 com.apple.JavaScriptCore 0x005a2544 KJS::SourceElementsNode::execute(KJS::ExecState*) + 284 (nodes.cpp:2558) 37 com.apple.JavaScriptCore 0x005a6194 KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1735) 38 com.apple.JavaScriptCore 0x005a5df8 KJS::IfNode::execute(KJS::ExecState*) + 504 (nodes.cpp:1777) 39 com.apple.JavaScriptCore 0x005a2544 KJS::SourceElementsNode::execute(KJS::ExecState*) + 284 (nodes.cpp:2558) 40 com.apple.JavaScriptCore 0x005a6194 KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1735) 41 com.apple.JavaScriptCore 0x005a6d74 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 92 (function.cpp:321) 42 com.apple.JavaScriptCore 0x005a76fc KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 688 (function.cpp:109) 43 com.apple.JavaScriptCore 0x0059a41c KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 288 (object.cpp:98) 44 com.apple.JavaScriptCore 0x005baf48 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 792 (nodes.cpp:695) 45 com.apple.JavaScriptCore 0x005a5f70 KJS::ExprStatementNode::execute(KJS::ExecState*) + 220 (nodes.cpp:1758) 46 com.apple.JavaScriptCore 0x005a2544 KJS::SourceElementsNode::execute(KJS::ExecState*) + 284 (nodes.cpp:2558) 47 com.apple.JavaScriptCore 0x005a6194 KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1735) 48 com.apple.JavaScriptCore 0x005a6d74 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 92 (function.cpp:321) 49 com.apple.JavaScriptCore 0x005a76fc KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 688 (function.cpp:109) 50 com.apple.JavaScriptCore 0x0059a41c KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 288 (object.cpp:98) 51 com.apple.WebCore 0x012c60cc WebCore::JSAbstractEventListener::handleEvent(WebCore::Event*, bool) + 760 (kjs_events.cpp:116) 52 com.apple.WebCore 0x01108f64 WebCore::Document::handleWindowEvent(WebCore::Event*, bool) + 416 (Document.cpp:2331) 53 com.apple.WebCore 0x0128cc70 WebCore::EventTargetNode::dispatchWindowEvent(WebCore::AtomicString const&, bool, bool) + 368 (EventTargetNode.cpp:339) 54 com.apple.WebCore 0x0110ed5c WebCore::Document::implicitClose() + 832 (Document.cpp:1377) 55 com.apple.WebCore 0x014730cc WebCore::FrameLoader::checkCallImplicitClose() + 596 (FrameLoader.cpp:1228) 56 com.apple.WebCore 0x0147e460 WebCore::FrameLoader::checkCompleted() + 404 (FrameLoader.cpp:1186) 57 com.apple.WebCore 0x0147f7ac WebCore::FrameLoader::loadDone() + 80 (FrameLoader.cpp:1150) 58 com.apple.WebCore 0x0112e558 WebCore::DocLoader::setLoadInProgress(bool) + 108 (DocLoader.cpp:182) 59 com.apple.WebCore 0x01130868 WebCore::Loader::didFinishLoading(WebCore::SubresourceLoader*) + 432 (loader.cpp:118) 60 com.apple.WebCore 0x0148b458 WebCore::SubresourceLoader::didFinishLoading() + 204 (SubresourceLoader.cpp:195) 61 com.apple.WebCore 0x0148939c WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle*) + 60 62 com.apple.WebCore 0x0145d628 -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] + 144 (ResourceHandleMac.mm:424) 63 com.apple.Foundation 0x92c1489c -[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] + 188 64 com.apple.Foundation 0x92c12b08 -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] + 556 65 com.apple.Foundation 0x92c12860 _sendCallbacks + 156 66 com.apple.CoreFoundation 0x907de4fc __CFRunLoopDoSources0 + 384 67 com.apple.CoreFoundation 0x907dda2c __CFRunLoopRun + 452 68 com.apple.CoreFoundation 0x907dd4ac CFRunLoopRunSpecific + 268 69 com.apple.HIToolbox 0x9329ab20 RunCurrentEventLoopInMode + 264 70 com.apple.HIToolbox 0x9329a1b4 ReceiveNextEventCommon + 380 71 com.apple.HIToolbox 0x9329a020 BlockUntilNextEventMatchingListInMode + 96 72 com.apple.AppKit 0x937a0ae4 _DPSNextEvent + 384 73 com.apple.AppKit 0x937a07a8 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 116 74 com.apple.Safari 0x00006770 0x1000 + 22384 75 com.apple.AppKit 0x9379ccec -[NSApplication run] + 472 76 com.apple.AppKit 0x9388d87c NSApplicationMain + 452 77 com.apple.Safari 0x0000244c 0x1000 + 5196 78 com.apple.Safari 0x0004f1b0 0x1000 + 319920
Attachments
Add attachment proposed patch, testcase, etc.
mitz
Comment 1 2007-07-19 16:04:47 PDT
I just hit this assert closing a (slow-loading) stand-alone image before it was finished loading.
Note You need to log in before you can comment on or make changes to this bug.