Bug 20401
| Summary: | [GTK] Crash inside String::fromUTF8 below PluginPackage::fetchInfo | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Frederik Himpe <fhimpe> |
| Component: | Plug-ins | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | Keywords: | Gtk |
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | PC | ||
| OS: | Linux | ||
Frederik Himpe
When starting up liferea with webkit gtk svn 35718 on Mandriva Linux Cooker x86_64, it immediately crashes with this backtrace:
(gdb) bt
#0 0x00007fd945c80b30 in strlen () from /lib64/libc.so.6
#1 0x00007fd93e519006 in WebCore::String::fromUTF8 (
string=0x61726f65685420 <Address 0x61726f65685420 out of bounds>)
at WebCore/platform/text/String.cpp:608
#2 0x00007fd93e73a69a in WebCore::PluginPackage::fetchInfo (
this=0x7fd93bd70000) at WebCore/plugins/gtk/PluginPackageGtk.cpp:78
#3 0x00007fd93e531294 in WebCore::PluginPackage::createPackage (
path=@0x7fd93bd10168, lastModified=@0x7fff51b0cda8)
at WebCore/plugins/PluginPackage.cpp:149
#4 0x00007fd93e52a660 in WebCore::PluginDatabase::refresh (
this=0x7fd93bd3ce10) at WebCore/plugins/PluginDatabase.cpp:109
#5 0x00007fd93e52b3b3 in WebCore::PluginDatabase::installedPlugins ()
at WebCore/plugins/PluginDatabase.cpp:44
#6 0x00007fd93e73982b in WebCore::PluginData::initPlugins (
this=0x61726f65685420) at WebCore/plugins/gtk/PluginDataGtk.cpp:32
#7 0x00007fd93e527574 in PluginData (this=0x61726f65685420,
page=0x61726f65685420) at WebCore/plugins/PluginData.cpp:32
#8 0x00007fd93e4da5e8 in WebCore::Page::pluginData (this=0x7fd93bd0bea0)
at WebCore/plugins/PluginData.h:49
#9 0x00007fd93e2e62e0 in WebCore::DOMImplementation::createDocument (
type=@0x7fd93bd139a0, frame=0x7fd93bd0a1a0,
inViewSourceMode=<value optimized out>)
at WebCore/dom/DOMImplementation.cpp:320
---Type <return> to continue, or q <return> to quit---
#10 0x00007fd93e450343 in WebCore::FrameLoader::begin (this=0x7fd93bd13848,
url=@0x7fd93bd139e8, dispatch=<value optimized out>, origin=0x0)
at WebCore/loader/FrameLoader.cpp:935
#11 0x00007fd93e45ead2 in WebCore::FrameLoader::receivedFirstData (
this=0x61726f65685420) at WebCore/loader/FrameLoader.cpp:868
#12 0x00007fd93e45ef74 in WebCore::FrameLoader::setEncoding (
this=0x7fd93bd13848, name=@0x7fff51b0d210, userChosen=false)
at WebCore/loader/FrameLoader.cpp:1853
#13 0x00007fd93e21dc81 in WebKit::FrameLoaderClient::committedLoad (
this=0x7fd93bd12f00, loader=<value optimized out>,
data=0x7fd93bd8f400 "<?xml version=\"1.0\" encoding=\"utf-8\"?><!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtm"..., length=6178) at WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:179
#14 0x00007fd93e43a0bd in WebCore::DocumentLoader::commitLoad (
this=0x7fd93bd3b100,
data=0x7fd93bd8f400 "<?xml version=\"1.0\" encoding=\"utf-8\"?><!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtm"..., length=6178) at WebCore/loader/DocumentLoader.cpp:355
#15 0x00007fd93e469f99 in WebCore::ResourceLoader::didReceiveData (
this=0x7fd93bd77800,
data=0x7fd93bd8f400 "<?xml version=\"1.0\" encoding=\"utf-8\"?><!DOCTYPE htm---Type <return> to continue, or q <return> to quit---
l PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtm"..., length=6178, lengthReceived=6178, allAtOnce=false)
at WebCore/loader/ResourceLoader.cpp:251
#16 0x00007fd93e462f5e in WebCore::MainResourceLoader::didReceiveData (
this=0x61726f65685420,
data=0x61726f65685420 <Address 0x61726f65685420 out of bounds>,
length=14409792, lengthReceived=0, allAtOnce=32)
at WebCore/loader/MainResourceLoader.cpp:305
#17 0x00007fd93e464407 in WebCore::MainResourceLoader::continueAfterContentPolicy (this=0x7fd93bd77800, contentPolicy=<value optimized out>,
r=<value optimized out>) at WebCore/loader/MainResourceLoader.cpp:248
#18 0x00007fd93e464826 in WebCore::MainResourceLoader::continueAfterContentPolicy (this=0x7fd93bd77800, policy=WebCore::PolicyUse)
at WebCore/loader/MainResourceLoader.cpp:265
#19 0x00007fd93e4638f3 in WebCore::MainResourceLoader::didReceiveResponse (
this=0x7fd93bd77800, r=@0x7fff51b0d440)
at WebCore/loader/MainResourceLoader.cpp:292
#20 0x00007fd93e464b7b in WebCore::MainResourceLoader::handleDataLoadNow (
this=0x7fd93bd77800) at WebCore/loader/MainResourceLoader.cpp:361
#21 0x00007fd93e4f33aa in WebCore::TimerBase::fireTimers (
fireTime=1218810674.186157, firingTimers=@0x7fff51b0d5d0)
at WebCore/platform/Timer.cpp:347
---Type <return> to continue, or q <return> to quit---
#22 0x00007fd93e4f345e in WebCore::TimerBase::sharedTimerFired ()
at WebCore/platform/Timer.cpp:368
#23 0x00007fd93e754c52 in timeout_cb ()
at WebCore/platform/gtk/SharedTimerGtk.cpp:48
#24 0x00007fd945f9c9d2 in IA__g_main_context_dispatch (context=0xd42a80)
at gmain.c:2072
#25 0x00007fd945fa016d in g_main_context_iterate (context=0xd42a80, block=1,
dispatch=1, self=<value optimized out>) at gmain.c:2705
#26 0x00007fd945fa069d in IA__g_main_loop_run (loop=0x12382f0) at gmain.c:2928
#27 0x00007fd94888cf97 in gtk_main () from /usr/lib64/libgtk-x11-2.0.so.0
#28 0x0000000000431cf0 in main (argc=1, argv=0x7fff51b0d918) at main.c:318
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Frederik Himpe
Liferea now starts again with a recent webkit svn check-out, so I guess it's fixed...