Bug 33100
| Summary: | [Gtk] Crash during page load [WebCore::FrameLoader::loadResourceSynchronously] | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Priit Laes (IRC: plaes) <plaes> |
| Component: | Page Loading | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED WORKSFORME | ||
| Severity: | Normal | CC: | benjamin, mrobinson, zecke |
| Priority: | P2 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | PC | ||
| OS: | OS X 10.5 | ||
| URL: | http://shop.nationalgeographic.com/ngs/browse/productDetail.jsp?productId=1076014 | ||
Priit Laes (IRC: plaes)
Load http://shop.nationalgeographic.com/ngs/browse/productDetail.jsp?productId=1076014 in either Epiphany or Midori and observe crash.
Webkit-gtk is 1.1.17
0x00007f2a1a1e7bcd in __libc_waitpid (pid=1582,
stat_loc=<value optimized out>, options=0)
at ../sysdeps/unix/sysv/linux/waitpid.c:41
in ../sysdeps/unix/sysv/linux/waitpid.c
#0 0x00007f2a1a1e7bcd in __libc_waitpid (pid=1582,
stat_loc=<value optimized out>, options=0)
at ../sysdeps/unix/sysv/linux/waitpid.c:41
#1 0x00007f2a1a9a2691 in IA__g_spawn_sync (
working_directory=<value optimized out>, argv=<value optimized out>,
envp=<value optimized out>, flags=<value optimized out>,
child_setup=<value optimized out>, user_data=<value optimized out>,
standard_output=0x0, standard_error=0x0, exit_status=0x0, error=
0x7fff5d2c13b8) at gspawn.c:386
#2 0x00007f2a1a9a29a9 in IA__g_spawn_command_line_sync (
command_line=<value optimized out>, standard_output=0x0, standard_error=
0x0, exit_status=0x0, error=0x7fff5d2c13b8) at gspawn.c:700
#3 0x00007f2a08fb7d61 in run_bug_buddy (signum=<value optimized out>)
at gnome-breakpad.cc:369
#4 check_if_gdb (signum=<value optimized out>) at gnome-breakpad.cc:440
#5 bugbuddy_segv_handle (signum=<value optimized out>)
at gnome-breakpad.cc:223
#6 <signal handler called>
#7 0x00007f2a1e7cfb39 in WebCore::FrameLoader::loadResourceSynchronously (
this=0x7f29ffe23850, request=<value optimized out>,
storedCredentials=<value optimized out>, error=..., response=..., data=
...) at WebCore/loader/FrameLoader.cpp:3293
#8 0x00007f2a1e7bec07 in WebCore::DocumentThreadableLoader::loadRequest (
this=0x7f29ff1a57e0, request=..., skipCanLoadCheck=<value optimized out>)
at WebCore/loader/DocumentThreadableLoader.cpp:317
#9 0x00007f2a1e7c0e1d in DocumentThreadableLoader (this=0x7f29ff1a57e0,
document=0x7f2a04201400, client=<value optimized out>, blockingBehavior=
WebCore::DocumentThreadableLoader::LoadSynchronously, request=...,
options=<value optimized out>)
at WebCore/loader/DocumentThreadableLoader.cpp:74
#10 0x00007f2a1e7c117c in WebCore::DocumentThreadableLoader::loadResourceSynchronously (document=0x7f2a04201400, request=..., client=..., options=...)
at WebCore/loader/DocumentThreadableLoader.cpp:50
#11 0x00007f2a1e98b708 in WebCore::XMLHttpRequest::createRequest (this=
0x7f29ff4e0900, ec=@0x7fff5d2c1fbc) at WebCore/xml/XMLHttpRequest.cpp:521
#12 0x00007f2a1e98e47b in WebCore::XMLHttpRequest::send (this=0x7f29ff4e0900,
body=..., ec=@0x7fff5d2c1fbc) at WebCore/xml/XMLHttpRequest.cpp:435
#13 0x00007f2a1e98e698 in WebCore::XMLHttpRequest::send (this=0x7f2a1a1d4e60,
ec=@0xffffffffffffffe0) at WebCore/xml/XMLHttpRequest.cpp:378
#14 0x00007f2a1e582502 in WebCore::JSXMLHttpRequest::send (this=
0x7f29ff2a5000, exec=0x7f2a044e04c8, args=...)
at WebCore/bindings/js/JSXMLHttpRequestCustom.cpp:109
#15 0x00007f2a1ed20044 in WebCore::jsXMLHttpRequestPrototypeFunctionSend (
exec=0x7f2a044e04c8, thisValue=..., args=...)
at DerivedSources/JSXMLHttpRequest.cpp:385
#16 0x00007f2a1fba11c4 in ?? ()
#17 0x00007f2a044e0480 in ?? ()
#18 0x0000000000000001 in ?? ()
#19 0x0000000000000000 in ?? ()
Thread 2 (Thread 0x7f2a071e8710 (LWP 1548)):
#0 pthread_cond_wait@@GLIBC_2.3.2 ()
at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
No locals.
#1 0x00007f2a1e502886 in WTF::TCMalloc_PageHeap::scavengerThread (this=
0x7f2a1f33a240) at JavaScriptCore/wtf/FastMalloc.cpp:2299
No locals.
#2 0x00007f2a1e5028a9 in WTF::TCMalloc_PageHeap::runScavengerThread (context=
0x7f2a1f34830c) at JavaScriptCore/wtf/FastMalloc.cpp:1433
No locals.
#3 0x00007f2a1a1df894 in start_thread (arg=<value optimized out>)
at pthread_create.c:297
__res = <value optimized out>
pd = 0x7f2a071e8710
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139818484795152,
7159262871587376577, 139818803568576, 0, 139818899734528, 3,
-7129548290655531583, -7129484506034090559}, mask_was_saved = 0}}, priv =
{pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0,
canceltype = 0}}}
not_first_call = <value optimized out>
robust = <value optimized out>
freesize = <value optimized out>
__PRETTY_FUNCTION__ = "start_thread"
#4 0x00007f2a19f50f9d in clone ()
at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
No locals.
#5 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 1 (Thread 0x7f2a1fd4b780 (LWP 1547)):
#0 0x00007f2a1a1e7bcd in __libc_waitpid (pid=1582,
stat_loc=<value optimized out>, options=0)
at ../sysdeps/unix/sysv/linux/waitpid.c:41
_a3 = 0
_a1 = 1582
resultvar = <value optimized out>
_a4 = 0
_a2 = 140734756557344
oldtype = 0
result = <value optimized out>
#1 0x00007f2a1a9a2691 in IA__g_spawn_sync (
working_directory=<value optimized out>, argv=<value optimized out>,
envp=<value optimized out>, flags=<value optimized out>,
child_setup=<value optimized out>, user_data=<value optimized out>,
standard_output=0x0, standard_error=0x0, exit_status=0x0, error=
0x7fff5d2c13b8) at gspawn.c:386
outpipe = -1
errpipe = -1
pid = 1582
fds = {__fds_bits = {0, 16, 16, 0, 55952264, 140734756557752,
139818365360384, 55952240, 3, 0, 55952264, 139818811552557,
140734756557352, 140734756557344, 140734756557464, 0}}
ret = <value optimized out>
outstr = 0x0
errstr = 0x0
failed = 0
status = <value optimized out>
__PRETTY_FUNCTION__ = "IA__g_spawn_sync"
#2 0x00007f2a1a9a29a9 in IA__g_spawn_command_line_sync (
command_line=<value optimized out>, standard_output=0x0, standard_error=
0x0, exit_status=0x0, error=0x7fff5d2c13b8) at gspawn.c:700
retval = 0
argv = 0x355c370
__PRETTY_FUNCTION__ = "IA__g_spawn_command_line_sync"
#3 0x00007f2a08fb7d61 in run_bug_buddy (signum=<value optimized out>)
at gnome-breakpad.cc:369
res = <value optimized out>
warning_file = 0x0
exec_str = 0x356d5a0 "bug-buddy --appname=\"epiphany\" --pid=1547"
args_str = <value optimized out>
error = 0x0
#4 check_if_gdb (signum=<value optimized out>) at gnome-breakpad.cc:440
gdb = 0x3755bc0 "/usr/bin/gdb"
pid = 1547
mypath = 0x3571a00 "\360+v\003"
has_debug_symbols = <value optimized out>
appname = 0x9910e0 "epiphany"
#5 bugbuddy_segv_handle (signum=<value optimized out>)
at gnome-breakpad.cc:223
in_segv = 1
#6 <signal handler called>
No symbol table info available.
#7 0x00007f2a1e7cfb39 in WebCore::FrameLoader::loadResourceSynchronously (
this=0x7f29ffe23850, request=<value optimized out>,
storedCredentials=<value optimized out>, error=..., response=..., data=
...) at WebCore/loader/FrameLoader.cpp:3293
referrer = {m_impl = {<WTF::FastAllocBase> = {<No data fields>},
m_ptr = 0x7f29ffdceb00}}
initialRequest = {<WebCore::ResourceRequestBase> = {m_url = {
m_string = {m_impl = {<WTF::FastAllocBase> =
{<No data fields>}, m_ptr = 0x7f29ff4a05b0}}, m_isValid = true,
m_protocolInHTTPFamily = true, m_schemeEnd = 4, m_userStart =
7, m_userEnd = 7, m_passwordEnd = 7, m_hostEnd = 34, m_portEnd = 34,
m_pathAfterLastSlash = 71, m_pathEnd = 86, m_queryEnd = 86,
m_fragmentEnd = 86}, m_cachePolicy =
WebCore::UseProtocolCachePolicy, m_timeoutInterval = 10,
m_firstPartyForCookies = {m_string = {m_impl =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x7f2a0438c680}},
m_isValid = true, m_protocolInHTTPFamily = true, m_schemeEnd =
4, m_userStart = 7, m_userEnd = 7, m_passwordEnd = 7, m_hostEnd = 34,
m_portEnd = 34, m_pathAfterLastSlash = 46, m_pathEnd = 63,
m_queryEnd = 81, m_fragmentEnd = 81}, m_httpMethod = {m_impl =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x7f29ff30b7f8}},
m_httpHeaderFields =
{<WTF::HashMap<WebCore::AtomicString, WebCore::String, WebCore::CaseFoldingHash, WTF::HashTraits<WebCore::AtomicString>, WTF::HashTraits<WebCore::String> >> = {<WTF::FastAllocBase> = {<No data fields>}, m_impl = {
static m_minTableSize = <optimized out>,
static m_maxLoad = <optimized out>,
static m_minLoad = <optimized out>, m_table =
0x7f29ff1ab400, m_tableSize = 64, m_tableSizeMask = 63, m_keyCount = 2,
m_deletedCount = 0}}, <No data fields>},
m_responseContentDispositionEncodingFallbackArray =
{<WTF::FastAllocBase> = {<No data fields>}, m_size = 0, m_buffer =
{<WTF::VectorBufferBase<WebCore::String>> =
{<WTFNoncopyable::Noncopyable> = {<WTF::FastAllocBase> =
{<No data fields>}, <No data fields>}, m_buffer = 0x7f29ff4cf510,
m_capacity = 0}, <No data fields>}}, m_httpBody =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x0},
m_allowCookies = true, m_resourceRequestUpdated = true,
m_platformRequestUpdated = false, m_reportUploadProgress =
false}, <No data fields>}
identifier = 95
newRequest = {<WebCore::ResourceRequestBase> = {m_url = {m_string = {
m_impl = {<WTF::FastAllocBase> = {<No data fields>}, m_ptr =
0x7f29ff195c80}}, m_isValid = true, m_protocolInHTTPFamily = true,
m_schemeEnd = 4, m_userStart = 7, m_userEnd = 7,
m_passwordEnd = 7, m_hostEnd = 34, m_portEnd = 34,
m_pathAfterLastSlash = 71, m_pathEnd = 86, m_queryEnd = 86,
m_fragmentEnd = 86}, m_cachePolicy =
WebCore::UseProtocolCachePolicy, m_timeoutInterval = 10,
m_firstPartyForCookies = {m_string = {m_impl =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x7f2a0438c680}},
m_isValid = true, m_protocolInHTTPFamily = true, m_schemeEnd =
4, m_userStart = 7, m_userEnd = 7, m_passwordEnd = 7, m_hostEnd = 34,
m_portEnd = 34, m_pathAfterLastSlash = 46, m_pathEnd = 63,
m_queryEnd = 81, m_fragmentEnd = 81}, m_httpMethod = {m_impl =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x7f29ff195c00}},
m_httpHeaderFields =
{<WTF::HashMap<WebCore::AtomicString, WebCore::String, WebCore::CaseFoldingHash, WTF::HashTraits<WebCore::AtomicString>, WTF::HashTraits<WebCore::String> >> = {<WTF::FastAllocBase> = {<No data fields>}, m_impl = {
static m_minTableSize = <optimized out>,
static m_maxLoad = <optimized out>,
static m_minLoad = <optimized out>, m_table =
0x7f29ff1a8c00, m_tableSize = 64, m_tableSizeMask = 63, m_keyCount = 2,
m_deletedCount = 0}}, <No data fields>},
m_responseContentDispositionEncodingFallbackArray =
{<WTF::FastAllocBase> = {<No data fields>}, m_size = 0, m_buffer =
{<WTF::VectorBufferBase<WebCore::String>> =
{<WTFNoncopyable::Noncopyable> = {<WTF::FastAllocBase> =
{<No data fields>}, <No data fields>}, m_buffer = 0x7f29ff4cf6f8,
m_capacity = 0}, <No data fields>}}, m_httpBody =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x0},
m_allowCookies = true, m_resourceRequestUpdated = true,
m_platformRequestUpdated = false, m_reportUploadProgress =
false}, <No data fields>}
#8 0x00007f2a1e7bec07 in WebCore::DocumentThreadableLoader::loadRequest (
this=0x7f29ff1a57e0, request=..., skipCanLoadCheck=<value optimized out>)
at WebCore/loader/DocumentThreadableLoader.cpp:317
data = {<WTF::FastAllocBase> = {<No data fields>}, m_size = 440,
m_buffer = {<WTF::VectorBufferBase<char>> =
{<WTFNoncopyable::Noncopyable> = {<WTF::FastAllocBase> =
{<No data fields>}, <No data fields>}, m_buffer =
0x7f29f8883c40 "dojo.provide(\"dojo.nls.ngsdojo_ROOT\");dojo.provide(\"dijit.nls.loading\");dijit.nls.loading._built=true;dojo.provide(\"dijit.nls.loading.ROOT\");dijit.nls.loading.ROOT={\"loadingState\":\"Loading...\",\"errorS"..., m_capacity = 440}, <No data fields>}}
error = {<WebCore::ResourceErrorBase> = {m_domain = {m_impl =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x0}}, m_errorCode =
0, m_failingURL = {m_impl = {<WTF::FastAllocBase> = {<No data fields>},
m_ptr = 0x0}}, m_localizedDescription = {m_impl =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x0}}, m_isNull =
true, m_isCancellation = false}, <No data fields>}
response = {<WebCore::ResourceResponseBase> = {m_url = {m_string = {
m_impl = {<WTF::FastAllocBase> = {<No data fields>}, m_ptr =
0x7f29ffd160d0}}, m_isValid = true, m_protocolInHTTPFamily = true,
m_schemeEnd = 4, m_userStart = 7, m_userEnd = 7,
m_passwordEnd = 7, m_hostEnd = 34, m_portEnd = 34,
m_pathAfterLastSlash = 71, m_pathEnd = 86, m_queryEnd = 86,
m_fragmentEnd = 86}, m_mimeType = {m_impl =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x7f29f8865460}},
m_expectedContentLength = 440, m_textEncodingName = {m_impl =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x0}},
m_suggestedFilename = {m_impl = {<WTF::FastAllocBase> =
{<No data fields>}, m_ptr = 0x0}}, m_httpStatusCode = 200,
m_httpStatusText = {m_impl = {<WTF::FastAllocBase> =
{<No data fields>}, m_ptr = 0x7f29ffd5aed8}}, m_httpHeaderFields =
{<WTF::HashMap<WebCore::AtomicString, WebCore::String, WebCore::CaseFoldingHash, WTF::HashTraits<WebCore::AtomicString>, WTF::HashTraits<WebCore::String> >> = {<WTF::FastAllocBase> = {<No data fields>}, m_impl = {
static m_minTableSize = <optimized out>,
static m_maxLoad = <optimized out>,
static m_minLoad = <optimized out>, m_table =
0x7f29ffd8d800, m_tableSize = 64, m_tableSizeMask = 63, m_keyCount = 7,
m_deletedCount = 0}}, <No data fields>},
m_lastModifiedDate = 0, m_isNull = false,
m_haveParsedCacheControlHeader = false, m_haveParsedAgeHeader =
false, m_haveParsedDateHeader = false, m_haveParsedExpiresHeader = false,
m_haveParsedLastModifiedHeader = false,
m_cacheControlContainsNoCache = false,
m_cacheControlContainsNoStore = false,
m_cacheControlContainsMustRevalidate = false,
m_cacheControlMaxAge = 0, m_age = 0, m_date = 0, m_expires = 0,
m_lastModified = 0}, <No data fields>}
identifier = 18446744073709551615
#9 0x00007f2a1e7c0e1d in DocumentThreadableLoader (this=0x7f29ff1a57e0,
document=0x7f2a04201400, client=<value optimized out>, blockingBehavior=
WebCore::DocumentThreadableLoader::LoadSynchronously, request=...,
options=<value optimized out>)
at WebCore/loader/DocumentThreadableLoader.cpp:74
No locals.
#10 0x00007f2a1e7c117c in WebCore::DocumentThreadableLoader::loadResourceSynchronously (document=0x7f2a04201400, request=..., client=..., options=...)
at WebCore/loader/DocumentThreadableLoader.cpp:50
No locals.
#11 0x00007f2a1e98b708 in WebCore::XMLHttpRequest::createRequest (this=
0x7f29ff4e0900, ec=@0x7fff5d2c1fbc) at WebCore/xml/XMLHttpRequest.cpp:521
forcePreflight = false
request = {<WebCore::ResourceRequestBase> = {m_url = {m_string = {
m_impl = {<WTF::FastAllocBase> = {<No data fields>}, m_ptr =
0x7f29ff4a05b0}}, m_isValid = true, m_protocolInHTTPFamily = true,
m_schemeEnd = 4, m_userStart = 7, m_userEnd = 7,
m_passwordEnd = 7, m_hostEnd = 34, m_portEnd = 34,
m_pathAfterLastSlash = 71, m_pathEnd = 86, m_queryEnd = 86,
m_fragmentEnd = 86}, m_cachePolicy =
WebCore::UseProtocolCachePolicy, m_timeoutInterval = 2147483647,
m_firstPartyForCookies = {m_string = {m_impl =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x0}}, m_isValid =
false, m_protocolInHTTPFamily = false, m_schemeEnd = 0, m_userStart = 0,
m_userEnd = 0, m_passwordEnd = 0, m_hostEnd = 0, m_portEnd = 0,
m_pathAfterLastSlash = 0, m_pathEnd = 0, m_queryEnd = 0,
m_fragmentEnd = 0}, m_httpMethod = {m_impl =
{<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x7f29ff30b7f8}},
m_httpHeaderFields =
{<WTF::HashMap<WebCore::AtomicString, WebCore::String, WebCore::CaseFoldingHash, WTF::HashTraits<WebCore::AtomicString>, WTF::HashTraits<WebCore::String> >> = {<WTF::FastAllocBase> = {<No data fields>}, m_impl = {
static m_minTableSize = <optimized out>,
static m_maxLoad = <optimized out>,
static m_minLoad = <optimized out>, m_table = 0x0,
m_tableSize = 0, m_tableSizeMask = 0, m_keyCount = 0,
m_deletedCount = 0}}, <No data fields>},
m_responseContentDispositionEncodingFallbackArray =
{<WTF::FastAllocBase> = {<No data fields>}, m_size = 0, m_buffer =
{<WTF::VectorBufferBase<WebCore::String>> =
{<WTFNoncopyable::Noncopyable> = {<WTF::FastAllocBase> =
{<No data fields>}, <No data fields>}, m_buffer = 0x0, m_capacity =
0}, <No data fields>}}, m_httpBody = {<WTF::FastAllocBase> =
{<No data fields>}, m_ptr = 0x0}, m_allowCookies = true,
m_resourceRequestUpdated = true, m_platformRequestUpdated =
false, m_reportUploadProgress = false}, <No data fields>}
options = {sendLoadCallbacks = true, sniffContent = false,
allowCredentials = true, forcePreflight = false,
crossOriginRequestPolicy = WebCore::UseAccessControl}
#12 0x00007f2a1e98e47b in WebCore::XMLHttpRequest::send (this=0x7f29ff4e0900,
body=..., ec=@0x7fff5d2c1fbc) at WebCore/xml/XMLHttpRequest.cpp:435
No locals.
#13 0x00007f2a1e98e698 in WebCore::XMLHttpRequest::send (this=0x7f2a1a1d4e60,
ec=@0xffffffffffffffe0) at WebCore/xml/XMLHttpRequest.cpp:378
No locals.
#14 0x00007f2a1e582502 in WebCore::JSXMLHttpRequest::send (this=
0x7f29ff2a5000, exec=0x7f2a044e04c8, args=...)
at WebCore/bindings/js/JSXMLHttpRequestCustom.cpp:109
ec = 0
sourceID = 139818872897038
function = {m_ptr = 0x7f2a044e0458}
signedLineNumber = <value optimized out>
sourceURL = {m_rep = {<WTF::FastAllocBase> = {<No data fields>},
m_ptr = 0xffff000000000002}, static nullUString = 0x7f2a068ea0f8}
#15 0x00007f2a1ed20044 in WebCore::jsXMLHttpRequestPrototypeFunctionSend (
exec=0x7f2a044e04c8, thisValue=..., args=...)
at DerivedSources/JSXMLHttpRequest.cpp:385
No locals.
#16 0x00007f2a1fba11c4 in ?? ()
No symbol table info available.
#17 0x00007f2a044e0480 in ?? ()
No symbol table info available.
#18 0x0000000000000001 in ?? ()
No symbol table info available.
#19 0x0000000000000000 in ?? ()
No symbol table info available.
Current language: auto
The current source language is "auto; currently asm".
Current language: auto
The current source language is "auto; currently c".
A debugging session is active.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Benjamin Poulain
It looks similar to https://bugs.webkit.org/show_bug.cgi?id=37191
We have the following problem in Qt: the synchronous XHR use a local event loop to process the request synchronously. This event loop can process the event from another socket->come back to javascript->modify the document.
When the XHR return, the document is no longer valid.
Martin Robinson
I can no longer reproduce this one. Going to close it, since it's against a very old version of WebKitGTK+. Please feel free to re-open if see it again.