Bug 50761

Summary: [Qt] Crash sometimes in QNetworkReplyHandler::finish()
Product: WebKit Reporter: Jocelyn Turcotte <jturcotte>
Component: Page LoadingAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, commit-queue, eric, webkit.review.bot
Priority: P3 Keywords: Qt, QtTriaged
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Attachments:
Description Flags
Patch kenneth: review+, commit-queue: commit-queue-

Jocelyn Turcotte
Reported 2010-12-09 07:28:45 PST
I would see problems where the QNetworkReply would be deleted in the other thread, but a new QNetworkReply would be allocated by the heap at the same address and would break the comparison code path. Another problem would be that didFinishLoading would eventually call abort on the ResourceHandle, which would call deleteLater on the reply (if in a different thread). Calling deleteLater on oldReply would then cause a crash.
Attachments
Patch (3.15 KB, patch)
2010-12-09 07:32 PST, Jocelyn Turcotte 		kenneth: review+
commit-queue: commit-queue-
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Jocelyn Turcotte
Comment 1 2010-12-09 07:32:08 PST
Created attachment 76061 [details] Patch
WebKit Commit Bot
Comment 2 2010-12-09 14:28:39 PST
Comment on attachment 76061 [details] Patch Rejecting patch 76061 from commit-queue. Failed to run "['./WebKitTools/Scripts/webkit-patch', '--status-host=queues.webkit.org', '--bot-id=eseidel-sf', 'apply-attachment', '--force-clean', '--non-interactive', 76061]" exit_code: 2 Last 500 characters of output: 'Kenneth Rohde Christiansen', u'--force']" exit_code: 1 Parsed 2 diffs from patch file(s). patching file WebCore/ChangeLog Hunk #1 succeeded at 1 with fuzz 3. patching file WebCore/platform/network/qt/QNetworkReplyHandler.cpp Hunk #1 FAILED at 300. 1 out of 1 hunk FAILED -- saving rejects to file WebCore/platform/network/qt/QNetworkReplyHandler.cpp.rej Failed to run "[u'/Projects/CommitQueue/WebKitTools/Scripts/svn-apply', u'--reviewer', u'Kenneth Rohde Christiansen', u'--force']" exit_code: 1 Full output: http://queues.webkit.org/results/6943017
Jocelyn Turcotte
Comment 3 2010-12-10 02:44:38 PST
Committed r73708: <http://trac.webkit.org/changeset/73708>
WebKit Review Bot
Comment 4 2010-12-10 11:46:10 PST
http://trac.webkit.org/changeset/73708 might have broken GTK Linux 32-bit Debug
Note You need to log in before you can comment on or make changes to this bug.