Bug 54592

Here is the assertion stack trace: #0 0x00007faf72480b54 in WTF::HashTableConstIterator<WTF::AtomicString, std::pair<WTF::AtomicString, WTF::String>, WTF::PairFirstExtractor<std::pair<WTF::AtomicString, WTF::String> >, WTF::CaseFoldingHash, WTF::PairHashTraits<WTF::HashTraits<WTF::AtomicString>, WTF::HashTraits<WTF::String> >, WTF::HashTraits<WTF::AtomicString> >::checkValidity (this=0x7fff7a9d5710) at ../../Source/JavaScriptCore/wtf/HashTable.h:193 193 ASSERT(m_table); Thread 1 (Thread 3440): #0 0x00007faf72480b54 in WTF::HashTableConstIterator<WTF::AtomicString, std::pair<WTF::AtomicString, WTF::String>, WTF::PairFirstExtractor<std::pair<WTF::AtomicString, WTF::String> >, WTF::CaseFoldingHash, WTF::PairHashTraits<WTF::HashTraits<WTF::AtomicString>, WTF::HashTraits<WTF::String> >, WTF::HashTraits<WTF::AtomicString> >::checkValidity (this=0x7fff7a9d5710) at ../../Source/JavaScriptCore/wtf/HashTable.h:193 #1 0x00007faf7247ffe0 in WTF::HashTableConstIterator<WTF::AtomicString, std::pair<WTF::AtomicString, WTF::String>, WTF::PairFirstExtractor<std::pair<WTF::AtomicString, WTF::String> >, WTF::CaseFoldingHash, WTF::PairHashTraits<WTF::HashTraits<WTF::AtomicString>, WTF::HashTraits<WTF::String> >, WTF::HashTraits<WTF::AtomicString> >::operator++ (this=0x7fff7a9d5710) at ../../Source/JavaScriptCore/wtf/HashTable.h:168 #2 0x00007faf7248341c in WTF::HashTableIterator<WTF::AtomicString, std::pair<WTF::AtomicString, WTF::String>, WTF::PairFirstExtractor<std::pair<WTF::AtomicString, WTF::String> >, WTF::CaseFoldingHash, WTF::PairHashTraits<WTF::HashTraits<WTF::AtomicString>, WTF::HashTraits<WTF::String> >, WTF::HashTraits<WTF::AtomicString> >::operator++ (this=0x7fff7a9d5710) at ../../Source/JavaScriptCore/wtf/HashTable.h:246 #3 0x00007faf72482dbe in WTF::HashTableIteratorAdapter<WTF::HashTable<WTF::AtomicString, std::pair<WTF::AtomicString, WTF::String>, WTF::PairFirstExtractor<std::pair<WTF::AtomicString, WTF::String> >, WTF::CaseFoldingHash, WTF::PairHashTraits<WTF::HashTraits<WTF::AtomicString>, WTF::HashTraits<WTF::String> >, WTF::HashTraits<WTF::AtomicString> >, std::pair<WTF::AtomicString, WTF::String> >::operator++ (this=0x7fff7a9d5710) at ../../Source/JavaScriptCore/wtf/HashIterators.h:71 #4 0x00007faf724826a8 in WebCore::ResourceRequest::updateFromSoupMessage (this=0x7fff7a9d5ae0, soupMessage=0x1a6c9d0) at ../../Source/WebCore/platform/network/soup/ResourceRequestSoup.cpp:105 #5 0x00007faf724b8ced in WebKit::FrameLoaderClient::dispatchWillSendRequest (this=0xfb4940, loader=0x1f71c60, identifier=332, request=..., redirectResponse=...) at ../../Source/WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:397 #6 0x00007faf72b05e87 in WebCore::ResourceLoadNotifier::dispatchWillSendRequest (this=0xfb6668, loader=0x1f71c60, identifier=332, request=..., redirectResponse=...) at ../../Source/WebCore/loader/ResourceLoadNotifier.cpp:115 #7 0x00007faf72acc41f in WebCore::FrameLoader::requestFromDelegate (this=0xfb64a0, request=..., identifier=@0x7fff7a9d5fc8, error=...) at ../../Source/WebCore/loader/FrameLoader.cpp:3057 #8 0x00007faf72acb173 in WebCore::FrameLoader::loadResourceSynchronously (this=0xfb64a0, request=..., storedCredentials=WebCore::AllowStoredCredentials, error=..., response=..., data=...) at ../../Source/WebCore/loader/FrameLoader.cpp:2786 #9 0x00007faf72ababa6 in WebCore::DocumentThreadableLoader::loadRequest (this=0x1ff7210, request=..., securityCheck=WebCore::DoSecurityCheck) at ../../Source/WebCore/loader/DocumentThreadableLoader.cpp:339 #10 0x00007faf72ab8db9 in WebCore::DocumentThreadableLoader::DocumentThreadableLoader (this=0x1ff7210, document=0x2037f90, client=0x1ff6ce0, blockingBehavior=WebCore::DocumentThreadableLoader::LoadSynchronously, request=..., options=...) at ../../Source/WebCore/loader/DocumentThreadableLoader.cpp:76 #11 0x00007faf72ab8498 in WebCore::DocumentThreadableLoader::loadResourceSynchronously (document=0x2037f90, request=..., client=..., options=...) at ../../Source/WebCore/loader/DocumentThreadableLoader.cpp:53 #12 0x00007faf72b11398 in WebCore::ThreadableLoader::loadResourceSynchronously (context=0x2037ff8, request=..., client=..., options=...) at ../../Source/WebCore/loader/ThreadableLoader.cpp:69 #13 0x00007faf72f84297 in WebCore::XMLHttpRequest::createRequest (this=0x1ff6cd0, ec=@0x7fff7a9d670c) at ../../Source/WebCore/xml/XMLHttpRequest.cpp:671 #14 0x00007faf72f837cc in WebCore::XMLHttpRequest::send (this=0x1ff6cd0, body=..., ec=@0x7fff7a9d670c) at ../../Source/WebCore/xml/XMLHttpRequest.cpp:543 #15 0x00007faf7262e95f in WebCore::JSXMLHttpRequest::send (this=0x7faf74e09540, exec=0x7faf65110080) at ../../Source/WebCore/bindings/js/JSXMLHttpRequestCustom.cpp:132 #16 0x00007faf731891ac in WebCore::jsXMLHttpRequestPrototypeFunctionSend (exec=0x7faf65110080) at DerivedSources/WebCore/JSXMLHttpRequest.cpp:485 #17 0x00007faf200001b8 in ?? () #18 0x00007fff7a9d6840 in ?? () #19 0x00007faf200170b4 in ?? () #20 0x00007fff7a9d67c0 in ?? () #21 0x00007faf74e09540 in ?? () #22 0x0000000001fddf80 in ?? () #23 0x00007faf74e031c0 in ?? () #24 0x00007fff7a9d67f0 in ?? () #25 0x00007faf725ee1ad in JSC::Register::Register (this=0x7faf72b0534a) at ../../Source/JavaScriptCore/interpreter/Register.h:106 #26 0x00007faf73311a7f in JSC::JITCode::execute (this=0x1fdb5f8, registerFile=0x1608408, callFrame=0x7faf65110038, globalData=0x1603f00) at ../../Source/JavaScriptCore/jit/JITCode.h:77 #27 0x00007faf7330e533 in JSC::Interpreter::execute (this=0x16083f0, program=0x1fdb5e0, callFrame=0x1ffcb28, scopeChain=0x203a0c0, thisObj=0x7faf74e00240) at ../../Source/JavaScriptCore/interpreter/Interpreter.cpp:781 #28 0x00007faf733a79ff in JSC::evaluate (exec=0x1ffcb28, scopeChain=..., source=..., thisValue=...) at ../../Source/JavaScriptCore/runtime/Completion.cpp:62 #29 0x00007faf7260fc97 in WebCore::JSMainThreadExecState::evaluate (exec=0x1ffcb28, chain=..., source=..., thisValue=...) at ../../Source/WebCore/bindings/js/JSMainThreadExecState.h:54 #30 0x00007faf72636b86 in WebCore::ScriptController::evaluateInWorld (this=0xfb68e8, sourceCode=..., world=0x1608600) at ../../Source/WebCore/bindings/js/ScriptController.cpp:142 #31 0x00007faf72636d46 in WebCore::ScriptController::evaluate (this=0xfb68e8, sourceCode=...) at ../../Source/WebCore/bindings/js/ScriptController.cpp:165 #32 0x00007faf726640b1 in WebCore::ScriptController::executeScript (this=0xfb68e8, sourceCode=...) at ../../Source/WebCore/bindings/ScriptControllerBase.cpp:59 #33 0x00007faf72837545 in WebCore::ScriptElement::executeScript (this=0x1fdd7d0, sourceCode=...) at ../../Source/WebCore/dom/ScriptElement.cpp:216 #34 0x00007faf729ba01f in WebCore::HTMLScriptRunner::runScript (this=0x1fe1670, script=0x1fdd750, scriptStartPosition=...) at ../../Source/WebCore/html/parser/HTMLScriptRunner.cpp:317 #35 0x00007faf729b9472 in WebCore::HTMLScriptRunner::execute (this=0x1fe1670, scriptElement=..., scriptStartPosition=...) at ../../Source/WebCore/html/parser/HTMLScriptRunner.cpp:173 #36 0x00007faf729ad675 in WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder (this=0x2032370) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:200 #37 0x00007faf729ad9ff in WebCore::HTMLDocumentParser::pumpTokenizer (this=0x2032370, mode=WebCore::HTMLDocumentParser::AllowYield) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:250 #38 0x00007faf729ad4ca in WebCore::HTMLDocumentParser::pumpTokenizerIfPossible (this=0x2032370, mode=WebCore::HTMLDocumentParser::AllowYield) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:170 #39 0x00007faf729ade54 in WebCore::HTMLDocumentParser::append (this=0x2032370, source=...) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:331 #40 0x00007faf72793405 in WebCore::DecodedDataDocumentParser::appendBytes (this=0x2032370, writer=0x1f71d60, data=0x2051b90 "<html>\n<body>\n<p>Test that setRequestHeader cannot be used to alter security-sensitive headers.</p>\n<pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre>\n<script>\n if (win"..., length=2393, shouldFlush=false) at ../../Source/WebCore/dom/DecodedDataDocumentParser.cpp:54 #41 0x00007faf72abc639 in WebCore::DocumentWriter::addData (this=0x1f71d60, str=0x2051b90 "<html>\n<body>\n<p>Test that setRequestHeader cannot be used to alter security-sensitive headers.</p>\n<pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre>\n<script>\n if (win"..., len=2393, flush=false) at ../../Source/WebCore/loader/DocumentWriter.cpp:201 #42 0x00007faf72ab1bd7 in WebCore::DocumentLoader::commitData (this=0x1f71c60, bytes=0x2051b90 "<html>\n<body>\n<p>Test that setRequestHeader cannot be used to alter security-sensitive headers.</p>\n<pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre>\n<script>\n if (win"..., length=2393) at ../../Source/WebCore/loader/DocumentLoader.cpp:316 #43 0x00007faf724b86fa in WebKit::FrameLoaderClient::committedLoad (this=0xfb4940, loader=0x1f71c60, data=0x2051b90 "<html>\n<body>\n<p>Test that setRequestHeader cannot be used to alter security-sensitive headers.</p>\n<pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre>\n<script>\n if (win"..., length=2393) at ../../Source/WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:318 #44 0x00007faf72ab1abf in WebCore::DocumentLoader::commitLoad (this=0x1f71c60, data=0x2051b90 "<html>\n<body>\n<p>Test that setRequestHeader cannot be used to alter security-sensitive headers.</p>\n<pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre>\n<script>\n if (win"..., length=2393) at ../../Source/WebCore/loader/DocumentLoader.cpp:302 #45 0x00007faf72ab1c96 in WebCore::DocumentLoader::receivedData (this=0x1f71c60, data=0x2051b90 "<html>\n<body>\n<p>Test that setRequestHeader cannot be used to alter security-sensitive headers.</p>\n<pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre>\n<script>\n if (win"..., length=2393) at ../../Source/WebCore/loader/DocumentLoader.cpp:328 #46 0x00007faf72af7e93 in WebCore::MainResourceLoader::addData (this=0x2044b90, data=0x2051b90 "<html>\n<body>\n<p>Test that setRequestHeader cannot be used to alter security-sensitive headers.</p>\n<pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre>\n<script>\n if (win"..., length=2393, allAtOnce=false) at ../../Source/WebCore/loader/MainResourceLoader.cpp:158 #47 0x00007faf72b04abf in WebCore::ResourceLoader::didReceiveData (this=0x2044b90, data=0x2051b90 "<html>\n<body>\n<p>Test that setRequestHeader cannot be used to alter security-sensitive headers.</p>\n<pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre>\n<script>\n if (win"..., length=2393, lengthReceived=2393, allAtOnce=false) at ../../Source/WebCore/loader/ResourceLoader.cpp:279 #48 0x00007faf72af909c in WebCore::MainResourceLoader::didReceiveData (this=0x2044b90, data=0x2051b90 "<html>\n<body>\n<p>Test that setRequestHeader cannot be used to alter security-sensitive headers.</p>\n<pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre>\n<script>\n if (win"..., length=2393, lengthReceived=2393, allAtOnce=false) at ../../Source/WebCore/loader/MainResourceLoader.cpp:443 #49 0x00007faf72b053da in WebCore::ResourceLoader::didReceiveData (this=0x2044b90, data=0x2051b90 "<html>\n<body>\n<p>Test that setRequestHeader cannot be used to alter security-sensitive headers.</p>\n<pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre>\n<script>\n if (win"..., length=2393, lengthReceived=2393) at ../../Source/WebCore/loader/ResourceLoader.cpp:430 #50 0x00007faf7247de17 in WebCore::readCallback (source=0x16f8b90, asyncResult=0x160e060, data=0x0) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:788 #51 0x00007faf701e1f65 in async_ready_callback_wrapper (source_object=0x16f8b90, res=0x160e060, user_data=0x0) at /tmp/buildd/glib2.0-2.27.91/./gio/ginputstream.c:470 #52 0x00007faf704e805d in read_async_done (stream=0x16f8b90) at soup-http-input-stream.c:723 #53 0x00007faf6ff4933e in g_closure_invoke (closure=0x2066280, return_value=0x0, n_param_values=2, param_values=0x1ef5aa0, invocation_hint=0x7fff7a9d7690) at /tmp/buildd/glib2.0-2.27.91/./gobject/gclosure.c:767 #54 0x00007faf6ff623b9 in signal_emit_unlocked_R (node=0xfb5980, detail=<value optimized out>, instance=<value optimized out>, emission_return=<value optimized out>, instance_and_params=<value optimized out>) at /tmp/buildd/glib2.0-2.27.91/./gobject/gsignal.c:3252 #55 0x00007faf6ff63b36 in g_signal_emit_valist (instance=0x199fec0, signal_id=<value optimized out>, detail=0, var_args=0x7fff7a9d7880) at /tmp/buildd/glib2.0-2.27.91/./gobject/gsignal.c:2983 #56 0x00007faf6ff64363 in g_signal_emit (instance=0x7fff7a9d4dd0, signal_id=0, detail=1850732032) at /tmp/buildd/glib2.0-2.27.91/./gobject/gsignal.c:3040 #57 0x00007faf704ee046 in io_handle_sniffing (msg=0x199fec0, done_reading=<value optimized out>) at soup-message-io.c:248 #58 0x00007faf704eeb3b in read_body_chunk (msg=<value optimized out>) at soup-message-io.c:481 #59 0x00007faf704ef2e8 in io_read (sock=0x15f73a0, msg=0x199fec0) at soup-message-io.c:958 #60 0x00007faf704efcb4 in io_unpause_internal (msg=0x199fec0) at soup-message-io.c:1207 #61 0x00007faf6f688362 in g_main_dispatch (context=0xf381e0) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:2440 #62 g_main_context_dispatch (context=0xf381e0) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3013 #63 0x00007faf6f68ca28 in g_main_context_iterate (context=0xf381e0, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3091 #64 0x00007faf6f68cf35 in g_main_loop_run (loop=0x1fca2e0) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3299 #65 0x00007faf715c1657 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0 #66 0x000000000041df63 in runTest (testPathOrURL=...) at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:667 #67 0x000000000041d633 in runTestingServerLoop () at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:481 #68 0x000000000041f6da in main (argc=2, argv=0x7fff7a9da708) at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:1131 The issue seems to be that the code is modifying a HashMap and then trying to continue to use the old iterator.