119630 – ASSERTION FAILED: !m_frame->page()->defersLoading() || InspectorInstrumentation::isDebuggerPaused(m_frame) in WebCore::DocumentLoader::finishedLoading

Bug 119630 - ASSERTION FAILED: !m_frame->page()->defersLoading() || InspectorInstrumentation::isDebuggerPaused(m_frame) in WebCore::DocumentLoader::finishedLoading

Summary: ASSERTION FAILED: !m_frame->page()->defersLoading() || InspectorInstrumentati...

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Page Loading (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:	116980
	Show dependency tree / graph

Reported:	2013-08-09 08:05 PDT by Renata Hodovan
Modified:	2014-09-08 05:50 PDT (History)
CC List:	6 users (show)

See Also:

Attachments
Test case (158 bytes, text/html) 2013-08-09 08:06 PDT, Renata Hodovan	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Renata Hodovan 2013-08-09 08:05:44 PDT

The test causes the crash:

<html>
   <body>
      <iframe src="data:text/html"></iframe> 
      <script>     
        alert("Page was loaded");     
      </script> 
   </body>
</html>


Reproduction steps:
1) Load the test.
2) Click 'OK' on the alert message.
3) Refresh.


Backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff56f53e4 in WTFCrash () at /home/reni/Data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:342
342	    *(int *)(uintptr_t)0xbbadbeef = 0;
(gdb) bt
#0  0x00007ffff56f53e4 in WTFCrash () at /home/reni/Data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:342
#1  0x00007ffff459d749 in WebCore::DocumentLoader::finishedLoading (this=0xa82020, finishTime=0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:361
#2  0x00007ffff459d652 in WebCore::DocumentLoader::notifyFinished (this=0xa82020, resource=0x89a620)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:344
#3  0x00007ffff45851c0 in WebCore::CachedResource::didAddClient (this=0x89a620, c=0xa82020)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedResource.cpp:499
#4  0x00007ffff4581635 in WebCore::CachedRawResource::didAddClient (this=0x89a620, c=0xa82020)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedRawResource.cpp:140
#5  0x00007ffff4586c84 in WebCore::CachedResource::CachedResourceCallback::timerFired (this=0xa7ddc0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedResource.cpp:914
#6  0x00007ffff458cc49 in WebCore::Timer<WebCore::CachedResource::CachedResourceCallback>::fired (this=0xa7ddd0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/platform/Timer.h:114
#7  0x00007ffff47b2724 in WebCore::ThreadTimers::sharedTimerFiredInternal (this=0x6e4510)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/platform/ThreadTimers.cpp:129
#8  0x00007ffff47b2611 in WebCore::ThreadTimers::sharedTimerFired () at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/platform/ThreadTimers.cpp:105
#9  0x00007ffff4aac8e8 in WebCore::SharedTimerQt::timerEvent (this=0x6e4540, ev=0x7fffffffb1f0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/platform/qt/SharedTimerQt.cpp:113
#10 0x00007ffff221266c in QObject::event(QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#11 0x00007ffff3058dbc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#12 0x00007ffff305c075 in QApplication::notify(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#13 0x00007ffff21ecdbe in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#14 0x00007ffff223375c in QTimerInfoList::activateTimers() () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#15 0x00007ffff2234094 in ?? () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#16 0x00007fffee3790a6 in g_main_dispatch (context=0x6632f0) at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3058
#17 g_main_context_dispatch (context=context@entry=0x6632f0) at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3634
#18 0x00007fffee3793f8 in g_main_context_iterate (context=context@entry=0x6632f0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>)
    at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3705
#19 0x00007fffee37949c in g_main_context_iteration (context=0x6632f0, may_block=1) at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3766
#20 0x00007ffff22344bc in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
   from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#21 0x00007ffff21ebd3b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#22 0x00007ffff321381b in QDialog::exec() () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#23 0x00007ffff7bb0da1 in QWebPage::javaScriptAlert (this=0x743ef0, frame=0x70aea0, msg=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/qt/WidgetApi/qwebpage.cpp:1516
#24 0x00007ffff7bae058 in QWebPagePrivate::javaScriptAlert (this=0x7409e0, frame=0x7b1fe0, msg=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/qt/WidgetApi/qwebpage.cpp:288

#25 0x00007ffff3b85fb5 in WebCore::ChromeClientQt::runJavaScriptAlert (this=0x740d10, f=0x7b0c10, msg=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/qt/WebCoreSupport/ChromeClientQt.cpp:343
#26 0x00007ffff4619ce6 in WebCore::Chrome::runJavaScriptAlert (this=0x743fc0, frame=0x7b0c10, message=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/page/Chrome.cpp:322
#27 0x00007ffff463b8eb in WebCore::DOMWindow::alert (this=0x89c410, message=...) at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/page/DOMWindow.cpp:1055
---Type <return> to continue, or q <return> to quit---
#28 0x00007ffff50a4127 in WebCore::jsDOMWindowPrototypeFunctionAlert (exec=0x7fffe409b0a8) at generated/JSDOMWindow.cpp:14480
#29 0x00007fff9ffff0e5 in ?? ()
#30 0x00007fffffffb840 in ?? ()
#31 0x00007ffff6812b14 in llint_op_call () from /home/reni/Data/REPOS/webkit_sec/WebKitBuild/Debug/lib/libQt5WebKit.so.5
#32 0x00007fffffffb7f0 in ?? ()
#33 0x00007ffff554cae5 in JSC::JSStack::installTrapsAfterFrame (this=0x0, frame=0x0)
    at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/interpreter/JSStackInlines.h:212
#34 0x00007ffff555d7b4 in JSC::JITCode::execute (this=0xa7dd70, stack=0x7b5e08, callFrame=0x7fffe409b058, vm=0x7f8300)
    at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/jit/JITCode.cpp:46
#35 0x00007ffff554936b in JSC::Interpreter::execute (this=0x7b5df0, program=0x7fff8638fe70, callFrame=0x7fff9c03f4e0, thisObj=0x7fffe402ffd8)
    at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/interpreter/Interpreter.cpp:851
#36 0x00007ffff5628362 in JSC::evaluate (exec=0x7fff9c03f4e0, source=..., thisValue=..., returnedException=0x7fffffffc540)
    at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/runtime/Completion.cpp:83

#37 0x00007ffff3f6abe3 in WebCore::JSMainThreadExecState::evaluate (exec=0x7fff9c03f4e0, source=..., thisValue=..., exception=0x7fffffffc540)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/bindings/js/JSMainThreadExecState.h:74
#38 0x00007ffff3f89192 in WebCore::ScriptController::evaluateInWorld (this=0x774400, sourceCode=..., world=0x76e220)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/bindings/js/ScriptController.cpp:142
#39 0x00007ffff3f89298 in WebCore::ScriptController::evaluate (this=0x774400, sourceCode=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/bindings/js/ScriptController.cpp:158
#40 0x00007ffff427748d in WebCore::ScriptElement::executeScript (this=0xa7e5e8, sourceCode=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/dom/ScriptElement.cpp:316
#41 0x00007ffff4276c68 in WebCore::ScriptElement::prepareScript (this=0xa7e5e8, scriptStartPosition=..., 
    supportLegacyTypes=WebCore::ScriptElement::DisallowLegacyTypeInTypeAttribute) at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/dom/ScriptElement.cpp:245
#42 0x00007ffff4426e4d in WebCore::HTMLScriptRunner::runScript (this=0x773cf0, script=0xa7e580, scriptStartPosition=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLScriptRunner.cpp:312
#43 0x00007ffff442659e in WebCore::HTMLScriptRunner::execute (this=0x773cf0, scriptElement=..., scriptStartPosition=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLScriptRunner.cpp:181
#44 0x00007ffff44134a9 in WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder (this=0x73b3d0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLDocumentParser.cpp:271
#45 0x00007ffff4413594 in WebCore::HTMLDocumentParser::canTakeNextToken (this=0x73b3d0, mode=WebCore::HTMLDocumentParser::AllowYield, session=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLDocumentParser.cpp:290
#46 0x00007ffff4413bac in WebCore::HTMLDocumentParser::pumpTokenizer (this=0x73b3d0, mode=WebCore::HTMLDocumentParser::AllowYield)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLDocumentParser.cpp:535
#47 0x00007ffff4413317 in WebCore::HTMLDocumentParser::pumpTokenizerIfPossible (this=0x73b3d0, mode=WebCore::HTMLDocumentParser::AllowYield)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLDocumentParser.cpp:235
#48 0x00007ffff44144b6 in WebCore::HTMLDocumentParser::append (this=0x73b3d0, inputSource=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/html/parser/HTMLDocumentParser.cpp:747
#49 0x00007ffff41a5099 in WebCore::DecodedDataDocumentParser::flush (this=0x73b3d0, writer=0x8985b0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/dom/DecodedDataDocumentParser.cpp:60
#50 0x00007ffff45aad6b in WebCore::DocumentWriter::end (this=0x8985b0) at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentWriter.cpp:245
#51 0x00007ffff459d8e4 in WebCore::DocumentLoader::finishedLoading (this=0x898510, finishTime=0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:402
---Type <return> to continue, or q <return> to quit---
#52 0x00007ffff459d652 in WebCore::DocumentLoader::notifyFinished (this=0x898510, resource=0xa711c0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:344
#53 0x00007ffff4584948 in WebCore::CachedResource::checkNotify (this=0xa711c0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedResource.cpp:369
#54 0x00007ffff4584a1e in WebCore::CachedResource::finishLoading (this=0xa711c0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedResource.cpp:385
#55 0x00007ffff4581170 in WebCore::CachedRawResource::finishLoading (this=0xa711c0, data=0x88b630)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedRawResource.cpp:94
#56 0x00007ffff45e7765 in WebCore::SubresourceLoader::didFinishLoading (this=0x895160, finishTime=0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/SubresourceLoader.cpp:282
#57 0x00007ffff45de04f in WebCore::ResourceLoader::didFinishLoading (this=0x895160, finishTime=0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/ResourceLoader.cpp:488
#58 0x00007ffff4a878e3 in WebCore::QNetworkReplyHandler::finish (this=0xa72dd0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:516
#59 0x00007ffff4a86602 in WebCore::QNetworkReplyHandlerCallQueue::flush (this=0xa72e08)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:250
#60 0x00007ffff4a862ff in WebCore::QNetworkReplyHandlerCallQueue::push (this=0xa72e08, 
    method=(void (WebCore::QNetworkReplyHandler::*)(WebCore::QNetworkReplyHandler * const)) 0x7ffff4a87728 <WebCore::QNetworkReplyHandler::finish()>)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:216
#61 0x00007ffff4a8724c in WebCore::QNetworkReplyWrapper::didReceiveFinished (this=0x865d50)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:409
#62 0x00007ffff4a89bde in WebCore::QNetworkReplyWrapper::qt_static_metacall (_o=0x865d50, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x7fffffffcf90)
    at .moc/release-shared/moc_QNetworkReplyHandler.cpp:176
#63 0x00007ffff22115cb in QMetaObject::activate(QObject*, int, int, void**) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#64 0x00007ffff221284e in QObject::event(QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#65 0x00007ffff3058dbc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#66 0x00007ffff305c075 in QApplication::notify(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Widgets.so.5
#67 0x00007ffff21ecdbe in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#68 0x00007ffff21eea76 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) ()
   from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#69 0x00007ffff2234333 in ?? () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#70 0x00007fffee3790a6 in g_main_dispatch (context=0x6632f0) at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3058
#71 g_main_context_dispatch (context=context@entry=0x6632f0) at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3634
#72 0x00007fffee3793f8 in g_main_context_iterate (context=context@entry=0x6632f0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>)
    at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3705
#73 0x00007fffee37949c in g_main_context_iteration (context=0x6632f0, may_block=1) at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3766
#74 0x00007ffff22344bc in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
   from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#75 0x00007ffff21ebd3b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#76 0x00007ffff21ef120 in QCoreApplication::exec() () from /usr/local/Trolltech/Qt5/Qt-5.0.0-r40/lib/libQt5Core.so.5
#77 0x0000000000421ba0 in launcherMain (app=...) at /home/reni/Data/REPOS/webkit_sec/Tools/QtTestBrowser/qttestbrowser.cpp:49
#78 0x0000000000423680 in main (argc=2, argv=0x7fffffffdc68) at /home/reni/Data/REPOS/webkit_sec/Tools/QtTestBrowser/qttestbrowser.cpp:318

Comment 1 Renata Hodovan 2013-08-09 08:06:57 PDT

Created attachment 208434 [details]
Test case

Comment 2 Renata Hodovan 2014-09-08 05:50:20 PDT

The issue is not reproducible anymore.