123802 – [EFL] Crash in WebCore::ResourceLoadNotifier::dispatchDidReceiveData

Bug 123802 - [EFL] Crash in WebCore::ResourceLoadNotifier::dispatchDidReceiveData

Summary: [EFL] Crash in WebCore::ResourceLoadNotifier::dispatchDidReceiveData

Status:	RESOLVED WONTFIX

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Page Loading (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Renata Hodovan

URL:
Keywords:

Depends on:
Blocks:	116980
	Show dependency tree / graph

Reported:	2013-11-05 05:46 PST by Renata Hodovan
Modified:	2017-03-11 10:42 PST (History)
CC List:	6 users (show)

See Also:

Attachments
Test case (84 bytes, text/html) 2013-11-05 05:46 PST, Renata Hodovan	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Renata Hodovan 2013-11-05 05:46:13 PST

Created attachment 216032 [details]
Test case

Crash and various assertion failures happen with EWebLauncher with the following simple test case:

<object data="http://pagead2.googlesyndication.com/pagead/TemplateContainer.swf"  > 


The backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff17633a4 in WebCore::ResourceLoadNotifier::dispatchDidReceiveData (this=0x20, loader=0x1392d50, identifier=4, 
    data=0x12313f0 "<html><body><div style=\"color:#ff0000\">ERROR!</div><br><div>Code: 302<br>Domain: WebKitNetworkError<br>Description: Load request cancelled<br>URL: http://pagead2.googlesyndication.com/pagead/TemplateC"..., dataLength=231, encodedDataLength=-1)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/ResourceLoadNotifier.cpp:139
139	    m_frame.loader().client().dispatchDidReceiveContentLength(loader, identifier, dataLength);
(gdb) bt
#0  0x00007ffff17633a4 in WebCore::ResourceLoadNotifier::dispatchDidReceiveData (this=0x20, loader=0x1392d50, identifier=4, 
    data=0x12313f0 "<html><body><div style=\"color:#ff0000\">ERROR!</div><br><div>Code: 302<br>Domain: WebKitNetworkError<br>Description: Load request cancelled<br>URL: http://pagead2.googlesyndication.com/pagead/TemplateC"..., dataLength=231, encodedDataLength=-1)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/ResourceLoadNotifier.cpp:139
#1  0x00007ffff171fb1f in WebCore::DocumentLoader::dataReceived (this=0x1392d50, resource=0x0, 
    data=0x12313f0 "<html><body><div style=\"color:#ff0000\">ERROR!</div><br><div>Code: 302<br>Domain: WebKitNetworkError<br>Description: Load request cancelled<br>URL: http://pagead2.googlesyndication.com/pagead/TemplateC"..., length=231)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:855
#2  0x00007ffff171f50b in WebCore::DocumentLoader::continueAfterContentPolicy (this=0x1392d50, policy=WebCore::PolicyUse)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:724
#3  0x00007ffff171ede1 in WebCore::DocumentLoader::responseReceived (this=0x1392d50, resource=0x0, response=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:624
#4  0x00007ffff171de87 in WebCore::DocumentLoader::handleSubstituteDataLoadNow (this=0x1392d50)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:443
#5  0x00007ffff171df09 in WebCore::DocumentLoader::handleSubstituteDataLoadSoon (this=0x1392d50)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:461
#6  0x00007ffff1721eaa in WebCore::DocumentLoader::startLoadingMainResource (this=0x1392d50)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:1383
#7  0x00007ffff1743f18 in WebCore::FrameLoader::continueLoadAfterWillSubmitForm (this=0x11d77a8)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/FrameLoader.cpp:2227
#8  0x00007ffff1746b9f in WebCore::FrameLoader::continueLoadAfterNavigationPolicy (this=0x11d77a8, formState=..., shouldContinue=true)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/FrameLoader.cpp:2875
#9  0x00007ffff1746053 in WebCore::FrameLoader::callContinueLoadAfterNavigationPolicy (argument=0x11d77a8, request=..., formState=..., shouldContinue=true)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/FrameLoader.cpp:2707
---Type <return> to continue, or q <return> to quit---
#10 0x00007ffff175e1bd in WebCore::PolicyChecker::checkNavigationPolicy (this=0x1181470, request=..., loader=0x1392d50, formState=..., 
    function=0x7ffff1746004 <WebCore::FrameLoader::callContinueLoadAfterNavigationPolicy(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool)>, argument=0x11d77a8) at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/PolicyChecker.cpp:82
#11 0x00007ffff1740a85 in WebCore::FrameLoader::loadWithDocumentLoader (this=0x11d77a8, loader=0x1392d50, type=WebCore::FrameLoadTypeStandard, 
    prpFormState=...) at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/FrameLoader.cpp:1425
#12 0x00007ffff17404d4 in WebCore::FrameLoader::load (this=0x11d77a8, newDocumentLoader=0x1392d50)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/FrameLoader.cpp:1365
#13 0x00007ffff174007b in WebCore::FrameLoader::load (this=0x11d77a8, passedRequest=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/FrameLoader.cpp:1315
#14 0x00007ffff7b2cd06 in _ewk_frame_contents_set_internal (smartData=0x1228240, 
    contents=0x7fffffffb420 "<html><body><div style=\"color:#ff0000\">ERROR!</div><br><div>Code: 302<br>Domain: WebKitNetworkError<br>Description: Load request cancelled<br>URL: http://pagead2.googlesyndication.com/pagead/TemplateC"..., contentsSize=231, mimeType=0x407ae2 "text/html", encoding=0x407adc "UTF-8", 
    baseUri=0x1390db0 "http://pagead2.googlesyndication.com/pagead/TemplateContainer.swf", unreachableUri=0x0)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/efl/ewk/ewk_frame.cpp:420
#15 0x00007ffff7b2cf84 in ewk_frame_contents_set (ewkFrame=0x113bbf0, 
    contents=0x7fffffffb420 "<html><body><div style=\"color:#ff0000\">ERROR!</div><br><div>Code: 302<br>Domain: WebKitNetworkError<br>Description: Load request cancelled<br>URL: http://pagead2.googlesyndication.com/pagead/TemplateC"..., contentsSize=0, mimeType=0x407ae2 "text/html", encoding=0x407adc "UTF-8", 
    baseUri=0x1390db0 "http://pagead2.googlesyndication.com/pagead/TemplateContainer.swf")
    at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/efl/ewk/ewk_frame.cpp:430
#16 0x000000000040491c in on_load_error (user_data=0x682b20, webview=0x8e46c0, event_info=0x7fffffffb910)
    at /home/reni/Data/REPOS/webkit_sec/Tools/EWebLauncher/main.c:348
#17 0x00007ffff69b6103 in evas_object_smart_callback_call (obj=0x8e46c0, event=<optimized out>, event_info=0x7fffffffb910) at evas_object_smart.c:610
#18 0x00007ffff7b6d799 in ewk_view_load_error (ewkView=0x8e46c0, error=0x7fffffffb910)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/efl/ewk/ewk_view.cpp:3142
---Type <return> to continue, or q <return> to quit---
#19 0x00007ffff7b33f3b in ewk_frame_load_error (ewkFrame=0x113bbf0, errorDomain=0x1390f30 "WebKitNetworkError", errorCode=302, isCancellation=true, 
    errorDescription=0x1392890 "Load request cancelled", failingUrl=0x1390db0 "http://pagead2.googlesyndication.com/pagead/TemplateContainer.swf")
    at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/efl/ewk/ewk_frame.cpp:1485
#20 0x00007ffff7b1db16 in WebCore::FrameLoaderClientEfl::dispatchDidFailLoad (this=0x11d5020, err=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/efl/WebCoreSupport/FrameLoaderClientEfl.cpp:872
#21 0x00007ffff1743dac in WebCore::FrameLoader::checkLoadCompleteForThisFrame (this=0x11d77a8)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/FrameLoader.cpp:2187
#22 0x00007ffff1744904 in WebCore::FrameLoader::checkLoadComplete (this=0x11d77a8)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/FrameLoader.cpp:2355
#23 0x00007ffff173d909 in WebCore::FrameLoader::checkCompleted (this=0x11d77a8)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/FrameLoader.cpp:799
#24 0x00007ffff1745c82 in WebCore::FrameLoader::receivedMainResourceError (this=0x11d77a8, error=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/FrameLoader.cpp:2638
#25 0x00007ffff171d45c in WebCore::DocumentLoader::mainReceivedError (this=0x124d950, error=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:243
#26 0x00007ffff171d9a7 in WebCore::DocumentLoader::notifyFinished (this=0x124d950, resource=0x1232f50)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:354
#27 0x00007ffff17b3c26 in WebCore::CachedResource::checkNotify (this=0x1232f50)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedResource.cpp:369
#28 0x00007ffff17b3d95 in WebCore::CachedResource::error (this=0x1232f50, status=WebCore::CachedResource::LoadError)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedResource.cpp:395
#29 0x00007ffff176e81e in WebCore::SubresourceLoader::didFail (this=0x124e230, error=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/SubresourceLoader.cpp:312
#30 0x00007ffff171f2c7 in WebCore::DocumentLoader::continueAfterContentPolicy (this=0x124d950, policy=WebCore::PolicyDownload)
---Type <return> to continue, or q <return> to quit---
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:695
#31 0x00007ffff171eeee in WebCore::DocumentLoader::callContinueAfterContentPolicy (argument=0x124d950, policy=WebCore::PolicyDownload)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:646
#32 0x00007ffff175db31 in WebCore::PolicyCallback::call (this=0x7fffffffbed0, action=WebCore::PolicyDownload)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/PolicyCallback.cpp:114
#33 0x00007ffff175ec35 in WebCore::PolicyChecker::continueAfterContentPolicy (this=0x1181470, policy=WebCore::PolicyDownload)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/PolicyChecker.cpp:210
#34 0x00007ffff175e611 in operator() (this=0x138eba0, action=WebCore::PolicyDownload)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/PolicyChecker.cpp:123
#35 0x00007ffff175f09f in std::_Function_handler<void(WebCore::PolicyAction), WebCore::PolicyChecker::checkContentPolicy(const WebCore::ResourceResponse&, WebCore::ContentPolicyDecisionFunction, void*)::<lambda(WebCore::PolicyAction)> >::_M_invoke(const std::_Any_data &, WebCore::PolicyAction) (__functor=..., 
    __args#0=WebCore::PolicyDownload) at /usr/include/c++/4.6/functional:1778
#36 0x00007ffff7b20120 in std::function<void (WebCore::PolicyAction)>::operator()(WebCore::PolicyAction) const (this=0x7fffffffc200, 
    __args#0=WebCore::PolicyDownload) at /usr/include/c++/4.6/functional:2161
#37 0x00007ffff7b1a8e6 in WebCore::FrameLoaderClientEfl::callPolicyFunction(std::function<void (WebCore::PolicyAction)>, WebCore::PolicyAction) (
    this=0x11d5020, function=..., action=WebCore::PolicyDownload)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/efl/WebCoreSupport/FrameLoaderClientEfl.cpp:109
#38 0x00007ffff7b1b9aa in WebCore::FrameLoaderClientEfl::dispatchDecidePolicyForResponse(WebCore::ResourceResponse const&, WebCore::ResourceRequest const&, std::function<void (WebCore::PolicyAction)>) (this=0x11d5020, response=..., resourceRequest=..., function=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebKit/efl/WebCoreSupport/FrameLoaderClientEfl.cpp:307
#39 0x00007ffff175e6cb in WebCore::PolicyChecker::checkContentPolicy (this=0x1181470, response=..., 
    function=0x7ffff171eece <WebCore::DocumentLoader::callContinueAfterContentPolicy(void*, WebCore::PolicyAction)>, argument=0x124d950)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/PolicyChecker.cpp:124
#40 0x00007ffff171ee9e in WebCore::DocumentLoader::responseReceived (this=0x124d950, resource=0x1232f50, response=...)
---Type <return> to continue, or q <return> to quit---
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/DocumentLoader.cpp:641
#41 0x00007ffff17b0e61 in WebCore::CachedRawResource::responseReceived (this=0x1232f50, response=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/cache/CachedRawResource.cpp:169
#42 0x00007ffff176dd31 in WebCore::SubresourceLoader::didReceiveResponse (this=0x124e230, response=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/SubresourceLoader.cpp:189
#43 0x00007ffff176a54b in WebCore::ResourceLoader::didReceiveResponse (this=0x124e230, response=...)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/loader/ResourceLoader.cpp:468
#44 0x00007ffff244748a in WebCore::sendRequestCallback (result=0x117da80, data=0x120d600)
    at /home/reni/Data/REPOS/webkit_sec/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:702
#45 0x00007fffe887e46d in g_task_return_now (task=0x117da80) at gtask.c:1105
#46 g_task_return (task=0x117da80, type=<optimized out>) at gtask.c:1158
#47 g_task_return (task=0x117da80, type=<optimized out>) at gtask.c:1126
#48 0x00007fffedcc864c in http_input_stream_ready_cb (source=0x6690e0, result=0x117db50, user_data=0x117da80) at soup-request-http.c:124
#49 0x00007fffe887e46d in g_task_return_now (task=0x117db50) at gtask.c:1105
#50 g_task_return (task=0x117db50, type=<optimized out>) at gtask.c:1158
#51 g_task_return (task=0x117db50, type=<optimized out>) at gtask.c:1126
#52 0x00007fffedccb34a in async_send_request_return_result (item=0x124f840, stream=0x124f940, error=<optimized out>) at soup-session.c:3628
#53 0x00007fffedcd089a in send_async_maybe_complete (stream=0x124f940, item=0x124f840) at soup-session.c:3742
#54 try_run_until_read (item=0x124f840) at soup-session.c:3766
#55 0x00007fffedcd09fd in read_ready_cb (msg=<optimized out>, user_data=0x124f840) at soup-session.c:3753
#56 0x00007fffedf6b473 in g_main_dispatch (context=0x117d2a0) at gmain.c:3054
#57 g_main_context_dispatch (context=0x117d2a0) at gmain.c:3630
#58 0x00007ffff75c8aee in _ecore_glib_select__locked (ecore_timeout=0x117d2a0, efds=<optimized out>, wfds=<optimized out>, rfds=<optimized out>, 
    ecore_fds=3, ctx=<optimized out>) at ecore_glib.c:171
---Type <return> to continue, or q <return> to quit---
#59 _ecore_glib_select (ecore_fds=3, rfds=<optimized out>, wfds=<optimized out>, efds=<optimized out>, ecore_timeout=0x117d2a0) at ecore_glib.c:205
#60 0x00007ffff75c2cb9 in _ecore_main_select (timeout=<optimized out>) at ecore_main.c:1466
#61 0x00007ffff75c3845 in _ecore_main_loop_iterate_internal (once_only=0) at ecore_main.c:1894
#62 0x00007ffff75c3b47 in ecore_main_loop_begin () at ecore_main.c:956
#63 0x0000000000406dfa in main (argc=2, argv=0x7fffffffde68) at /home/reni/Data/REPOS/webkit_sec/Tools/EWebLauncher/main.c:1044

Comment 1 Michael Catanzaro 2017-03-11 10:42:03 PST

Closing this bug because the EFL port has been removed from trunk.

If you feel this bug applies to a different upstream WebKit port and was closed in error, please either update the title and reopen the bug, or leave a comment to request this.