1) install swfdec-mozilla's plugin from git (I guess Adobe has the same problem, but didn't test) 2) configure webkit with soup backend (no idea if it'd break with curl, too) 3) go to Youtube 4) watch any video 5) leave site while video is still loading result: Program received signal SIGSEGV, Segmentation fault. 0x00000007 in ?? () (gdb) where #0 0x00000007 in ?? () #1 0xb7ba9e20 in WebCore::NetscapePlugInStreamLoader::didFinishLoading (this=0xb598a1c0) at WebCore/loader/NetscapePlugInStreamLoader.cpp:97 #2 0xb7baca38 in WebCore::ResourceLoader::didFinishLoading (this=0xb598a1c0) at WebCore/loader/ResourceLoader.cpp:389 #3 0xb7d1eda5 in WebCore::ResourceHandle::cancel (this=0xb2a07818) at WebCore/platform/network/soup/ResourceHandleSoup.cpp:345 #4 0xb7bad7d5 in WebCore::ResourceLoader::didCancel (this=0xb598a1c0, error=@0xbf8e63a0) at WebCore/loader/ResourceLoader.cpp:328 #5 0xb7ba9aa1 in WebCore::NetscapePlugInStreamLoader::didCancel (this=0xb598a1c0, error=@0xbf8e63a0) at WebCore/loader/NetscapePlugInStreamLoader.cpp:116 #6 0xb7bad173 in WebCore::ResourceLoader::cancel (this=0xb598a1c0, error=@0xbf8e63e0) at WebCore/loader/ResourceLoader.cpp:349 #7 0xb7bacae7 in WebCore::ResourceLoader::cancel (this=0xb598a1c0) at WebCore/loader/ResourceLoader.cpp:339 #8 0xb7b7e995 in cancelAll (loaders=@0xb22ec03c) at WebCore/loader/DocumentLoader.cpp:126 #9 0xb7b7e9f0 in WebCore::DocumentLoader::stopLoadingPlugIns (this=0xb22ec000) at WebCore/loader/DocumentLoader.cpp:724 #10 0xb7b7fab1 in WebCore::DocumentLoader::stopLoading (this=0xb22ec000) at WebCore/loader/DocumentLoader.cpp:310 #11 0xb7b8ccac in WebCore::FrameLoader::stopAllLoaders (this=0xb591ba24) at WebCore/loader/FrameLoader.cpp:2493 #12 0xb7b95a18 in WebCore::FrameLoader::continueLoadAfterNavigationPolicy (this=0xb591ba24, request=@0xbf8e65dc, formState=@0xbf8e656c, shouldContinue=true) at WebCore/loader/FrameLoader.cpp:3734 #13 0xb7b95b82 in WebCore::FrameLoader::callContinueLoadAfterNavigationPolicy (argument=0xb591ba24, request=@0xbf8e65dc, formState=@0xbf8e65ac, shouldContinue=true) at WebCore/loader/FrameLoader.cpp:3694 #14 0xb7b8c763 in WebCore::PolicyCheck::call (this=0xbf8e65dc, shouldContinue=true) at WebCore/loader/FrameLoader.cpp:4689 #15 0xb7b8c990 in WebCore::FrameLoader::continueAfterNavigationPolicy (this=0xb591ba24, policy=WebCore::PolicyUse) at WebCore/loader/FrameLoader.cpp:3687 #16 0xb794d488 in WebKit::FrameLoaderClient::dispatchDecidePolicyForNavigationAction (this=0xb5918f00, policyFunction=0xb7b8c804 <WebCore::FrameLoader::continueAfterNavigationPolicy(WebCore::PolicyAction)>, action=@0xbf8e67d8, resourceRequest=@0xb22f01d8) at WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:283 #17 0xb7b8c671 in WebCore::FrameLoader::checkNavigationPolicy (this=0xb591ba24, request=@0xb22f01d8, loader=0xb22f0000, formState=@0xbf8e686c, function=0xb7b95b3c <WebCore::FrameLoader::callContinueLoadAfterNavigationPolicy(void*, WebCore::ResourceRequest const&, WTF::PassRefPtr<WebCore::FormState>, bool)>, argument=0xb591ba24) at WebCore/loader/FrameLoader.cpp:3656 #18 0xb7b8d7f7 in WebCore::FrameLoader::load (this=0xb591ba24, loader=0xb22f0000, type=WebCore::FrameLoadTypeStandard, formState=@0xbf8e6918) at WebCore/loader/FrameLoader.cpp:2241 #19 0xb7b8e37a in WebCore::FrameLoader::load (this=0xb591ba24, request=@0xbf8e695c, action=@0xbf8e69e8, type=WebCore::FrameLoadTypeStandard, formState=@0xbf8e6a3c) at WebCore/loader/FrameLoader.cpp:2194 #20 0xb7b8e9c2 in WebCore::FrameLoader::load (this=0xb591ba24, newURL=@0xbf8e6bb4, referrer=@0xbf8e6b2c, newLoadType=WebCore::FrameLoadTypeStandard, frameName=@0xbf8e6c40, event=0xb17ff310, formState=@0xbf8e6b04) at WebCore/loader/FrameLoader.cpp:2142 #21 0xb7b8fa53 in WebCore::FrameLoader::load (this=0xb591ba24, request=@0xbf8e6bb4, lockHistory=false, userGesture=true, event=0xb17ff310, submitForm=0xb5948ea0, formValues=@0xb591bb9c) at WebCore/loader/FrameLoader.cpp:2078 #22 0xb7b8fdf7 in WebCore::FrameLoader::submitForm (this=0xb591ba24, request=@0xbf8e6bb4, event=0xb17ff310) at WebCore/loader/FrameLoader.cpp:3253 #23 0xb7b903cc in WebCore::FrameLoader::submitForm (this=0xb591ba24, action=0xb7edd6ea "GET", url=@0xb5948f0c, formData=@0xbf8e6d38, target=@0xb5948f10, contentType=@0xbf8e6d34, boundary=@0xbf8e6d30, event=0xb17ff310) at WebCore/loader/FrameLoader.cpp:567 #24 0xb7b26a58 in WebCore::HTMLFormElement::submit (this=0xb5948ea0, event=0xb17ff310, activateSubmitButton=true) at WebCore/html/HTMLFormElement.cpp:494 #25 0xb7b26c17 in WebCore::HTMLFormElement::prepareSubmit (this=0xb5948ea0, event=0xb17ff310) at WebCore/html/HTMLFormElement.cpp:365 #26 0xb7b38705 in WebCore::HTMLInputElement::defaultEventHandler (this=0xb5918280, evt=0xb17ff310) at WebCore/html/HTMLInputElement.cpp:1160 #27 0xb7a72910 in WebCore::EventTarget::dispatchGenericEvent (this=0xb59182a8, referenceNode=0xb5918280, e=@0xbf8e701c, tempEvent=true) at WebCore/dom/EventTarget.cpp:262 #28 0xb7a7397f in WebCore::EventTargetNode::dispatchEvent (this=0xb5918280, e=@0xbf8e7074, ec=@0xbf8e7084, tempEvent=true) at WebCore/dom/EventTargetNode.cpp:121 ...
This seems to be a bug in the soup backend, caused by didFinishLoading() calls in cancel().
This fixes the issue in ResourceHandleSoup.cpp, but I'm not too sure what the correct fix will be: void ResourceHandle::cancel() { d->m_cancelled = true; if (d->m_msg) { soup_session_cancel_message(session, d->m_msg, SOUP_STATUS_CANCELLED); // For re-entrancy troubles we call didFinishLoading when the message hasn't been handled yet. // FIXME: Temporarily disabled to work around plugin crash // http://bugs.webkit.org/show_bug.cgi?id=18847 //d->client()->didFinishLoading(this); } else if (d->m_cancellable) { g_cancellable_cancel(d->m_cancellable); // FIXME: Temporarily disabled to work around plugin crash // http://bugs.webkit.org/show_bug.cgi?id=18847 //d->client()->didFinishLoading(this); } }
I confirmed this bug is fixed by the patch bug #23116.
I hadn't seen that bug before =/. Yeah, that was exactly the fix that was actually landed: http://trac.webkit.org/changeset/41453.