Bug 29450 - [Qt] QWebPluginFactory: When providing a widget for the PDF mime type it will cause a crash
Summary: [Qt] QWebPluginFactory: When providing a widget for the PDF mime type it will...
Status: CLOSED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Plug-ins (show other bugs)
Version: 528+ (Nightly build)
Hardware: Other All
: P2 Critical
Assignee: QtWebKit Unassigned
URL:
Keywords: Qt
: 29445 32704 (view as bug list)
Depends on:
Blocks: 35784
  Show dependency treegraph
 
Reported: 2009-09-18 07:58 PDT by Tor Arne Vestbø
Modified: 2010-04-08 00:54 PDT (History)
7 users (show)

See Also:


Attachments
Test case from bug #29445 (2.44 KB, application/octet-stream)
2010-03-09 03:10 PST, Jocelyn Turcotte
no flags Details
TestCase (use a QLabel instead of the real AcroRead activeX, same crash) (2.31 KB, application/octet-stream)
2010-03-09 03:11 PST, Jocelyn Turcotte
no flags Details
Stack trace (11.98 KB, text/plain)
2010-03-09 03:12 PST, Jocelyn Turcotte
no flags Details
"Universal" test case, crash on any system with flash plugin enabled. (994 bytes, application/octet-stream)
2010-03-26 14:12 PDT, Pierre
no flags Details
Proposed patch (2.24 KB, patch)
2010-04-07 03:37 PDT, Andreas Kling
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Tor Arne Vestbø 2009-09-18 07:58:06 PDT
This bug report originated from issue QTBUG-4259
<http://bugreports.qt.nokia.com/browse/QTBUG-4259>

--- Description ---

QWebPluginFactory: When providing a widget for the PDF mime type it will cause a crash
Comment 1 Jocelyn Turcotte 2010-03-09 03:09:25 PST
*** Bug 29445 has been marked as a duplicate of this bug. ***
Comment 2 Jocelyn Turcotte 2010-03-09 03:10:24 PST
Created attachment 50284 [details]
Test case from bug #29445
Comment 3 Jocelyn Turcotte 2010-03-09 03:11:33 PST
Created attachment 50285 [details]
TestCase (use a QLabel instead of the real AcroRead activeX, same crash)
Comment 4 Jocelyn Turcotte 2010-03-09 03:12:23 PST
Created attachment 50286 [details]
Stack trace

Reproduced with trunk on Windows
Comment 5 Jocelyn Turcotte 2010-03-17 04:58:47 PDT
*** Bug 32704 has been marked as a duplicate of this bug. ***
Comment 6 Tor Arne Vestbø 2010-03-22 07:37:17 PDT
Could not reproduce on Mac OS 10.6. 

Changed the test-case to load 

data:text/html,<object data='http://www.quintcareers.com/employment_application.pdf' type=application/pdf>

so that we actually trigger the pdf mimetype path, but no crash.
Comment 7 Andreas Kling 2010-03-26 09:58:42 PDT
Cannot reproduce on Linux.
Comment 8 Pierre 2010-03-26 14:11:17 PDT
This bug is reproductible on any platform.
I will attach a new test case, that does crash on Linux and Windows at least.
It requires the Flash plugin to be installed and "available" for WebKit.
Comment 9 Pierre 2010-03-26 14:12:20 PDT
Created attachment 51777 [details]
"Universal" test case, crash on any system with flash plugin enabled.

This will crash on any platform.
Comment 10 Benjamin Poulain 2010-04-06 05:14:41 PDT
Confirmed with trunk.
Backtrace:

#0  0x00007ffff7719010 in typeinfo name for WebCore::QtPluginWidget () from /home/ikipou/build/webkit/oslo-staging-1_release_64/Release/lib/libQtWebKit.so.4
#1  0x00007ffff7390fbf in WebCore::FrameLoaderClientQt::committedLoad(WebCore::DocumentLoader*, char const*, int) () from /home/ikipou/build/webkit/oslo-staging-1_release_64/Release/lib/libQtWebKit.so.4
#2  0x00007ffff716d269 in WebCore::DocumentLoader::commitLoad(char const*, int) () from /home/ikipou/build/webkit/oslo-staging-1_release_64/Release/lib/libQtWebKit.so.4
#3  0x00007ffff71a9831 in WebCore::ResourceLoader::didReceiveData(char const*, int, long long, bool) () from /home/ikipou/build/webkit/oslo-staging-1_release_64/Release/lib/libQtWebKit.so.4
#4  0x00007ffff719b93c in WebCore::MainResourceLoader::didReceiveData(char const*, int, long long, bool) () from /home/ikipou/build/webkit/oslo-staging-1_release_64/Release/lib/libQtWebKit.so.4
#5  0x00007ffff71a90f3 in WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle*, char const*, int, int) () from /home/ikipou/build/webkit/oslo-staging-1_release_64/Release/lib/libQtWebKit.so.4
#6  0x00007ffff7371d36 in WebCore::QNetworkReplyHandler::forwardData() () from /home/ikipou/build/webkit/oslo-staging-1_release_64/Release/lib/libQtWebKit.so.4
#7  0x00007ffff7373594 in WebCore::QNetworkReplyHandler::qt_metacall(QMetaObject::Call, int, void**) () from /home/ikipou/build/webkit/oslo-staging-1_release_64/Release/lib/libQtWebKit.so.4
#8  0x00007ffff4633006 in QMetaObject::activate (sender=0x717250, m=<value optimized out>, local_signal_index=<value optimized out>, argv=0x0) at /home/ikipou/dev/oslo-staging-1/src/corelib/kernel/qobject.cpp:3295
#9  0x00007ffff56f82d0 in QNetworkReplyImplPrivate::appendDownstreamData (this=0x729d30, data=<value optimized out>) at /home/ikipou/dev/oslo-staging-1/src/network/access/qnetworkreplyimpl.cpp:538
#10 0x00007ffff56e55f7 in QNetworkAccessHttpBackend::readFromHttp (this=0x7164f0) at /home/ikipou/dev/oslo-staging-1/src/network/access/qnetworkaccesshttpbackend.cpp:734
#11 0x00007ffff575f628 in QNetworkAccessHttpBackend::qt_metacall (this=0x7164f0, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fffffffd4e0) at .moc/release-shared/moc_qnetworkaccesshttpbackend_p.cpp:85
#12 0x00007ffff4633006 in QMetaObject::activate (sender=0x7261b0, m=<value optimized out>, local_signal_index=<value optimized out>, argv=0x0) at /home/ikipou/dev/oslo-staging-1/src/corelib/kernel/qobject.cpp:3295
#13 0x00007ffff56cff92 in QHttpNetworkConnectionChannel::_q_receiveReply (this=0x72a838) at /home/ikipou/dev/oslo-staging-1/src/network/access/qhttpnetworkconnectionchannel.cpp:412
#14 0x00007ffff56d08c0 in QHttpNetworkConnectionChannel::qt_metacall (this=0x72a838, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fffffffd6b0) at .moc/release-shared/moc_qhttpnetworkconnectionchannel_p.cpp:92
#15 0x00007ffff4633006 in QMetaObject::activate (sender=0x72b0d0, m=<value optimized out>, local_signal_index=<value optimized out>, argv=0x0) at /home/ikipou/dev/oslo-staging-1/src/corelib/kernel/qobject.cpp:3295
#16 0x00007ffff5735dff in QAbstractSocketPrivate::canReadNotification (this=0x72b0f0) at /home/ikipou/dev/oslo-staging-1/src/network/socket/qabstractsocket.cpp:639
#17 0x00007ffff57251d1 in QReadNotifier::event (this=<value optimized out>, e=0x7fffe6eb03e8) at /home/ikipou/dev/oslo-staging-1/src/network/socket/qnativesocketengine.cpp:1103
#18 0x00007ffff4b584ac in QApplicationPrivate::notify_helper (this=0x60b700, receiver=0x728450, e=0x7fffffffdc10) at /home/ikipou/dev/oslo-staging-1/src/gui/kernel/qapplication.cpp:4341
#19 0x00007ffff4b5fbad in QApplication::notify (this=0x7fffffffded0, receiver=0x728450, e=0x7fffffffdc10) at /home/ikipou/dev/oslo-staging-1/src/gui/kernel/qapplication.cpp:4224
#20 0x00007ffff461e85c in QCoreApplication::notifyInternal (this=0x7fffffffded0, receiver=0x728450, event=0x7fffffffdc10) at /home/ikipou/dev/oslo-staging-1/src/corelib/kernel/qcoreapplication.cpp:704
#21 0x00007ffff464a2ca in QCoreApplication::sendEvent (source=0x618df0) at ../../include/QtCore/../../../oslo-staging-1/src/corelib/kernel/qcoreapplication.h:215
#22 socketNotifierSourceDispatch (source=0x618df0) at /home/ikipou/dev/oslo-staging-1/src/corelib/kernel/qeventdispatcher_glib.cpp:110
#23 0x00007ffff1f92bce in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#24 0x00007ffff1f96598 in ?? () from /lib/libglib-2.0.so.0
#25 0x00007ffff1f966c0 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#26 0x00007ffff4649f13 in QEventDispatcherGlib::processEvents (this=0x615370, flags=<value optimized out>) at /home/ikipou/dev/oslo-staging-1/src/corelib/kernel/qeventdispatcher_glib.cpp:412
#27 0x00007ffff4c0841e in QGuiEventDispatcherGlib::processEvents (this=0x7fffe6efe2d8, flags=<value optimized out>) at /home/ikipou/dev/oslo-staging-1/src/gui/kernel/qguieventdispatcher_glib.cpp:204
#28 0x00007ffff461d592 in QEventLoop::processEvents (this=<value optimized out>, flags=DWARF-2 expression error: DW_OP_reg operations must be used either alone or in conjuction with DW_OP_piece.
) at /home/ikipou/dev/oslo-staging-1/src/corelib/kernel/qeventloop.cpp:149
#29 0x00007ffff461d96c in QEventLoop::exec (this=0x7fffffffde70, flags=DWARF-2 expression error: DW_OP_reg operations must be used either alone or in conjuction with DW_OP_piece.
) at /home/ikipou/dev/oslo-staging-1/src/corelib/kernel/qeventloop.cpp:201
#30 0x00007ffff4622939 in QCoreApplication::exec () at /home/ikipou/dev/oslo-staging-1/src/corelib/kernel/qcoreapplication.cpp:981
#31 0x0000000000401dbc in main ()
Comment 11 Andreas Kling 2010-04-07 03:37:25 PDT
Created attachment 52724 [details]
Proposed patch
Comment 12 Simon Hausmann 2010-04-07 03:40:27 PDT
Comment on attachment 52724 [details]
Proposed patch

LGTM
Comment 13 WebKit Commit Bot 2010-04-07 04:15:07 PDT
Comment on attachment 52724 [details]
Proposed patch

Clearing flags on attachment: 52724

Committed r57202: <http://trac.webkit.org/changeset/57202>
Comment 14 WebKit Commit Bot 2010-04-07 04:15:14 PDT
All reviewed patches have been landed.  Closing bug.
Comment 15 Simon Hausmann 2010-04-08 00:54:44 PDT
Revision r57202 cherry-picked into qtwebkit-2.0 with commit 75a63ec54e29f49deafdd2dcac789f2ef66be6ef