50761 – [Qt] Crash sometimes in QNetworkReplyHandler::finish()

RESOLVED FIXED 50761

[Qt] Crash sometimes in QNetworkReplyHandler::finish()

https://bugs.webkit.org/show_bug.cgi?id=50761

Summary [Qt] Crash sometimes in QNetworkReplyHandler::finish()

Jocelyn Turcotte

Reported 2010-12-09 07:28:45 PST

I would see problems where the QNetworkReply would be deleted in the other thread, but a new QNetworkReply would be allocated by the heap at the same address and would break the comparison code path. Another problem would be that didFinishLoading would eventually call abort on the ResourceHandle, which would call deleteLater on the reply (if in a different thread). Calling deleteLater on oldReply would then cause a crash.

Attachments
Patch (3.15 KB, patch) 2010-12-09 07:32 PST, Jocelyn Turcotte	kenneth: review+ commit-queue: commit-queue-	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Jocelyn Turcotte

Comment 1 2010-12-09 07:32:08 PST

Created attachment 76061 [details] Patch

WebKit Commit Bot

Comment 2 2010-12-09 14:28:39 PST

Comment on attachment 76061 [details] Patch Rejecting patch 76061 from commit-queue. Failed to run "['./WebKitTools/Scripts/webkit-patch', '--status-host=queues.webkit.org', '--bot-id=eseidel-sf', 'apply-attachment', '--force-clean', '--non-interactive', 76061]" exit_code: 2 Last 500 characters of output: 'Kenneth Rohde Christiansen', u'--force']" exit_code: 1 Parsed 2 diffs from patch file(s). patching file WebCore/ChangeLog Hunk #1 succeeded at 1 with fuzz 3. patching file WebCore/platform/network/qt/QNetworkReplyHandler.cpp Hunk #1 FAILED at 300. 1 out of 1 hunk FAILED -- saving rejects to file WebCore/platform/network/qt/QNetworkReplyHandler.cpp.rej Failed to run "[u'/Projects/CommitQueue/WebKitTools/Scripts/svn-apply', u'--reviewer', u'Kenneth Rohde Christiansen', u'--force']" exit_code: 1 Full output: http://queues.webkit.org/results/6943017

Jocelyn Turcotte

Comment 3 2010-12-10 02:44:38 PST

Committed r73708: <http://trac.webkit.org/changeset/73708>

WebKit Review Bot

Comment 4 2010-12-10 11:46:10 PST

http://trac.webkit.org/changeset/73708 might have broken GTK Linux 32-bit Debug

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P3

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware All

OS All

Product WebKit

Component Page Loading

Assignee

Nobody

Reported

2010-12-09 07:28 PST

Modified

2010-12-10 11:46 PST History

CC List

4 users Show

URL

Keywords Qt, QtTriaged

Depends on

Blocks