[Webkit-unassigned] [Bug 30989] [Gtk, WML] Assert failure in http://wap.google.com/wml

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Dec 13 06:57:42 PST 2009 

https://bugs.webkit.org/show_bug.cgi?id=30989





--- Comment #16 from Nayan <nayankk at gmail.com>  2009-12-13 06:57:41 PST ---
Deal All,

I investigated more on layout test, I feel it is not possible to write the
layout test for this use case. Even with the dynamically generated layout test
(https://bug-30989-attachments.webkit.org/attachment.cgi?id=43777), GTKLauncher
is not crashing. I debugged this layout test with the aid of JavaScript logger
tool jslogging (http://www.alistapart.com/articles/jslogging) and found that
all element nodes and attributes are set to the expected values.

Also, I debugged this test with gdb. Here, there is only one DocumentLoader
getting created. (In case of crashes, 2 DocumentLoaders were created).

Breakpoint 2, DocumentLoader (this=0x8157c00, req=..., substituteData=...)
    at ../../WebCore/loader/DocumentLoader.cpp:151
151        , m_applicationCacheHost(new ApplicationCacheHost(this))
(gdb) bt
#0  DocumentLoader (this=0x8157c00, req=..., substituteData=...)
    at ../../WebCore/loader/DocumentLoader.cpp:151
#1  0x00e62ffd in DocumentLoader (this=0x8157c00, request=...,
substituteData=...)
    at ../../WebKit/gtk/WebCoreSupport/DocumentLoaderGtk.cpp:42
#2  0x00e712e1 in WebKit::DocumentLoader::create (request=..., data=...)
    at ../../WebKit/gtk/WebCoreSupport/DocumentLoaderGtk.h:48
#3  0x00e6be2e in WebKit::FrameLoaderClient::createDocumentLoader
(this=0xb6782ab0, request=..., 
    substituteData=...) at
../../WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:118
#4  0x013bdd0c in WebCore::FrameLoader::reload (this=0xb6782ba4,
endToEndReload=false)
    at ../../WebCore/loader/FrameLoader.cpp:2175
#5  0x016e5e14 in WebCore::WMLRefreshElement::executeTask (this=0xb672a4f0)
    at ../../WebCore/wml/WMLRefreshElement.cpp:70
#6  0x016e018a in WebCore::WMLIntrinsicEventHandler::triggerIntrinsicEvent
(this=0xb672a540, 
    type=WebCore::WMLIntrinsicEventOnEnterForward)
    at ../../WebCore/wml/WMLIntrinsicEventHandler.cpp:51
#7  0x016d7847 in WebCore::WMLCardElement::handleIntrinsicEventIfNeeded
(this=0x8158cd8)
    at ../../WebCore/wml/WMLCardElement.cpp:168
#8  0x016d9464 in WebCore::WMLDocument::initialize (this=0x817e008,
aboutToFinishParsing=false)
    at ../../WebCore/wml/WMLDocument.cpp:110
#9  0x011b375e in WebCore::Document::initializeWMLPageState (this=0x817e008)
    at ../../WebCore/dom/Document.cpp:4496
#10 0x01947f7c in WebCore::jsDocumentPrototypeFunctionInitializeWMLPageState
(exec=0xb51bb0f0, 
    thisValue=..., args=...) at DerivedSources/JSDocument.cpp:2104
---Type <return> to continue, or q <return> to quit---
#11 0x0775416e in ?? ()
#12 0x00f14991 in JSC::JITCode::execute (this=0xb67615f8,
registerFile=0xb6727b34, 
    callFrame=0xb51bb048, globalData=0xb6725158, exception=0xbfffeecc)
    at ../../JavaScriptCore/jit/JITCode.h:79
#13 0x00f060dc in JSC::Interpreter::execute (this=0xb6727b28,
program=0xb67615e8, 
    callFrame=0xb672dc54, scopeChain=0xb672d688, thisObj=0xb5140000,
exception=0xbfffeecc)
    at ../../JavaScriptCore/interpreter/Interpreter.cpp:613
#14 0x00fce433 in JSC::evaluate (exec=0xb672dc54, scopeChain=..., source=...,
thisValue=...)
    at ../../JavaScriptCore/runtime/Completion.cpp:60
#15 0x010a12b9 in WebCore::ScriptController::evaluateInWorld (this=0x80ec224,
sourceCode=..., 
    world=0xb6727bec) at ../../WebCore/bindings/js/ScriptController.cpp:126
#16 0x010a26af in WebCore::ScriptController::executeScriptInWorld
(this=0x80ec224, 
    world=0xb6727bec, script=..., forceUserGesture=false)
    at ../../WebCore/bindings/js/ScriptController.cpp:459
#17 0x0109b9c4 in WebCore::ScheduledAction::execute (this=0x81cb0d8,
document=0xb671ff40)
    at ../../WebCore/bindings/js/ScheduledAction.cpp:129
#18 0x0109b5be in WebCore::ScheduledAction::execute (this=0x81cb0d8,
context=0xb671ff70)
    at ../../WebCore/bindings/js/ScheduledAction.cpp:77
#19 0x013fc036 in WebCore::DOMTimer::fired (this=0x81cb0f8)
    at ../../WebCore/page/DOMTimer.cpp:149
#20 0x01492c28 in WebCore::ThreadTimers::sharedTimerFiredInternal
(this=0x80e0228)
    at ../../WebCore/platform/ThreadTimers.cpp:112
#21 0x01492b6f in WebCore::ThreadTimers::sharedTimerFired ()
---Type <return> to continue, or q <return> to quit---
    at ../../WebCore/platform/ThreadTimers.cpp:90
#22 0x018a0db5 in timeout_cb () at
../../WebCore/platform/gtk/SharedTimerGtk.cpp:48
#23 0x008360f1 in ?? () from /lib/libglib-2.0.so.0
#24 0x00837e78 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#25 0x0083b720 in ?? () from /lib/libglib-2.0.so.0
#26 0x0083bb8f in g_main_loop_run () from /lib/libglib-2.0.so.0
#27 0x003b7419 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#28 0x08049f29 in main (argc=2, argv=0xbffff484) at
../../WebKitTools/GtkLauncher/main.c:209

As it can be seen from the backtrace, WebCore::FrameLoader::reload gets
triggered by JSC::JITCode::execute and not from FrameLoader. In back traces
where crash was seen (Step 2 in initial posts in this thread), 'reload' was
getting triggered from FrameLoader/DocumentLoader.

Given this, I propose to commit this change without layout test. Please let me
know your consents.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list