[Webkit-unassigned] [Bug 34944] New: [GTK] Crashes when going back to a page that has data: URIs, with page cache enabled

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Feb 15 08:01:43 PST 2010 

https://bugs.webkit.org/show_bug.cgi?id=34944

           Summary: [GTK] Crashes when going back to a page that has data:
                    URIs, with page cache enabled
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
               URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=56995
                    0
        OS/Version: Mac OS X 10.5
            Status: NEW
          Keywords: Gtk, Soup
          Severity: Normal
          Priority: P2
         Component: WebKit Gtk
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: gns at gnome.org


Originially reported in the Debian package. Here are the steps to reproduce:

 - Open up google.
 - Search for e.g. “bobcat” (see today’s xkcd).
 - Click “Images”.
 - Click “Go back”.
 - Kaboom.

Here's the trace:

| Program received signal SIGSEGV, Segmentation fault.
| WebCore::StringHash::hash (this=0x7fffe2bd8000, value=<value optimized out>)
at ../WebCore/platform/text/StringHash.h:88
| 88    ../WebCore/platform/text/StringHash.h: Aucun fichier ou dossier de ce
type.
|     in ../WebCore/platform/text/StringHash.h
| Current language:  auto
| The current source language is "auto; currently c++".
| (gdb) bt
| #0  WebCore::StringHash::hash (this=0x7fffe2bd8000, value=<value optimized
out>) at ../WebCore/platform/text/StringHash.h:88
| #1  WTF::IdentityHashTranslator<WebCore::String, WebCore::String,
WebCore::StringHash>::hash (this=0x7fffe2bd8000, value=<value optimized out>)
at ../JavaScriptCore/wtf/HashTable.h:278
| #2  add<WebCore::String, WebCore::String,
WTF::IdentityHashTranslator<WebCore::String, WebCore::String,
WebCore::StringHash> > (this=0x7fffe2bd8000, value=<value optimized out>)
|     at ../JavaScriptCore/wtf/HashTable.h:642
| #3  WTF::HashTable<WebCore::String, WebCore::String,
WTF::IdentityExtractor<WebCore::String>, WebCore::StringHash,
WTF::HashTraits<WebCore::String>, WTF::HashTraits<WebCore::String> >::add (
|     this=0x7fffe2bd8000, value=<value optimized out>) at
../JavaScriptCore/wtf/HashTable.h:316
| #4  WTF::HashSet<WebCore::String, WebCore::StringHash,
WTF::HashTraits<WebCore::String> >::add (this=0x7fffe2bd8000, value=<value
optimized out>) at ../JavaScriptCore/wtf/HashSet.h:210
| #5  0x00007ffff4e72495 in WebCore::DocumentLoader::didTellClientAboutLoad
(this=0x7fffe2bb6990, loader=0x7fffe2bd7a00, identifier=50, request=...,
redirectResponse=...)
|     at ../WebCore/loader/DocumentLoader.h:197
| #6  WebCore::ResourceLoadNotifier::dispatchWillSendRequest
(this=0x7fffe2bb6990, loader=0x7fffe2bd7a00, identifier=50, request=...,
redirectResponse=...) at ../WebCore/loader/ResourceLoadNotifier.cpp:124
| #7  0x00007ffff4e4883d in WebCore::FrameLoader::requestFromDelegate
(this=0x7fffe2bb6850, request=..., identifier=@0x7fffffffba38, error=...) at
../WebCore/loader/FrameLoader.cpp:3561
| #8  0x00007ffff4e510fb in WebCore::FrameLoader::commitProvisionalLoad
(this=0x7fffe2bb6850, prpCachedPage=<value optimized out>) at
../WebCore/loader/FrameLoader.cpp:2484
| #9  0x00007ffff4e516e6 in
WebCore::FrameLoader::loadProvisionalItemFromCachedPage (this=0x7fffe2bb6850)
at ../WebCore/loader/FrameLoader.cpp:3641
| #10 0x00007ffff4e5198d in
WebCore::FrameLoader::continueLoadAfterNavigationPolicy (this=0x7fffe2bb6850,
formState=DWARF-2 expression error: DW_OP_reg operations must be used either
alone or in conjuction with DW_OP_piece.
| ) at ../WebCore/loader/FrameLoader.cpp:3513
| #11 0x00007ffff4e51a1d in
WebCore::FrameLoader::callContinueLoadAfterNavigationPolicy (argument=0x0,
request=..., formState=<value optimized out>, shouldContinue=128) at
../WebCore/loader/FrameLoader.cpp:3450
| #12 0x00007ffff4e68d9f in WebCore::PolicyChecker::checkNavigationPolicy
(this=0x7fffe2bb6860, request=..., loader=0x7fffe2bd7a00, formState=DWARF-2
expression error: DW_OP_reg operations must be used either alone or in
conjuction with DW_OP_piece.
| ) at ../WebCore/loader/PolicyChecker.cpp:68
| #13 0x00007ffff4e51d5a in WebCore::FrameLoader::loadWithDocumentLoader
(this=0x7fffe2bb6850, loader=0x7fffe2bd7a00, type=<value optimized out>,
prpFormState=<value optimized out>)
|     at ../WebCore/loader/FrameLoader.cpp:2084
| #14 0x00007ffff4e55d8e in WebCore::FrameLoader::navigateToDifferentDocument
(this=0x7fffe2bb6850, item=<value optimized out>,
loadType=WebCore::FrameLoadTypeBack) at ../WebCore/loader/FrameLoader.cpp:3733
| #15 0x00007ffff4e58cc5 in WebCore::HistoryController::recursiveGoToItem
(this=0x7fffe2bb6970, item=0x7fffdae75f00, fromItem=<value optimized out>,
type=WebCore::FrameLoadTypeBack)
|     at ../WebCore/loader/HistoryController.cpp:585
| #16 0x00007ffff4ebf5d3 in WebCore::Page::goToItem (this=0x7fffe2badea0,
item=0x7fffdae75f00, type=WebCore::FrameLoadTypeBack) at
../WebCore/page/Page.cpp:310
| #17 0x00007ffff4ebf744 in WebCore::Page::goBack (this=0x7fffe2badea0) at
../WebCore/page/Page.cpp:239

Debug builds hit the following assertion in FrameLoader::requestFromDelegate:

    ASSERT(!request.isNull());

The problem is our network backend does not set the URL on the response before
emitting didReceiveResponse, for data URIs.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list