[Webkit-unassigned] [Bug 39670] New: [Qt] WebView::setUrl crashes after Qt4.7

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue May 25 04:41:35 PDT 2010 

https://bugs.webkit.org/show_bug.cgi?id=39670

           Summary: [Qt] WebView::setUrl crashes after Qt4.7
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: Major
          Priority: P3
         Component: New Bugs
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: webkit at dpinol.com


Created an attachment (id=57005)
 --> (https://bugs.webkit.org/attachment.cgi?id=57005)
Qt source code to reproduce the problem

I attach a use case that causes WebKit to crash. Just press on the button, which causes setUrl to be called twice, once directly, and the second one through a user event.
I get the same crash with both Qt4.7 beta1 and latest Qt 4.8 from git.
Fyi, if I remove the link to css from the index.html, it does not crash anymore. On the other hand, it crashes no matter whether the css file exists or not

This is what I get with valgrind

==6355== Invalid write of size 4 
==6355== at 0x47FF055: WebCore::CachedResource::setDocLoader(WebCore::DocLoader*) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x480E2C2: WebCore::DocLoader::~DocLoader() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x4649988: void WTF::deleteOwnedPtr<WebCore::DocLoader>(WebCore::DocLoader*) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x4646BAA: WTF::OwnPtr<WebCore::DocLoader>::clear() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x4634342: WebCore::Document::~Document() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x46327E1: WebCore::Document::removedLastRef() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x41F92B0: WebCore::TreeShared<WebCore::Node>::deref() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x4260A8E: void WTF::derefIfNotNull<WebCore::Document>(WebCore::Document*) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x462CF20: WTF::RefPtr<WebCore::Document>::~RefPtr() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x483EFEC: WebCore::Loader::Host::didFail(WebCore::SubresourceLoader*, bool) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x483F8B2: WebCore::Loader::Host::cancelRequests(WebCore::DocLoader*) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x483DE85: WebCore::Loader::cancelRequests(WebCore::DocLoader*) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== Address 0x110 is not stack'd, malloc'd or (recently) free'd 
==6355== 
==6355== 
==6355== Process terminating with default action of signal 11 (SIGSEGV) 
==6355== Access not within mapped region at address 0x110 
==6355== at 0x47FF055: WebCore::CachedResource::setDocLoader(WebCore::DocLoader*) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x480E2C2: WebCore::DocLoader::~DocLoader() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x4649988: void WTF::deleteOwnedPtr<WebCore::DocLoader>(WebCore::DocLoader*) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x4646BAA: WTF::OwnPtr<WebCore::DocLoader>::clear() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x4634342: WebCore::Document::~Document() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x46327E1: WebCore::Document::removedLastRef() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x41F92B0: WebCore::TreeShared<WebCore::Node>::deref() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x4260A8E: void WTF::derefIfNotNull<WebCore::Document>(WebCore::Document*) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0) 
==6355== by 0x462CF20: WTF::RefPtr<WebCore::Document>::~RefPtr() (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0)
==6355== by 0x483EFEC: WebCore::Loader::Host::didFail(WebCore::SubresourceLoader*, bool) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0)
==6355== by 0x483F8B2: WebCore::Loader::Host::cancelRequests(WebCore::DocLoader*) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0)
==6355== by 0x483DE85: WebCore::Loader::cancelRequests(WebCore::DocLoader*) (in /opt/qtsdk-4.70-beta1/lib/libQtWebKit.so.4.7.0)

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list