[Webkit-unassigned] [Bug 74174] New: [Qt] Navigation with active alert dialog causes crashing

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Dec 9 02:32:14 PST 2011 

https://bugs.webkit.org/show_bug.cgi?id=74174

           Summary: [Qt] Navigation with active alert dialog causes
                    crashing
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P3
         Component: WebKit Qt
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: lanedis at mail.ru


Created an attachment (id=118552)
 --> (https://bugs.webkit.org/attachment.cgi?id=118552&action=review)
simple project what reproduce the problem

To reproduce: navigate to page what show alert dialog, then navigate to 'about:blank'. After this, if you press 'OK' you'll get Access Violation.

Navigation to new url destroys old object - QNetworkReply and HTMLTokenizer (both objects in call-stack listed below).
This is call-stack of deleting QNetworkReply (deleting of HTMLTokenizer has alike call-stack):
{code:xml}
==2078==    at 0x4C27A83: operator delete(void*) (vg_replace_malloc.c:387)
==2078==    by 0x95BEE95: QNetworkReplyImpl::~QNetworkReplyImpl() (qnetworkreplyimpl.cpp:728)
==2078==    by 0x99EAC07: QObject::event(QEvent*) (qobject.cpp:1202)
==2078==    by 0x8A0FFDB: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4396)
==2078==    by 0x8A15AEC: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4277)
==2078==    by 0x99D8CDB: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:732)
==2078==    by 0x99DBC21: QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (qcoreapplication.h:215)
==2078==    by 0x9A05652: postEventSourceDispatch(_GSource*, int (*)(void*), void*) (qcoreapplication.h:220)
==2078==    by 0xCB8A341: g_main_context_dispatch (in /lib/libglib-2.0.so.0.2600.1)
==2078==    by 0xCB8E2A7: ??? (in /lib/libglib-2.0.so.0.2600.1)
==2078==    by 0xCB8E45B: g_main_context_iteration (in /lib/libglib-2.0.so.0.2600.1)
==2078==    by 0x9A05192: QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qeventdispatcher_glib.cpp:415)
==2078==    by 0x8AC2A4D: QGuiEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qguieventdispatcher_glib.cpp:204)
==2078==    by 0x99D7A01: QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (qeventloop.cpp:149)
==2078==    by 0x99D7DEB: QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (qeventloop.cpp:201)
==2078==    by 0x8F047DD: QDialog::exec() (qdialog.cpp:552)
==2078==    by 0x8F26A17: showNewMessageBox(QWidget*, QMessageBox::Icon, QString const&, QString const&, QFlags<QMessageBox::StandardButton>, QMessageBox::StandardButton) (qmessagebox.cpp:1533)
==2078==    by 0x8F26B6E: QMessageBox::information(QWidget*, QString const&, QString const&, QFlags<QMessageBox::StandardButton>, QMessageBox::StandardButton) (qmessagebox.cpp:1564)
==2078==    by 0x72381A2: QWebPage::javaScriptAlert(QWebFrame*, QString const&) (qmessagebox.h:230)
==2078==    by 0x721065C: WebCore::ChromeClientQt::runJavaScriptAlert(WebCore::Frame*, WebCore::String const&) (ChromeClientQt.cpp:293)
==2078==    by 0x703F624: WebCore::Chrome::runJavaScriptAlert(WebCore::Frame*, WebCore::String const&) (Chrome.cpp:277)
==2078==    by 0x6B991A9: WebCore::jsDOMWindowPrototypeFunctionAlert(JSC::ExecState*, JSC::JSObject*, JSC::JSValue, JSC::ArgList const&) (JSDOMWindow.cpp:8274)
==2078==    by 0x21EDF1B3: ???
==2078==    by 0x73FB322: JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::ScopeChainNode*, JSC::JSObject*, JSC::JSValue*) (JITCode.h:77)
==2078==    by 0x742C293: JSC::evaluate(JSC::ExecState*, JSC::ScopeChain&, JSC::SourceCode const&, JSC::JSValue) (Completion.cpp:62)
==2078==    by 0x6D7F453: WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) (ScriptController.cpp:127)
==2078==    by 0x6D7F6C1: WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) (ScriptController.cpp:153)
==2078==    by 0x6D96D09: WebCore::ScriptController::executeScript(WebCore::ScriptSourceCode const&) (ScriptControllerBase.cpp:60)
==2078==    by 0x6F90F8C: WebCore::HTMLTokenizer::scriptExecution(WebCore::ScriptSourceCode const&, WebCore::HTMLTokenizer::State) (HTMLTokenizer.cpp:580)
==2078==    by 0x6F93BA0: WebCore::HTMLTokenizer::scriptHandler(WebCore::HTMLTokenizer::State) (HTMLTokenizer.cpp:522)
==2078==    by 0x6F946C1: WebCore::HTMLTokenizer::parseNonHTMLText(WebCore::SegmentedString&, WebCore::HTMLTokenizer::State) (HTMLTokenizer.cpp:361)
==2078==    by 0x6F96B6C: WebCore::HTMLTokenizer::parseTag(WebCore::SegmentedString&, WebCore::HTMLTokenizer::State) (HTMLTokenizer.cpp:1539)
==2078==    by 0x6F97073: WebCore::HTMLTokenizer::write(WebCore::SegmentedString const&, bool) (HTMLTokenizer.cpp:1772)
==2078==    by 0x6FF79EF: WebCore::FrameLoader::write(char const*, int, bool) (FrameLoader.cpp:935)
==2078==    by 0x6FF7F42: WebCore::FrameLoader::endIfNotLoadingMainResource() (FrameLoader.cpp:970)
==2078==    by 0x6FF6433: WebCore::FrameLoader::finishedLoading() (FrameLoader.cpp:2770)
==2078==    by 0x70150DE: WebCore::MainResourceLoader::didFinishLoading() (MainResourceLoader.cpp:424)
==2078==    by 0x71F758A: WebCore::QNetworkReplyHandler::finish() (QNetworkReplyHandler.cpp:261)
==2078==    by 0x71F7B43: WebCore::QNetworkReplyHandler::qt_metacall(QMetaObject::Call, int, void**) (moc_QNetworkReplyHandler.cpp:84)
==2078==    by 0x99F0B26: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3280)
==2078==    by 0x95C0DA5: QNetworkReplyImplPrivate::finished() (qnetworkreplyimpl.cpp:656)
==2078==    by 0x95ACBBD: QNetworkAccessHttpBackend::replyFinished() (qnetworkaccesshttpbackend.cpp:773)
==2078==    by 0x95C0B6F: QNetworkReplyImplPrivate::handleNotifications() (qnetworkreplyimpl.cpp:367)
==2078==    by 0x95C0BC0: QNetworkReplyImpl::event(QEvent*) (qnetworkreplyimpl.cpp:866)
==2078==    by 0x8A0FFDB: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4396)
==2078==    by 0x8A15AEC: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4277)
==2078==    by 0x99D8CDB: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:732)
==2078==    by 0x99DBC21: QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (qcoreapplication.h:215)
==2078==    by 0x9A05652: postEventSourceDispatch(_GSource*, int (*)(void*), void*) (qcoreapplication.h:220)
==2078==    by 0xCB8A341: g_main_context_dispatch (in /lib/libglib-2.0.so.0.2600.1)
{code}

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list