[Webkit-unassigned] [Bug 72285] [Qt] Crash when visiting certain websites.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Dec 10 09:08:41 PST 2011 

https://bugs.webkit.org/show_bug.cgi?id=72285





--- Comment #3 from Dawit A. <adawit at kde.org>  2011-12-10 09:08:42 PST ---
A crash on a second site, http://einestages.spiegel.de/static/topicalbumbackground/24067/teure_putzaktion.html, that produces the same backtrace was reported downstream. See https://bugs.kde.org/show_bug.cgi?id=288631 and the backtrace using QtTestBrowser from qtwebkit-2.2-devel git branch:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff608fa4d in WebCore::requiresLineBox (it=..., lineInfo=...) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1485
1485        if (it.m_obj->isRenderInline() && !inlineFlowRequiresLineBox(toRenderInline(it.m_obj)))
(gdb) bt
#0  0x00007ffff608fa4d in WebCore::requiresLineBox (it=..., lineInfo=...) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1485
#1  0x00007ffff608fe23 in WebCore::RenderBlock::LineBreaker::skipLeadingWhitespace (this=0x7fffffff9830, resolver=..., lineInfo=..., lastFloatFromPreviousLine=0x11d0ee0, 
    width=...) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1528
#2  0x00007ffff60911bc in WebCore::RenderBlock::LineBreaker::nextLineBreak (this=0x7fffffff9830, resolver=..., lineInfo=..., lineBreakIteratorInfo=..., 
    lastFloatFromPreviousLine=0x11d0ee0) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1826
#3  0x00007ffff608c405 in WebCore::RenderBlock::layoutRunsAndFloats (this=0x10f2908, fullLayout=false, hasInlineChild=true, floats=..., repaintLogicalTop=@0x7fffffff9d8c, 
    repaintLogicalBottom=@0x7fffffff9d88) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:915
#4  0x00007ffff608deac in WebCore::RenderBlock::layoutInlineChildren (this=0x10f2908, relayoutChildren=false, repaintLogicalTop=@0x7fffffff9d8c, 
    repaintLogicalBottom=@0x7fffffff9d88) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlockLineLayout.cpp:1164
#5  0x00007ffff60548cd in WebCore::RenderBlock::layoutBlock (this=0x10f2908, relayoutChildren=false, pageLogicalHeight=0)
    at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1251
#6  0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0x10f2908) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149
#7  0x00007ffff6057d84 in WebCore::RenderBlock::layoutBlockChild (this=0xc52168, child=0x10f2908, marginInfo=..., previousFloatLogicalBottom=@0x7fffffffa05c, 
    maxFloatLogicalBottom=@0x7fffffffa1b4) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1991
#8  0x00007ffff605796b in WebCore::RenderBlock::layoutBlockChildren (this=0xc52168, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffffa1b4)
    at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1929
#9  0x00007ffff60548ee in WebCore::RenderBlock::layoutBlock (this=0xc52168, relayoutChildren=false, pageLogicalHeight=0)
    at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1253
#10 0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0xc52168) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149
#11 0x00007ffff6057d84 in WebCore::RenderBlock::layoutBlockChild (this=0x9c1508, child=0xc52168, marginInfo=..., previousFloatLogicalBottom=@0x7fffffffa48c, 
    maxFloatLogicalBottom=@0x7fffffffa5e4) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1991
#12 0x00007ffff605796b in WebCore::RenderBlock::layoutBlockChildren (this=0x9c1508, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffffa5e4)
    at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1929
#13 0x00007ffff60548ee in WebCore::RenderBlock::layoutBlock (this=0x9c1508, relayoutChildren=false, pageLogicalHeight=0)
    at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1253
#14 0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0x9c1508) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149
#15 0x00007ffff6057d84 in WebCore::RenderBlock::layoutBlockChild (this=0x9afaf8, child=0x9c1508, marginInfo=..., previousFloatLogicalBottom=@0x7fffffffa8bc, 
    maxFloatLogicalBottom=@0x7fffffffaa14) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1991
#16 0x00007ffff605796b in WebCore::RenderBlock::layoutBlockChildren (this=0x9afaf8, relayoutChildren=false, maxFloatLogicalBottom=@0x7fffffffaa14)
    at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1929
#17 0x00007ffff60548ee in WebCore::RenderBlock::layoutBlock (this=0x9afaf8, relayoutChildren=false, pageLogicalHeight=0)
    at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1253
#18 0x00007ffff6054200 in WebCore::RenderBlock::layout (this=0x9afaf8) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderBlock.cpp:1149
#19 0x00007ffff616f04b in WebCore::RenderView::layout (this=0x9afaf8) at /usr/local/src/Misc/webkit/Source/WebCore/rendering/RenderView.cpp:130
#20 0x00007ffff5f47bc6 in WebCore::FrameView::layout (this=0x94b1f0, allowSubtree=true) at /usr/local/src/Misc/webkit/Source/WebCore/page/FrameView.cpp:964
#21 0x00007ffff5bd58f9 in WebCore::Document::updateLayout (this=0xaa09d0) at /usr/local/src/Misc/webkit/Source/WebCore/dom/Document.cpp:1580
#22 0x00007ffff5bd59da in WebCore::Document::updateLayoutIgnorePendingStylesheets (this=0xaa09d0) at /usr/local/src/Misc/webkit/Source/WebCore/dom/Document.cpp:1611
#23 0x00007ffff5afc253 in WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue (this=0x1243dd0, propertyID=1001, updateLayout=WebCore::UpdateLayout)
    at /usr/local/src/Misc/webkit/Source/WebCore/css/CSSComputedStyleDeclaration.cpp:803
#24 0x00007ffff5afaab9 in WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue (this=0x1243dd0, propertyID=1001)
    at /usr/local/src/Misc/webkit/Source/WebCore/css/CSSComputedStyleDeclaration.cpp:675
#25 0x00007ffff5b07582 in WebCore::CSSComputedStyleDeclaration::getPropertyValue (this=0x1243dd0, propertyID=1001)
    at /usr/local/src/Misc/webkit/Source/WebCore/css/CSSComputedStyleDeclaration.cpp:1819
#26 0x00007ffff5b5e88b in WebCore::CSSStyleDeclaration::getPropertyValue (this=0x1243dd0, propertyName=...)
    at /usr/local/src/Misc/webkit/Source/WebCore/css/CSSStyleDeclaration.cpp:77
#27 0x00007ffff56c9ab8 in WebCore::jsCSSStyleDeclarationPrototypeFunctionGetPropertyValue (exec=0x7fff9f666d68) at ../../WebCore/generated/JSCSSStyleDeclaration.cpp:295
#28 0x00007fff9fa661e8 in ?? ()
#29 0x00007fffffffcc20 in ?? ()
#30 0x00007fff9facb180 in ?? ()
#31 0x00007fffffffcbb0 in ?? ()
#32 0x00007fff981b53b0 in ?? ()
#33 0x0000000001181458 in ?? ()
#34 0x0000000001181410 in ?? ()
#35 0x00007fff9fb24317 in ?? ()
#36 0x00007fff00000010 in ?? ()
#37 0x00007fffffffcbe0 in ?? ()
#38 0x00007ffff5696ef5 in JSC::JSValue::decode (ptr=0x7fffffffd3b0) at /usr/local/src/Misc/webkit/Source/JavaScriptCore/runtime/JSValueInlineMethods.h:369
#39 0x00007ffff661b0de in JSC::JITCode::execute (this=0x7fff9dee7768, registerFile=0x903c28, callFrame=0x7fff9f666048, globalData=0xa5a390)
    at /usr/local/src/Misc/webkit/Source/JavaScriptCore/jit/JITCode.h:77
#40 0x00007ffff6617dae in JSC::Interpreter::executeCall (this=0x903c10, callFrame=0x7ffff7e141d8, function=0x7fff98277490, callType=JSC::CallTypeJS, callData=..., thisValue=..., 
    args=...) at /usr/local/src/Misc/webkit/Source/JavaScriptCore/interpreter/Interpreter.cpp:838
#41 0x00007ffff66461b3 in JSC::call (exec=0x7ffff7e141d8, functionObject=..., callType=JSC::CallTypeJS, callData=..., thisValue=..., args=...)
    at /usr/local/src/Misc/webkit/Source/JavaScriptCore/runtime/CallData.cpp:38
#42 0x00007ffff5a5de5c in WebCore::JSMainThreadExecState::call (exec=0x7ffff7e141d8, functionObject=..., callType=JSC::CallTypeJS, callData=..., thisValue=..., args=...)
---Type <return> to continue, or q <return> to quit---
    at /usr/local/src/Misc/webkit/Source/WebCore/bindings/js/JSMainThreadExecState.h:48
#43 0x00007ffff5a840a5 in WebCore::JSEventListener::handleEvent (this=0xe5fe10, scriptExecutionContext=0xaa0ae8, event=0x11e55f0)
    at /usr/local/src/Misc/webkit/Source/WebCore/bindings/js/JSEventListener.cpp:128
#44 0x00007ffff5c24236 in WebCore::EventTarget::fireEventListeners (this=0xaa09d0, event=0x11e55f0, d=0xc96570, entry=...)
    at /usr/local/src/Misc/webkit/Source/WebCore/dom/EventTarget.cpp:360
#45 0x00007ffff5c2409d in WebCore::EventTarget::fireEventListeners (this=0xaa09d0, event=0x11e55f0) at /usr/local/src/Misc/webkit/Source/WebCore/dom/EventTarget.cpp:329
#46 0x00007ffff5c43515 in WebCore::Node::handleLocalEvents (this=0xaa09d0, event=0x11e55f0) at /usr/local/src/Misc/webkit/Source/WebCore/dom/Node.cpp:2808
#47 0x00007ffff5c1f912 in WebCore::EventDispatcher::dispatchEvent (this=0x7fffffffd3b0, event=...) at /usr/local/src/Misc/webkit/Source/WebCore/dom/EventDispatcher.cpp:306
#48 0x00007ffff5c1ddc6 in WebCore::EventDispatchMediator::dispatchEvent (this=0x7fffffffd420, dispatcher=0x7fffffffd3b0)
    at /usr/local/src/Misc/webkit/Source/WebCore/dom/Event.cpp:313
#49 0x00007ffff5c1e277 in WebCore::EventDispatcher::dispatchEvent (node=0xaa09d0, mediator=...) at /usr/local/src/Misc/webkit/Source/WebCore/dom/EventDispatcher.cpp:53
#50 0x00007ffff5c435cc in WebCore::Node::dispatchEvent (this=0xaa09d0, event=...) at /usr/local/src/Misc/webkit/Source/WebCore/dom/Node.cpp:2818
#51 0x00007ffff5be0a67 in WebCore::Document::finishedParsing (this=0xaa09d0) at /usr/local/src/Misc/webkit/Source/WebCore/dom/Document.cpp:4222
#52 0x00007ffff5ddecac in WebCore::HTMLTreeBuilder::finished (this=0x9c0f30) at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2820
#53 0x00007ffff5db7656 in WebCore::HTMLDocumentParser::end (this=0xab84f0) at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:378
#54 0x00007ffff5db7753 in WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd (this=0xab84f0)
    at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:387
#55 0x00007ffff5db66d8 in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0xab84f0) at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:151
#56 0x00007ffff5db780a in WebCore::HTMLDocumentParser::endIfDelayed (this=0xab84f0) at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:412
#57 0x00007ffff5db7ae3 in WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution (this=0xab84f0)
    at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:480
#58 0x00007ffff5db7df5 in WebCore::HTMLDocumentParser::notifyFinished (this=0xab84f0, cachedResource=0xd8c6e0)
    at /usr/local/src/Misc/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:524
#59 0x00007ffff5e795ed in WebCore::CachedResource::checkNotify (this=0xd8c6e0) at /usr/local/src/Misc/webkit/Source/WebCore/loader/cache/CachedResource.cpp:144
#60 0x00007ffff5e80253 in WebCore::CachedScript::data (this=0xd8c6e0, data=..., allDataReceived=true)
    at /usr/local/src/Misc/webkit/Source/WebCore/loader/cache/CachedScript.cpp:104
#61 0x00007ffff64cdd5d in WebCore::CachedResourceRequest::didFinishLoading (this=0xd8caf0, loader=0xd915c0)
    at /usr/local/src/Misc/webkit/Source/WebCore/loader/cache/CachedResourceRequest.cpp:166
#62 0x00007ffff5eda9e4 in WebCore::SubresourceLoader::didFinishLoading (this=0xd915c0, finishTime=0) at /usr/local/src/Misc/webkit/Source/WebCore/loader/SubresourceLoader.cpp:196
#63 0x00007ffff5ed11db in WebCore::ResourceLoader::didFinishLoading (this=0xd915c0, finishTime=0) at /usr/local/src/Misc/webkit/Source/WebCore/loader/ResourceLoader.cpp:436
#64 0x00007ffff61c407f in WebCore::QNetworkReplyHandler::finish (this=0xd92480) at /usr/local/src/Misc/webkit/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:459
#65 0x00007ffff61c267d in WebCore::QNetworkReplyHandlerCallQueue::flush (this=0xd924b8)
    at /usr/local/src/Misc/webkit/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:196
#66 0x00007ffff61c2563 in WebCore::QNetworkReplyHandlerCallQueue::push (this=0xd924b8, method=
    (void (WebCore::QNetworkReplyHandler::*)(WebCore::QNetworkReplyHandler * const)) 0x7ffff61c3d8e <WebCore::QNetworkReplyHandler::finish()>)
    at /usr/local/src/Misc/webkit/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:165
#67 0x00007ffff61c375a in WebCore::QNetworkReplyWrapper::didReceiveFinished (this=0xd8f780)
    at /usr/local/src/Misc/webkit/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:353
#68 0x00007ffff61c6938 in WebCore::QNetworkReplyWrapper::qt_metacall (this=0xd8f780, _c=QMetaObject::InvokeMetaMethod, _id=1, _a=0x7fffffffda90)
    at ./moc_QNetworkReplyHandler.cpp:80
#69 0x00007ffff25845ea in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib/libQtCore.so.4
#70 0x00007ffff2924b14 in ?? () from /usr/lib/libQtNetwork.so.4
#71 0x00007ffff290d161 in ?? () from /usr/lib/libQtNetwork.so.4
#72 0x00007ffff292314d in ?? () from /usr/lib/libQtNetwork.so.4
#73 0x00007ffff29231a1 in ?? () from /usr/lib/libQtNetwork.so.4
#74 0x00007ffff2d92ae4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#75 0x00007ffff2d97951 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#76 0x00007ffff257189c in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/libQtCore.so.4
#77 0x00007ffff2574c2f in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib/libQtCore.so.4
#78 0x00007ffff259c1a3 in ?? () from /usr/lib/libQtCore.so.4
#79 0x00007ffff044484d in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#80 0x00007ffff0445048 in ?? () from /usr/lib/libglib-2.0.so.0
#81 0x00007ffff0445219 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#82 0x00007ffff259c606 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#83 0x00007ffff2e35eee in ?? () from /usr/lib/libQtGui.so.4
#84 0x00007ffff2570a92 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#85 0x00007ffff2570c97 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#86 0x00007ffff2574eab in QCoreApplication::exec() () from /usr/lib/libQtCore.so.4
#87 0x000000000043007c in launcherMain (app=...) at /usr/local/src/Misc/webkit/Tools/QtTestBrowser/main.cpp:101
#88 0x00000000004322b6 in main (argc=1, argv=0x7fffffffe628) at /usr/local/src/Misc/webkit/Tools/QtTestBrowser/main.cpp:359

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list