[Webkit-unassigned] [Bug 79026] New: Web Inspector: retrieving content for some XHR requests crashes inspected page renderer

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Feb 20 04:34:59 PST 2012 

https://bugs.webkit.org/show_bug.cgi?id=79026

           Summary: Web Inspector: retrieving content for some XHR
                    requests crashes inspected page renderer
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: Web Inspector
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: caseq at chromium.org
                CC: timothy at apple.com, rik at webkit.org, keishi at webkit.org,
                    pmuellr at yahoo.com, joepeck at webkit.org,
                    pfeldman at chromium.org, yurys at chromium.org,
                    bweinstein at apple.com, apavlov at chromium.org,
                    loislo at chromium.org


1. Open Web Inspector, switch to Network panel
2. Navigate to http://www.cnn.com
3. On the Network panel, filter XHR requests
4. Click on an XHR request from s3.amazonws.com or 2mdn.net
5. Observe crash of the inspected page renderer

Here's the stack trace:

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_PROTECTION_FAILURE at address: 0x00000038
WTF::RetainPtr<__CFData const*>::operator __CFData const* WTF::RetainPtr<__CFData const*>::* (this=0x38) at RetainPtr.h:91
91            operator UnspecifiedBoolType() const { return m_ptr ? &RetainPtr::m_ptr : 0; }
(gdb) bt
#0  WTF::RetainPtr<__CFData const*>::operator __CFData const* WTF::RetainPtr<__CFData const*>::* (this=0x38) at RetainPtr.h:91
#1  0x59952322 in WebCore::SharedBuffer::hasPlatformData (this=0x0) at /Users/caseq/chromium/src/third_party/WebKit/Source/WebCore/WebCore.gyp/../platform/cf/SharedBufferCF.cpp:64
#2  0x5991f3be in WebCore::SharedBuffer::data (this=0x0) at SharedBuffer.cpp:111
#3  0x5a2276dd in WebCore::InspectorPageAgent::cachedResourceContent (cachedResource=0x12e6a00, result=0xbfffbbc0, base64Encoded=0xbfffbbbf) at InspectorPageAgent.cpp:157
#4  0x5a250224 in WebCore::InspectorResourceAgent::getResponseBody (this=0x13ee80, errorString=0xbfffbbb8, requestId=@0xbfffbb90, content=0xbfffbbc0, base64Encoded=0xbfffbbbf) at InspectorResourceAgent.cpp:502
#5  0x5a2502f2 in non-virtual thunk to WebCore::InspectorResourceAgent::getResponseBody(WTF::String*, WTF::String const&, WTF::String*, bool*) () at InspectorResourceAgent.cpp:507
#6  0x5add2fdc in WebCore::InspectorBackendDispatcherImpl::Network_getResponseBody (this=0x17e6ded0, callId=163, requestMessageObject=0x1942d1f0) at /Users/caseq/chromium/src/third_party/WebKit/Source/WebCore/WebCore.gyp/../../../../../xcodebuild/DerivedSources/Debug/webcore/InspectorBackendDispatcher.cpp:1298
#7  0x5adf045b in WebCore::InspectorBackendDispatcherImpl::dispatch (this=0x17e6ded0, message=@0xbfffbe00) at /Users/caseq/chromium/src/third_party/WebKit/Source/WebCore/WebCore.gyp/../../../../../xcodebuild/DerivedSources/Debug/webcore/InspectorBackendDispatcher.cpp:4289

Note that in InspectorPageAgent.cpp:157, we use buffer that happens to be NULL.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list