[Webkit-unassigned] [Bug 167050] New: ASSERTION FAILED: referrer == URL(URL(), referrer).strippedForUseAsReferrer() in WebCore::SecurityPolicy::generateReferrerHeader

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Jan 14 10:20:08 PST 2017 

https://bugs.webkit.org/show_bug.cgi?id=167050

            Bug ID: 167050
           Summary: ASSERTION FAILED: referrer == URL(URL(),
                    referrer).strippedForUseAsReferrer() in
                    WebCore::SecurityPolicy::generateReferrerHeader
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: PC
               URL: https://trac.webkit.org/browser
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at igalia.com
                CC: bugs-noreply at webkitgtk.org

This assertion is reproducible on https://trac.webkit.org/browser:

(1) Click on one of the four expander arrows, e.g. the one immediately to the left of "trunk" in order to expand the directory layout. Note that, while the contents of the page change, the page URL remains https://trac.webkit.org/browser.
(2) Click on any link, e.g. the WebKit logo in the top left of the page. Wait for the page to load.
(3) Click Back. Note the page URL is now different, it has gained a fragment: https://trac.webkit.org/browser#trunk
(4) Click on any link, e.g. the WebKit logo in the top-left again.

Now in WebCore::SecurityPolicy::generateReferrerHeader, we have:

 * referrer is "https://trac.webkit.org/browser#trunk"
 * URL(URL(), referrer).strippedForUseAsReferrer() is "https://trac.webkit.org/browser"

URL::strippedForUseAsReferrer intentionally removes the fragment, as required by RFC 2616. So referrer is somehow incorrect here. It triggers this assertion:

ASSERTION FAILED: referrer == URL(URL(), referrer).strippedForUseAsReferrer()
../../Source/WebCore/page/SecurityPolicy.cpp(73) : static WTF::String WebCore::SecurityPolicy::generateReferrerHeader(WebCore::ReferrerPolicy, const WebCore::URL&, const WTF::String&)
1   0x7f0f496b92d2 /home/mcatanzaro/Projects/GNOME/install/lib/libjavascriptcoregtk-4.0.so.18(WTFCrash+0x1e) [0x7f0f496b92d2]
2   0x7f0f52b0c877 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore14SecurityPolicy22generateReferrerHeaderENS_14ReferrerPolicyERKNS_3URLERKN3WTF6StringE+0x1dd) [0x7f0f52b0c877]
3   0x7f0f5294ad37 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore11FrameLoader16loadFrameRequestERKNS_16FrameLoadRequestEPNS_5EventEPNS_9FormStateE+0x265) [0x7f0f5294ad37]
4   0x7f0f52947553 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore11FrameLoader11urlSelectedERKNS_16FrameLoadRequestEPNS_5EventE+0x23b) [0x7f0f52947553]
5   0x7f0f529472c1 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore11FrameLoader11urlSelectedERKNS_3URLERKN3WTF6StringEPNS_5EventENS_11LockHistoryENS_19LockBackForwardListENS_18ShouldSendReferrerENS_28ShouldOpenExternalURLsPolicyESt8optionalINS_20NewFrameOpenerPolicyEERKNS4_12AtomicStringE+0x10d) [0x7f0f529472c1]
6   0x7f0f52698211 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore17HTMLAnchorElement11handleClickERNS_5EventE+0x387) [0x7f0f52698211]
7   0x7f0f52696f8c /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore17HTMLAnchorElement19defaultEventHandlerERNS_5EventE+0xe8) [0x7f0f52696f8c]
8   0x7f0f52492894 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(+0x5e28894) [0x7f0f52492894]
9   0x7f0f52492f78 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore15EventDispatcher13dispatchEventERNS_4NodeERNS_5EventE+0x3cf) [0x7f0f52492f78]
10  0x7f0f524e0bad /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore4Node13dispatchEventERNS_5EventE+0x53) [0x7f0f524e0bad]
11  0x7f0f5247311a /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore7Element18dispatchMouseEventERKNS_18PlatformMouseEventERKN3WTF12AtomicStringEiPS0_+0x19c) [0x7f0f5247311a]
12  0x7f0f52a877b5 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore12EventHandler18dispatchMouseEventERKN3WTF12AtomicStringEPNS_4NodeEbiRKNS_18PlatformMouseEventEb+0xfd) [0x7f0f52a877b5]
13  0x7f0f52a85409 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore12EventHandler23handleMouseReleaseEventERKNS_18PlatformMouseEventE+0x60d) [0x7f0f52a85409]
14  0x7f0f530f85dc /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore15UserInputBridge23handleMouseReleaseEventERKNS_18PlatformMouseEventENS_11InputSourceE+0x3c) [0x7f0f530f85dc]
15  0x7f0f519ed152 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(+0x5383152) [0x7f0f519ed152]
16  0x7f0f519ed436 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN6WebKit7WebPage10mouseEventERKNS_13WebMouseEventE+0x1f4) [0x7f0f519ed436]
17  0x7f0f51d79df1 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN3IPC22callMemberFunctionImplIN6WebKit7WebPageEMS2_FvRKNS1_13WebMouseEventEESt5tupleIJS3_EEJLm0EEEEvPT_T0_OT1_St16integer_sequenceImJXspT2_EEE+0x80) [0x7f0f51d79df1]
18  0x7f0f51d7838a /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN3IPC18callMemberFunctionIN6WebKit7WebPageEMS2_FvRKNS1_13WebMouseEventEESt5tupleIJS3_EESt16integer_sequenceImJLm0EEEEEvOT1_PT_T0_+0x41) [0x7f0f51d7838a]
19  0x7f0f51d716ee /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN3IPC13handleMessageIN8Messages7WebPage10MouseEventEN6WebKit7WebPageEMS5_FvRKNS4_13WebMouseEventEEEEvRNS_7DecoderEPT0_T1_+0x9b) [0x7f0f51d716ee]
20  0x7f0f51d6c68d /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN6WebKit7WebPage24didReceiveWebPageMessageERN3IPC10ConnectionERNS1_7DecoderE+0x597) [0x7f0f51d6c68d]
21  0x7f0f519f37ca /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN6WebKit7WebPage17didReceiveMessageERN3IPC10ConnectionERNS1_7DecoderE+0x240) [0x7f0f519f37ca]
22  0x7f0f515e55b5 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN3IPC18MessageReceiverMap15dispatchMessageERNS_10ConnectionERNS_7DecoderE+0x125) [0x7f0f515e55b5]
23  0x7f0f51872f8a /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN6WebKit10WebProcess17didReceiveMessageERN3IPC10ConnectionERNS1_7DecoderE+0x4c) [0x7f0f51872f8a]
24  0x7f0f515cae6a /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN3IPC10Connection15dispatchMessageERNS_7DecoderE+0x3a) [0x7f0f515cae6a]
25  0x7f0f515cafd4 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN3IPC10Connection15dispatchMessageESt10unique_ptrINS_7DecoderESt14default_deleteIS2_EE+0x166) [0x7f0f515cafd4]
26  0x7f0f515cb1c6 /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZN3IPC10Connection18dispatchOneMessageEv+0xc8) [0x7f0f515cb1c6]
27  0x7f0f515cad0a /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(+0x4f60d0a) [0x7f0f515cad0a]
28  0x7f0f515d10aa /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(+0x4f670aa) [0x7f0f515d10aa]
29  0x7f0f5159456d /home/mcatanzaro/Projects/GNOME/install/lib/libwebkit2gtk-4.0.so.37(_ZNK3WTF8FunctionIFvvEEclEv+0x37) [0x7f0f5159456d]
30  0x7f0f496d8a68 /home/mcatanzaro/Projects/GNOME/install/lib/libjavascriptcoregtk-4.0.so.18(_ZN3WTF7RunLoop11performWorkEv+0xce) [0x7f0f496d8a68]
31  0x7f0f4971f8e8 /home/mcatanzaro/Projects/GNOME/install/lib/libjavascriptcoregtk-4.0.so.18(+0x25008e8) [0x7f0f4971f8e8]

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170114/02926dc4/attachment-0001.html>

More information about the webkit-unassigned mailing list