Opened 6 years ago

Closed 2 years ago

#10392 closed bug (fixed)

[WebPositive] crashes in BHttpHeader::NameIs

Reported by: diver Owned by: pulkomandy
Priority: normal Milestone: R1
Component: Applications/WebPositive Version: R1/Development
Keywords: Cc:
Blocked By: Blocking: #13263
Has a Patch: no Platform: All

Description

hrev46649

state: Exception (Segment violation)

Frame		IP			Function Name
-----------------------------------------------
0x721e3bc8	0x26eb85a	strcmp + 0xe
[...]
0x721e3c00	0x1aefeca	BHttpHeader::NameIs(char const*) const + 0x52
0x721e3c30	0x1aeff98	BHttpHeaders::HeaderValue(char const*) const + 0x30
0x721e3c50	0x1af0200	BHttpHeaders::operator[](char const*) const + 0x18
0x721e3c70	0x1af56df	BHttpResult::ContentType() const + 0x29
0x721e3e88	0x3fd6eef	WebCore::BUrlProtocolHandler::sendResponseIfNeeded() + 0x8d
0x721e3ea8	0x3fd7f46	WebCore::BUrlProtocolHandler::HeadersReceived(BUrlRequest*) + 0x18
0x721e3ee0	0x1af94c6	BUrlProtocolAsynchronousListener::MessageReceived(BMessage*) + 0x110
0x721e3f00	0x1eebc5d	BLooper::DispatchMessage(BMessage*, BHandler*) + 0x51
0x721e4120	0x1ee42f4	BApplication::DispatchMessage(BMessage*, BHandler*) + 0x2a
0x721e4170	0x1eeba81	BLooper::task_looper() + 0x19d
0x721e4190	0x1ee2251	BApplication::Run() + 0x57
0x721e41c8	0x22e6de8	main + 0x40
0x721e41f0	0x22db397	_start + 0x4b
0x721e4220	0x1576f14	runtime_loader + 0x130
00000000	0x61734250	commpage_thread_exit + 0

Attachments (2)

WebPositive-537-debug-08-01-2014-16-49-46.report (33.6 KB) - added by diver 6 years ago.
WebPositive-1215-debug-25-02-2017-20-51-03.report (59.4 KB) - added by kainjow 2 years ago.

Download all attachments as: .zip

Change History (13)

comment:1 Changed 6 years ago by pulkomandy

Any particular webpage or webserver triggering this ?

comment:2 Changed 6 years ago by diver

Not at the moment. Will try to reproduce.

comment:3 Changed 5 years ago by pulkomandy

Resolution: fixed
Status: newclosed

Assuming fixed as a lot of bugs were fixed in the network code. Reopen if it happens again.

comment:4 Changed 2 years ago by diver

Resolution: fixed
Status: closedreopened

comment:5 Changed 2 years ago by pulkomandy

This should be fixed in hrev50917. Can you still reproduce?

comment:6 Changed 2 years ago by diver

Blocking: 13263 added

(In #13263) The original crash in BHttpHeader::NameIs is already being tracked in #10392.

The second crash in WebCore::Region::unite deserves its own ticket as well as the url causing Web+ to hang.

comment:7 Changed 2 years ago by kainjow

Has a Patch: set

comment:8 Changed 2 years ago by kainjow

Has a Patch: unset

comment:9 Changed 2 years ago by kainjow

Got this crash with hrev50967. Seems like a null pointer sent to strcmp. I was visiting Amazon, did a search for "ssd" and then clicked on a checkbox on the side to filter the results. I can't reproduce though.

comment:10 Changed 2 years ago by pulkomandy

Fixed in HaikuWebKit fe828d4229e, which will be part of the next HaikuWebKit release.

comment:11 Changed 2 years ago by pulkomandy

Resolution: fixed
Status: reopenedclosed
Note: See TracTickets for help on using tickets.