Details
P1: Critical Description
I found a new crah by loading this web page :
http://www.elle.fr/Mode/page/Chaussures-Clotaire
This is the debug output :
QPainter::begin: Paint device returned engine == 0, type: 2
ASSERTION FAILED: m_ptr
..\WTF/wtf/OwnPtr.h(72) : WTF::OwnPtr<T>::ValueType* WTF::OwnPtr<T>::operator->() const [with T = WebCore::ImageBuffer; WTF::OwnPtr<T>::PtrType = WebCore::ImageBuffer*; WTF::OwnPtr<T>::ValueType = WebCore::ImageBuffer]
1 0D5443EB
2 0D543D3E
3 0D54E30F
4 0D54D51B
5 0D54D56E
6 0D54D56E
7 0D54D56E
8 0D54D56E
9 0D54D56E
10 0D54D56E
11 0C356EA9
12 0D718D08
13 0D718F01
14 0BFA075D
15 206D4E24
16 206D4EEF
17 206DF8E4
18 21E4F282
19 206DF6D4
20 21E1DF61
21 21E1DDE5
22 6B929EEE
23 22166AF1
24 21E47CFA
25 21E242FD
26 21E235DD
27 21E3FC58
28 21E4F7C3
29 21F6B790
30 21E1DF61
31 21E1DDE5
This is the call tree :
0 WTFCrash C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xdd40805
1 WebCore::BitmapTextureImageBuffer::updateContents(WebCore::TextureMapper*, WebCore::GraphicsLayer*, WebCore::IntRect const&, WebCore::IntPoint const&, WebCore::BitmapTexture::UpdateContentsFlag) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd54a534
2 WebCore::TextureMapperTile::updateContents(WebCore::TextureMapper*, WebCore::GraphicsLayer*, WebCore::IntRect const&, WebCore::BitmapTexture::UpdateContentsFlag) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd5443eb
3 WebCore::TextureMapperTiledBackingStore::updateContents(WebCore::TextureMapper*, WebCore::GraphicsLayer*, WebCore::FloatSize const&, WebCore::IntRect const&, WebCore::BitmapTexture::UpdateContentsFlag) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd543d3e
4 WebCore::GraphicsLayerTextureMapper::updateBackingStoreIfNeeded() C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd54e30f
5 WebCore::GraphicsLayerTextureMapper::flushCompositingState(WebCore::FloatRect const&) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd54d51b
6 WebCore::GraphicsLayerTextureMapper::flushCompositingState(WebCore::FloatRect const&) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd54d56e
7 WebCore::GraphicsLayerTextureMapper::flushCompositingState(WebCore::FloatRect const&) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd54d56e
8 WebCore::GraphicsLayerTextureMapper::flushCompositingState(WebCore::FloatRect const&) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd54d56e
9 WebCore::GraphicsLayerTextureMapper::flushCompositingState(WebCore::FloatRect const&) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd54d56e
10 WebCore::GraphicsLayerTextureMapper::flushCompositingState(WebCore::FloatRect const&) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd54d56e
11 WebCore::GraphicsLayerTextureMapper::flushCompositingState(WebCore::FloatRect const&) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd54d56e
12 WebCore::RenderLayerCompositor::flushPendingLayerChanges(bool) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xc356ea9
13 WebCore::FrameView::flushCompositingStateForThisFrame(WebCore::Frame*) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd718d08
14 WebCore::FrameView::paintContents(WebCore::GraphicsContext*, WebCore::IntRect const&) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd718f01
15 QWebFrameAdapter::renderRelativeCoords(QPainter*, int, QRegion const&) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xbfa075d
16 QWebFrame::render 644 0x206d4e24
17 QWebFrame::render 654 0x206d4eef
18 QWebView::paintEvent 827 0x206df8e4
19 QWidget::event 8117 0x21e4f282
20 QWebView::event 731 0x206df6d4
21 QApplicationPrivate::notify_helper 3499 0x21e1df61
22 QApplication::notify 3464 0x21e1dde5
23 QCoreApplication::notifyInternal 935 0x6b929eee
24 QCoreApplication::sendSpontaneousEvent 240 0x22166af1
25 QWidgetPrivate::drawWidget 5157 0x21e47cfa
26 QWidgetBackingStore::doSync 1182 0x21e242fd
27 QWidgetBackingStore::sync 1029 0x21e235dd
28 QWidgetPrivate::syncBackingStore 1691 0x21e3fc58
29 QWidget::event 8255 0x21e4f7c3
30 QMainWindow::event 1499 0x21f6b790
31 QApplicationPrivate::notify_helper 3499 0x21e1df61
32 QApplication::notify 3464 0x21e1dde5
33 QCoreApplication::notifyInternal 935 0x6b929eee
34 QCoreApplication::sendEvent 237 0x22166b4d
35 QWidgetBackingStore::sendUpdateRequest 461 0x21e20ee8
36 QWidgetBackingStore::markDirty 652 0x21e21bac
37 QWidget::repaint 9911 0x21e521bd
38 QWidget::repaint 9867 0x21e51fee
39 QProgressBar::setValue 340 0x21f9a38e
40 MainWindow::slot_loadingBarProgress MainWindow.cpp 1333 0x44cebe
41 MainWindow::qt_static_metacall moc_MainWindow.cpp 177 0x46ae9d
42 QMetaObject::activate 3681 0x6b955027
43 QMetaObject::activate 3547 0x6b95498c
44 QWebView::loadProgress 324 0x206e06f3
45 QWebView::qt_static_metacall 152 0x206dffc7
46 QMetaObject::activate 3681 0x6b955027
47 QMetaObject::activate 3547 0x6b95498c
48 QWebPage::loadProgress 782 0x206ddecf
49 QWebPage::qt_static_metacall 487 0x206dd254
50 QMetaObject::activate 3681 0x6b955027
51 QMetaObject::activate 3547 0x6b95498c
52 WebCore::FrameLoaderClientQt::postProgressEstimateChangedNotification() C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xbfafbca
53 WebCore::ProgressTracker::incrementProgress(unsigned long, char const*, int) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd7ab165
54 WebCore::ResourceLoadNotifier::didReceiveData(WebCore::ResourceLoader*, char const*, int, int) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd7a1b06
55 WebCore::ResourceLoader::didReceiveDataOrBuffer(char const*, int, WTF::PassRefPtr<WebCore::SharedBuffer>, long long, WebCore::DataPayloadType) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd7a3db4
56 WebCore::SubresourceLoader::didReceiveDataOrBuffer(char const*, int, WTF::PassRefPtr<WebCore::SharedBuffer>, long long, WebCore::DataPayloadType) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd799117
57 WebCore::SubresourceLoader::didReceiveData(char const*, int, long long, WebCore::DataPayloadType) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd7994fc
58 WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle*, char const*, int, int) C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd7a3233
59 WebCore::QNetworkReplyHandler::forwardData() C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd537cfc
60 WebCore::QNetworkReplyHandlerCallQueue::flush() [clone .part.73] C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd5351cd
61 WebCore::QNetworkReplyWrapper::emitMetaDataChanged() C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd53757e
62 WebCore::QNetworkReplyWrapper::receiveMetaData() C:\Qt\5.3\mingw482_32\bin\Qt5WebKitd.dll 0xd5378d3
63 QMetaObject::activate 3681 0x6b955027
64 QMetaObject::activate 3547 0x6b95498c
65 QIODevice::readyRead 153 0x6b9a92a0
66 QNetworkReplyHttpImplPrivate::replyDownloadData 1049 0x67cbd5ee
67 QNetworkReplyHttpImpl::qt_static_metacall 222 0x67d1acc1
68 QMetaCallEvent::placeMetaCall 487 0x6b94e76c
69 QObject::event 1241 0x6b94f4db
70 QApplicationPrivate::notify_helper 3499 0x21e1df61
71 QApplication::notify 2952 0x21e1ba13
72 QCoreApplication::notifyInternal 935 0x6b929eee
73 QCoreApplication::sendEvent 237 0x6b9cf5e7
74 QCoreApplicationPrivate::sendPostedEvents 1539 0x6b92b0a6
75 QCoreApplication::sendPostedEvents 1397 0x6b92ab8e
76 QWindowsGuiEventDispatcher::sendPostedEvents 88 0x6285cf11
77 qt_internal_proc(HWND__*, unsigned int, unsigned int, long)@16 419 0x6b978658
78 gapfnScSendMessage C:\Windows\syswow64\user32.dll 0x765f62fa
79 ?? 0x201c0
80 USER32!GetThreadDesktop C:\Windows\syswow64\user32.dll 0x765f6d3a
81 __lambda0::operator() 362 0x6b978393
82 ?? 0x201c0
83 USER32!CharPrevW C:\Windows\syswow64\user32.dll 0x765f77c4
84 USER32!DispatchMessageW C:\Windows\syswow64\user32.dll 0x765f788a
85 QEventDispatcherWin32::processEvents 794 0x6b979c99
86 QWindowsGuiEventDispatcher::processEvents 80 0x6285cdf0
87 QEventLoop::processEvents 136 0x6b927f94
88 QEventLoop::exec 212 0x6b92822f
89 QCoreApplication::exec 1188 0x6b92a53d
90 QGuiApplication::exec 1483 0x3c96520
91 QApplication::exec 2744 0x21e1b357
92 qMain main.cpp 123 0x455fed
93 WinMain@16 131 0x46e59b
94 main 0x48f1ad
And this is the WTFCrash disassembly :
Function: WTFCrash
0xdd407f1 <+0x0001> in (%dx),%al
0xdd407f2 <+0x0002> or $0xa1,%al
0xdd407f4 <+0x0004> rorb $0x74,-0x3f7aefd5(%ecx)
0xdd407fb <+0x000b> add %bh,%bh
0xdd407fd <+0x000d> shr %al
0xdd407ff <+0x000f> (bad)
0xdd40800 <+0x0010> (bad)
0xdd40801 <+0x0011> (bad)
0xdd40802 <+0x0012> pushl (%ecx)
0xdd40804 <+0x0014> rol $0x5,%bh
0xdd40807 <+0x0017> out %eax,(%dx)
0xdd40808 <+0x0018> mov $0xbbad,%esi
0xdd4080d <+0x001d> add %al,(%eax)
0xdd4080f <+0x001f> add $0xc,%esp
0xdd40812 <+0x0022> jmp *%eax
0xdd40814 <+0x0024> lea 0x0(%esi),%esi
0xdd4081a <+0x002a> lea 0x0(%edi),%edi
Function: vprintf_stderr_with_prefix
0xdd40820 push %ebp
0xdd40821 <+0x0001> mov %eax,%ebp
0xdd40823 <+0x0003> push %edi
0xdd40824 <+0x0004> mov %edx,%edi
0xdd40826 <+0x0006> push %esi
0xdd40827 <+0x0007> push %ebx
0xdd40828 <+0x0008> sub $0x2c,%esp
0xdd4082b <+0x000b> mov %eax,(%esp)
0xdd4082e <+0x000e> mov %ecx,0x14(%esp)
0xdd40832 <+0x0012> call 0xdd4fac0 <strlen>
0xdd40837 <+0x0017> mov %edi,(%esp)
0xdd4083a <+0x001a> mov %eax,%esi
0xdd4083c <+0x001c> call 0xdd4fac0 <strlen>
0xdd40841 <+0x0021> lea (%eax,%esi,1),%edx
0xdd40844 <+0x0024> mov %eax,0x1c(%esp)
0xdd40848 <+0x0028> lea 0x1(%edx),%eax
0xdd4084b <+0x002b> mov %eax,(%esp)
0xdd4084e <+0x002e> mov %edx,0x18(%esp)
0xdd40852 <+0x0032> call 0xdd41e90 <_Znaj>
0xdd40857 <+0x0037> mov %esi,0x8(%esp)
0xdd4085b <+0x003b> mov %ebp,0x4(%esp)
0xdd4085f <+0x003f> mov %eax,(%esp)
0xdd40862 <+0x0042> mov %eax,%ebx
0xdd40864 <+0x0044> call 0xdd4fac8 <memcpy>