File: clearTimeout-crash-bug29832.html

package info (click to toggle)

qtwebkit 2.3.4.dfsg-10

links: PTS, VCS
area: main
in suites: buster
size: 290,632 kB
sloc: cpp: 1,417,515; python: 85,048; ansic: 39,357; perl: 38,862; ruby: 10,313; objc: 9,505; xml: 8,679; asm: 3,864; yacc: 2,458; sh: 1,237; lex: 813; makefile: 592; java: 228; php: 79

file content (20 lines) | stat: -rw-r--r-- 1,003 bytes

parent folder | download | duplicates (16)

<script>
var w;
function clear() {
    w.clearTimeout(153);
}

function test() {
    w = window.open("data:text/html,"+
        "<script>" +
        "function navigate() { location.href='data:text/html,<body>Close this page and wait.</body>'};" +
        "setTimeout(navigate,0);</" + 
        "script>");

    setInterval(clear, 0);
}
</script>
<body>
<p>This test reproduces the crash in DOMWindow::clearTimeout that happens when DOMWindow is disconnected from the Frame (as in back/forward cache expiration case tested here).
<p>This is the link to the bug: <a href="https://bugs.webkit.org/show_bug.cgi?id=29832">https://bugs.webkit.org/show_bug.cgi?id=29832</a>
<p>To reproduce the crash, click the link below, the popup window opens, which will immediately navigate to another one, so the b/f cache entry will be created. Close the popup window. Wait a few seconds (~10), for the page cache to start deleting pages it doesn't need - crash will happen.<br><a href="javascript:test()">Crash me!</a>