13990 – Opening any web page in QtLauncher causes a segfault

Bug 13990 - Opening any web page in QtLauncher causes a segfault

Summary: Opening any web page in QtLauncher causes a segfault

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit Qt (show other bugs)
Version:	523.x (Safari 3)
Hardware:	PC Linux

Importance:	P2 Normal
Assignee:	Nobody

URL:	http://www.arklinux.org/
Keywords:

Depends on:
Blocks:

Reported:	2007-06-04 10:05 PDT by Bernhard Rosenkraenzer
Modified:	2008-03-17 08:55 PDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Bernhard Rosenkraenzer 2007-06-04 10:05:17 PDT

with Linux 2.6.22, glibc 2.6, gcc 4.2.0, Qt 4.3.0, today's QtLauncher crashes when opening any web page (e.g. http://www.arklinux.org/).

gdb backtrace:

#0  0xb688e5c4 in QAbstractSocket::state ()
   from /usr/lib/qt4/lib/libQtNetwork.so.4
#1  0xb68ae13d in ?? () from /usr/lib/qt4/lib/libQtNetwork.so.4
#2  0xb68a57d8 in ?? () from /usr/lib/qt4/lib/libQtNetwork.so.4
#3  0xb68a8b5e in QSslSocket::qt_metacall ()
   from /usr/lib/qt4/lib/libQtNetwork.so.4
#4  0xb6cef533 in QMetaObject::activate () from /usr/lib/qt4/lib/libQtCore.so.4
#5  0xb6cef91b in QMetaObject::activate () from /usr/lib/qt4/lib/libQtCore.so.4
#6  0xb6d0f115 in QIODevice::readyRead () from /usr/lib/qt4/lib/libQtCore.so.4
#7  0xb688fc35 in ?? () from /usr/lib/qt4/lib/libQtNetwork.so.4
#8  0xb6892af3 in QAbstractSocket::qt_metacall ()
   from /usr/lib/qt4/lib/libQtNetwork.so.4
#9  0xb68b2173 in QTcpSocket::qt_metacall ()
   from /usr/lib/qt4/lib/libQtNetwork.so.4
#10 0xb6cef533 in QMetaObject::activate () from /usr/lib/qt4/lib/libQtCore.so.4
#11 0xb6cef91b in QMetaObject::activate () from /usr/lib/qt4/lib/libQtCore.so.4
#12 0xb68b1b35 in ?? () from /usr/lib/qt4/lib/libQtNetwork.so.4
#13 0xb68b1c05 in ?? () from /usr/lib/qt4/lib/libQtNetwork.so.4
#14 0xb68b1d43 in ?? () from /usr/lib/qt4/lib/libQtNetwork.so.4
#15 0xb6cef533 in QMetaObject::activate () from /usr/lib/qt4/lib/libQtCore.so.4
#16 0xb6cef91b in QMetaObject::activate () from /usr/lib/qt4/lib/libQtCore.so.4
#17 0xb6d10cf5 in QSocketNotifier::activated ()
   from /usr/lib/qt4/lib/libQtCore.so.4
#18 0xb6cf7711 in QSocketNotifier::event ()
   from /usr/lib/qt4/lib/libQtCore.so.4
#19 0xb70b8902 in QApplicationPrivate::notify_helper ()
   from /usr/lib/qt4/lib/libQtGui.so.4
#20 0xb70bac07 in QApplication::notify () from /usr/lib/qt4/lib/libQtGui.so.4
#21 0xb6cdd7f8 in QCoreApplication::notifyInternal ()
   from /usr/lib/qt4/lib/libQtCore.so.4
#22 0xb6d06088 in QEventDispatcherUNIX::activateSocketNotifiers ()
   from /usr/lib/qt4/lib/libQtCore.so.4
#23 0xb6d06613 in QEventDispatcherUNIXPrivate::doSelect ()
   from /usr/lib/qt4/lib/libQtCore.so.4
#24 0xb6d067c2 in QEventDispatcherUNIX::processEvents ()
   from /usr/lib/qt4/lib/libQtCore.so.4
#25 0xb713ed1a in ?? () from /usr/lib/qt4/lib/libQtGui.so.4
#26 0xb6cdcbd3 in QEventLoop::processEvents ()
   from /usr/lib/qt4/lib/libQtCore.so.4
#27 0xb6cdccd9 in QEventLoop::exec () from /usr/lib/qt4/lib/libQtCore.so.4
#28 0xb6cded4e in QCoreApplication::exec ()
   from /usr/lib/qt4/lib/libQtCore.so.4
#29 0xb70b8324 in QApplication::exec () from /usr/lib/qt4/lib/libQtGui.so.4
#30 0x0804d1de in main ()

Probably the state of an already deleted socket is being asked?

(Apparently unrelated) console spewage:

[bero@localhost WebKit]$ WebKitBuild/Release/WebKitQt/QtLauncher/QtLauncher http://www.arklinux.org/
FrameLoaderClientQt::makeDocumentView 0x0
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/ChromeClientQt.cpp:260 (virtual void WebCore::ChromeClientQt::setStatusbarText(const WebCore::String&))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/ChromeClientQt.cpp:260 (virtual void WebCore::ChromeClientQt::setStatusbarText(const WebCore::String&))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:191 (virtual void WebCore::FrameLoaderClientQt::forceLayoutForNonHTML())
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:901 (virtual WebCore::String WebCore::FrameLoaderClientQt::overrideMediaType() const)
FrameLoaderClientQt::cancelPolicyCheck
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/ChromeClientQt.cpp:225 (virtual bool WebCore::ChromeClientQt::canRunBeforeUnloadConfirmPanel())
FrameLoaderClientQt::cancelPolicyCheck
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:725 (virtual void WebCore::FrameLoaderClientQt::assignIdentifierToInitialRequest(long unsigned int, WebCore::DocumentLoader*, const WebCore::ResourceRequest&))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:509 (virtual bool WebCore::FrameLoaderClientQt::representationExistsForURLScheme(const WebCore::String&) const)
    scheme is "http"
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:509 (virtual bool WebCore::FrameLoaderClientQt::representationExistsForURLScheme(const WebCore::String&) const)
    scheme is "http"
FIXME: UNIMPLEMENTED: ../../../WebCore/platform/network/qt/ResourceHandleQt.cpp:98 (static bool WebCore::ResourceHandle::supportsBufferedData())
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:323 (virtual void WebCore::FrameLoaderClientQt::dispatchWillClose())
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:162 (virtual bool WebCore::FrameLoaderClientQt::privateBrowsingEnabled() const)
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:617 (virtual void WebCore::FrameLoaderClientQt::updateGlobalHistoryForStandardLoad(const WebCore::KURL&))
FrameLoaderClientQt::makeDocumentView 0x813e9a0
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:341 (virtual void WebCore::FrameLoaderClientQt::dispatchDidCommitLoad())
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/ChromeClientQt.cpp:260 (virtual void WebCore::ChromeClientQt::setStatusbarText(const WebCore::String&))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/ChromeClientQt.cpp:260 (virtual void WebCore::ChromeClientQt::setStatusbarText(const WebCore::String&))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:901 (virtual WebCore::String WebCore::FrameLoaderClientQt::overrideMediaType() const)
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:444 (virtual void WebCore::FrameLoaderClientQt::willChangeTitle(WebCore::DocumentLoader*))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:725 (virtual void WebCore::FrameLoaderClientQt::assignIdentifierToInitialRequest(long unsigned int, WebCore::DocumentLoader*, const WebCore::ResourceRequest&))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:828 (virtual bool WebCore::FrameLoaderClientQt::willUseArchive(WebCore::ResourceLoader*, const WebCore::ResourceRequest&, const WebCore::KURL&) const)
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:725 (virtual void WebCore::FrameLoaderClientQt::assignIdentifierToInitialRequest(long unsigned int, WebCore::DocumentLoader*, const WebCore::ResourceRequest&))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:828 (virtual bool WebCore::FrameLoaderClientQt::willUseArchive(WebCore::ResourceLoader*, const WebCore::ResourceRequest&, const WebCore::KURL&) const)
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:725 (virtual void WebCore::FrameLoaderClientQt::assignIdentifierToInitialRequest(long unsigned int, WebCore::DocumentLoader*, const WebCore::ResourceRequest&))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:828 (virtual bool WebCore::FrameLoaderClientQt::willUseArchive(WebCore::ResourceLoader*, const WebCore::ResourceRequest&, const WebCore::KURL&) const)
FIXME: UNIMPLEMENTED: ../../../WebCore/platform/network/qt/ResourceHandleQt.cpp:98 (static bool WebCore::ResourceHandle::supportsBufferedData())
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:725 (virtual void WebCore::FrameLoaderClientQt::assignIdentifierToInitialRequest(long unsigned int, WebCore::DocumentLoader*, const WebCore::ResourceRequest&))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:828 (virtual bool WebCore::FrameLoaderClientQt::willUseArchive(WebCore::ResourceLoader*, const WebCore::ResourceRequest&, const WebCore::KURL&) const)
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:725 (virtual void WebCore::FrameLoaderClientQt::assignIdentifierToInitialRequest(long unsigned int, WebCore::DocumentLoader*, const WebCore::ResourceRequest&))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:828 (virtual bool WebCore::FrameLoaderClientQt::willUseArchive(WebCore::ResourceLoader*, const WebCore::ResourceRequest&, const WebCore::KURL&) const)
FIXME: UNIMPLEMENTED: ../../../WebCore/platform/network/qt/ResourceHandleQt.cpp:98 (static bool WebCore::ResourceHandle::supportsBufferedData())
FIXME: UNIMPLEMENTED: ../../../WebCore/platform/network/qt/ResourceHandleQt.cpp:98 (static bool WebCore::ResourceHandle::supportsBufferedData())
FIXME: UNIMPLEMENTED: ../../../WebCore/platform/network/qt/ResourceHandleQt.cpp:98 (static bool WebCore::ResourceHandle::supportsBufferedData())
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:725 (virtual void WebCore::FrameLoaderClientQt::assignIdentifierToInitialRequest(long unsigned int, WebCore::DocumentLoader*, const WebCore::ResourceRequest&))
FIXME: UNIMPLEMENTED: ../../../WebKitQt/WebCoreSupport/FrameLoaderClientQt.cpp:828 (virtual bool WebCore::FrameLoaderClientQt::willUseArchive(WebCore::ResourceLoader*, const WebCore::ResourceRequest&, const WebCore::KURL&) const)
FIXME: UNIMPLEMENTED: ../../../WebCore/platform/network/qt/ResourceHandleQt.cpp:98 (static bool WebCore::ResourceHandle::supportsBufferedData())
Segmentation fault

Comment 1 Bernhard Rosenkraenzer 2007-06-20 10:26:28 PDT

Problem still occurs in today's build (SVN rev. 23650)

Comment 2 Bernhard Rosenkraenzer 2007-06-21 05:51:10 PDT

Same in today's svn -- the backtrace is less readable than before though:

*** glibc detected *** /usr/src/ark/BUILD/WebKit/WebKitBuild/Release/WebKitQt/QtLauncher/QtLauncher: munmap_chunk(): invalid pointer: 0x08199b60 ***
Program received signal SIGABRT, Aborted.
0xffffe410 in ?? ()
(gdb) bt
#0  0xffffe410 in ?? ()
#1  0xbfafec94 in ?? ()
#2  0x00000006 in ?? ()
#3  0x00007614 in ?? ()
#4  0x42029cf3 in raise () from /lib/libc.so.6
#5  0x42141ff4 in ?? () from /lib/libc.so.6
#6  0xbfafe5c0 in ?? ()
#7  0xb6a288e0 in ?? ()
#8  0x4202b7cc in abort () from /lib/libc.so.6
#9  0xbfafe5c0 in ?? ()
#10 0x00000000 in ?? ()

Comment 3 Bernhard Rosenkraenzer 2007-07-13 05:31:51 PDT

Still reproducable with today's svn (r24253)

Comment 4 Michael Tross 2007-07-26 10:02:06 PDT

Still reproducable with today's svn (r24642)
 
gdb stack trace:

Program received signal SIGABRT, Aborted.
[Switching to Thread -1233602864 (LWP 6666)]
0xffffe410 in __kernel_vsyscall ()
(gdb) bt
#0  0xffffe410 in __kernel_vsyscall ()
#1  0xb6a36f27 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:67
#2  0xb6a3898e in *__GI_abort () at abort.c:88
#3  0xb6a6c815 in __libc_message (do_abort=2, fmt=0xb6b20d44 "*** glibc detected *** %s: %s: 0x%s ***\n")
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:170
#4  0xb6a72312 in malloc_printerr (action=2, str=0xb6b20d70 "munmap_chunk(): invalid pointer", ptr=<value optimized out>)
    at malloc.c:5911
#5  0xb6c1db51 in operator delete () from /usr/lib/libstdc++.so.6
#6  0xb78d9e7f in WTF::HashTableRefCounterBase<true, WTF::HashTable<WebCore::StringImpl*, std::pair<WebCore::StringImpl*, int>, WTF::PairFirstExtractor<std::pair<WebCore::StringImpl*, int> >, WTF::CaseInsensitiveHash<WebCore::StringImpl*>, WTF::PairHashTraits<WTF::HashTraits<WebCore::StringImpl*>, WTF::HashTraits<int> >, WTF::HashTraits<WebCore::StringImpl*> >, WTF::PairBaseHashTraits<WTF::HashTraits<WebCore::String>, WTF::HashTraits<WebCore::String> > >::derefAll ()
   from /home/michael/work/src/test/webkit/WebKitBuild/Debug/lib/libQtWebKit.so.1
#7  0xb78dba10 in WebCore::ResourceRequestBase::~ResourceRequestBase ()
   from /home/michael/work/src/test/webkit/WebKitBuild/Debug/lib/libQtWebKit.so.1
#8  0xb7a9aebb in WebCore::ResourceLoader::~ResourceLoader ()
   from /home/michael/work/src/test/webkit/WebKitBuild/Debug/lib/libQtWebKit.so.1
#9  0xb7a9cc4a in WebCore::SubresourceLoader::~SubresourceLoader ()
   from /home/michael/work/src/test/webkit/WebKitBuild/Debug/lib/libQtWebKit.so.1
#10 0xb7a9d00c in WebCore::SubresourceLoader::didFinishLoading ()
   from /home/michael/work/src/test/webkit/WebKitBuild/Debug/lib/libQtWebKit.so.1
#11 0xb7a997f1 in WebCore::ResourceLoader::didFinishLoading ()
   from /home/michael/work/src/test/webkit/WebKitBuild/Debug/lib/libQtWebKit.so.1
#12 0xb7be17c5 in QWebNetworkManager::finished () from /home/michael/work/src/test/webkit/WebKitBuild/Debug/lib/libQtWebKit.so.1
#13 0xb7da7a1f in QWebNetworkManager::qt_metacall () from /home/michael/work/src/test/webkit/WebKitBuild/Debug/lib/libQtWebKit.so.1
#14 0xb6df165b in QMetaCallEvent::placeMetaCall () from /opt/qt4/lib/libQtCore.so.4
#15 0xb6df3eb1 in QObject::event () from /opt/qt4/lib/libQtCore.so.4
#16 0xb71ca60c in QApplicationPrivate::notify_helper () from /opt/qt4/lib/libQtGui.so.4
#17 0xb71d0829 in QApplication::notify () from /opt/qt4/lib/libQtGui.so.4
#18 0xb6de5849 in QCoreApplication::notifyInternal () from /opt/qt4/lib/libQtCore.so.4
#19 0xb6de72bf in QCoreApplicationPrivate::sendPostedEvents () from /opt/qt4/lib/libQtCore.so.4
#20 0xb6de758d in QCoreApplication::sendPostedEvents () from /opt/qt4/lib/libQtCore.so.4
#21 0xb6e06fcb in ?? () from /opt/qt4/lib/libQtCore.so.4
#22 0x00000000 in ?? ()

Comment 5 Bernhard Rosenkraenzer 2008-03-17 08:55:51 PDT

This has been fixed months ago