Bug 107439

Summary: [Soup] Random thread crashes
Product: WebKit Reporter: Sergio Villar Senin <svillar>
Component: WebKitGTKAssignee: Sergio Villar Senin <svillar>
Status: RESOLVED FIXED    
Severity: Normal CC: danw, gustavo, mrobinson, rakuco, s.choi, svillar
Priority: P2 Keywords: Gtk, Soup
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 107432    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch none

Sergio Villar Senin
Reported 2013-01-21 04:48:03 PST
GLib (gthread-posix.c): Unexpected error from C library during 'pthread_mutex_lock': Invalid argument. Aborting. Program received signal SIGABRT, Aborted. 0x00007ffff016b475 in *__GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 64 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt #0 0x00007ffff016b475 in *__GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #1 0x00007ffff016e6f0 in *__GI_abort () at abort.c:92 #2 0x00007ffff0db020b in g_thread_abort (status=22, function=0x7ffff0e3a52f "pthread_mutex_lock") at gthread-posix.c:76 #3 0x00007ffff0db0397 in g_mutex_lock (mutex=0x21c1730) at gthread-posix.c:211 #4 0x00007ffff0d60d56 in g_main_context_find_source_by_user_data (context=0x21c1730, user_data=0x77b1a0) at gmain.c:2050 #5 0x00007ffff41feefe in soup_session_real_kick_queue (session=0x77b180) at soup-session.c:2123 #6 0x00007ffff41fefbc in soup_session_kick_queue (session=0x77b180) at soup-session.c:2141 #7 0x00007ffff4201d20 in soup_session_send_async (session=0x77b180, msg=0x2646d90, cancellable=0x227be40, callback=0x7ffff41f641c <http_input_stream_ready_cb>, user_data=0x22de0e0) at soup-session.c:3909 #8 0x00007ffff41f65b9 in soup_request_http_send_async (request=0x22f25e0, cancellable=0x227be40, callback=0x7ffff5e11c70 <WebCore::sendRequestCallback(_GObject*, _GAsyncResult*, void*)>, user_data=0x7fff8853d768) at soup-request-http.c:143 #9 0x00007ffff41f5170 in soup_request_send_async (request=0x22f25e0, cancellable=0x227be40, callback=0x7ffff5e11c70 <WebCore::sendRequestCallback(_GObject*, _GAsyncResult*, void*)>, user_data=0x7fff8853d768) at soup-request.c:244 #10 0x00007ffff5e11ba4 in WebCore::ResourceHandle::start(WebCore::NetworkingContext*) () from ~/opt/gnome3/lib64/libwebkitgtk-3.0.so.0 #11 0x00007ffff5e02931 in WebCore::ResourceHandle::create(WebCore::NetworkingContext*, WebCore::ResourceRequest const&, WebCore::ResourceHandleClient*, bool, bool) () from ~/opt/gnome3/lib64/libwebkitgtk-3.0.so.0 #12 0x00007ffff561ef6c in WebCore::ResourceLoader::start() () from ~/opt/gnome3/lib64/libwebkitgtk-3.0.so.0 #13 0x00007ffff5623f8a in WebCore::ResourceLoadScheduler::servePendingRequests(WebCore::ResourceLoadScheduler::HostInformation*, WebCore::ResourceLoadPriority) () from ~/opt/gnome3/lib64/libwebkitgtk-3.0.so.0 #14 0x00007ffff56244ae in WebCore::ResourceLoadScheduler::scheduleSubresourceLoad(WebCore::Frame*, WebCore::CachedResource*, WebCore::ResourceRequest const&, WebCore::ResourceLoadPriority, WebCore::ResourceLoaderOptions const&) () from ~/opt/gnome3/lib64/libwebkitgtk-3.0.so.0 #15 0x00007ffff55b921c in WebCore::CachedResource::load(WebCore::CachedResourceLoader*, WebCore::ResourceLoaderOptions const&) () from ~/opt/gnome3/lib64/libwebkitgtk-3.0.so.0 #16 0x00007ffff55bedd9 in WebCore::CachedResourceLoader::requestResource(WebCore::CachedResource::Type, WebCore::CachedResourceRequest&) () from ~/opt/gnome3/lib64/libwebkitgtk-3.0.so.0 #17 0x00007ffff55c0658 in WebCore::CachedResourceLoader::requestCSSStyleSheet(WebCore::CachedResourceRequest&) () from ~/opt/gnome3/lib64/libwebkitgtk-3.0.so.0
Attachments
Patch (731 bytes, text/plain)
2013-01-21 19:49 PST, Justin Schuh 		no flags
Details
Patch (1.69 KB, patch)
2013-01-22 09:54 PST, Sergio Villar Senin 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Sergio Villar Senin
Comment 1 2013-01-21 04:49:21 PST
BTW I can consistently reproduce it just by trying to log in http://twitter.com
Sergio Villar Senin
Comment 2 2013-01-21 05:04:32 PST
OK, so I've just realized that it only happens if I'm using the patch for bug 107432. Dan, is there any problem on mixing async and sync calls for accessing a given stream? (that patch is synchronously closing a stream that have been read asynchronously).
Dan Winship
Comment 3 2013-01-21 07:58:21 PST
It's supposed to work... and if it was going to fail, I wouldn't expect it to fail like this, which looks like a refcounting problem or something... double-check that there isn't something else wrong in the sync close patch?
Sergio Villar Senin
Comment 4 2013-01-21 08:26:33 PST
(In reply to comment #3) > It's supposed to work... and if it was going to fail, I wouldn't expect it to fail like this, which looks like a refcounting problem or something... double-check that there isn't something else wrong in the sync close patch? I got some slightly different backtraces, most of them when loading resources synchronously, which requires some push/pop_thread magic. Could it be related to that?
Justin Schuh
Comment 5 2013-01-21 19:49:56 PST
Created attachment 183872 [details] Patch
Justin Schuh
Comment 6 2013-01-21 19:52:40 PST
Comment on attachment 183872 [details] Patch Please ignore. I fat-fingered a bug number.
Sergio Villar Senin
Comment 7 2013-01-22 09:46:41 PST
OK I found what's going on. So there was a mixture of things. There is a bug in libsoup which was somehow uncovered by the patch for https://bugs.webkit.org/show_bug.cgi?id=107432. But I think there is also a bug in our network stack for synchronous requests. We directly stop the inner main loop we create to emulate synchronous requests in didFinishLoading() but we do not check if we have pending sources in that context we create.
Sergio Villar Senin
Comment 8 2013-01-22 09:54:44 PST
Created attachment 184001 [details] Patch
Martin Robinson
Comment 9 2013-01-22 10:04:24 PST
Comment on attachment 184001 [details] Patch Okay. This seems reasonable.
Sergio Villar Senin
Comment 10 2013-01-22 11:26:29 PST
Comment on attachment 184001 [details] Patch Clearing flags on attachment: 184001 Committed r140445: <http://trac.webkit.org/changeset/140445>
Sergio Villar Senin
Comment 11 2013-01-22 11:26:35 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.