Bug 146783

Summary: [SOUP] Crash in ~WebSoupRequestAsyncData
Product: WebKit Reporter: Michael Catanzaro <mcatanzaro>
Component: WebKit2Assignee: Nobody <webkit-unassigned>
Status: NEW    
Severity: Normal CC: bugs-noreply, cgarcia, mario, mcatanzaro
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: Linux   
See Also: https://bugzilla.redhat.com/show_bug.cgi?id=1241391

Michael Catanzaro
Reported 2015-07-09 06:19:56 PDT
Core was generated by `/usr/libexec/webkit2gtk-4.0/WebKitWebProcess 42'. Program terminated with signal SIGSEGV, Segmentation fault. #0 ~WebSoupRequestAsyncData (this=0x1, __in_chrg=<optimized out>) at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/Shared/Network/CustomProtocols/soup/CustomProtocolManagerImpl.cpp:54 54 if (request) Truncated backtrace: Thread no. 1 (10 frames) #0 ~WebSoupRequestAsyncData at /usr/src/debug/webkitgtk-2.8.3/Source/WebKit2/Shared/Network/CustomProtocols/soup/CustomProtocolManagerImpl.cpp:54 #1 operator() at /usr/include/c++/5.1.1/bits/unique_ptr.h:76 #2 ~unique_ptr at /usr/include/c++/5.1.1/bits/unique_ptr.h:236 #3 ~KeyValuePair at /usr/src/debug/webkitgtk-2.8.3/Source/WTF/wtf/HashTraits.h:180 #4 reinsert at /usr/src/debug/webkitgtk-2.8.3/Source/WTF/wtf/HashTable.h:926 #5 WTF::HashTable<unsigned long, WTF::KeyValuePair<unsigned long, std::unique_ptr<WebKit::WebSoupRequestAsyncData, std::default_delete<WebKit::WebSoupRequestAsyncData> > >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long, std::unique_ptr<WebKit::WebSoupRequestAsyncData, std::default_delete<WebKit::WebSoupRequestAsyncData> > > >, WTF::IntHash<unsigned long>, WTF::HashMap<unsigned long, std::unique_ptr<WebKit::WebSoupRequestAsyncData, std::default_delete<WebKit::WebSoupRequestAsyncData> >, WTF::IntHash<unsigned long>, WTF::HashTraits<unsigned long>, WTF::HashTraits<std::unique_ptr<WebKit::WebSoupRequestAsyncData, std::default_delete<WebKit::WebSoupRequestAsyncData> > > >::KeyValuePairTraits, WTF::HashTraits<unsigned long> >::rehash at /usr/src/debug/webkitgtk-2.8.3/Source/WTF/wtf/HashTable.h:1126 #6 shrink at /usr/src/debug/webkitgtk-2.8.3/Source/WTF/wtf/HashTable.h:444 #7 WTF::HashTable<unsigned long, WTF::KeyValuePair<unsigned long, std::unique_ptr<WebKit::WebSoupRequestAsyncData, std::default_delete<WebKit::WebSoupRequestAsyncData> > >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<unsigned long, std::unique_ptr<WebKit::WebSoupRequestAsyncData, std::default_delete<WebKit::WebSoupRequestAsyncData> > > >, WTF::IntHash<unsigned long>, WTF::HashMap<unsigned long, std::unique_ptr<WebKit::WebSoupRequestAsyncData, std::default_delete<WebKit::WebSoupRequestAsyncData> >, WTF::IntHash<unsigned long>, WTF::HashTraits<unsigned long>, WTF::HashTraits<std::unique_ptr<WebKit::WebSoupRequestAsyncData, std::default_delete<WebKit::WebSoupRequestAsyncData> > > >::KeyValuePairTraits, WTF::HashTraits<unsigned long> >::remove at /usr/src/debug/webkitgtk-2.8.3/Source/WTF/wtf/HashTable.h:1000 #8 removeAndInvalidateWithoutEntryConsistencyCheck at /usr/src/debug/webkitgtk-2.8.3/Source/WTF/wtf/HashTable.h:974 #9 removeWithoutEntryConsistencyCheck at /usr/src/debug/webkitgtk-2.8.3/Source/WTF/wtf/HashTable.h:1020 See the downstream bug for the full backtrace. I spent a bit of time looking at this, but I don't understand the crash. The code looks safe to me.
Attachments
Note You need to log in before you can comment on or make changes to this bug.