WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED INVALID
22778
Segmentation fault
https://bugs.webkit.org/show_bug.cgi?id=22778
Summary
Segmentation fault
Luca Ferretti
Reported
2008-12-10 06:07:03 PST
Sorry for bad summary, but I've segfault in all webkit based application I'm testing (epiphany, devhelp, yelp, GtkLauncher) WebKit is 2 days ago rebuild from git (5bb66bb946449ad9e549a6d2c7fa54f42fcb890c) Here is the stack running Yelp and clicking on a11y guide link: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb50306c0 (LWP 15332)] 0xb55cee8e in IA__g_object_unref (_object=0x1000000) at gobject.c:2370 2370 g_return_if_fail (G_IS_OBJECT (object)); (gdb) thread apply all bt Thread 6 (Thread 0xb47ebb90 (LWP 16224)): #0 0xb7ff0430 in __kernel_vsyscall () #1 0xb5d553a2 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/tls/i686/cmov/libpthread.so.0 #2 0xb5f0407d in g_cond_timed_wait_posix_impl (cond=0x95ff540, entered_mutex=0x80, abs_time=0x5) at gthread-posix.c:242 #3 0xb54f5229 in g_async_queue_pop_intern_unlocked (queue=0x91cd580, try=<value optimized out>, end_time=0xb47eb374) at gasyncqueue.c:365 #4 0xb54f5327 in IA__g_async_queue_timed_pop (queue=0x91cd580, end_time=0xb47eb374) at gasyncqueue.c:491 #5 0xb5547d63 in g_thread_pool_thread_proxy (data=0x94644d0) at gthreadpool.c:121 #6 0xb554675f in g_thread_create_proxy (data=0x94868c0) at gthread.c:635 #7 0xb5d5150f in start_thread () from /lib/tls/i686/cmov/libpthread.so.0 #8 0xb53557ee in clone () from /lib/tls/i686/cmov/libc.so.6 Thread 1 (Thread 0xb50306c0 (LWP 15332)): #0 0xb55cee8e in IA__g_object_unref (_object=0x1000000) at gobject.c:2370 #1 0xb74f5de4 in WebCore::cleanupGioOperation () from /opt/gnome2/lib/libwebkit-1.0.so.1 #2 0xb74f8f01 in WebCore::queryInfoCallback () from /opt/gnome2/lib/libwebkit-1.0.so.1 #3 0xb58c4187 in IA__g_simple_async_result_complete (simple=0x92832f0) at gsimpleasyncresult.c:554 #4 0xb58c41be in complete_in_idle_cb (data=0x92832f0) at gsimpleasyncresult.c:564 #5 0xb5519a51 in g_idle_dispatch (source=0x97727f0, callback=0x1000000, user_data=0x92832f0) at gmain.c:3924 #6 0xb551b988 in IA__g_main_context_dispatch (context=0x91a93a0) at gmain.c:1814 #7 0xb551f033 in g_main_context_iterate (context=0x91a93a0, block=1, dispatch=1, self=0x9178528) at gmain.c:2448 #8 0xb551f552 in IA__g_main_loop_run (loop=0x93a8498) at gmain.c:2656 #9 0xb5adc1e9 in IA__gtk_main () at gtkmain.c:1200 #10 0x0805d0d5 in main (argc=-1258234520, argv=0xbfdf0134) at yelp-main.c:121
Attachments
Add attachment
proposed patch, testcase, etc.
Luca Ferretti
Comment 1
2008-12-10 06:19:11 PST
Stack trace for Epiphany (just started, loading
http://planet.gnome.org
) Thread 1 (Thread 0xb54356c0 (LWP 29022)): #0 0xb7bde2dc in JSC::Interpreter::cti_op_get_by_id_proto_list () from /opt/gnome2/lib/libwebkit-1.0.so.1 #1 0xb4b8fc6a in ?? () #2 0xb7c6ef38 in JSC::evaluate () from /opt/gnome2/lib/libwebkit-1.0.so.1 #3 0xb764bebe in WebCore::ScriptController::evaluate () from /opt/gnome2/lib/libwebkit-1.0.so.1 #4 0xb785519e in WebCore::FrameLoader::executeScript () from /opt/gnome2/lib/libwebkit-1.0.so.1 #5 0xb77fd812 in WebCore::HTMLTokenizer::scriptExecution () from /opt/gnome2/lib/libwebkit-1.0.so.1 #6 0xb77ff0e8 in WebCore::HTMLTokenizer::notifyFinished () from /opt/gnome2/lib/libwebkit-1.0.so.1 #7 0xb77fc5f8 in WebCore::HTMLTokenizer::executeScriptsWaitingForStylesheets () from /opt/gnome2/lib/libwebkit-1.0.so.1 #8 0xb76e4b52 in WebCore::Document::removePendingSheet () from /opt/gnome2/lib/libwebkit-1.0.so.1 #9 0xb77dacbd in WebCore::HTMLLinkElement::sheetLoaded () from /opt/gnome2/lib/libwebkit-1.0.so.1 #10 0xb76bdda9 in WebCore::CSSStyleSheet::checkLoaded () from /opt/gnome2/lib/libwebkit-1.0.so.1 #11 0xb77db640 in WebCore::HTMLLinkElement::setCSSStyleSheet () from /opt/gnome2/lib/libwebkit-1.0.so.1 #12 0xb782af13 in WebCore::CachedCSSStyleSheet::checkNotify () from /opt/gnome2/lib/libwebkit-1.0.so.1 #13 0xb782b73f in WebCore::CachedCSSStyleSheet::data () from /opt/gnome2/lib/libwebkit-1.0.so.1 #14 0xb7873f84 in WebCore::Loader::Host::didFinishLoading () from /opt/gnome2/lib/libwebkit-1.0.so.1 #15 0xb7867510 in WebCore::SubresourceLoader::didFinishLoading () from /opt/gnome2/lib/libwebkit-1.0.so.1 #16 0xb7862421 in WebCore::ResourceLoader::didFinishLoading () from /opt/gnome2/lib/libwebkit-1.0.so.1 #17 0xb79e97e4 in WebCore::finishedCallback () from /opt/gnome2/lib/libwebkit-1.0.so.1 #18 0xb748f66b in final_finished (req=0xb539ea00, user_data=0x8c6f6c0) at soup-session-async.c:329 #19 0xb57d9c24 in IA__g_cclosure_marshal_VOID__VOID (closure=0x8c9af40, return_value=0x0, n_param_values=1, param_values=0x8c75668, invocation_hint=0xbfd7c05c, marshal_data=0xb748f5c0) at gmarshal.c:77 #20 0xb57cbd1b in IA__g_closure_invoke (closure=0x8c9af40, return_value=0x0, n_param_values=1, param_values=0x8c75668, invocation_hint=0xbfd7c05c) at gclosure.c:767 #21 0xb57e3c40 in signal_emit_unlocked_R (node=0x8c70450, detail=0, instance=0x8c43f70, emission_return=0x0, instance_and_params=0x8c75668) at gsignal.c:3314 #22 0xb57e4e0e in IA__g_signal_emit_valist (instance=0x8c43f70, signal_id=407, detail=0, var_args=0xbfd7c1fc "��I�\031\026H���I�(�׿�bH�p?�\bh��\b8y�\b|bH���\177�piH�H�׿$\234}�\200h�\bp?�\bX�׿��\177�p��\b\002") at gsignal.c:2977 #23 0xb57e52b6 in IA__g_signal_emit (instance=0x8c43f70, signal_id=407, detail=0) at gsignal.c:3034 #24 0xb748163f in soup_message_finished (msg=0x8c43f70) at soup-message.c:840 #25 0xb74862cb in soup_message_io_finished (msg=0x8c43f70) at soup-message-io.c:172 #26 0xb57d9c24 in IA__g_cclosure_marshal_VOID__VOID (closure=0x8c9a570, return_value=0x0, n_param_values=1, param_values=0x8c75838, invocation_hint=0xbfd7c3bc, marshal_data=0xb7486970) at gmarshal.c:77 #27 0xb57cbd1b in IA__g_closure_invoke (closure=0x8c9a570, return_value=0x0, n_param_values=1, param_values=0x8c75838, invocation_hint=0xbfd7c3bc) at gclosure.c:767 #28 0xb57e36fd in signal_emit_unlocked_R (node=0x8c71450, detail=0, instance=0x8c76880, emission_return=0x0, instance_and_params=0x8c75838) at gsignal.c:3244 #29 0xb57e4e0e in IA__g_signal_emit_valist (instance=0x8c76880, signal_id=411, detail=0, var_args=0xbfd7c55c "�\017|��\017|�x �\b\210�׿��u�P^�\b\001") at gsignal.c:2977 #30 0xb57e52b6 in IA__g_signal_emit (instance=0x8c76880, signal_id=411, detail=0) at gsignal.c:3034 #31 0xb7491472 in socket_read_watch (chan=0x8c75e50, cond=<value optimized out>, user_data=0x8c76880) at soup-socket.c:1049 #32 0xb575aebd in g_io_unix_dispatch (source=0x8c72078, callback=0xb7491420 <socket_read_watch>, user_data=0x8c76880) at giounix.c:162 #33 0xb5723988 in IA__g_main_context_dispatch (context=0x874dfa8) at gmain.c:1814 #34 0xb5727033 in g_main_context_iterate (context=0x874dfa8, block=1, dispatch=1, self=0x871f0a8) at gmain.c:2448 #35 0xb5727552 in IA__g_main_loop_run (loop=0x87ab398) at gmain.c:2656 #36 0xb5fa61e9 in IA__gtk_main () at gtkmain.c:1200 #37 0x0806f760 in main (argc=Cannot access memory at address 0xa01bf4 ) at ephy-main.c:771
Xan Lopez
Comment 2
2009-03-01 22:36:17 PST
This looks an awful lot like one of the crashes we recently fixed in the soup code. Can you check if it still happens with 1.1.1/trunk?
Luke Kenneth Casson Leighton
Comment 3
2009-07-25 09:07:00 PDT
(In reply to
comment #2
)
> This looks an awful lot like one of the crashes we recently fixed in the soup > code. Can you check if it still happens with 1.1.1/trunk?
xan, just raised this -
https://bugs.webkit.org/show_bug.cgi?id=27679
- which is likewise a soup segfault. #27679 is a repro case: happens every time. l.
Luca Ferretti
Comment 4
2009-07-25 09:45:06 PDT
(In reply to
comment #2
)
> This looks an awful lot like one of the crashes we recently fixed in the soup > code. Can you check if it still happens with 1.1.1/trunk?
Using webkitgtk 1.1.11 * Epiphany (trunk) and GtkLauncher works fine * Yelp (webkit branch) crashes loading pages (bug-buddy can't fetch a stacktrace, I'll run gdb manually) * Devhelp (trunk) fails to build :( (In reply to
comment #3
)
> xan, just raised this -
https://bugs.webkit.org/show_bug.cgi?id=27679
- which > is likewise a soup segfault. #27679 is a repro case: happens every time.
I tried to load the test page linked in this bug in Epiphany. No crash, but the progress bar disappears in the middle of loading and page content appears after more then 1 minute.
Luke Kenneth Casson Leighton
Comment 5
2009-07-25 14:30:00 PDT
(In reply to
comment #4
)
> (In reply to
comment #2
) > > This looks an awful lot like one of the crashes we recently fixed in the soup > > code. Can you check if it still happens with 1.1.1/trunk? > > Using webkitgtk 1.1.11 > * Epiphany (trunk) and GtkLauncher works fine
confirmed, gtklauncher works fine, from latest svn
r46395
and absolute latest git of libsoup, on the test page
http://pyjs.org/examples/kitchensink/output/KitchenSink.html
Jan Alonzo
Comment 6
2009-07-25 15:58:27 PDT
(In reply to
comment #5
)
> (In reply to
comment #4
) > > (In reply to
comment #2
) > > > This looks an awful lot like one of the crashes we recently fixed in the soup > > > code. Can you check if it still happens with 1.1.1/trunk? > > > > Using webkitgtk 1.1.11 > > * Epiphany (trunk) and GtkLauncher works fine > > confirmed, gtklauncher works fine, from latest svn
r46395
and absolute latest > git of libsoup, on the test page >
http://pyjs.org/examples/kitchensink/output/KitchenSink.html
Closing, given this works in recent WebKitGtk and libsoup.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug