28354 – webkitgtk 1.1.12 crashes at the end of loading almost any site

Bug 28354 - webkitgtk 1.1.12 crashes at the end of loading almost any site

Summary: webkitgtk 1.1.12 crashes at the end of loading almost any site

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKitGTK (show other bugs)
Version:	528+ (Nightly build)
Hardware:	PC Linux

Importance:	P2 Critical
Assignee:	Jan Alonzo

URL:
Keywords:

Duplicates (1):	28360 (view as bug list)
Depends on:
Blocks:

Reported:	2009-08-16 03:12 PDT by Frederik Himpe
Modified:	2010-01-17 05:06 PST (History)
CC List:	3 users (show)

See Also:

Attachments
Patch v1 (1.15 KB, patch) 2009-08-19 05:48 PDT, Jan Alonzo	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Frederik Himpe 2009-08-16 03:12:44 PDT

Epiphany crashes immediately when loading most sites I visit. Examples are: http://www.sporza.be - http://www.distrowatch.com - http://tweakers.net - http://www.demorgen.be - http://www.lwn.net - http://slashdot.org .
http://www.google.be loads up fine though.

When it crashes, the site seems to be rendered completely and correctly, but then at the end it crashes.

Might it be related to the fact that I don't have any Flash plug-in installed?

$ rpm -q webkit epiphany
webkit-1.1.12-4mdv2010.0
epiphany-2.27.90-1mdv2010.0

Visiting http://www.sporza.be I get this crash:

$ gdb epiphany
GNU gdb 6.8-6mdv2009.1 (Mandriva Linux release 2009.1)
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-mandriva-linux-gnu"...
(gdb) run
Starting program: /usr/bin/epiphany 
[Thread debugging using libthread_db enabled]
[New Thread 0x7f0b92aec710 (LWP 29856)]

(epiphany:29856): GLib-GObject-WARNING **: invalid cast from `EphyWebView' to `GtkBin'

(epiphany:29856): Gtk-CRITICAL **: gtk_bin_get_child: assertion `GTK_IS_BIN (bin)' failed

(epiphany:29856): GLib-GObject-WARNING **: invalid (NULL) pointer instance

(epiphany:29856): GLib-GObject-CRITICAL **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed

(epiphany:29856): GLib-GObject-WARNING **: invalid (NULL) pointer instance

(epiphany:29856): GLib-GObject-CRITICAL **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed

(epiphany:29856): GLib-GObject-WARNING **: invalid (NULL) pointer instance

(epiphany:29856): GLib-GObject-CRITICAL **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed

(epiphany:29856): GLib-GObject-WARNING **: gsignal.c:2270: signal `new-document-now' is invalid for instance `0xf5bc70'

(epiphany:29856): GLib-GObject-WARNING **: gsignal.c:2270: signal `content-blocked' is invalid for instance `0xf5bc70'
[New Thread 0x7f0b7d623910 (LWP 30169)]
[Thread 0x7f0b7d623910 (LWP 30169) exited]
[New Thread 0x7f0b7d623910 (LWP 30173)]
[Thread 0x7f0b7d623910 (LWP 30173) exited]
[New Thread 0x7f0b7d623910 (LWP 30174)]
[Thread 0x7f0b7d623910 (LWP 30174) exited]
[New Thread 0x7f0b7d623910 (LWP 30175)]
[New Thread 0x7f0b7bfcf910 (LWP 30176)]
[New Thread 0x7f0b7b7ce910 (LWP 30177)]
[Thread 0x7f0b7bfcf910 (LWP 30176) exited]
[Thread 0x7f0b7d623910 (LWP 30175) exited]

(epiphany:29856): GLib-CRITICAL **: g_strsplit: assertion `string != NULL' failed

Program received signal SIGSEGV, Segmentation fault.
WebCore::PluginPackage::fetchInfo (this=<value optimized out>)
    at WebCore/plugins/gtk/PluginPackageGtk.cpp:71
71	    for (int i = 0; mimeDescs[i] && mimeDescs[i][0]; i++) {
Current language:  auto; currently c++
Missing debug package(s), you should install: aspell-debug-0.60.6-6mdv2010.0.x86_64 atk1.0-debug-1.27.90-1mdv2010.0.x86_64 avahi-debug-0.6.25-2mdv2010.0.x86_64 bug-buddy-debug-2.27.1-1mdv2010.0.x86_64 cairo-debug-1.8.8-1mdv2010.0.x86_64 elfutils-debug-0.142-1mdv2010.0.x86_64 enchant-debug-1.5.0-1mdv2010.0.x86_64 epiphany-extensions-debug-2.27.5-1mdv2010.0.x86_64 fontconfig-debug-2.7.1-1mdv2010.0.x86_64 freetype2-debug-2.3.9-1mdv2009.1.x86_64 gamin-debug-0.1.10-2mdv2009.1.x86_64 gcc-debug-4.4.1-1mnb2.x86_64 gecko-mediaplayer-debug-0.9.6-1mdv2010.0.x86_64 gnome-keyring-debug-2.27.90-1mdv2010.0.x86_64 gnutls-debug-2.8.3-1mdv2010.0.x86_64 gtk-engines2-debug-2.18.2-1mdv2010.0.x86_64 gvfs-debug-1.3.4-2mdv2010.0.x86_64 hunspell-debug-1.2.8-2mdv2009.1.x86_64 icu-debug-4.2.1-1mdv2010.0.x86_64 libcanberra-debug-0.15-1mdv2010.0.x86_64 libcroco0.6-debug-0.6.2-1mdv2009.1.x86_64 libgcrypt-debug-1.4.4-1mdv2010.0.x86_64 libgpg-error-debug-1.7-1mdv2010.0.x86_64 libgsf-debug-1.14.15-1mdv2010.0.x86_64 libice-debug-1.0.5-1mdv2009.1.x86_64 libjpeg-debug-7-1mdv2010.0.x86_64 libnotify-debug-0.4.5-2mdv2010.0.x86_64 libogg-debug-1.1.4-2mdv2010.0.x86_64 libpng-debug-1.2.37-1mdv2010.0.x86_64 libproxy-debug-0.2.3-3mdv2009.1.x86_64 librsvg-debug-2.26.0-1mdv2009.1.x86_64 libsm-debug-1.1.1-1mdv2010.0.x86_64 libtasn1-debug-2.3-1mdv2010.0.x86_64 libtool-debug-2.2.6-6mdv2009.1.x86_64 libvoikko-debug-2.1-1mdv2010.0.x86_64 libx11-debug-1.2.2-1mdv2010.0.x86_64 libxau-debug-1.0.4-1mdv2009.1.x86_64 libxcb-debug-1.3-6mdv2010.0.x86_64 libxcomposite-debug-0.4.0-3mdv2009.1.x86_64 libxcursor-debug-1.1.9-3mdv2009.1.x86_64 libxdamage-debug-1.1.1-3mdv2009.1.x86_64 libxdmcp-debug-1.0.2-6mdv2009.1.x86_64 libxext-debug-1.0.5-1mdv2010.0.x86_64 libxfixes-debug-4.0.3-4mdv2009.1.x86_64 libxi-debug-1.2.1-1mdv2009.1.x86_64 libxinerama-debug-1.0.3-2mdv2009.1.x86_64 libxml2-debug-2.7.3-3mdv2010.0.x86_64 libxrandr-debug-1.3.0-1mdv2009.1.x86_64 libxrender-debug-0.9.4-4mdv2009.1.x86_64 libxslt-debug-1.1.24-8mdv2010.0.x86_64 libxt-debug-1.0.6-1mdv2010.0.x86_64 nss_mdns-debug-0.10-6mdv2009.1.x86_64 pango-debug-1.25.3-1mdv2010.0.x86_64 pcre-debug-7.9-1mdv2010.0.x86_64 pixman-debug-0.15.20-1mdv2010.0.x86_64 sqlite3-debug-3.6.17-1mdv2010.0.x86_64 udev-debug-145-3mnb2.x86_64 zlib-debug-1.2.3-13mdv2010.0.x86_64
(gdb) thread apply all bt

Thread 7 (Thread 0x7f0b7b7ce910 (LWP 30177)):
#0  0x00007f0b8db990dd in pthread_cond_timedwait@@GLIBC_2.3.2 ()
   from /lib64/libpthread.so.0
#1  0x00007f0b8ee9f3d2 in g_cond_timed_wait_posix_impl (cond=0xc94174, 
    entered_mutex=0x80, abs_time=<value optimized out>) at gthread-posix.c:242
#2  0x00007f0b8d696b83 in g_async_queue_pop_intern_unlocked (queue=0xc45ee0, 
    try=0, end_time=0x7f0b7b7ce070) at gasyncqueue.c:365
#3  0x00007f0b8d6e6960 in g_thread_pool_thread_proxy (
    data=<value optimized out>) at gthreadpool.c:220
#4  0x00007f0b8d6e5484 in g_thread_create_proxy (data=0xe44090)
    at gthread.c:635
#5  0x00007f0b8db947cd in start_thread () from /lib64/libpthread.so.0
#6  0x00007f0b8d3fb37d in clone ()
    at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#7  0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f0b92aec710 (LWP 29856)):
#0  WebCore::PluginPackage::fetchInfo (this=<value optimized out>)
    at WebCore/plugins/gtk/PluginPackageGtk.cpp:71
#1  0x00007f0b91649ae4 in WebCore::PluginPackage::createPackage (
    path=@0x7f0b7c5a20f8, lastModified=@0x7fff7ade76c8)
    at WebCore/plugins/PluginPackage.cpp:151
---Type <return> to continue, or q <return> to quit---
#2  0x00007f0b91642dd6 in WebCore::PluginDatabase::refresh (
    this=<value optimized out>) at WebCore/plugins/PluginDatabase.cpp:112
#3  0x00007f0b916439a6 in WebCore::PluginDatabase::installedPlugins (
    populate=true) at WebCore/plugins/PluginDatabase.cpp:46
#4  0x00007f0b9111e822 in WebKit::FrameLoaderClient::objectContentType (
    this=<value optimized out>, url=<value optimized out>, 
    mimeType=@0x7f0b7aafe098)
    at WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:456
#5  0x00007f0b914e74b3 in WebCore::HTMLPlugInImageElement::isImageType (
    this=0x7f0b7aafe000) at WebCore/html/HTMLPlugInImageElement.cpp:48
#6  0x00007f0b914ba15e in WebCore::HTMLEmbedElement::parseMappedAttribute (
    this=0x7f0b7aafe000, attr=<value optimized out>)
    at WebCore/html/HTMLEmbedElement.cpp:98
#7  0x00007f0b913e0537 in WebCore::StyledElement::attributeChanged (
    this=0x7f0b7aafe000, attr=0x7f0b7ab2ad20, 
    preserveDecls=<value optimized out>) at WebCore/dom/StyledElement.cpp:195
#8  0x00007f0b914b9802 in WebCore::HTMLEmbedElement::attributeChanged (
    this=0x2, attr=0x0, preserveDecls=false)
    at WebCore/html/HTMLEmbedElement.cpp:220
#9  0x00007f0b913a8de1 in WebCore::Element::setAttributeMap (
    this=0x7f0b7aafe000, list=<value optimized out>)
    at WebCore/dom/Element.cpp:640
#10 0x00007f0b914e58c2 in WebCore::HTMLParser::parseToken (
---Type <return> to continue, or q <return> to quit---
    this=0x7f0b7c569f78, t=0x7f0b7c572438) at WebCore/html/HTMLParser.cpp:258
#11 0x00007f0b914f8bd1 in WebCore::HTMLTokenizer::processToken (
    this=0x7f0b7c572400) at WebCore/html/HTMLTokenizer.cpp:1917
#12 0x00007f0b914fb2ad in WebCore::HTMLTokenizer::parseTag (
    this=0x7f0b7c572400, src=@0x7f0b7c572e88, state=<value optimized out>)
    at WebCore/html/HTMLTokenizer.cpp:1502
#13 0x00007f0b914fd919 in WebCore::HTMLTokenizer::write (this=0x7f0b7c572400, 
    str=<value optimized out>, appendData=<value optimized out>)
    at WebCore/html/HTMLTokenizer.cpp:1748
#14 0x00007f0b914ff790 in WebCore::HTMLTokenizer::notifyFinished (
    this=0x7f0b7c572400) at WebCore/html/HTMLTokenizer.cpp:2053
#15 0x00007f0b9152e1ec in WebCore::CachedScript::checkNotify (
    this=0x7f0b7aaf6e00) at WebCore/loader/CachedScript.cpp:105
#16 0x00007f0b9158355d in WebCore::Loader::Host::didFinishLoading (
    this=0x7f0b7c400140, loader=0x7f0b7c403dc0)
    at WebCore/loader/loader.cpp:363
#17 0x00007f0b91572fbf in WebCore::SubresourceLoader::didFinishLoading (
    this=0x7f0b7c403dc0) at WebCore/loader/SubresourceLoader.cpp:183
#18 0x00007f0b918cf4cb in finishedCallback (session=<value optimized out>, 
    msg=0x10269b0, data=<value optimized out>)
    at WebCore/platform/network/soup/ResourceHandleSoup.cpp:345
#19 0x00007f0b8f0d6793 in final_finished (req=0x10269b0, 
    user_data=<value optimized out>) at soup-session-async.c:379
---Type <return> to continue, or q <return> to quit---
#20 0x00007f0b8d953bae in IA__g_closure_invoke (closure=0x1011540, 
    return_value=0x0, n_param_values=1, param_values=0xe56040, 
    invocation_hint=0x7fff7ade8310) at gclosure.c:767
#21 0x00007f0b8d96a737 in signal_emit_unlocked_R (node=0xfd1ac0, 
    detail=<value optimized out>, instance=<value optimized out>, 
    emission_return=<value optimized out>, 
    instance_and_params=<value optimized out>) at gsignal.c:3317
#22 0x00007f0b8d96b59e in IA__g_signal_emit_valist (instance=0x10269b0, 
    signal_id=<value optimized out>, detail=0, var_args=0x7fff7ade8500)
    at gsignal.c:2980
#23 0x00007f0b8d96bb33 in IA__g_signal_emit (instance=0x2, signal_id=0, 
    detail=0) at gsignal.c:3037
#24 0x00007f0b8f0cd4b5 in soup_message_io_finished (msg=0x10269b0)
    at soup-message-io.c:176
#25 0x00007f0b8d953bae in IA__g_closure_invoke (closure=0xfe9700, 
    return_value=0x0, n_param_values=1, param_values=0xfd2000, 
    invocation_hint=0x7fff7ade8730) at gclosure.c:767
#26 0x00007f0b8d96a108 in signal_emit_unlocked_R (node=0xfd2980, 
    detail=<value optimized out>, instance=<value optimized out>, 
    emission_return=<value optimized out>, 
    instance_and_params=<value optimized out>) at gsignal.c:3247
#27 0x00007f0b8d96b59e in IA__g_signal_emit_valist (instance=0xf6b6e0, 
    signal_id=<value optimized out>, detail=0, var_args=0x7fff7ade8920)
---Type <return> to continue, or q <return> to quit---
    at gsignal.c:2980
#28 0x00007f0b8d96bb33 in IA__g_signal_emit (instance=0x2, signal_id=0, 
    detail=0) at gsignal.c:3037
#29 0x00007f0b8f0d86f1 in socket_read_watch (chan=<value optimized out>, 
    cond=0, user_data=<value optimized out>) at soup-socket.c:1181
#30 0x00007f0b8d6bbbce in IA__g_main_context_dispatch (context=0xb9f870)
    at gmain.c:1960
#31 0x00007f0b8d6bf638 in g_main_context_iterate (context=0xb9f870, 
    block=<value optimized out>, dispatch=<value optimized out>, 
    self=<value optimized out>) at gmain.c:2591
#32 0x00007f0b8d6bfac5 in IA__g_main_loop_run (loop=0xc8da70) at gmain.c:2799
#33 0x00007f0b90305cc7 in IA__gtk_main () at gtkmain.c:1205
#34 0x000000000042d595 in main (argc=1, argv=0x7fff7ade9de8) at ephy-main.c:781

Comment 1 Jan Alonzo 2009-08-19 05:43:34 PDT

*** Bug 28360 has been marked as a duplicate of this bug. ***

Comment 2 Jan Alonzo 2009-08-19 05:48:03 PDT

Created attachment 35116 [details]
Patch v1

Comment 3 Eric Seidel (no email) 2009-08-19 10:48:08 PDT

Comment on attachment 35116 [details]
Patch v1

OK.  Can't we test this with a layout test?

Comment 4 Gustavo Noronha (kov) 2009-08-23 15:58:10 PDT

Comment on attachment 35116 [details]
Patch v1

This sounds like a good oportunity to add a layout test indeed, but since it's a crasher, and we want to release soonish, I better not wait for it.

Comment 5 Jan Alonzo 2009-08-28 17:39:26 PDT

(In reply to comment #0)
> Epiphany crashes immediately when loading most sites I visit. Examples are:
> http://www.sporza.be - http://www.distrowatch.com - http://tweakers.net -
> http://www.demorgen.be - http://www.lwn.net - http://slashdot.org .
> http://www.google.be loads up fine though.
> 
> When it crashes, the site seems to be rendered completely and correctly, but
> then at the end it crashes.

Are you able to provide a bt full of the crash? Also, just wondering if you've tried WebKitGtk 1.1.13?

Comment 6 Frederik Himpe 2009-08-29 04:00:13 PDT

It's working with 1.1.13 now.

Comment 7 Eric Seidel (no email) 2009-09-01 03:06:24 PDT

What's the status of this bug?  Looks like it was never landed... Seems we had plenty of time to write a layout test. :)

Comment 8 Jan Alonzo 2009-09-10 12:21:12 PDT

Comment on attachment 35116 [details]
Patch v1

Clearing review flag for now until a test is included. The crash isn't reproducible in trunk anymore so priority for this is low atm.

Comment 9 Gustavo Noronha (kov) 2010-01-17 05:06:38 PST

I'll close this bug given it's unreproducible now.