29669 – [GTK] Crash in WebCore::CachedResourceHandle

RESOLVED WORKSFORME 29669

[GTK] Crash in WebCore::CachedResourceHandle

https://bugs.webkit.org/show_bug.cgi?id=29669

Summary [GTK] Crash in WebCore::CachedResourceHandle

Priit Laes (IRC: plaes)

Reported 2009-09-22 23:41:37 PDT

Webkit-gtk-1.1.15.1 on amd64 Distribution: Gentoo Base System release 2.0.1 Gnome Release: 2.27.92 2009-09-11 (Gentoo) BugBuddy Version: 2.26.0 System: Linux 2.6.31-rc5-00470-g85dfd81 #166 SMP Tue Aug 11 13:36:25 EEST 2009 x86_64 X Vendor: The X.Org Foundation X Vendor Release: 10603901 Selinux: No Accessibility: Disabled GTK+ Theme: Clearlooks Compact Icon Theme: gnome GTK+ Modules: canberra-gtk-module, gnomebreakpad Memory status: size: 585490432 vsize: 585490432 resident: 77352960 share: 28651520 rss: 77352960 rss_rlim: 18446744073709551615 CPU usage: start_time: 1253685942 rtime: 70306 utime: 69190 stime: 1116 cutime:0 cstime: 0 timeout: 0 it_real_value: 0 frequency: 100 Backtrace was generated from '/usr/bin/epiphany' [Thread debugging using libthread_db enabled] [New Thread 0x7ff9221f9770 (LWP 17199)] [New Thread 0x7ff90b0f6910 (LWP 17200)] 0x00007ff91ca75a4f in __libc_waitpid (pid=18908, stat_loc=0x7fff3c9497f0, options=0) at ../sysdeps/unix/sysv/linux/waitpid.c:41 in ../sysdeps/unix/sysv/linux/waitpid.c #0 0x00007ff91ca75a4f in __libc_waitpid (pid=18908, stat_loc=0x7fff3c9497f0, options=0) at ../sysdeps/unix/sysv/linux/waitpid.c:41 #1 0x00007ff91d0297f9 in IA__g_spawn_sync ( working_directory=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>, flags=<value optimized out>, child_setup=<value optimized out>, user_data=<value optimized out>, standard_output=0x0, standard_error=0x0, exit_status=0x0, error=0x7fff3c949978) at gspawn.c:386 #2 0x00007ff91d029b09 in IA__g_spawn_command_line_sync ( command_line=<value optimized out>, standard_output=0x0, standard_error=0x0, exit_status=0x0, error=0x7fff3c949978) at gspawn.c:700 #3 0x00007ff90c7b1ba3 in bugbuddy_segv_handle (signum=<value optimized out>) at gnome-breakpad.cc:369 #4 <signal handler called> #5 WTF::HashMap<WebCore::String, WebCore::CachedResourceHandle<WebCore::CachedResource>, WebCore::StringHash, WTF::HashTraits<WebCore::String>, WTF::HashTraits<WebCore::CachedResourceHandle<WebCore::CachedResource> > >::get ( this=0x7ff8fff43d40, key=@0x7fff3c949f20) at ./WebCore/platform/text/StringImpl.h:112 #6 0x00007ff920c666f4 in WebCore::DocumentLoader::subresource ( this=0x7ff907b9ed00, url=@0x7fff3c949f20) at WebCore/loader/DocLoader.h:75 #7 0x00007ff920887a66 in WebKit::FrameLoaderClient::dispatchDidFinishLoading (this=<value optimized out>, loader=0x7ff907b9ed00, identifier=<value optimized out>) at WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:851 #8 0x00007ff920c76169 in WebCore::FrameLoader::dispatchDidFinishLoading ( this=0x7ff90606b850, loader=0x7ff8fff43d40, identifier=140734209761056) at WebCore/loader/FrameLoader.cpp:5290 #9 0x00007ff920c99335 in WebCore::ResourceLoader::didFinishLoading ( this=0x7fff3c949ec0) at WebCore/loader/ResourceLoader.cpp:273 #10 0x00007ff920c9e19c in WebCore::SubresourceLoader::didFinishLoading ( this=0x7ff907af6000) at WebCore/loader/SubresourceLoader.cpp:190 #11 0x00007ff92100b886 in finishedCallback (session=<value optimized out>, msg=0x2ff3e40, data=<value optimized out>) at WebCore/platform/network/soup/ResourceHandleSoup.cpp:324 #12 0x00007ff91e81543d in final_finished (req=0x2ff3e40, user_data=<value optimized out>) at soup-session-async.c:381 #13 0x00007ff91d2a666a in IA__g_closure_invoke (closure=0x2e2fe00, return_value=0x0, n_param_values=<value optimized out>, param_values=0x2be50c0, invocation_hint=0x7fff3c94a270) at gclosure.c:767 #14 0x00007ff91d2bce7b in signal_emit_unlocked_R (node=0x2e16d00, detail=<value optimized out>, instance=<value optimized out>, emission_return=<value optimized out>, instance_and_params=<value optimized out>) at gsignal.c:3317 #15 0x00007ff91d2bdd2c in IA__g_signal_emit_valist (instance=0x2ff3e40, signal_id=<value optimized out>, detail=0, var_args=0x7fff3c94a460) at gsignal.c:2980 #16 0x00007ff91d2be273 in IA__g_signal_emit (instance=0x7fff3c949ec0, signal_id=4294196544, detail=1016373024) at gsignal.c:3037 #17 0x00007ff91e80be5f in soup_message_io_finished (msg=0x2ff3e40) at soup-message-io.c:176 #18 0x00007ff91d2a666a in IA__g_closure_invoke (closure=0x2d869d0, return_value=0x0, n_param_values=<value optimized out>, param_values=0x2c388e0, invocation_hint=0x7fff3c94a690) at gclosure.c:767 #19 0x00007ff91d2bc87f in signal_emit_unlocked_R (node=0x2b25a10, detail=<value optimized out>, instance=<value optimized out>, emission_return=<value optimized out>, instance_and_params=<value optimized out>) at gsignal.c:3247 #20 0x00007ff91d2bdd2c in IA__g_signal_emit_valist (instance=0x317b6e0, signal_id=<value optimized out>, detail=0, var_args=0x7fff3c94a880) at gsignal.c:2980 #21 0x00007ff91d2be273 in IA__g_signal_emit (instance=0x7fff3c949ec0, signal_id=4294196544, detail=1016373024) at gsignal.c:3037 #22 0x00007ff91e817401 in socket_read_watch (chan=<value optimized out>, cond=0, user_data=<value optimized out>) at soup-socket.c:1189 #23 0x00007ff91cff25ad in IA__g_main_context_dispatch (context=0x2274140) at gmain.c:1960 #24 0x00007ff91cff5f68 in g_main_context_iterate (context=0x2274140, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:2591 #25 0x00007ff91cff63c5 in IA__g_main_loop_run (loop=0x22cf240) at gmain.c:2799 #26 0x00007ff91fe463e7 in IA__gtk_main () at gtkmain.c:1205 #27 0x00000000004331ed in main (argc=1, argv=0x7fff3c94bd28) at ephy-main.c:782 Thread 2 (Thread 0x7ff90b0f6910 (LWP 17200)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:261 No locals. #1 0x00007ff92095a146 in WTF::TCMalloc_PageHeap::scavengerThread ( this=0x7ff9217e3b40) at JavaScriptCore/wtf/FastMalloc.cpp:2291 No locals. #2 0x00007ff92095a169 in WTF::TCMalloc_PageHeap::runScavengerThread ( context=0x7ff9217f1c0c) at JavaScriptCore/wtf/FastMalloc.cpp:1429 No locals. #3 0x00007ff91ca6e2e7 in start_thread (arg=<value optimized out>) at pthread_create.c:297 __res = <value optimized out> pd = (struct pthread *) 0x7ff90b0f6910 unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140707609143568, -1735038096388464538, 140707904323232, 140707609141664, 0, 4096, 1736698499656769638, 1736649232148127846}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = <value optimized out> robust = <value optimized out> #4 0x00007ff91c7de38d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112 No locals. #5 0x0000000000000000 in ?? () No symbol table info available. Thread 1 (Thread 0x7ff9221f9770 (LWP 17199)): #0 0x00007ff91ca75a4f in __libc_waitpid (pid=18908, stat_loc=0x7fff3c9497f0, options=0) at ../sysdeps/unix/sysv/linux/waitpid.c:41 oldtype = 0 result = <value optimized out> #1 0x00007ff91d0297f9 in IA__g_spawn_sync ( working_directory=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>, flags=<value optimized out>, child_setup=<value optimized out>, user_data=<value optimized out>, standard_output=0x0, standard_error=0x0, exit_status=0x0, error=0x7fff3c949978) at gspawn.c:386 outpipe = -1 errpipe = -1 pid = 18908 fds = {__fds_bits = {0, 16, 16, 0, 47312728, 140734209759608, 47591616, 47312688, 5, 0, 47312728, 140707910181677, 140734209759224, 140734209759216, 140734209759336, 0}} ret = -512 outstr = (GString *) 0x0 errstr = (GString *) 0x0 failed = 0 status = <value optimized out> __PRETTY_FUNCTION__ = "IA__g_spawn_sync" #2 0x00007ff91d029b09 in IA__g_spawn_command_line_sync ( command_line=<value optimized out>, standard_output=0x0, standard_error=0x0, exit_status=0x0, error=0x7fff3c949978) at gspawn.c:700 retval = 0 argv = (gchar **) 0x2d1ef30 __PRETTY_FUNCTION__ = "IA__g_spawn_command_line_sync" #3 0x00007ff90c7b1ba3 in bugbuddy_segv_handle (signum=<value optimized out>) at gnome-breakpad.cc:369 in_segv = 1 #4 <signal handler called> No locals. #5 WTF::HashMap<WebCore::String, WebCore::CachedResourceHandle<WebCore::CachedResource>, WebCore::StringHash, WTF::HashTraits<WebCore::String>, WTF::HashTraits<WebCore::CachedResourceHandle<WebCore::CachedResource> > >::get ( this=0x7ff8fff43d40, key=@0x7fff3c949f20) at ./WebCore/platform/text/StringImpl.h:112 entry = <value optimized out> #6 0x00007ff920c666f4 in WebCore::DocumentLoader::subresource ( this=0x7ff907b9ed00, url=@0x7fff3c949f20) at WebCore/loader/DocLoader.h:75 resource = <value optimized out> #7 0x00007ff920887a66 in WebKit::FrameLoaderClient::dispatchDidFinishLoading (this=<value optimized out>, loader=0x7ff907b9ed00, identifier=<value optimized out>) at WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:851 webView = (WebKitWebView *) 0x2b0bbc0 webResource = <value optimized out> uri = <value optimized out> #8 0x00007ff920c76169 in WebCore::FrameLoader::dispatchDidFinishLoading ( this=0x7ff90606b850, loader=0x7ff8fff43d40, identifier=140734209761056) at WebCore/loader/FrameLoader.cpp:5290 No locals. #9 0x00007ff920c99335 in WebCore::ResourceLoader::didFinishLoading ( this=0x7fff3c949ec0) at WebCore/loader/ResourceLoader.cpp:273 No locals. #10 0x00007ff920c9e19c in WebCore::SubresourceLoader::didFinishLoading ( this=0x7ff907af6000) at WebCore/loader/SubresourceLoader.cpp:190 No locals. #11 0x00007ff92100b886 in finishedCallback (session=<value optimized out>, msg=0x2ff3e40, data=<value optimized out>) at WebCore/platform/network/soup/ResourceHandleSoup.cpp:324 d = (class WebCore::ResourceHandleInternal *) 0x7ff9085cdc00 client = (class WebCore::ResourceHandleClient *) 0x7ff907af6000 #12 0x00007ff91e81543d in final_finished (req=0x2ff3e40, user_data=<value optimized out>) at soup-session-async.c:381 item = (SoupMessageQueueItem *) 0x2d22120 session = (SoupSession *) 0x2274d40 #13 0x00007ff91d2a666a in IA__g_closure_invoke (closure=0x2e2fe00, return_value=0x0, n_param_values=<value optimized out>, param_values=0x2be50c0, invocation_hint=0x7fff3c94a270) at gclosure.c:767 marshal = ( GClosureMarshal) 0x7ff91d2b3510 <IA__g_cclosure_marshal_VOID__VOID> marshal_data = (gpointer) 0x1 __PRETTY_FUNCTION__ = "IA__g_closure_invoke" #14 0x00007ff91d2bce7b in signal_emit_unlocked_R (node=0x2e16d00, detail=<value optimized out>, instance=<value optimized out>, emission_return=<value optimized out>, instance_and_params=<value optimized out>) at gsignal.c:3317 tmp = <value optimized out> handler = (Handler *) 0x2b6b600 accumulator = (SignalAccumulator *) 0x0 emission = {next = 0x7fff3c94a680, instance = 0x2ff3e40, ihint = { signal_id = 385, detail = 0, run_type = G_SIGNAL_RUN_LAST}, state = EMISSION_RUN, chain_type = 4} class_closure = (GClosure *) 0x2b265f0 handler_list = (Handler *) 0x2a77cc0 return_accu = <value optimized out> accu = {g_type = 0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}} signal_id = 385 max_sequential_handler_number = 16927 return_value_altered = 1 #15 0x00007ff91d2bdd2c in IA__g_signal_emit_valist (instance=0x2ff3e40, signal_id=<value optimized out>, detail=0, var_args=0x7fff3c94a460) at gsignal.c:2980 signal_return_type = 4 param_values = <value optimized out> node = (SignalNode *) 0x2e16d00 i = <value optimized out> n_params = <value optimized out> __PRETTY_FUNCTION__ = "IA__g_signal_emit_valist" #16 0x00007ff91d2be273 in IA__g_signal_emit (instance=0x7fff3c949ec0, signal_id=4294196544, detail=1016373024) at gsignal.c:3037 var_args = {{gp_offset = 24, fp_offset = 48, overflow_arg_area = 0x7fff3c94a540, reg_save_area = 0x7fff3c94a480}} #17 0x00007ff91e80be5f in soup_message_io_finished (msg=0x2ff3e40) at soup-message-io.c:176 No locals. #18 0x00007ff91d2a666a in IA__g_closure_invoke (closure=0x2d869d0, return_value=0x0, n_param_values=<value optimized out>, param_values=0x2c388e0, invocation_hint=0x7fff3c94a690) at gclosure.c:767 marshal = ( GClosureMarshal) 0x7ff91d2b3510 <IA__g_cclosure_marshal_VOID__VOID> marshal_data = (gpointer) 0x1 __PRETTY_FUNCTION__ = "IA__g_closure_invoke" #19 0x00007ff91d2bc87f in signal_emit_unlocked_R (node=0x2b25a10, detail=<value optimized out>, instance=<value optimized out>, emission_return=<value optimized out>, instance_and_params=<value optimized out>) at gsignal.c:3247 tmp = <value optimized out> handler = (Handler *) 0x2a81700 accumulator = (SignalAccumulator *) 0x0 emission = {next = 0x0, instance = 0x317b6e0, ihint = { signal_id = 388, detail = 0, run_type = G_SIGNAL_RUN_FIRST}, state = EMISSION_RUN, chain_type = 4} class_closure = (GClosure *) 0x2b258d0 handler_list = (Handler *) 0x2a81700 return_accu = <value optimized out> accu = {g_type = 0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}} signal_id = 388 max_sequential_handler_number = 16927 return_value_altered = 0 #20 0x00007ff91d2bdd2c in IA__g_signal_emit_valist (instance=0x317b6e0, signal_id=<value optimized out>, detail=0, var_args=0x7fff3c94a880) at gsignal.c:2980 signal_return_type = 4 param_values = <value optimized out> node = (SignalNode *) 0x2b25a10 i = <value optimized out> n_params = <value optimized out> __PRETTY_FUNCTION__ = "IA__g_signal_emit_valist" #21 0x00007ff91d2be273 in IA__g_signal_emit (instance=0x7fff3c949ec0, signal_id=4294196544, detail=1016373024) at gsignal.c:3037 var_args = {{gp_offset = 24, fp_offset = 48, overflow_arg_area = 0x7fff3c94a960, reg_save_area = 0x7fff3c94a8a0}} #22 0x00007ff91e817401 in socket_read_watch (chan=<value optimized out>, cond=0, user_data=<value optimized out>) at soup-socket.c:1189 sock = (SoupSocket *) 0x317b6e0 #23 0x00007ff91cff25ad in IA__g_main_context_dispatch (context=0x2274140) at gmain.c:1960 No locals. #24 0x00007ff91cff5f68 in g_main_context_iterate (context=0x2274140, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:2591 max_priority = 2147483647 timeout = 124 some_ready = 1 nfds = 13 allocated_nfds = 486549904 fds = <value optimized out> __PRETTY_FUNCTION__ = "g_main_context_iterate" #25 0x00007ff91cff63c5 in IA__g_main_loop_run (loop=0x22cf240) at gmain.c:2799 self = (GThread *) 0x22390b0 __PRETTY_FUNCTION__ = "IA__g_main_loop_run" #26 0x00007ff91fe463e7 in IA__gtk_main () at gtkmain.c:1205 tmp_list = (GList *) 0x22b1640 functions = (GList *) 0x0 init = (GtkInitFunction *) 0x22cb800 loop = (GMainLoop *) 0x22cf240 #27 0x00000000004331ed in main (argc=1, argv=0x7fff3c94bd28) at ephy-main.c:782 option_context = <value optimized out> option_group = <value optimized out> proxy = <value optimized out> error = (GError *) 0x0 user_time = 69860725 Current language: auto; currently asm 0x00007ff91ca75a4f 41 in ../sysdeps/unix/sysv/linux/waitpid.c Current language: auto; currently c The program is running. Quit anyway (and detach it)? (y or n) [answered Y; input not from terminal] ---- Critical and fatal warnings logged during execution ---- ** epiphany **: WebKitWebResource* webkit_web_view_get_resource(WebKitWebView*, char*): assertion `resourceFound || g_str_equal(identifier, priv->mainResourceIdentifier)' failed ** epiphany **: const gchar* webkit_web_resource_get_uri(WebKitWebResource*): assertion `WEBKIT_IS_WEB_RESOURCE(webResource)' failed

Attachments
Add attachment proposed patch, testcase, etc.

Pieter Ennes

Comment 1 2010-04-10 18:48:35 PDT

This one affects me too, reproducible in Epiphany and also when using pywebkitgtk: epiphany-webkit 2.28.0-4ubuntu1 python 2.6.4-0ubuntu1 libwebkit-1.0-2 1.1.15.2-1 python-webkit 1.1.7-1 Both crash when opening http://www.webwereld.com/. ** (webmouse-webkit.py:11905): CRITICAL **: WebKitWebResource* webkit_web_view_get_resource(WebKitWebView*, char*): assertion `resourceFound || g_str_equal(identifier, priv->mainResourceIdentifier)' failed ** (webmouse-webkit.py:11905): CRITICAL **: const gchar* webkit_web_resource_get_uri(WebKitWebResource*): assertion `WEBKIT_IS_WEB_RESOURCE(webResource)' failed Maybe the message that curl gives in the last line can give a hint: $ curl -vv http://www.webwereld.com/ * About to connect() to www.webwereld.com port 80 (#0) * Trying 98.124.198.1... connected * Connected to www.webwereld.com (98.124.198.1) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.19.5 (x86_64-pc-linux-gnu) libcurl/7.19.5 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.15 > Host: www.webwereld.com > Accept: */* > < HTTP/1.1 200 OK < Connection: close < Date: Sun, 11 Apr 2010 01:46:17 GMT < Server: Microsoft-IIS/6.0 < X-Powered-By: ASP.NET < X-AspNet-Version: 2.0.50727 < Transfer-Encoding: chunked < Cache-Control: private < Content-Type: text/html; charset=utf-8 < <html><head> <title></title></head>  <frameset rows='100%, *' frameborder=no framespacing=0 border=0> <frame src="http://parking.afternic.com/webwereld.com" name=mainwindow frameborder=no framespacing=0 marginheight=0 marginwidth=0></frame> <frame src="/?a8734haka8dr781346=true" NAME=a33 frameborder=no framespacing=0 marginheight=0 marginwidth=0></frame> </frameset> <noframes> <h2>Your browser does not support frames. We recommend upgrading your browser.</h2><br><br> <center>Click <a href="http://parking.afternic.com/webwereld.com">here</a> to enter the site.</center> * transfer closed with outstanding read data remaining * Closing connection #0 curl: (18) transfer closed with outstanding read data remaining

Martin Robinson

Comment 2 2010-10-12 16:40:46 PDT

Do you still see this crash with the latest unstable release of WebKitGTK+ or a checkout from SVN? I tried loading http://www.webwereld.com/ today in my most recent build and I simply got: "Connection terminated unexpectedly" in the view.

Priit Laes (IRC: plaes)

Comment 3 2010-10-13 02:28:25 PDT

(In reply to comment #2) > Do you still see this crash with the latest unstable release of WebKitGTK+ or a checkout from SVN? I tried loading http://www.webwereld.com/ today in my most recent build and I simply got: "Connection terminated unexpectedly" in the view. Ok, I'm closing this as the crash seems to be gone now, and the saga continues at bug 47583 ;)

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution WORKSFORME

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware PC

OS OS X 10.5

Product WebKit

Component WebKitGTK

Assignee

Nobody

Reported

2009-09-22 23:41 PDT

Modified

2010-10-13 02:28 PDT History

CC List

2 users Show

URL

Keywords

Depends on

Blocks