GNOME Bugzilla – Bug 528882
gvfsd-http crashed with SIGSEGV in soup_str_case_hash()
Last modified: 2009-07-28 12:32:14 UTC
The bug has been opened on https://bugs.launchpad.net/ubuntu/+source/gvfs/+bug/216763 "Saved a document (html file) in bluefish webeditor v1.0.7
+ Trace 195619
There is no real gvfs in this stacktrace at all, looks like it is all in soup.
This crash can only happen if something is trying to use libsoup to request a URI that (a) has no hostname, and (b) is not http or https. "???" I've fixed libsoup to be pickier about the URIs it accepts. But this might just push the crash to somewhere else in gvfsd-http. (Previously soup_message_new_with_uri() would never fail, even if you passed a completely bogus URI. Now it can return NULL.) Another possibility is that it's the webdav server's fault, because it's returning a totally broken redirect like: HTTP/1.1 301 Moved Permanently Location: C:\Documents and Settings\blah\blah Previously, that would have triggered this crash. Now it will just cause the message to finish with status SOUP_STATUS_MALFORMED. Reassigning back to gvfs and NEEDINFO'ing, since there's still going to be *something* wrong when the reporter tries the new libsoup.
reverted the patch for this bug in libsoup 2.24.0.1 to fix bug 553466. Need a less-intrusive fix for this.
*** Bug 562191 has been marked as a duplicate of this bug. ***
*** Bug 588841 has been marked as a duplicate of this bug. ***
Created attachment 138635 [details] [review] require uri->host for redirect per bug 588841 comment #2: require redirect URI to have a host
*** Bug 589638 has been marked as a duplicate of this bug. ***
fixed in master/2.27.5
Reproduced on 2.27.5. Please reopen. % pkg-config libsoup-2.4 --modversion 2.27.5 Distribution: Gentoo Base System release 2.0.1 Gnome Release: 2.27.4 2009-07-25 (Gentoo) BugBuddy Version: 2.27.1 System: Linux 2.6.31-rc4 #1 Mon Jul 27 23:51:26 BST 2009 i686 X Vendor: The X.Org Foundation X Vendor Release: 10602000 Selinux: No Accessibility: Disabled GTK+ Theme: Clearlooks Icon Theme: Tango GTK+ Modules: canberra-gtk-module, gnomebreakpad Memory status: size: 164274176 vsize: 164274176 resident: 47878144 share: 21377024 rss: 47878144 rss_rlim: 18446744073709551615 CPU usage: start_time: 1248783821 rtime: 731 utime: 668 stime: 63 cutime:0 cstime: 0 timeout: 0 it_real_value: 0 frequency: 100 Backtrace was generated from '/usr/bin/epiphany' Really redefine built-in command "frame"? (y or n) [answered Y; input not from terminal] Really redefine built-in command "thread"? (y or n) [answered Y; input not from terminal] Really redefine built-in command "start"? (y or n) [answered Y; input not from terminal] [Thread debugging using libthread_db enabled] [New Thread 0xb519f930 (LWP 31447)] _______________________________________________________________________________ eax:FFFFFE00 ebx:00007B23 ecx:BFE3A050 edx:00000000 eflags:00200293 esi:00000000 edi:00000000 esp:BFE39F54 ebp:BFE3A078 eip:B7FE0424 cs:0073 ds:007B es:007B fs:0000 gs:0033 ss:007B o d I t S z A p C [007B:BFE39F54]---------------------------------------------------------[stack] BFE39F84 : 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ BFE39F74 : 50 A0 E3 BF 00 00 00 00 - 01 00 00 00 00 00 00 00 P............... BFE39F64 : F4 AF BA B6 00 00 00 00 - A8 FE B3 B6 23 7B 00 00 ............#{.. BFE39F54 : 78 A0 E3 BF 00 00 00 00 - 50 A0 E3 BF DB 91 E3 B6 x.......P....... [007B:FFFFFE00]---------------------------------------------------------[ data] FFFFFE00 : 0xb7fe0424 in __kernel_vsyscall ()
+ Trace 216666
---- Critical and fatal warnings logged during execution ---- ** GLib-GObject **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed ** GLib-GObject **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed ** Gtk **: gtk_bin_get_child: assertion `GTK_IS_BIN (bin)' failed ** GLib-GObject **: g_signal_connect_object: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed ** Gtk **: gtk_bin_get_child: assertion `GTK_IS_BIN (bin)' failed ** GLib-GObject **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed ** GLib-GObject **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed ** GLib-GObject **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed ** Gtk **: gtk_bin_get_child: assertion `GTK_IS_BIN (bin)' failed ** GLib-GObject **: g_signal_connect_object: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed ** libsoup **: soup_uri_copy: assertion `uri != NULL' failed ** libsoup **: soup_uri_free: assertion `uri != NULL' failed ** libsoup **: soup_uri_to_string: assertion `uri != NULL' failed ** libsoup **: soup_uri_host_hash: assertion `uri != NULL && uri->host != NULL' failed ** libsoup **: soup_uri_copy_host: assertion `uri != NULL' failed ----------- .xsession-errors --------------------- (epiphany:31447): libsoup-CRITICAL **: soup_uri_copy: assertion `uri != NULL' failed (epiphany:31447): libsoup-CRITICAL **: soup_uri_free: assertion `uri != NULL' failed (epiphany:31447): libsoup-CRITICAL **: soup_uri_to_string: assertion `uri != NULL' failed (epiphany:31447): libsoup-CRITICAL **: soup_uri_host_hash: assertion `uri != NULL && uri->host != NULL' failed (epiphany:31447): libsoup-CRITICAL **: soup_uri_copy_host: assertion `uri != NULL' failed warning: Lowest section in /usr/lib/libicudata.so.40 is .hash at 000000f4 warning: no loadable sections found in added symbol-file /usr/lib/debug/usr/lib/libicudata.so.40.1.debug Error while running hook_stop: Cannot access memory at address 0xfffffe00 --------------------------------------------------