Bug 647063 – crash in WebCore::HTMLNames::summaryAttr

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 647063 - crash in WebCore::HTMLNames::summaryAttr


Summary:	crash in WebCore::HTMLNames::summaryAttr


Status:	RESOLVED OBSOLETE

Product:	epiphany
Classification:	Core
Component:	[obsolete] BugBuddyBugs
Version:	2.30.x
Hardware:	Other All

Importance:	Normal critical
Target Milestone:	---
Assigned To:	Epiphany Maintainers
QA Contact:	Epiphany Maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2011-04-07 16:44 UTC by lewis+gnome
Modified:	2012-10-08 06:28 UTC

See Also:
GNOME target:	---
GNOME version:	2.31/2.32

Attachments
bug-buddy output (2) (32.57 KB, text/plain) 2011-04-08 16:40 UTC, lewis+gnome	Details

Description lewis+gnome 2011-04-07 16:44:19 UTC

Version: 2.30.6

What were you doing when the application crashed?
First start of fresh emerge of 'epiphany' and fresh emerge of 'webkit-gtk' by a newly created 'test_user' on an up-to-date Gentoo system.
NOTE: This is a dual Alpha EV68 which may be relevant.


Distribution: Gentoo Base System release 1.12.14
Gnome Release: 2.32.1 2011-03-22 (Gentoo)
BugBuddy Version: 2.32.0

System: Linux 2.6.36-gentoo-r5-sl #1 SMP Thu Mar 24 12:17:24 PDT 2011 alpha
X Vendor: The X.Org Foundation
X Vendor Release: 10904000
Selinux: No
Accessibility: Disabled
GTK+ Theme: Clearlooks
Icon Theme: gnome
GTK+ Modules: canberra-gtk-module, gnomesegvhandler

Memory status: size: 257220608 vsize: 257220608 resident: 43786240 share: 29810688 rss: 43786240 rss_rlim: 18446744073709551615
CPU usage: start_time: 1304392864 rtime: 870 utime: 741 stime: 129 cutime:0 cstime: 0 timeout: 0 it_real_value: 0 frequency: 100

Backtrace was generated from '/usr/bin/epiphany'

[Thread debugging using libthread_db enabled]
[New Thread 0x2000a26f010 (LWP 14989)]
[New Thread 0x200096e7010 (LWP 14988)]
[New Thread 0x200056a5010 (LWP 14985)]
0x00000200029480dc in waitpid () from /lib/libpthread.so.0

+ Trace 226631

Thread 1 (Thread 0x20004cfe1a0 (LWP 14984))

#0 waitpid
from /lib/libpthread.so.0
#1 g_spawn_sync
from /usr/lib/libglib-2.0.so.0
#2 g_spawn_command_line_sync
from /usr/lib/libglib-2.0.so.0
#3 ??
from /usr/lib/gtk-2.0/modules/libgnomesegvhandler.so
#4 __syscall_sigreturn
from /lib/libpthread.so.0
#5 WebCore::HTMLNames::summaryAttr
from /usr/lib/libwebkit-1.0.so.2
#6 deallocateTable
at ./JavaScriptCore/wtf/HashTable.h line 884
#11 deleteOwnedPtr<JSC::CodeBlock::RareData>
at ./JavaScriptCore/wtf/OwnPtrCommon.h line 55
#13 JSC::CodeBlock::~CodeBlock
at JavaScriptCore/bytecode/CodeBlock.cpp line 1379
#14 JSC::ProgramCodeBlock::~ProgramCodeBlock()
from /usr/lib/libwebkit-1.0.so.2
#15 JSC::ProgramExecutable::~ProgramExecutable
at JavaScriptCore/runtime/Executable.cpp line 55
#16 deref
at ./JavaScriptCore/wtf/RefCounted.h line 109
#17 derefIfNotNull<JSC::ProgramExecutable>
at ./JavaScriptCore/wtf/PassRefPtr.h line 53
#19 JSC::evaluate
at JavaScriptCore/runtime/Completion.cpp line 69
#20 WebCore::ScriptController::evaluateInWorld
at WebCore/bindings/js/ScriptController.cpp line 127
#21 WebCore::ScriptController::evaluate
at WebCore/bindings/js/ScriptController.cpp line 153
#22 WebCore::ScriptController::executeScript
at WebCore/bindings/ScriptControllerBase.cpp line 60
#23 WebCore::HTMLTokenizer::scriptExecution
at WebCore/html/HTMLTokenizer.cpp line 580
#24 WebCore::HTMLTokenizer::scriptHandler
at WebCore/html/HTMLTokenizer.cpp line 522
#25 WebCore::HTMLTokenizer::parseNonHTMLText
at WebCore/html/HTMLTokenizer.cpp line 361
#26 WebCore::HTMLTokenizer::parseTag
at WebCore/html/HTMLTokenizer.cpp line 1539
#27 WebCore::HTMLTokenizer::write
at WebCore/html/HTMLTokenizer.cpp line 1772
#28 WebCore::FrameLoader::write
at WebCore/loader/FrameLoader.cpp line 939
#29 WebKit::FrameLoaderClient::committedLoad
at WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp line 154
#30 WebCore::FrameLoader::committedLoad
at WebCore/loader/FrameLoader.cpp line 3291
#31 WebCore::DocumentLoader::commitLoad
at WebCore/loader/DocumentLoader.cpp line 280
#32 WebCore::FrameLoader::receivedData
at WebCore/loader/FrameLoader.cpp line 2121
#33 WebCore::MainResourceLoader::addData
at WebCore/loader/MainResourceLoader.cpp line 146
#34 WebCore::ResourceLoader::didReceiveData
at WebCore/loader/ResourceLoader.cpp line 259
#35 WebCore::MainResourceLoader::didReceiveData
at WebCore/loader/MainResourceLoader.cpp line 405
#36 WebCore::ResourceLoader::didReceiveData
at WebCore/loader/ResourceLoader.cpp line 409
#37 WebCore::gotChunkCallback(SoupMessage *, struct {...} *, gpointer)
at WebCore/platform/network/soup/ResourceHandleSoup.cpp line 285
#38 g_cclosure_marshal_VOID__BOXED
from /usr/lib/libgobject-2.0.so.0
#39 g_closure_invoke
from /usr/lib/libgobject-2.0.so.0
#40 ??
from /usr/lib/libgobject-2.0.so.0
#41 g_signal_emit_valist
from /usr/lib/libgobject-2.0.so.0
#42 g_signal_emit
from /usr/lib/libgobject-2.0.so.0
#43 soup_message_got_chunk
from /usr/lib/libsoup-2.4.so.1
#44 ??
from /usr/lib/libsoup-2.4.so.1
#45 ??
from /usr/lib/libsoup-2.4.so.1
#46 ??
from /usr/lib/libsoup-2.4.so.1
#47 g_cclosure_marshal_VOID__VOID
from /usr/lib/libgobject-2.0.so.0
#48 g_closure_invoke
from /usr/lib/libgobject-2.0.so.0
#49 ??
from /usr/lib/libgobject-2.0.so.0
#50 g_signal_emit_valist
from /usr/lib/libgobject-2.0.so.0
#51 g_signal_emit
from /usr/lib/libgobject-2.0.so.0
#52 ??
from /usr/lib/libsoup-2.4.so.1
#53 ??
from /usr/lib/libglib-2.0.so.0
#54 g_main_context_dispatch
from /usr/lib/libglib-2.0.so.0
#55 ??
from /usr/lib/libglib-2.0.so.0
#56 g_main_loop_run
from /usr/lib/libglib-2.0.so.0
#57 gtk_main
from /usr/lib/libgtk-x11-2.0.so.0
#58 main
at ephy-main.c line 739


	Inferior 1 [process 14984] will be detached.

Quit anyway? (y or n) [answered Y; input not from terminal]


----------- .xsession-errors (82 sec old) ---------------------
(yelp:14969): Gtk-CRITICAL **: IA__gtk_tool_button_new: assertion `icon_widget == NULL || GTK_IS_MISC (icon_widget)' failed
(yelp:14969): GLib-GObject-WARNING **: invalid (NULL) pointer instance
(yelp:14969): GLib-GObject-CRITICAL **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed
(yelp:14969): Gtk-CRITICAL **: IA__gtk_toolbar_insert: assertion `GTK_IS_TOOL_ITEM (item)' failed
(yelp:14969): Gtk-CRITICAL **: IA__gtk_tool_button_new: assertion `icon_widget == NULL || GTK_IS_MISC (icon_widget)' failed
(yelp:14969): GLib-GObject-WARNING **: invalid (NULL) pointer instance
(yelp:14969): GLib-GObject-CRITICAL **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed
(yelp:14969): Gtk-CRITICAL **: IA__gtk_toolbar_insert: assertion `GTK_IS_TOOL_ITEM (item)' failed
--------------------------------------------------

Comment 1 Akhil Laddha 2011-04-08 03:33:23 UTC

Can you please install debuginfo packages of webkit, glib2, gtk+2 and libsoup and provide us updated traces, tia.

Comment 2 lewis+gnome 2011-04-08 16:40:03 UTC

Created attachment 185537 [details]
bug-buddy output (2)

Comment 3 lewis+gnome 2011-04-08 16:41:54 UTC

OK I did this, which is, I believe what you mean by "debuginfo packages" on a Gentoo system:

FEATURES="splitdebug" emerge -av epiphany webkit-gtk glib gtk+ libsoup

with '-ggdb' in the CFLAGS

Then I ran 'epiphany' as a test_user and got the same crash. I have attached
what 'bug-buddy' captured.

Comment 4 Pacho Ramos 2011-04-08 17:31:35 UTC

Pasting the backtrace here to let us see if there is any duplicated trace:

Distribution: Gentoo Base System release 1.12.14
Gnome Release: 2.32.1 2011-03-22 (Gentoo)
BugBuddy Version: 2.32.0

System: Linux 2.6.36-gentoo-r5-sl #1 SMP Thu Mar 24 12:17:24 PDT 2011 alpha
X Vendor: The X.Org Foundation
X Vendor Release: 10904000
Selinux: No
Accessibility: Disabled
GTK+ Theme: Clearlooks
Icon Theme: gnome
GTK+ Modules: canberra-gtk-module, gnomesegvhandler

Memory status: size: 257589248 vsize: 257589248 resident: 44466176 share: 29990912 rss: 44466176 rss_rlim: 18446744073709551615
CPU usage: start_time: 1305271706 rtime: 1011 utime: 856 stime: 155 cutime:0 cstime: 0 timeout: 0 it_real_value: 0 frequency: 100

Backtrace was generated from '/usr/bin/epiphany'

[Thread debugging using libthread_db enabled]
[New Thread 0x2000a35b010 (LWP 13503)]
[New Thread 0x200097d3010 (LWP 13502)]
[New Thread 0x200056a5010 (LWP 13501)]
0x00000200029480dc in waitpid () from /lib/libpthread.so.0

+ Trace 226656

#7  ~HashTable (this=0x20009837a00, __in_chrg=<value optimized out>) at ./JavaScriptCore/wtf/HashTable.h:298
No locals.
#8  ~HashMap (this=0x20009837a00, __in_chrg=<value optimized out>) at ./JavaScriptCore/wtf/HashMap.h:32
No locals.
#9  ~EvalCodeCache (this=0x20009837a00, __in_chrg=<value optimized out>) at JavaScriptCore/byte

Comment 5 Jean-François Fortin Tam 2012-10-08 03:53:35 UTC

Hi, this crash has been reported with an older version of Epiphany and webkit; recent versions of Epiphany are much more reliable.

Please check if this still occurs with Epiphany 3.6 or newer and reopen if that is the case, otherwise please mark as resolved obsolete. Thanks!

Comment 6 Jean-François Fortin Tam 2012-10-08 03:56:05 UTC

Hi, this crash has been reported with an older version of Epiphany and webkit; recent versions of Epiphany are much more reliable.

Please check if this still occurs with Epiphany 3.6 or newer and reopen if that is the case, otherwise please mark as resolved obsolete. Thanks!

Comment 7 lewis+gnome 2012-10-08 06:28:24 UTC

(In reply to comment #6)
> Hi, this crash has been reported with an older version of Epiphany and webkit;
> recent versions of Epiphany are much more reliable.
> 
> Please check if this still occurs with Epiphany 3.6 or newer and reopen if that
> is the case, otherwise please mark as resolved obsolete. Thanks!

Not practical on my system at this time, sorry
Epiphany 3.6 not yet in Gentoo distribution
will test when becomes available