GNOME Bugzilla – Bug 667245
Regression: segfault on soup_connection_get_state
Last modified: 2012-03-01 16:38:19 UTC
The regression seems to be after this commit: commit d4ec04f41d4de39a7b9091f0d0572ce11565a4ab Author: Dan Winship <danw@gnome.org> Date: Wed Dec 7 17:03:19 2011 -0500 SoupConnection: belatedly fix up unix-only code The last-minute-check-if-the-socket-has-been-closed-by-the-server code was written long ago to use soup_socket_get_fd() and g_poll(), and so was unix-only, but now that SoupSocket is GSocket-based, we can use g_socket_condition_check() instead. This stacktrace is with a patched glib, not to crash on a g_socket_*() calls with NULL, but you shouldn't be passing NULL to glib anyway:
+ Trace 229385
By the way, this is very easy to reproduce with latest epiphany and youtube with HTML5 enabled (youtube.com/html5).
(In reply to comment #1) > By the way, this is very easy to reproduce with latest epiphany and youtube > with HTML5 enabled (youtube.com/html5). worksforme... I assume you have the latest glib and glib-networking too?
(In reply to comment #0) > The regression seems to be after this commit: > > commit d4ec04f41d4de39a7b9091f0d0572ce11565a4ab If it crashes after that commit, it would have to have been already hitting a g_return_val_if_fail() before that commit. If you can bisect to a commit where the return-if-fail first appears, that would be useful... Also, if any other warnings appear before this one. Hm. Are you using a proxy? (Just trying to think of things that would make it work differently for you than for me.)
*** Bug 667114 has been marked as a duplicate of this bug. ***
I think I saw similar warnings after the previous commit, ff0797686c3a893ef2a5b6950356336a0712da27. Before that everything seems ok. I'm not using a proxy.
I am also pretty sure I had this libsoup commit already when I hit the segfault from bug 667114, and I'm not using a proxy.
FWIW I could not make the browser crash until I hit commit f4478b4fba, which is the next one to the one Claudio mentions. I browsed for ~30 minutes with ff0797686c3 and d4ec04f41d4 without crash, but f4478b4fba crashed reasonably quickly. Of course this is by no means scientific, but perhaps the breakage coming from there makes more sense for Dan.
Hi, I confirm this bug with midori browser on ARM board with thiese libsoup packages : libsoup-2.4 - 2.37.2-r1 libsoup-2.4-1 - 2.33.6-r0.9 libsoup-2.4-dbg - 2.37.2-r1 libsoup-gnome-2.4-1 - 2.33.6-r0.9 The backtrace is : Program received signal SIGSEGV, Segmentation fault. g_socket_get_fd (socket=0x0) at gsocket.c:1238 1238 return socket->priv->fd; (gdb) bt
+ Trace 229688
Hope that helps ! Bye.
Hi, I can reproduce it when I cancel the loading of one (big) internet page. For example : http://www.permadi.com/tutorial/jsEventBubbling/index.html I repeat refresh and cancel many times and the bug occurs. Sincerely, JL.
that doesn't crash for me either. are people who see the crash on 32-bit architectures maybe?
(In reply to comment #10) > that doesn't crash for me either. > > are people who see the crash on 32-bit architectures maybe? Yes, I've seen this bug on both 32-bit x86 (i686) and 32-bit ARM. Thierry
Fixed in git. (the 32-bit had nothing to do with it. I have no idea why I couldn't reproduce this before, but I could today...)