Unref NULL in soup_content_sniffer_request_unqueued
Submitted by Dirkjan Ochtman
Assigned to libsoup-maint@gnome.bugs
Link to original bug (#740352)
Description
We've seen this crash a few times now, happening inside libsoup (used mostly through WebKit).
#0 0x00007f07f085cd7d in g_object_unref (_object=0x0) at gobject.c:3014
#1 0x00007f07f0e1bdd5 in soup_content_sniffer_request_unqueued (feature=0x14b1040, session=<optimized out>, msg=0x16fb280) at soup-content-sniffer.c:870
#2 0x00007f07f0858e68 in g_closure_invoke (closure=0x14b6570, return_value=0x0, n_param_values=2, param_values=0x7fff1e627c60, invocation_hint=0x7fff1e627c00) at gclosure.c:768
#3 0x00007f07f086639c in signal_emit_unlocked_R (node=node@entry=0x14a1cb0, detail=detail@entry=0, instance=instance@entry=0x14b0100, emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7fff1e627c60) at gsignal.c:3551
#4 0x00007f07f086d565 in g_signal_emit_valist (instance=0x14b0100, signal_id=<optimized out>, detail=0, var_args=var_args@entry=0x7fff1e627eb8) at gsignal.c:3307
#5 0x00007f07f086d652 in g_signal_emit (instance=instance@entry=0x14b0100, signal_id=<optimized out>, detail=detail@entry=0) at gsignal.c:3363
#6 0x00007f07f0e387b4 in soup_session_unqueue_item (session=0x14b0100, item=0x16cf300) at soup-session.c:1453
#7 0x00007f07f0e3cf25 in soup_session_process_queue_item (session=session@entry=0x14b0100, item=item@entry=0x16cf300, should_cleanup=should_cleanup@entry=0x0, loop=loop@entry=0) at soup-session.c:1979
#8 0x00007f07f0e3d91e in soup_session_send_finish (session=0x14b0100, result=result@entry=0x15d9860, error=error@entry=0x7fff1e628168) at soup-session.c:4239
#9 0x00007f07f0e34945 in http_input_stream_ready_cb (source=0x14b0100, result=0x15d9860, user_data=0x1699ab0) at soup-request-http.c:122
#10 0x00007f07f0b0319b in g_task_return_now (task=0x15d9860) at gtask.c:1076
#11 complete_in_idle_cb (task=0x15d9860) at gtask.c:1085
#12 0x00007f07f054e0df in g_main_dispatch (context=0x17f4d30) at gmain.c:3066
#13 g_main_context_dispatch (context=context@entry=0x17f4d30) at gmain.c:3665
#14 0x00007f07f1cb1aab in ecore_glib_select_locked (ecore_timeout=0x7fff1e628280, efds=0x7fff1e628440, wfds=0x7fff1e6283c0, rfds=0x7fff1e628340, ecore_fds=8, ctx=0x17f4d30) at ecore_glib.c:171
#15 _ecore_glib_select (ecore_fds=8, rfds=0x7fff1e628340, wfds=0x7fff1e6283c0, efds=0x7fff1e628440, ecore_timeout=0x7fff1e628280) at ecore_glib.c:205
#16 0x00007f07f1caadc2 in _ecore_main_select (timeout=<optimized out>) at ecore_main.c:1476
#17 0x00007f07f1cabdaa in _ecore_main_loop_iterate_internal (once_only=0) at ecore_main.c:1904
#18 ecore_main_loop_begin () at ecore_main.c:956
#19 0x000000000045ded4 in Rendercast::session_main (session=0x7f07f21eedc0) at Session.cc:137
#20 0x000000000041dcbf in main (argc=<optimized out>, argv=0x7fff1e628b08) at Server.cc:537
Please advise if this is familiar, if there is any way to mitigate it or add logging to find out where the bug might be.
Version: 2.46.x