Bug 407454

Summary: konqueror crash on shutdown
Product: [Applications] konqueror Reporter: Johannes Hirte <johannes.hirte>
Component: webenginepartAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED FIXED    
Severity: crash CC: elvis.angelaccio, fernando.romero.wrk, jjm, jsardid, opensuse
Priority: NOR    
Version: Git   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: https://commits.kde.org/konqueror/ce61f5132a6de0e13cba54a687853a40e3006f05 Version Fixed In: 19.04.3
Sentry Crash Report:
Attachments: full crash log

Description Johannes Hirte 2019-05-12 10:46:41 UTC 
SUMMARY

Konqueror crashes on shutdown


STEPS TO REPRODUCE
1. start konqueror
2. close konqueror


OBSERVED RESULT

Thread 1 (Thread 0x7fdf1874ec80 (LWP 10372)):
[KCrash Handler]
#7  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#8  0x00007fdf17ad4535 in __GI_abort () at abort.c:79
#9  0x00007fdf17b2fd6f in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7fdf17c44345 "%s\n") at ../sysdeps/posix/libc_fatal.c:181
#10 0x00007fdf17b378c8 in malloc_printerr (str=str@entry=0x7fdf17c42491 "free(): invalid pointer") at malloc.c:5352
#11 0x00007fdf17b391bc in _int_free (av=<optimized out>, p=<optimized out>, have_lock=<optimized out>) at malloc.c:4181
#12 0x00007fdf17efa3bc in QObjectPrivate::deleteChildren (this=this@entry=0x55bcc610b350) at kernel/qobject.cpp:2010
#13 0x00007fdf17efb278 in QObject::~QObject (this=<optimized out>, __in_chrg=<optimized out>) at kernel/qobject.cpp:1032
#14 0x00007fdedbe244c9 in QWebEngineProfile::~QWebEngineProfile (this=0x55bcc6146510, __in_chrg=<optimized out>) at api/qwebengineprofile.cpp:321
#15 0x00007fdf17efa3bc in QObjectPrivate::deleteChildren (this=this@entry=0x55bcc61b63e0) at kernel/qobject.cpp:2010
#16 0x00007fdf17efb278 in QObject::~QObject (this=<optimized out>, __in_chrg=<optimized out>) at kernel/qobject.cpp:1032
#17 0x00007fdf17efb459 in QObject::~QObject (this=0x55bcc61b63c0, __in_chrg=<optimized out>) at kernel/qobject.cpp:891
#18 0x00007fded53e8d45 in std::default_delete<QObject>::operator() (this=0x55bcc6348fa8, __ptr=<optimized out>) at /usr/lib/gcc/x86_64-pc-linux-gnu/9.1.0/include/g++-v9/bits/unique_ptr.h:75
#19 std::unique_ptr<QObject, std::default_delete<QObject> >::reset (__p=<optimized out>, this=0x55bcc6348fa8) at /usr/lib/gcc/x86_64-pc-linux-gnu/9.1.0/include/g++-v9/bits/unique_ptr.h:399
#20 QtWebEngineCore::WebEngineContext::destroy (this=0x55bcc6348f80) at /var/tmp/portage/dev-qt/qtwebengine-5.12.3/work/qtwebengine-everywhere-src-5.12.3/src/core/web_engine_context.cpp:278
#21 0x00007fded53e8eb6 in QtWebEngineCore::WebEngineContext::destroyContextPostRoutine () at /var/tmp/portage/dev-qt/qtwebengine-5.12.3/work/qtwebengine-everywhere-src-5.12.3/src/core/web_engine_context.cpp:350
#22 0x00007fdf17ece8b2 in qt_call_post_routines () at kernel/qcoreapplication.cpp:350
#23 0x00007fdf172591f6 in QApplication::~QApplication (this=0x7ffc19a9b390, __in_chrg=<optimized out>) at kernel/qapplication.cpp:795
#24 0x00007fdf11085f4f in KonquerorApplication::~KonquerorApplication (this=0x7ffc19a9b390, __in_chrg=<optimized out>) at /var/tmp/portage/kde-apps/konqueror-9999/work/konqueror-9999/src/konqapplication.h:28
#25 kdemain (argc=<optimized out>, argv=<optimized out>) at /var/tmp/portage/kde-apps/konqueror-9999/work/konqueror-9999/src/konqmain.cpp:158
#26 0x000055bcc52a52ef in launch (argc=1, _name=0x55bcc5959268 "konqueror", args=<optimized out>, cwd=<optimized out>, envc=0, envs=<optimized out>, reset_env=false, tty=0x0, avoid_loops=false, startup_id_str=0x55bcc52a7adf "0") at /var/tmp/portage/kde-frameworks/kinit-9999/work/kinit-9999/src/kdeinit/kinit.cpp:706
#27 0x000055bcc52a6430 in handle_launcher_request (sock=<optimized out>, who=<optimized out>) at /var/tmp/portage/kde-frameworks/kinit-9999/work/kinit-9999/src/kdeinit/kinit.cpp:1146
#28 0x000055bcc52a6d04 in handle_requests (waitForPid=0) at /var/tmp/portage/kde-frameworks/kinit-9999/work/kinit-9999/src/kdeinit/kinit.cpp:1339
#29 0x000055bcc52a1f37 in main (argc=5, argv=<optimized out>) at /var/tmp/portage/kde-frameworks/kinit-9999/work/kinit-9999/src/kdeinit/kinit.cpp:1785
[Inferior 1 (process 10372) detached]

EXPECTED RESULT

konqueror shut down without crash

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: Gentoo Linux
(available in About System)
KDE Plasma Version: git master
KDE Frameworks Version: git master
Qt Version: 5.12.3

ADDITIONAL INFORMATION
Comment 1 Johannes Hirte 2019-05-12 10:47:21 UTC 
Created attachment 120004 [details]
full crash log
Comment 2 Johannes Hirte 2019-05-30 21:17:12 UTC 
workaround: disabling Synchronize cookies between QWebEngine and KCookieServer

diff --git a/webenginepart/src/webenginepart.cpp b/webenginepart/src/webenginepart.cpp
index bfd16ff4a..eaadda781 100644
--- a/webenginepart/src/webenginepart.cpp
+++ b/webenginepart/src/webenginepart.cpp
@@ -95,7 +95,7 @@ WebEnginePart::WebEnginePart(QWidget *parentWidget, QObject *parent,
         prof->installUrlSchemeHandler("error", new WebEnginePartErrorSchemeHandler(prof));
         prof->installUrlSchemeHandler("help", new WebEnginePartKIOHandler(prof));
     }
-    static WebEnginePartCookieJar s_cookieJar(prof, prof);
+//    static WebEnginePartCookieJar s_cookieJar(prof, prof);
     KAboutData about = KAboutData(QStringLiteral("webenginepart"),
                                   i18nc("Program Name", "WebEnginePart"),
                                   /*version*/ QStringLiteral("1.3.0"),


maybe someone with more knowledge of this code can explain, why this segfauls when the destructor is called
Comment 3 Johannes Hirte 2019-06-03 13:48:49 UTC 
This can't work. s_cookieJar is declared static, but QWebEngineProfile *prof is set as parent QObject, that will try to delete it on shutdown. Following patch fixed it for me:

diff --git a/webenginepart/src/webenginepart.cpp b/webenginepart/src/webenginepart.cpp
index bfd16ff4a..eaadda781 100644
--- a/webenginepart/src/webenginepart.cpp
+++ b/webenginepart/src/webenginepart.cpp
@@ -95,7 +95,7 @@ WebEnginePart::WebEnginePart(QWidget *parentWidget, QObject *parent,
         prof->installUrlSchemeHandler("error", new WebEnginePartErrorSchemeHandler(prof));
         prof->installUrlSchemeHandler("help", new WebEnginePartKIOHandler(prof));
     }
-    static WebEnginePartCookieJar s_cookieJar(prof, prof);
+    static WebEnginePartCookieJar s_cookieJar(prof, nullptr);
     KAboutData about = KAboutData(QStringLiteral("webenginepart"),
                                   i18nc("Program Name", "WebEnginePart"),
                                   /*version*/ QStringLiteral("1.3.0"),
Comment 4 Johannes Hirte 2019-06-03 14:33:02 UTC 
added review request https://phabricator.kde.org/D21562
Comment 5 Christoph Feck 2019-06-07 20:26:35 UTC 
*** Bug 408428 has been marked as a duplicate of this bug. ***
Comment 6 dth2 2019-06-07 21:32:50 UTC 
How do you apply the patch?
Comment 7 Rex Dieter 2019-06-13 15:38:31 UTC 
*** Bug 408622 has been marked as a duplicate of this bug. ***
Comment 8 avlas 2019-06-13 15:48:25 UTC 
(In reply to Johannes Hirte from comment #3)
> This can't work. s_cookieJar is declared static, but QWebEngineProfile *prof
> is set as parent QObject, that will try to delete it on shutdown. Following
> patch fixed it for me:
> 
> diff --git a/webenginepart/src/webenginepart.cpp
> b/webenginepart/src/webenginepart.cpp
> index bfd16ff4a..eaadda781 100644
> --- a/webenginepart/src/webenginepart.cpp
> +++ b/webenginepart/src/webenginepart.cpp
> @@ -95,7 +95,7 @@ WebEnginePart::WebEnginePart(QWidget *parentWidget,
> QObject *parent,
>          prof->installUrlSchemeHandler("error", new
> WebEnginePartErrorSchemeHandler(prof));
>          prof->installUrlSchemeHandler("help", new
> WebEnginePartKIOHandler(prof));
>      }
> -    static WebEnginePartCookieJar s_cookieJar(prof, prof);
> +    static WebEnginePartCookieJar s_cookieJar(prof, nullptr);
>      KAboutData about = KAboutData(QStringLiteral("webenginepart"),
>                                    i18nc("Program Name", "WebEnginePart"),
>                                    /*version*/ QStringLiteral("1.3.0"),

This worked for me
Comment 9 Elvis Angelaccio 2019-06-30 20:11:59 UTC 
Git commit ce61f5132a6de0e13cba54a687853a40e3006f05 by Elvis Angelaccio, on behalf of Johannes Hirte.
Committed on 30/06/2019 at 20:09.
Pushed by elvisangelaccio into branch 'Applications/19.04'.

fix crash in webenginepart on konqueror shutdown

Summary:
konqueror crashes on shutdown in webenginepart.

We fix this by not setting

    QWebEngineProfile *prof = QWebEngineProfile::defaultProfile();

as parent of s_cookieJar.
FIXED-IN: 19.04.3

see also https://bugs.kde.org/show_bug.cgi?id=407454

Test Plan: start and shutdown konqueror without crash

Reviewers: #konqueror, dfaure

Reviewed By: #konqueror, dfaure

Subscribers: cfeck, anthonyfieroni

Differential Revision: https://phabricator.kde.org/D21562

M  +1    -1    webenginepart/src/webenginepart.cpp

https://commits.kde.org/konqueror/ce61f5132a6de0e13cba54a687853a40e3006f05
Comment 10 Christoph Feck 2019-08-20 18:54:22 UTC 
*** Bug 409833 has been marked as a duplicate of this bug. ***