Bug 400028 - akregator segfaults in QtWebEngineCore::NetworkDelegateQt::OnBeforeURLRequest, thread safety issue
Summary: akregator segfaults in QtWebEngineCore::NetworkDelegateQt::OnBeforeURLRequest...
Status: RESOLVED DUPLICATE of bug 371511
Alias: None
Product: akregator
Classification: Applications
Component: internal browser (show other bugs)
Version: unspecified
Platform: Other Linux
: NOR normal
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-10-19 15:42 UTC by Dmitry Shachnev
Modified: 2018-10-21 12:45 UTC (History)
3 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Dmitry Shachnev 2018-10-19 15:42:01 UTC 
Forwarded from https://bugs.debian.org/910852.

Akregator 18.08.1 with Qt 5.11.2 crashes randomly on various feeds.

Qt upstream in https://bugreports.qt.io/browse/QTBUG-71284 says:

> It looks like a thread safety issue in kdepim's WebEngineViewer.
> QtWebEngine executes interceptors[1] on the IO thread, but
> WebEngineViewer's interceptor[2] does not take this into account.
> 
> Since this is a common issue, QtWebEngine 5.13 will have new API[3]
> to allow intercepting requests on the main UI thread, but until
> then WebEngineViewer's interceptor needs to synchronize with the
> UI thread to prevent memory corruption.
> 
> [1] https://doc.qt.io/qt-5/qwebengineurlrequestinterceptor.html#interceptRequest
> [2] https://lxr.kde.org/source/kde/pim/messagelib/webengineviewer/src/urlinterceptor/networkurlinterceptor.cpp
> [3] https://codereview.qt-project.org/235118

Stacktrace:

#0  0x00007fffed21086c in QtWebEngineCore::NetworkDelegateQt::OnBeforeURLRequest(net::URLRequest*, base::RepeatingCallback<void (int)> const&, GURL*) ()
   from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#1  0x00007fffeeca82a6 in net::NetworkDelegate::NotifyBeforeURLRequest(net::URLRequest*, base::RepeatingCallback<void (int)> const&, GURL*) ()
   from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#2  0x00007fffeedf86eb in net::URLRequest::Start() [clone .part.109] () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#3  0x00007fffedb13bce in content::ResourceLoader::StartRequestInternal() () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#4  0x00007fffedb148ad in content::ResourceLoader::Resume(bool) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#5  0x00007fffedb14a9a in content::ResourceLoader::StartRequest() () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#6  0x00007fffedb0e1de in content::ResourceDispatcherHostImpl::BeginRequestInternal(std::unique_ptr<net::URLRequest, std::default_delete<net::URLRequest> >, std::unique_ptr<content::ResourceHandler, std::default_delete<content::ResourceHandler> >) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#7  0x00007fffedb0faff in content::ResourceDispatcherHostImpl::BeginNavigationRequest(content::ResourceContext*, net::URLRequestContext*, storage::FileSystemContext*, content::NavigationRequestInfo const&, std::unique_ptr<content::NavigationUIData, std::default_delete<content::NavigationUIData> >, content::NavigationURLLoaderImplCore*, mojo::InterfacePtr<network::mojom::URLLoaderClient>, mojo::InterfaceRequest<network::mojom::URLLoader>, content::ServiceWorkerNavigationHandleCore*, content::AppCacheNavigationHandleCore*, unsigned int, content::GlobalRequestID*) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#8  0x00007fffedafd855 in content::NavigationURLLoaderImplCore::Start(content::ResourceContext*, net::URLRequestContextGetter*, storage::FileSystemContext*, content::ServiceWorkerNavigationHandleCore*, content::AppCacheNavigationHandleCore*, std::unique_ptr<content::NavigationRequestInfo, std::default_delete<content::NavigationRequestInfo> >, std::unique_ptr<content::NavigationUIData, std::default_delete<content::NavigationUIData> >) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#9  0x00007fffedafd160 in base::internal::Invoker<base::internal::BindState<void (content::NavigationURLLoaderImplCore::*)(content::ResourceContext*, net::URLRequestContextGetter*, storage::FileSystemContext*, content::ServiceWorkerNavigationHandleCore*, content::AppCacheNavigationHandleCore*, std::unique_ptr<content::NavigationRequestInfo, std::default_delete<content::NavigationRequestInfo> >, std::unique_ptr<content::NavigationUIData, std::default_delete<content::NavigationUIData> >), scoped_refptr<content::NavigationURLLoaderImplCore>, content::ResourceContext*, base::internal::UnretainedWrapper<net::URLRequestContextGetter>, base::internal::UnretainedWrapper<storage::FileSystemContext>, content::ServiceWorkerNavigationHandleCore*, content::AppCacheNavigationHandleCore*, base::internal::PassedWrapper<std::unique_ptr<content::NavigationRequestInfo, std::default_delete<content::NavigationRequestInfo> > >, base::internal::PassedWrapper<std::unique_ptr<content::NavigationUIData, std::default_delete<content::NavigationUIData> > > >, void ()>::RunOnce(base::internal::BindStateBase*) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#10 0x00007fffee7a47e8 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#11 0x00007fffee7c4eea in base::MessageLoop::RunTask(base::PendingTask*) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#12 0x00007fffee7c598f in base::MessageLoop::DeferOrRunPendingTask(base::PendingTask) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#13 0x00007fffee7c5b28 in base::MessageLoop::DoWork() [clone .part.202] () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#14 0x00007fffee7c8542 in base::MessagePumpLibevent::Run(base::MessagePump::Delegate*) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#15 0x00007fffee7e77cb in base::RunLoop::Run() () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#16 0x00007fffed8fd3fa in content::BrowserThreadImpl::IOThreadRun(base::RunLoop*) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#17 0x00007fffed8fd8a7 in content::BrowserThreadImpl::Run(base::RunLoop*) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#18 0x00007fffee808bf8 in base::Thread::ThreadMain() () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#19 0x00007fffee804511 in base::(anonymous namespace)::ThreadFunc(void*) () from /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5
#20 0x00007ffff511af2a in start_thread (arg=0x7fff7ffff700) at pthread_create.c:463
        pd = 0x7fff7ffff700
        now = <optimized out>
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140735340869376, -2672070067541426078, 140737488343086, 140737488343087, 140737488343248, 0, 2671788592052650082, 
                2672055479116054626}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
        not_first_call = <optimized out>
#21 0x00007ffff6524edf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

The original bug report has two other versions of stacktrace, where the first frame indicates jump to some random and invalid address.
Comment 1 Christophe Marin 2018-10-19 17:34:21 UTC 

*** This bug has been marked as a duplicate of bug 371511 ***
Comment 2 Martin Steigerwald 2018-10-19 20:59:57 UTC 
Christophe, are you sure this is a duplicate of #371511?

This bug is upstream report from Debian bug report of mine:

libqt5webengine5: Akregator crashes very often, WebEngine related
https://bugs.debian.org/910852

What I see here is that Akregator runs stable with external browser. It just crashes when using Qt Webengine as internal browser.