Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-58650

Segfault when changing cookie policy

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P1: Critical
    • 5.9.0 Beta 2
    • 5.8.0, 5.9.0 Alpha
    • WebEngine
    • None
    • Archlinux
    • 47b498b1d05a5f13e8af8241fb6df9d09a631595

    Description

      When changing the cookie policy and reloading the page, there's a segfault here:

      #0  0x0000000536ddc6ee in  ()
#1  0x00007fffed4e916a in (anonymous namespace)::LogChannelIDAndCookieStores(GURL const&, net::URLRequestContext const*, net::SSLInfo const&) (url=..., context=0x7fff9c00bad0, ssl_info=...) at ../../3rdparty/chromium/net/url_request/url_request_http_job.cc:126
#2  0x00007fffed4ee195 in net::URLRequestHttpJob::OnStartCompleted(int) (this=0x7fff9c2c2700, result=0) at ../../3rdparty/chromium/net/url_request/url_request_http_job.cc:1049
#3  0x00007fffed4f59ce in base::internal::RunnableAdapter<void (net::URLRequestHttpJob::*)(int)>::Run<net::URLRequestHttpJob*, int>(net::URLRequestHttpJob*&&, int&&) const (this=
    0x7fff9c6a8650, receiver_ptr=<unknown type in /home/florian/code/qt5/qtbase/lib/libQt5WebEngineCore.so.5, CU 0x82baf53, DIE 0x833a27a>, args#0=<unknown type in /home/florian/code/qt5/qtbase/lib/libQt5WebEngineCore.so.5, CU 0x82baf53, DIE 0x8333d27>) at ../../3rdparty/chromium/base/bind_internal.h:171
#4  0x00007fffed4f54ba in base::internal::InvokeHelper<false, void>::MakeItSo<base::internal::RunnableAdapter<void (net::URLRequestHttpJob::*)(int)> const&, net::URLRequestHttpJob*, int>(base::internal::RunnableAdapter<void (net::URLRequestHttpJob::*)(int)> const&, net::URLRequestHttpJob*&&, int&&) (runnable=..., args#0=<unknown type in /home/florian/code/qt5/qtbase/lib/libQt5WebEngineCore.so.5, CU 0x82baf53, DIE 0x833a27a>, args#1=<unknown type in /home/florian/code/qt5/qtbase/lib/libQt5WebEngineCore.so.5, CU 0x82baf53, DIE 0x8333d27>) at ../../3rdparty/chromium/base/bind_internal.h:296
#5  0x00007fffed4f4a69 in base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (net::URLRequestHttpJob::*)(int)>, base::internal::UnretainedWrapper<net::URLRequestHttpJob> >, void (int)>::RunImpl<base::internal::RunnableAdapter<void (net::URLRequestHttpJob::*)(int)> const&, std::tuple<base::internal::UnretainedWrapper<net::URLRequestHttpJob> > const&, 0ul>(base::internal::RunnableAdapter<void (net::URLRequestHttpJob::*)(int)> const&, std::tuple<base::internal::UnretainedWrapper<net::URLRequestHttpJob> > const&, base::IndexSequence<0ul>, int&&) (runnable=..., bound=std::tuple containing = {...}, unbound_args#0=<unknown type in /home/florian/code/qt5/qtbase/lib/libQt5WebEngineCore.so.5, CU 0x82baf53, DIE 0x8333d27>) at ../../3rdparty/chromium/base/bind_internal.h:366
#6  0x00007fffed4f37cc in base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (net::URLRequestHttpJob::*)(int)>, base::internal::UnretainedWrapper<net::URLRequestHttpJob> >, void (int)>::Run(base::internal::BindStateBase*, int&&) (base=0x7fff9c6a8640, unbound_args#0=<unknown type in /home/florian/code/qt5/qtbase/lib/libQt5WebEngineCore.so.5, CU 0x82baf53, DIE 0x8333d27>) at ../../3rdparty/chromium/base/bind_internal.h:345
#7  0x00007fffec2b111f in base::Callback<void (int), (base::internal::CopyMode)1>::Run(int) const (this=0x7fffb27fa010, args#0=0) at ../../3rdparty/chromium/base/callback.h:389
#8  0x00007fffed01217b in net::HttpCache::Transaction::DoLoop(int) (this=0x7fff9c2c3ae0, result=0) at ../../3rdparty/chromium/net/http/http_cache_transaction.cc:871
#9  0x00007fffed01f5bd in net::HttpCache::Transaction::OnIOComplete(int) (this=0x7fff9c2c3ae0, result=0) at ../../3rdparty/chromium/net/http/http_cache_transaction.cc:3020
#10 0x00007fffed024519 in base::internal::RunnableAdapter<void (net::HttpCache::Transaction::*)(int)>::Run<base::WeakPtr<net::HttpCache::Transaction> const&, int>(base::WeakPtr<net::HttpCache::Transaction> const&, int&&) const (this=
    0x7fff9c5fc610, receiver_ptr=..., args#0=<unknown type in /home/florian/code/qt5/qtbase/lib/libQt5WebEngineCore.so.5, CU 0x5cf1fe2, DIE 0x5d47ffd>) at ../../3rdparty/chromium/base/bind_internal.h:171
#11 0x00007fffed023e22 in base::internal::InvokeHelper<true, void>::MakeItSo<base::internal::RunnableAdapter<void (net::HttpCache::Transaction::*)(int)> const&, base::WeakPtr<net::HttpCache::Transaction> const&, int>(base::internal::RunnableAdapter<void (net::HttpCache::Transaction::*)(int)> const&, base::WeakPtr<net::HttpCache::Transaction> const&, int&&) (runnable=..., weak_ptr=..., args#0=<unknown type in /home/florian/code/qt5/qtbase/lib/libQt5WebEngineCore.so.5, CU 0x5cf1fe2, DIE 0x5d47ffd>) at ../../3rdparty/chromium/base/bind_internal.h:309
#12 0x00007fffed02301d in base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (net::HttpCache::Transaction::*)(int)>, base::WeakPtr<net::HttpCache::Transaction> >, void (int)>::RunImpl<base::internal::RunnableAdapter<void (net::HttpCache::Transaction::*)(int)> const&, std::tuple<base::WeakPtr<net::HttpCache::Transaction> > const&, 0ul>(base::internal::RunnableAdapter<void (net::HttpCache::Transaction::*)(int)> const&, std::tuple<base::WeakPtr<net::HttpCache::Transaction> > const&, base::IndexSequence<0ul>, int&&) (runnable=..., bound=std::tuple containing = {...}, unbound_args#0=<unknown type in /home/florian/code/qt5/qtbase/lib/libQt5WebEngineCore.so.5, CU 0x5cf1fe2, DIE 0x5d47ffd>) at ../../3rdparty/chromium/base/bind_internal.h:366
#13 0x00007fffed021c3c in base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (net::HttpCache::Transaction::*)(int)>, base::WeakPtr<net::HttpCache::Transaction> >, void (int)>::Run(base::internal::BindStateBase*, int&&) (base=0x7fff9c5fc600, unbound_args#0=<unknown type in /home/florian/code/qt5/qtbase/lib/libQt5WebEngineCore.so.5, CU 0x5cf1fe2, DIE 0x5d47ffd>) at ../../3rdparty/chromium/base/bind_internal.h:345
#14 0x00007fffec2b111f in base::Callback<void (int), (base::internal::CopyMode)1>::Run(int) const (this=0x7fffb27fa6f0, args#0=0) at ../../3rdparty/chromium/base/callback.h:389
#15 0x00007fffed55d015 in disk_cache::InFlightBackendIO::OnOperationComplete(disk_cache::BackgroundIO*, bool) (this=0x7fff9c5905d8, operation=0x7fff9c356880, cancel=false) at ../../3rdparty/chromium/net/disk_cache/blockfile/in_flight_backend_io.cc:532
#16 0x00007fffed55f1d6 in disk_cache::InFlightIO::InvokeCallback(disk_cache::BackgroundIO*, bool) (this=0x7fff9c5905d8, operation=0x7fff9c356880, cancel_task=false) at ../../3rdparty/chromium/net/disk_cache/blockfile/in_flight_io.cc:109
#17 0x00007fffed55e725 in disk_cache::BackgroundIO::OnIOSignalled() (this=0x7fff9c356880) at ../../3rdparty/chromium/net/disk_cache/blockfile/in_flight_io.cc:31
#18 0x00007fffed561188 in base::internal::RunnableAdapter<void (disk_cache::BackgroundIO::*)()>::Run<scoped_refptr<disk_cache::BackgroundIO> const&>(scoped_refptr<disk_cache::BackgroundIO> const&) const (this=0x7fff98080330, receiver_ptr=...) at ../../3rdparty/chromium/base/bind_internal.h:171
#19 0x00007fffed560e49 in base::internal::InvokeHelper<false, void>::MakeItSo<base::internal::RunnableAdapter<void (disk_cache::BackgroundIO::*)()> const&, scoped_refptr<disk_cache::BackgroundIO> const&>(base::internal::RunnableAdapter<void (disk_cache::BackgroundIO::*)()> const&, scoped_refptr<disk_cache::BackgroundIO> const&) (runnable=..., args#0=...) at ../../3rdparty/chromium/base/bind_internal.h:296
#20 0x00007fffed56067b in base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (disk_cache::BackgroundIO::*)()>, disk_cache::BackgroundIO*&>, void ()>::RunImpl<base::internal::RunnableAdapter<void (disk_cache::BackgroundIO::*)()> const&, std::tuple<scoped_refptr<disk_cache::BackgroundIO> > const&, 0ul>(base::internal::RunnableAdapter<void (disk_cache::BackgroundIO::*)()> const&, std::tuple<scoped_refptr<disk_cache::BackgroundIO> > const&, base::IndexSequence<0ul>) (runnable=..., bound=std::tuple containing = {...}) at ../../3rdparty/chromium/base/bind_internal.h:366
#21 0x00007fffed55fe88 in base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (disk_cache::BackgroundIO::*)()>, disk_cache::BackgroundIO*&>, void ()>::Run(base::internal::BindStateBase*) (base=0x7fff98080320) at ../../3rdparty/chromium/base/bind_internal.h:345
#22 0x00007fffec3111cf in base::Callback<void (), (base::internal::CopyMode)1>::Run() const (this=0x7fffb27fafd8) at ../../3rdparty/chromium/base/callback.h:389
#23 0x00007fffee392565 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&) (this=0x5555559ea740, queue_function=0x7ffff3ab7058 "MessageLoop::PostTask", pending_task=...) at ../../3rdparty/chromium/base/debug/task_annotator.cc:51
#24 0x00007fffee27a1fb in base::MessageLoop::RunTask(base::PendingTask const&) (this=0x5555559ea5c0, pending_task=...) at ../../3rdparty/chromium/base/message_loop/message_loop.cc:493
#25 0x00007fffee27a331 in base::MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) (this=0x5555559ea5c0, pending_task=...) at ../../3rdparty/chromium/base/message_loop/message_loop.cc:502
#26 0x00007fffee27a954 in base::MessageLoop::DoWork() (this=0x5555559ea5c0) at ../../3rdparty/chromium/base/message_loop/message_loop.cc:624
#27 0x00007fffee22299d in base::MessagePumpLibevent::Run(base::MessagePump::Delegate*) (this=0x7fff9c0012c0, delegate=0x5555559ea5c0) at ../../3rdparty/chromium/base/message_loop/message_pump_libevent.cc:217
#28 0x00007fffee279e13 in base::MessageLoop::RunHandler() (this=0x5555559ea5c0) at ../../3rdparty/chromium/base/message_loop/message_loop.cc:457
#29 0x00007fffee2cd6ed in base::RunLoop::Run() (this=0x7fffb27fb300) at ../../3rdparty/chromium/base/run_loop.cc:35
#30 0x00007fffee313ddb in base::Thread::Run(base::MessageLoop*) (this=0x555555a04f00, message_loop=0x5555559ea5c0) at ../../3rdparty/chromium/base/threading/thread.cc:205
#31 0x00007fffeec37f0b in content::BrowserThreadImpl::IOThreadRun(base::MessageLoop*) (this=0x555555a04f00, message_loop=0x5555559ea5c0) at ../../3rdparty/chromium/content/browser/browser_thread_impl.cc:223
#32 0x00007fffeec382de in content::BrowserThreadImpl::Run(base::MessageLoop*) (this=0x555555a04f00, message_loop=0x5555559ea5c0) at ../../3rdparty/chromium/content/browser/browser_thread_impl.cc:259
#33 0x00007fffee314183 in base::Thread::ThreadMain() (this=0x555555a04f00) at ../../3rdparty/chromium/base/threading/thread.cc:256
#34 0x00007fffee3041fc in base::(anonymous namespace)::ThreadFunc(void*) (params=0x5555559f4470) at ../../3rdparty/chromium/base/threading/platform_thread_posix.cc:70
#35 0x00007fffe88be454 in start_thread () at /usr/lib/libpthread.so.0
#36 0x00007fffe7d5e7df in clone () at /usr/lib/libc.so.6

      This can be reproduced with the demobrowser:

      Attachments

        1. main.cpp
          1 kB
        2. Backtrace.txt
          170 kB
        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            qt_webengine_team Qt WebEngine Team
            the compiler Florian Bruhin
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes