Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-65813

Crashes on load handler in qml tests

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P1: Critical
    • Resolution: Done
    • Affects Version/s: 5.10.0, 5.11
    • Fix Version/s: 5.10.1
    • Component/s: WebEngine
    • Labels:
      None
    • Commits:
      7644564d754bbee640a091950b77e23586c2d28

      Description

      Currently we can get QuickWebEngineViewPrivate::loadFinished while still being in RenderFrameHostImpl::OnDidStopLoading, unfortunately if user connects onLoadingChanged singal with new url load request this will end up in DiscardUnusedFrame and delete on RenderFrameHostImpl which is still on the bottom of the stack.

      ==24257==    by 0x77D7CC9: content::RenderFrameHostImpl::~RenderFrameHostImpl() (render_frame_host_impl.cc:606)
      ==24257==    by 0x785CF43: std::default_delete<content::RenderFrameHostImpl>::operator()(content::RenderFrameHostImpl*) const (unique_ptr.h:76)
      ==24257==    by 0x785AA8C: std::unique_ptr<content::RenderFrameHostImpl, std::default_delete<content::RenderFrameHostImpl> >::reset(content::RenderFrameHostImpl*) (unique_ptr.h:347)
      ==24257==    by 0x784E90B: content::RenderFrameHostManager::DiscardUnusedFrame(std::unique_ptr<content::RenderFrameHostImpl, std::default_delete<content::RenderFrameHostImpl> >) (render_frame_host_manager.cc:644)
      ==24257==    by 0x7857CA9: content::RenderFrameHostManager::CancelPending() (render_frame_host_manager.cc:2512)
      ==24257==    by 0x7856DD7: content::RenderFrameHostManager::UpdateStateForNavigate(GURL const&, content::SiteInstance*, content::SiteInstance*, ui::PageTransition, bool, bool, content::GlobalRequestID const&, int, bool) (render_frame_host_manager.cc:2365)
      ==24257==    by 0x784D030: content::RenderFrameHostManager::Navigate(GURL const&, content::FrameNavigationEntry const&, content::NavigationEntryImpl const&, bool) (render_frame_host_manager.cc:213)
      ==24257==    by 0x77CF53F: content::NavigatorImpl::NavigateToEntry(content::FrameTreeNode*, content::FrameNavigationEntry const&, content::NavigationEntryImpl const&, content::ReloadType, bool, bool, bool, scoped_refptr<content::ResourceRequestBody> const&) (navigator_impl.cc:403)
      ==24257==    by 0x77CFD95: content::NavigatorImpl::NavigateToPendingEntry(content::FrameTreeNode*, content::FrameNavigationEntry const&, content::ReloadType, bool) (navigator_impl.cc:504)
      ==24257==    by 0x7796DA7: content::NavigationControllerImpl::NavigateToPendingEntryInternal(content::ReloadType) (navigation_controller_impl.cc:2069)
      ==24257==    by 0x7796977: content::NavigationControllerImpl::NavigateToPendingEntry(content::ReloadType) (navigation_controller_impl.cc:2026)
      ==24257==    by 0x778DF56: content::NavigationControllerImpl::LoadEntry(std::unique_ptr<content::NavigationEntryImpl, std::default_delete<content::NavigationEntryImpl> >) (navigation_controller_impl.cc:463)
      ==24257==    by 0x778FC4A: content::NavigationControllerImpl::LoadURLWithParams(content::NavigationController::LoadURLParams const&) (navigation_controller_impl.cc:800)
      ==24257==    by 0x5ECD12E: QtWebEngineCore::WebContentsAdapter::setContent(QByteArray const&, QString const&, QUrl const&) (web_contents_adapter.cpp:632)
      ==24257==    by 0x4064541: QQuickWebEngineView::loadHtml(QString const&, QUrl const&) (qquickwebengineview.cpp:944)
      ==24257==    by 0x4079FED: QQuickWebEngineView::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (moc_qquickwebengineview_p.cpp:1278)
      ==24257==    by 0x407AE26: QQuickWebEngineView::qt_metacall(QMetaObject::Call, int, void**) (moc_qquickwebengineview_p.cpp:1714)
      ==24257==    by 0x1606010F: QQmlVMEMetaObject::metaCall(QObject*, QMetaObject::Call, int, void**) (qqmlvmemetaobject.cpp:979)
      ==24257==    by 0x1606014F: QQmlVMEMetaObject::metaCall(QObject*, QMetaObject::Call, int, void**) (qqmlvmemetaobject.cpp:977)
      ==24257==    by 0x1674E4E0: QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) (qmetaobject.cpp:299)
      ==24257==    by 0x160CB2EA: QQmlObjectOrGadget::metacall(QMetaObject::Call, int, void**) const (qqmlpropertycache.cpp:1732)
      ==24257==    by 0x160180E8: CallMethod(QQmlObjectOrGadget const&, int, int, int, int*, QV4::ExecutionEngine*, QV4::CallData*, QMetaObject::Call) (qv4qobjectwrapper.cpp:1163)
      ==24257==    by 0x160188C3: CallPrecise(QQmlObjectOrGadget const&, QQmlPropertyData const&, QV4::ExecutionEngine*, QV4::CallData*, QMetaObject::Call) (qv4qobjectwrapper.cpp:1425)
      ==24257==    by 0x16018C76: CallOverloaded(QQmlObjectOrGadget const&, QQmlPropertyData const&, QV4::ExecutionEngine*, QV4::CallData*, QQmlPropertyCache const*, QMetaObject::Call) (qv4qobjectwrapper.cpp:1499)
      ==24257==    by 0x1601952A: QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const (qv4qobjectwrapper.cpp:1965)
      ==24257==    by 0x16019554: QV4::QObjectMethod::call(QV4::FunctionObject const*, QV4::Value const*, QV4::Value const*, int) (qv4qobjectwrapper.cpp:1900)
      ==24257==    by 0x16040C20: call (qv4functionobject_p.h:167)
      ==24257==    by 0x16040C20: QV4::Runtime::method_callProperty(QV4::ExecutionEngine*, QV4::Value*, int, QV4::Value*, int) (qv4runtime.cpp:1062)
      ==24257==    by 0x16032514: QV4::Moth::VME::exec(QV4::FunctionObject const*, QV4::Value const*, QV4::Value const*, int) (qv4vme_moth.cpp:799)
      ==24257==    by 0x15F77D70: QV4::ScriptFunction::call(QV4::FunctionObject const*, QV4::Value const*, QV4::Value const*, int) (qv4functionobject.cpp:388)
      ==24257==    by 0x1601D32A: call (qv4jscall_p.h:111)
      ==24257==    by 0x1601D32A: QV4::QObjectSlotDispatcher::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (qv4qobjectwrapper.cpp:830)
      ==24257==    by 0x16774A05: call (qobjectdefs_impl.h:378)
      ==24257==    by 0x16774A05: QMetaObject::activate(QObject*, int, int, void**) (qobject.cpp:3749)
      ==24257==    by 0x16774F6E: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3628)
      ==24257==    by 0x4079321: QQuickWebEngineView::loadingChanged(QQuickWebEngineLoadRequest*) (moc_qquickwebengineview_p.cpp:1763)
      ==24257==    by 0x40651C5: QQuickWebEngineViewPrivate::loadFinished(bool, QUrl const&, bool, int, QString const&) (qquickwebengineview.cpp:545)
      ==24257==    by 0x5ED5B72: QtWebEngineCore::WebContentsDelegateQt::EmitLoadFinished(bool, QUrl const&, bool, int, QString const&) (web_contents_delegate_qt.cpp:243)
      ==24257==    by 0x5ED5BE6: QtWebEngineCore::WebContentsDelegateQt::didFailLoad(QUrl const&, int, QString const&) (web_contents_delegate_qt.cpp:292)
      ==24257==    by 0x5ED7C01: QtWebEngineCore::WebContentsDelegateQt::DidFinishNavigation(content::NavigationHandle*) (web_contents_delegate_qt.cpp:272)
      ==24257==    by 0x824DB60: content::WebContentsImpl::DidFinishNavigation(content::NavigationHandle*) (web_contents_impl.cc:3684)
      ==24257==    by 0x77B3CAE: content::NavigationHandleImpl::~NavigationHandleImpl() (navigation_handle_impl.cc:203)
      ==24257==    by 0x77B4145: content::NavigationHandleImpl::~NavigationHandleImpl() (navigation_handle_impl.cc:216)
      ==24257==    by 0x60033E9: std::default_delete<content::NavigationHandleImpl>::operator()(content::NavigationHandleImpl*) const (unique_ptr.h:76)
      ==24257==    by 0x7789FAE: std::unique_ptr<content::NavigationHandleImpl, std::default_delete<content::NavigationHandleImpl> >::reset(content::NavigationHandleImpl*) (unique_ptr.h:347)
      ==24257==    by 0x77E5F3F: content::RenderFrameHostImpl::OnDidStopLoading() 
      

        Attachments

          Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            Activity

              People

              Assignee:
              michal Michal Klocek
              Reporter:
              michal Michal Klocek
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Gerrit Reviews

                  There are no open Gerrit changes