Bug 1096442
| Summary: | Segmentation fault in QEventDispatcherGlib::processEvents or JSC::BlockAllocator::blockFreeingThreadMain | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Raphael Groner <projects.rg> | ||||||
| Component: | qtwebkit | Assignee: | Than Ngo <than> | ||||||
| Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 20 | CC: | drizt72, dvratil, itamar, jreznik, kevin, ltinkl, projects.rg, rdieter, rnovacek, smparrish, than | ||||||
| Target Milestone: | --- | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | x86_64 | ||||||||
| OS: | Linux | ||||||||
| URL: | http://www.qtcentre.org/archive/index.php/t-39379.html | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2014-05-17 21:05:31 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
It seems to happen cause of dirty code that is not thread-safe. See also http://stackoverflow.com/questions/11859227/qt-qcoreapplicationexec-crash-on-ubuntu-12-04 http://www.qtcentre.org/archive/index.php/t-39379.html The references you provide imply this is an application bug: "SocketNotifier implementation is not thread safe. That means that you are not allowed to control it from different threads." So, which appplication crashed here? (In reply to Rex Dieter from comment #2) > So, which appplication crashed here? It's psi-plus. I use the package from Russian Fedora but I am not sure if it's related to a Qt component or a direct issue in the calling application. I guess this bug happens only when the application is put under stress to let Qt handle too many events synchronously. I'd suggest you file a bug against psi-plus about this. Rex, thanks for the fast response. I got a crash as well with fancy (claws plugin to use webkit) and some javascript in JSC::BlockAllocator yesterday, but don't know how to reproduce. So I guess an issue with the latest webkit updates. Trying to reassing. claws-mail uses webkitgtk Created attachment 896628 [details]
backtrace_2014-05-17
segfault again
KDE says it may be a bug in QtWebKit. Notice the recent duplication marker of 2014-03-10 ... https://bugs.kde.org/show_bug.cgi?id=305493 But maybe a bug with localization ... https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741352 Feel free to ignore my suggestions :-/ Fwiw, the bug you reference, the backtrace looks very different to the one here, afaict. Fyi, here's what appears to be the critical part of the posted backtrace, psidbusnotifier.cpp seems to be passing an invalid object to QObject::disconnect
No qtwebkit or glib involved.
Once psi-plus passes review, we could consider reassigning this there, but until then, closing->notabug
Thread 1 (Thread 0x7f53bd5b48c0 (LWP 1886)):
#0 0x0000000000000060 in ?? ()
No symbol table info available.
#1 0x00007f53bdec2a3b in QObject::disconnect (sender=0x6352ea0, signal=0x6340d19 "destroyed()", signal@entry=0xa05850 "2destroyed()", receiver=receiver@entry=0x7b64040, method=0x7017979 "eventDestroyed()", method@entry=0xa26b2d "1eventDestroyed()") at kernel/qobject.cpp:2911
method_name = {static shared_null = {ref = {_q_value = 1}, alloc = 0, size = 0, data = 0xe64898 "", array = ""}, static shared_empty = {ref = {_q_value = 22}, alloc = 0, size = 0, data = 0x7f53be215798 <QByteArray::shared_empty+24> "", array = ""}, d = 0x7017960}
method_arg = 0xa26b2d "1eventDestroyed()"
membcode = <optimized out>
method_found = false
signal_arg = 0xa05850 "2destroyed()"
signal_name = {static shared_null = {ref = {_q_value = 1}, alloc = 0, size = 0, data = 0xe64898 "", array = ""}, static shared_empty = {ref = {_q_value = 22}, alloc = 0, size = 0, data = 0x7f53be215798 <QByteArray::shared_empty+24> "", array = ""}, d = 0x6340d00}
signal_found = false
res = false
smeta = 0x7fff11c4dd00
#2 0x000000000086feb3 in PsiDBusNotifier::readyToDie (this=this@entry=0x7b64040) at psidbusnotifier.cpp:406
No locals.
#3 0x000000000086ffad in PsiDBusNotifier::popupClosed (this=0x7b64040, id=<optimized out>, reason=<optimized out>) at psidbusnotifier.cpp:385
Rex, sorry for the confusion. I did not find the direct relation to Psi in the backtrace. Thanks for your analysis. I have asked upstream in the psi-dev jabber room with this bug report and attached backtrace, but ri0n could not detect what's going on. Since this bug is happening very seldomly, I think NOTABUG is okay for now. |
Created attachment 894220 [details] backtrace Description of problem: Program terminated with signal SIGSEGV, Segmentation fault. Version-Release number of selected component (if applicable): qt-4.8.6-2.fc20.x86_64 qtwebkit-2.3.3-7.fc20.x86_64 How reproducible: maybe Steps to Reproduce: 1. not sure what's going on 2. maybe show notification popup via dbus 3. start to type into a non-focussed input field Actual results: crash Expected results: no crash Additional info: Probably an upstream issue, and we need a small code snippet to reproduce the crash for sure.