Created attachment 337635 [details] full bt ArchLinux, WebKitGTK 2.20.1. If backtrace is not ok(looks strange) and bug is reproducible, will try to get backtrace on Fedora 28.
Ugh, it's related to bug #183197... feels like whack-a-mole here. I really thought we had this fixed by r230205 "Make SecurityOrigin safe to create and use from any thread" but that fix is already present in 2.20.1. Thanks for reporting so quickly.
It's easy to verify that both builtinLocalURLSchemes and localURLSchemes are never used except when guarded by schemeRegistryLock. From the backtrace, I see eolie is calling webkit_security_manager_register_uri_scheme_as_local() from the main thread at the time of the crash, which should be perfectly safe. And I see the scheme you're registering is scheme=0x563a63202c10 "file", so clearly nothing wrong with the memory you're passing in. I notice the same String is being added to WebProcessPool::m_schemesToRegisterAsLocal by registerSecurityPolicyForURIScheme in WebKitSecurityManager.cpp. That should be perfectly safe, though.
Odd indeed. Interestingly, the scheme being passed is "file" which already should be in the HashSet since it is one of the builtin schemes. Therefore, I would have expected adding "file" to be a no-op.
Closing: https://gitlab.gnome.org/gnumdk/eolie/commit/9f5dad3a5aa1fa64fe1bf1082b81c26840b02578 If it happens again without this line, I will reopen an issue.
That should be safe, though, it's a WebKit bug if it crashes.