Details
P1: Critical Description
Compiled last night's dev branch using Clang-16 and -fsanitize=address and then ran the test suite. Will try to format the huge error log as readable as possible:
Start 8: tst_origins
8/47 Test #8: tst_origins ...............................***Failed 14.70 sec
********* Start testing of tst_Origins *********
Config: Using QtTest library 6.7.0, Qt 6.7.0 (x86_64-little_endian-lp64 shared (dynamic) debug build; by Ubuntu Clang 16.0.6 (++20230710042046+7cbf1a259152-1~exp1~20230710162136.105)), ubuntu 20.04
PASS : tst_Origins::initTestCase()
QDEBUG : tst_Origins::jsUrlCanon() doh set to "" -- SystemOnly
PASS : tst_Origins::jsUrlCanon()
[794951:1:0803/145548.615003:ERROR:render_process_impl.cc(276)] WebFrame LEAKED 1 TIMES
PASS : tst_Origins::jsUrlRelative()
[794967:1:0803/145549.101964:ERROR:render_process_impl.cc(276)] WebFrame LEAKED 1 TIMES
[794981:1:0803/145549.550972:ERROR:render_process_impl.cc(276)] WebFrame LEAKED 1 TIMES
PASS : tst_Origins::jsUrlOrigin()
[794995:1:0803/145551.067456:ERROR:render_process_impl.cc(276)] WebFrame LEAKED 3 TIMES
[795009:1:0803/145552.172883:ERROR:render_process_impl.cc(276)] WebFrame LEAKED 3 TIMES
PASS : tst_Origins::subdirWithAccess()
[795023:1:0803/145552.805911:ERROR:render_process_impl.cc(276)] WebFrame LEAKED 3 TIMES
Fontconfig error: Cannot load default config file
[795038:1:0803/145553.809541:ERROR:html_media_element.cc(4916)] SetError: {code=4, message="MEDIA_ELEMENT_ERROR: Media load rejected by URL safety check"}
[795038:1:0803/145553.810902:ERROR:html_media_element.cc(4916)] SetError: {code=4, message="MEDIA_ELEMENT_ERROR: Media load rejected by URL safety check"}
[795038:1:0803/145553.812054:ERROR:html_media_element.cc(4916)] SetError: {code=4, message="MEDIA_ELEMENT_ERROR: Media load rejected by URL safety check"}
[795038:1:0803/145553.913936:ERROR:html_media_element.cc(4916)] SetError: {code=4, message="MEDIA_ELEMENT_ERROR: Media load rejected by URL safety check"}
[795038:1:0803/145553.915314:ERROR:html_media_element.cc(4916)] SetError: {code=4, message="MEDIA_ELEMENT_ERROR: Media load rejected by URL safety check"}
[795038:1:0803/145553.916584:ERROR:html_media_element.cc(4916)] SetError: {code=4, message="MEDIA_ELEMENT_ERROR: Media load rejected by URL safety check"}
[795038:1:0803/145554.574333:ERROR:render_process_impl.cc(276)] WebFrame LEAKED 3 TIMES
[795051:1:0803/145555.587748:ERROR:render_process_impl.cc(276)] WebFrame LEAKED 3 TIMES
PASS : tst_Origins::subdirWithoutAccess()
[795065:1:0803/145556.281527:ERROR:render_process_impl.cc(276)] WebFrame LEAKED 3 TIMES
QINFO : tst_Origins::fileAccessRemoteUrl(enabled, XHR) HttpServer: GET /mixedXHR.txt 200 2
=================================================================
==794889==ERROR: AddressSanitizer: heap-use-after-free on address 0x607002a8b958 at pc 0x7f83173ece5d bp 0x7ffe68562340 sp 0x7ffe68562338
READ of size 4 at 0x607002a8b958 thread T0
#0 0x7f83173ece5c in QtWebEngineCore::BrowserAccessibilityInterface::destroy() /home/cc-runs/src/qt/qt5/qtwebengine/src/core/browser_accessibility_qt.cpp:162:44
#1 0x7f83173ecdfd in QtWebEngineCore::BrowserAccessibilityQt::~BrowserAccessibilityQt() /home/cc-runs/src/qt/qt5/qtwebengine/src/core/browser_accessibility_qt.cpp:144:18
#2 0x7f83173ece88 in QtWebEngineCore::BrowserAccessibilityQt::~BrowserAccessibilityQt() /home/cc-runs/src/qt/qt5/qtwebengine/src/core/browser_accessibility_qt.cpp:143:1
#3 0x7f83298ab1c2 in std::default_delete<content::BrowserAccessibility>::operator()(content::BrowserAccessibility*) const /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:85:2
#4 0x7f83298a6cbb in std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>::~unique_ptr() /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:361:4
#5 0x7f83298aa038 in std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>::~pair() /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_iterator.h:2404:12
#6 0x7f83298aa014 in void std::destroy_at<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>(std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>*) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_construct.h:88:15
#7 0x7f83298a9fc8 in void std::allocator_traits<std::allocator<std::_Rb_tree_node<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>>>::destroy<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>(std::allocator<std::_Rb_tree_node<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>>&, std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>*) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/alloc_traits.h:533:4
#8 0x7f83298a9f71 in std::_Rb_tree<int, std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>, std::_Select1st<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>, std::less<int>, std::allocator<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>>::_M_destroy_node(std::_Rb_tree_node<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>*) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_tree.h:646:2
#9 0x7f83298a9f20 in std::_Rb_tree<int, std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>, std::_Select1st<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>, std::less<int>, std::allocator<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>>::_M_drop_node(std::_Rb_tree_node<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>*) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_tree.h:654:2
#10 0x7f83298a9df1 in std::_Rb_tree<int, std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>, std::_Select1st<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>, std::less<int>, std::allocator<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>>::_M_erase(std::_Rb_tree_node<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>*) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_tree.h:1926:4
#11 0x7f83298a9dd7 in std::_Rb_tree<int, std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>, std::_Select1st<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>, std::less<int>, std::allocator<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>>::_M_erase(std::_Rb_tree_node<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>*) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_tree.h:1924:4
#12 0x7f83298a9d84 in std::_Rb_tree<int, std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>, std::_Select1st<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>, std::less<int>, std::allocator<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>>::~_Rb_tree() /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_tree.h:993:9
#13 0x7f83298a34a4 in std::map<int, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>, std::less<int>, std::allocator<std::pair<int const, std::unique_ptr<content::BrowserAccessibility, std::default_delete<content::BrowserAccessibility>>>>>::~map() /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_map.h:302:22
#14 0x7f832988b5f8 in content::BrowserAccessibilityManager::~BrowserAccessibilityManager() /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/accessibility/browser_accessibility_manager.cc:153:59
#15 0x7f8316ceb4f7 in content::BrowserAccessibilityManagerQt::~BrowserAccessibilityManagerQt() /home/cc-runs/src/qt/qt5/qtwebengine/src/core/browser_accessibility_manager_qt.cpp:73:1
#16 0x7f8316ceb538 in content::BrowserAccessibilityManagerQt::~BrowserAccessibilityManagerQt() /home/cc-runs/src/qt/qt5/qtwebengine/src/core/browser_accessibility_manager_qt.cpp:71:1
#17 0x7f832cc71c22 in std::default_delete<content::BrowserAccessibilityManager>::operator()(content::BrowserAccessibilityManager*) const /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:85:2
#18 0x7f832cc7ca8f in std::__uniq_ptr_impl<content::BrowserAccessibilityManager, std::default_delete<content::BrowserAccessibilityManager>>::reset(content::BrowserAccessibilityManager*) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:182:4
#19 0x7f832cc14e1c in std::unique_ptr<content::BrowserAccessibilityManager, std::default_delete<content::BrowserAccessibilityManager>>::reset(content::BrowserAccessibilityManager*) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:456:7
#20 0x7f832cb49729 in content::RenderFrameHostImpl::~RenderFrameHostImpl() /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/renderer_host/render_frame_host_impl.cc:1833:34
#21 0x7f832cb4de18 in content::RenderFrameHostImpl::~RenderFrameHostImpl() /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/renderer_host/render_frame_host_impl.cc:1671:45
#22 0x7f832cd97c72 in std::default_delete<content::RenderFrameHostImpl>::operator()(content::RenderFrameHostImpl*) const /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:85:2
#23 0x7f832cd8f2db in std::unique_ptr<content::RenderFrameHostImpl, std::default_delete<content::RenderFrameHostImpl>>::~unique_ptr() /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:361:4
#24 0x7f832cd5c008 in content::RenderFrameHostManager::~RenderFrameHostManager() /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/renderer_host/render_frame_host_manager.cc:395:3
#25 0x7f832c51f09f in content::FrameTreeNode::~FrameTreeNode() /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/renderer_host/frame_tree_node.cc:311:1
#26 0x7f832c4f598b in content::FrameTree::~FrameTree() /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/renderer_host/frame_tree.cc:224:1
#27 0x7f832d9d4aac in content::WebContentsImpl::~WebContentsImpl() /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/web_contents/web_contents_impl.cc:1177:1
#28 0x7f832d9d55c8 in content::WebContentsImpl::~WebContentsImpl() /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/web_contents/web_contents_impl.cc:1066:37
#29 0x7f83172fe3f2 in std::default_delete<content::WebContents>::operator()(content::WebContents*) const /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:85:2
#30 0x7f83172f458b in std::unique_ptr<content::WebContents, std::default_delete<content::WebContents>>::~unique_ptr() /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:361:4
#31 0x7f83172d5f64 in QtWebEngineCore::WebContentsAdapter::~WebContentsAdapter() /home/cc-runs/src/qt/qt5/qtwebengine/src/core/web_contents_adapter.cpp:433:1
#32 0x7f831731d520 in QtSharedPointer::ExternalRefCountWithContiguousData<QtWebEngineCore::WebContentsAdapter>::deleter(QtSharedPointer::ExternalRefCountData*) /home/sanitizer-runs/sanitizer_runs/install_dir/asan/include/QtCore/qsharedpointer_impl.h:219:25
#33 0x7f8316d69b4f in QtSharedPointer::ExternalRefCountData::destroy() /home/sanitizer-runs/sanitizer_runs/install_dir/asan/include/QtCore/qsharedpointer_impl.h:114:26
#34 0x7f8316e96b39 in QSharedPointer<QtWebEngineCore::WebContentsAdapter>::deref(QtSharedPointer::ExternalRefCountData*) /home/sanitizer-runs/sanitizer_runs/install_dir/asan/include/QtCore/qsharedpointer_impl.h:456:17
#35 0x7f8316e96aed in QSharedPointer<QtWebEngineCore::WebContentsAdapter>::deref() /home/sanitizer-runs/sanitizer_runs/install_dir/asan/include/QtCore/qsharedpointer_impl.h:451:7
#36 0x7f8316e956a4 in QSharedPointer<QtWebEngineCore::WebContentsAdapter>::~QSharedPointer() /home/sanitizer-runs/sanitizer_runs/install_dir/asan/include/QtCore/qsharedpointer_impl.h:281:25
#37 0x7f8335d4a036 in QWebEnginePagePrivate::~QWebEnginePagePrivate() /home/cc-runs/src/qt/qt5/qtwebengine/src/core/api/qwebenginepage.cpp:127:1
#38 0x7f8335d4a068 in QWebEnginePagePrivate::~QWebEnginePagePrivate() /home/cc-runs/src/qt/qt5/qtwebengine/src/core/api/qwebenginepage.cpp:123:1
#39 0x7f8335d857ce in QScopedPointerDeleter<QWebEnginePagePrivate>::cleanup(QWebEnginePagePrivate*) /home/sanitizer-runs/sanitizer_runs/install_dir/asan/include/QtCore/qscopedpointer.h:24:9
#40 0x7f8335d6f1d1 in QScopedPointer<QWebEnginePagePrivate, QScopedPointerDeleter<QWebEnginePagePrivate>>::~QScopedPointer() /home/sanitizer-runs/sanitizer_runs/install_dir/asan/include/QtCore/qscopedpointer.h:81:9
#41 0x7f8335d52337 in QWebEnginePage::~QWebEnginePage() /home/cc-runs/src/qt/qt5/qtwebengine/src/core/api/qwebenginepage.cpp:961:1
#42 0x55f54d357d51 in TestPage::~TestPage() /home/cc-runs/src/qt/qt5/qtwebengine/tests/auto/core/origins/tst_origins.cpp:261:7
#43 0x55f54d357d78 in TestPage::~TestPage() /home/cc-runs/src/qt/qt5/qtwebengine/tests/auto/core/origins/tst_origins.cpp:261:7
#44 0x55f54d29878b in tst_Origins::cleanup() /home/cc-runs/src/qt/qt5/qtwebengine/tests/auto/core/origins/tst_origins.cpp:382:5
#45 0x55f54d343bbb in tst_Origins::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/tests/auto/core/origins/tst_origins_autogen/include/tst_origins.moc:343:21
#46 0x7f830a63929c in QMetaMethodInvoker::invokeImpl(QMetaMethod, void*, Qt::ConnectionType, long long, void const* const*, char const* const*, QtPrivate::QMetaTypeInterface const* const*) /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qmetaobject.cpp:2714:13
#47 0x7f830a64b667 in QMetaMethod::invokeImpl(QMetaMethod, void*, Qt::ConnectionType, long long, void const* const*, char const* const*, QtPrivate::QMetaTypeInterface const* const*) /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qmetaobject.cpp:2553:13
#48 0x7f8362d14fae in std::enable_if<!AreOldStyleArgs<>::value, bool>::type QMetaMethod::invoke<>(QObject*, Qt::ConnectionType, QMetaMethodReturnArgument) const /home/sanitizer-runs/sanitizer_runs/build/qtbase-asan/include/QtCore/../../../../../../cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qmetaobject.h:148:16
#49 0x7f8362d14fae in std::enable_if<!AreOldStyleArgs<>::value, bool>::type QMetaMethod::invoke<>(QObject*, Qt::ConnectionType) const /home/sanitizer-runs/sanitizer_runs/build/qtbase-asan/include/QtCore/../../../../../../cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qmetaobject.h:160:16
#50 0x7f8362d14fae in QTest::TestMethods::invokeTestOnData(int) const /home/cc-runs/src/qt/qt5/qtbase/src/testlib/qtestcase.cpp:1148:37
#51 0x7f8362d16f59 in QTest::TestMethods::invokeTest(int, QLatin1String, QTest::WatchDog*) const /home/cc-runs/src/qt/qt5/qtbase/src/testlib/qtestcase.cpp:1426:17
#52 0x7f8362d19b65 in QTest::TestMethods::invokeTests(QObject*) const /home/cc-runs/src/qt/qt5/qtbase/src/testlib/qtestcase.cpp:1752:33
#53 0x7f8362d1bd7a in QTest::qRun() /home/cc-runs/src/qt/qt5/qtbase/src/testlib/qtestcase.cpp:2365:14
#54 0x7f8362d1a184 in QTest::qExec(QObject*, int, char**) /home/cc-runs/src/qt/qt5/qtbase/src/testlib/qtestcase.cpp:2251:15
#55 0x55f54d3437a2 in main /home/cc-runs/src/qt/qt5/qtwebengine/tests/auto/core/origins/tst_origins.cpp:1730:1
#56 0x7f8309d5d082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
#57 0x55f54d1bf39d in _start (/home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/tests/auto/core/origins/tst_origins+0x3739d) (BuildId: 41b07fc3db0f6deac1adffaa98ebb090898d33a3)
0x607002a8b958 is located 56 bytes inside of 72-byte region [0x607002a8b920,0x607002a8b968)
freed by thread T0 here:
#0 0x55f54d29308d in operator delete(void*) (/home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/tests/auto/core/origins/tst_origins+0x10b08d) (BuildId: 41b07fc3db0f6deac1adffaa98ebb090898d33a3)
#1 0x7f83173f7561 in QtWebEngineCore::BrowserAccessibilityInterface::~BrowserAccessibilityInterface() /home/cc-runs/src/qt/qt5/qtwebengine/src/core/browser_accessibility_qt.cpp:34:7
#2 0x7f830c5c1907 in QAccessibleCache::deleteInterface(unsigned int, QObject*) /home/cc-runs/src/qt/qt5/qtbase/src/gui/accessible/qaccessiblecache.cpp:173:5
#3 0x7f830c5c38bf in QAccessibleCache::objectDestroyed(QObject*) /home/cc-runs/src/qt/qt5/qtbase/src/gui/accessible/qaccessiblecache.cpp:158:9
#4 0x7f830c5ca18a in QtPrivate::FunctorCall<QtPrivate::IndexesList<0>, QtPrivate::List<QObject*>, void, void (QAccessibleCache::*)(QObject*)>::call(void (QAccessibleCache::*)(QObject*), QAccessibleCache*, void**) /home/sanitizer-runs/sanitizer_runs/build/qtbase-asan/include/QtCore/../../../../../../cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobjectdefs_impl.h:145:13
#5 0x7f830c5ca18a in void QtPrivate::FunctionPointer<void (QAccessibleCache::*)(QObject*)>::call<QtPrivate::List<QObject*>, void>(void (QAccessibleCache::*)(QObject*), QAccessibleCache*, void**) /home/sanitizer-runs/sanitizer_runs/build/qtbase-asan/include/QtCore/../../../../../../cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobjectdefs_impl.h:182:13
#6 0x7f830c5ca18a in QtPrivate::QCallableObject<void (QAccessibleCache::*)(QObject*), QtPrivate::List<QObject*>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) /home/sanitizer-runs/sanitizer_runs/build/qtbase-asan/include/QtCore/../../../../../../cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobjectdefs_impl.h:518:21
#7 0x7f830a71e4b3 in QtPrivate::QSlotObjectBase::call(QObject*, void**) /home/sanitizer-runs/sanitizer_runs/build/qtbase-asan/include/QtCore/../../../../../../cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobjectdefs_impl.h:433:51
#8 0x7f830a71e4b3 in void doActivate<false>(QObject*, int, void**) /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobject.cpp:4017:26
#9 0x7f830a6f16e5 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobject.cpp:4077:9
#10 0x7f830a6f16e5 in QObject::destroyed(QObject*) /home/sanitizer-runs/sanitizer_runs/build/qtbase-asan/src/corelib/kernel/moc_qobject.cpp:231:5
#11 0x7f830a6f16e5 in QObject::~QObject() /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobject.cpp:1062:14
#12 0x7f830a6f392d in QObject::~QObject() /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobject.cpp:1029:1
#13 0x7f830a6f2cdf in QObjectPrivate::deleteChildren() /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobject.cpp:2202:9
#14 0x7f830a6f227c in QObject::~QObject() /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobject.cpp:1160:12
#15 0x7f830a6f392d in QObject::~QObject() /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobject.cpp:1029:1
#16 0x7f830a6f2cdf in QObjectPrivate::deleteChildren() /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qobject.cpp:2202:9
#17 0x7f830d2ad55a in QWidget::~QWidget() /home/cc-runs/src/qt/qt5/qtbase/src/widgets/kernel/qwidget.cpp:1536:12
#18 0x7f8362df6a07 in QWebEngineView::~QWebEngineView() /home/cc-runs/src/qt/qt5/qtwebengine/src/webenginewidgets/api/qwebengineview.cpp:985:1
#19 0x55f54d2b5ee6 in tst_Origins::fileAccessRemoteUrl() /home/cc-runs/src/qt/qt5/qtwebengine/tests/auto/core/origins/tst_origins.cpp:663:1
#20 0x55f54d343c1d in tst_Origins::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/tests/auto/core/origins/tst_origins_autogen/include/tst_origins.moc:350:22
#21 0x7f830a63929c in QMetaMethodInvoker::invokeImpl(QMetaMethod, void*, Qt::ConnectionType, long long, void const* const*, char const* const*, QtPrivate::QMetaTypeInterface const* const*) /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qmetaobject.cpp:2714:13
#22 0x7f830a64b667 in QMetaMethod::invokeImpl(QMetaMethod, void*, Qt::ConnectionType, long long, void const* const*, char const* const*, QtPrivate::QMetaTypeInterface const* const*) /home/cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qmetaobject.cpp:2553:13
#23 0x7f8362d14e96 in std::enable_if<!AreOldStyleArgs<>::value, bool>::type QMetaMethod::invoke<>(QObject*, Qt::ConnectionType, QMetaMethodReturnArgument) const /home/sanitizer-runs/sanitizer_runs/build/qtbase-asan/include/QtCore/../../../../../../cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qmetaobject.h:148:16
#24 0x7f8362d14e96 in std::enable_if<!AreOldStyleArgs<>::value, bool>::type QMetaMethod::invoke<>(QObject*, Qt::ConnectionType) const /home/sanitizer-runs/sanitizer_runs/build/qtbase-asan/include/QtCore/../../../../../../cc-runs/src/qt/qt5/qtbase/src/corelib/kernel/qmetaobject.h:160:16
#25 0x7f8362d14e96 in QTest::TestMethods::invokeTestOnData(int) const /home/cc-runs/src/qt/qt5/qtbase/src/testlib/qtestcase.cpp:1134:45
#26 0x7f8362d16f59 in QTest::TestMethods::invokeTest(int, QLatin1String, QTest::WatchDog*) const /home/cc-runs/src/qt/qt5/qtbase/src/testlib/qtestcase.cpp:1426:17
#27 0x7f8362d19b65 in QTest::TestMethods::invokeTests(QObject*) const /home/cc-runs/src/qt/qt5/qtbase/src/testlib/qtestcase.cpp:1752:33
#28 0x7f8362d1bd7a in QTest::qRun() /home/cc-runs/src/qt/qt5/qtbase/src/testlib/qtestcase.cpp:2365:14
#29 0x7f8362d1a184 in QTest::qExec(QObject*, int, char**) /home/cc-runs/src/qt/qt5/qtbase/src/testlib/qtestcase.cpp:2251:15
#30 0x55f54d3437a2 in main /home/cc-runs/src/qt/qt5/qtwebengine/tests/auto/core/origins/tst_origins.cpp:1730:1
#31 0x7f8309d5d082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
previously allocated by thread T0 here:
#0 0x55f54d29282d in operator new(unsigned long) (/home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/tests/auto/core/origins/tst_origins+0x10a82d) (BuildId: 41b07fc3db0f6deac1adffaa98ebb090898d33a3)
#1 0x7f83173ecd4a in QtWebEngineCore::BrowserAccessibilityQt::BrowserAccessibilityQt(content::BrowserAccessibilityManager*, ui::AXNode*) /home/cc-runs/src/qt/qt5/qtwebengine/src/core/browser_accessibility_qt.cpp:138:19
#2 0x7f83173f669c in content::BrowserAccessibility::Create(content::BrowserAccessibilityManager*, ui::AXNode*) /home/cc-runs/src/qt/qt5/qtwebengine/src/core/browser_accessibility_qt.cpp:1138:54
#3 0x7f832989d7d4 in content::BrowserAccessibilityManager::OnNodeCreated(ui::AXTree*, ui::AXNode*) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/accessibility/browser_accessibility_manager.cc:1466:33
#4 0x7f833dbb9a63 in ui::AXTree::NotifyNodeHasBeenReparentedOrCreated(ui::AXNode*, ui::AXTreeUpdateState const*) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/./../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/ui/accessibility/ax_tree.cc:1876:16
#5 0x7f833dbb3aaf in ui::AXTree::Unserialize(ui::AXTreeUpdate const&) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/./../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/ui/accessibility/ax_tree.cc:1343:7
#6 0x7f832988e65d in content::BrowserAccessibilityManager::OnAccessibilityEvents(content::AXEventNotificationDetails const&) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/accessibility/browser_accessibility_manager.cc:404:21
#7 0x7f832cb9662c in content::RenderFrameHostImpl::SendAccessibilityEventsToManager(content::AXEventNotificationDetails const&) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/renderer_host/render_frame_host_impl.cc:6606:40
#8 0x7f832cbb0271 in content::RenderFrameHostImpl::HandleAXEvents(ui::AXTreeID const&, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/content/browser/renderer_host/render_frame_host_impl.cc:8548:3
#9 0x7f83298ed4b3 in void base::internal::FunctorTraits<void (content::RenderFrameHostImpl::*)(ui::AXTreeID const&, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int), void>::Invoke<void (content::RenderFrameHostImpl::*)(ui::AXTreeID const&, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int), base::WeakPtr<content::RenderFrameHostImpl>, ui::AXTreeID, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int>(void (content::RenderFrameHostImpl::*)(ui::AXTreeID const&, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int), base::WeakPtr<content::RenderFrameHostImpl>&&, ui::AXTreeID&&, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>&&, int&&) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/De>
#10 0x7f83298ecfb5 in void base::internal::InvokeHelper<true, void, 0ul, 1ul, 2ul, 3ul>::MakeItSo<void (content::RenderFrameHostImpl::*)(ui::AXTreeID const&, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int), std::tuple<base::WeakPtr<content::RenderFrameHostImpl>, ui::AXTreeID, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int>>(void (content::RenderFrameHostImpl::*&&)(ui::AXTreeID const&, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int), std::tuple<base::WeakPtr<content::RenderFrameHostImpl>, ui::AXTreeID, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int>&&) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src>
#11 0x7f83298ecb83 in void base::internal::Invoker<base::internal::BindState<void (content::RenderFrameHostImpl::*)(ui::AXTreeID const&, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int), base::WeakPtr<content::RenderFrameHostImpl>, ui::AXTreeID, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int>, void ()>::RunImpl<void (content::RenderFrameHostImpl::*)(ui::AXTreeID const&, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int), std::tuple<base::WeakPtr<content::RenderFrameHostImpl>, ui::AXTreeID, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int>, 0ul, 1ul, 2ul, 3ul>(void (content::RenderFrameHostImpl::*&&)(ui::AXTreeID const&, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int), std::tuple<base::W>
#12 0x7f83298ec998 in base::internal::Invoker<base::internal::BindState<void (content::RenderFrameHostImpl::*)(ui::AXTreeID const&, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int), base::WeakPtr<content::RenderFrameHostImpl>, ui::AXTreeID, mojo::StructPtr<blink::mojom::AXUpdatesAndEvents>, int>, void ()>::RunOnce(base::internal::BindStateBase*) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/functional/bind_internal.h:989:12
#13 0x7f8316ff2009 in base::OnceCallback<void ()>::Run() && /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/functional/callback.h:152:12
#14 0x7f833640877a in base::(anonymous namespace)::PostTaskAndReplyRelay::RunTaskAndPostReply(base::(anonymous namespace)::PostTaskAndReplyRelay) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/./../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/threading/post_task_and_reply_impl.cc:106:28
#15 0x7f833640a2d8 in void base::internal::FunctorTraits<void (*)(base::(anonymous namespace)::PostTaskAndReplyRelay), void>::Invoke<void (*)(base::(anonymous namespace)::PostTaskAndReplyRelay), base::(anonymous namespace)::PostTaskAndReplyRelay>(void (*&&)(base::(anonymous namespace)::PostTaskAndReplyRelay), base::(anonymous namespace)::PostTaskAndReplyRelay&&) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/functional/bind_internal.h:654:12
#16 0x7f833640a134 in void base::internal::InvokeHelper<false, void, 0ul>::MakeItSo<void (*)(base::(anonymous namespace)::PostTaskAndReplyRelay), std::tuple<base::(anonymous namespace)::PostTaskAndReplyRelay>>(void (*&&)(base::(anonymous namespace)::PostTaskAndReplyRelay), std::tuple<base::(anonymous namespace)::PostTaskAndReplyRelay>&&) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/functional/bind_internal.h:943:12
#17 0x7f8336409f9d in void base::internal::Invoker<base::internal::BindState<void (*)(base::(anonymous namespace)::PostTaskAndReplyRelay), base::(anonymous namespace)::PostTaskAndReplyRelay>, void ()>::RunImpl<void (*)(base::(anonymous namespace)::PostTaskAndReplyRelay), std::tuple<base::(anonymous namespace)::PostTaskAndReplyRelay>, 0ul>(void (*&&)(base::(anonymous namespace)::PostTaskAndReplyRelay), std::tuple<base::(anonymous namespace)::PostTaskAndReplyRelay>&&, std::integer_sequence<unsigned long, 0ul>) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/functional/bind_internal.h:1038:12
#18 0x7f8336409e18 in base::internal::Invoker<base::internal::BindState<void (*)(base::(anonymous namespace)::PostTaskAndReplyRelay), base::(anonymous namespace)::PostTaskAndReplyRelay>, void ()>::RunOnce(base::internal::BindStateBase*) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/functional/bind_internal.h:989:12
#19 0x7f8316ff2009 in base::OnceCallback<void ()>::Run() && /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/functional/callback.h:152:12
#20 0x7f83361dc948 in base::TaskAnnotator::RunTaskImpl(base::PendingTask&) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/./../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/task/common/task_annotator.cc:162:32
#21 0x7f83362d5f45 in void base::TaskAnnotator::RunTask<base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(base::LazyNow*)::$_0>(perfetto::StaticString, base::PendingTask&, base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(base::LazyNow*)::$_0&&) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/task/common/task_annotator.h:88:5
#22 0x7f83362d536a in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(base::LazyNow*) /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/./../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/task/sequence_manager/thread_controller_with_message_pump_impl.cc:490:23
#23 0x7f83362d3027 in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork() /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/./../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/task/sequence_manager/thread_controller_with_message_pump_impl.cc:340:30
#24 0x7f83362d5ac2 in non-virtual thunk to base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork() /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/src/core/Debug/x86_64/./../../../../../../../../cc-runs/src/qt/qt5/qtwebengine/src/3rdparty/chromium/base/task/sequence_manager/thread_controller_with_message_pump_impl.cc
#25 0x7f8316cf3005 in QtWebEngineCore::MessagePumpForUIQt::handleScheduledWork() /home/cc-runs/src/qt/qt5/qtwebengine/src/core/browser_main_parts_qt.cpp:197:80
#26 0x7f8316cf2e59 in QtWebEngineCore::MessagePumpForUIQt::MessagePumpForUIQt()::'lambda'()::operator()() const /home/cc-runs/src/qt/qt5/qtwebengine/src/core/browser_main_parts_qt.cpp:105:34
#27 0x7f8316cf2e14 in void std::__invoke_impl<void, QtWebEngineCore::MessagePumpForUIQt::MessagePumpForUIQt()::'lambda'()&>(std::__invoke_other, QtWebEngineCore::MessagePumpForUIQt::MessagePumpForUIQt()::'lambda'()&) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/invoke.h:60:14
#28 0x7f8316cf2dc4 in std::enable_if<is_invocable_r_v<void, QtWebEngineCore::MessagePumpForUIQt::MessagePumpForUIQt()::'lambda'()&>, void>::type std::__invoke_r<void, QtWebEngineCore::MessagePumpForUIQt::MessagePumpForUIQt()::'lambda'()&>(QtWebEngineCore::MessagePumpForUIQt::MessagePumpForUIQt()::'lambda'()&) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/invoke.h:110:2
#29 0x7f8316cf2ccc in std::_Function_handler<void (), QtWebEngineCore::MessagePumpForUIQt::MessagePumpForUIQt()::'lambda'()>::_M_invoke(std::_Any_data const&) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/std_function.h:291:9
SUMMARY: AddressSanitizer: heap-use-after-free /home/cc-runs/src/qt/qt5/qtwebengine/src/core/browser_accessibility_qt.cpp:162:44 in QtWebEngineCore::BrowserAccessibilityInterface::destroy()
Shadow bytes around the buggy address: 0x607002a8b680: fd fd fd fd fd fd fd fd fd fa fa fa fa fa fd fd 0x607002a8b700: fd fd fd fd fd fd fd fd fa fa fa fa fd fd fd fd 0x607002a8b780: fd fd fd fd fd fa fa fa fa fa fd fd fd fd fd fd 0x607002a8b800: fd fd fd fd fa fa fa fa fd fd fd fd fd fd fd fd 0x607002a8b880: fd fa fa fa fa fa fd fd fd fd fd fd fd fd fd fd =>0x607002a8b900: fa fa fa fa fd fd fd fd fd fd fd[fd]fd fa fa fa 0x607002a8b980: fa fa fd fd fd fd fd fd fd fd fd fd fa fa fa fa 0x607002a8ba00: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fd fd 0x607002a8ba80: fd fd fd fd fd fd fd fd fa fa fa fa fd fd fd fd 0x607002a8bb00: fd fd fd fd fd fd fa fa fa fa fd fd fd fd fd fd 0x607002a8bb80: fd fd fd fa fa fa fa fa 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==794889==ABORTING [795080:1:0100/000000.973362:ERROR:render_process_impl.cc(276)] WebFrame LEAKED 1 TIMES CMake Error at tst_originsWrapperDebug.cmake:18 (message): /home/sanitizer-runs/sanitizer_runs/build/qtwebengine-asan/tests/auto/core/origins/tst_origins execution failed with exit code 1.