Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-130325

QtWebEngine crashes on close

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • P1: Critical
    • None
    • 6.9
    • WebEngine
    • None
    • Linux/Wayland

    Description

      Multiple QtWebengine-based applications (KMail, Falkon) are crashing on close. This also happens with the simplebrowser example.

      While running the app prints lots of

       

      ERROR: Failed to mmap

[171404:171404:1020/222009.504310:INFO:web_contents_delegate_qt.cpp(282)] ProcessGone: 1 (256)

      Then when closing the app it crashes with:

       

       

      ==173039==ERROR: AddressSanitizer: heap-use-after-free on address 0x503000531bc0 at pc 0x7f51a0a108d9 bp 0x7ffd82cf4b80 sp 0x7ffd82cf4b78

READ of size 8 at 0x503000531bc0 thread T0

    #0 0x7f51a0a108d8 in QtWaylandClient::QWaylandEglClientBufferIntegration::eglDisplay() const /home/nico/workspace/qt6-dev/qtwayland/src/hardwareintegration/client/wayland-egl/qwaylandeglclientbufferintegration.cpp:161

    #1 0x7f51a0a123bf in QtWaylandClient::QWaylandEglWindow::~QWaylandEglWindow() /home/nico/workspace/qt6-dev/qtwayland/src/hardwareintegration/client/wayland-egl/qwaylandeglwindow.cpp:37

    #2 0x7f51a0a124e0 in QtWaylandClient::QWaylandEglWindow::~QWaylandEglWindow() /home/nico/workspace/qt6-dev/qtwayland/src/hardwareintegration/client/wayland-egl/qwaylandeglwindow.cpp:45

    #3 0x7f51aa5a3337 in QWindowPrivate::destroy() /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qwindow.cpp:2110

    #4 0x7f51aa5a377b in QWindow::destroy() /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qwindow.cpp:2072

    #5 0x7f51aa4b884b in QOffscreenSurface::destroy() /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qoffscreensurface.cpp:163

    #6 0x7f51aa4b8b82 in QOffscreenSurface::setScreen(QScreen*) /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qoffscreensurface.cpp:267

    #7 0x7f51aa4b8e43 in QOffscreenSurface::screenDestroyed(QObject*) /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qoffscreensurface.cpp:289

    #8 0x7f51aa4b8ec8 in QOffscreenSurface::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/nico/workspace/qt6-dev/qtbase/src/gui/Gui_autogen/include/moc_qoffscreensurface.cpp:136

    #9 0x7f51a74bed7a in void doActivate<false>(QObject*, int, void**) (/home/nico/kde-qtdev/usr/lib64/libQt6Core.so.6+0x4bed7a) (BuildId: 2e71ef7e11d1062326aae90527b3073054940b47)

    #10 0x7f51a749d68b in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) /home/nico/workspace/qt6-dev/qtbase/src/corelib/kernel/qobject.cpp:4187

    #11 0x7f51a749d840 in QObject::destroyed(QObject*) /home/nico/workspace/qt6-dev/qtbase/src/corelib/kernel/moc_qobject.cpp:274

    #12 0x7f51a74b6173 in QObject::~QObject() /home/nico/workspace/qt6-dev/qtbase/src/corelib/kernel/qobject.cpp:1041

    #13 0x7f51aa56738d in QScreen::~QScreen() /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qscreen.cpp:77

    #14 0x7f51aa56744c in QScreen::~QScreen() /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qscreen.cpp:77

    #15 0x7f51aa5b714f in QWindowSystemInterface::handleScreenRemoved(QPlatformScreen*) /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qwindowsysteminterface.cpp:781

    #16 0x7f51a0cc02b2 in QtWaylandClient::QWaylandDisplay::~QWaylandDisplay() /home/nico/workspace/qt6-dev/qtwayland/src/client/qwaylanddisplay.cpp:361

    #17 0x7f51a0cc06b6 in QtWaylandClient::QWaylandDisplay::~QWaylandDisplay() /home/nico/workspace/qt6-dev/qtwayland/src/client/qwaylanddisplay.cpp:380

    #18 0x7f51a0d48ded in QScopedPointerDeleter<QtWaylandClient::QWaylandDisplay>::cleanup(QtWaylandClient::QWaylandDisplay*) /home/nico/workspace/qt6-dev/qtbase/src/corelib/tools/qscopedpointer.h:24

    #19 0x7f51a0d48ded in QScopedPointer<QtWaylandClient::QWaylandDisplay, QScopedPointerDeleter<QtWaylandClient::QWaylandDisplay> >::~QScopedPointer() /home/nico/workspace/qt6-dev/qtbase/src/corelib/tools/qscopedpointer.h:81

    #20 0x7f51a0d40fa0 in QtWaylandClient::QWaylandIntegration::~QWaylandIntegration() /home/nico/workspace/qt6-dev/qtwayland/src/client/qwaylandintegration.cpp:100

    #21 0x7f51a0d40fe6 in QtWaylandClient::QWaylandIntegration::~QWaylandIntegration() /home/nico/workspace/qt6-dev/qtwayland/src/client/qwaylandintegration.cpp:100

    #22 0x7f51aa42fe68 in QGuiApplicationPrivate::~QGuiApplicationPrivate() /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qguiapplication.cpp:1832

    #23 0x7f51ada7b3fd in QApplicationPrivate::~QApplicationPrivate() /home/nico/workspace/qt6-dev/qtbase/src/widgets/kernel/qapplication.cpp:145

    #24 0x7f51ada7b442 in QApplicationPrivate::~QApplicationPrivate() /home/nico/workspace/qt6-dev/qtbase/src/widgets/kernel/qapplication.cpp:145

    #25 0x7f51a74bad3d in QScopedPointerDeleter<QObjectData>::cleanup(QObjectData*) /home/nico/workspace/qt6-dev/qtbase/src/corelib/tools/qscopedpointer.h:24

    #26 0x7f51a74bad3d in QScopedPointer<QObjectData, QScopedPointerDeleter<QObjectData> >::~QScopedPointer() /home/nico/workspace/qt6-dev/qtbase/src/corelib/tools/qscopedpointer.h:81

    #27 0x7f51a74b6b01 in QObject::~QObject() /home/nico/workspace/qt6-dev/qtbase/src/corelib/kernel/qobject.cpp:1148

    #28 0x7f51a73a21df in QCoreApplication::~QCoreApplication() /home/nico/workspace/qt6-dev/qtbase/src/corelib/kernel/qcoreapplication.cpp:957

    #29 0x7f51aa42f9be in QGuiApplication::~QGuiApplication() /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qguiapplication.cpp:707

    #30 0x7f51ada7c07c in QApplication::~QApplication() /home/nico/workspace/qt6-dev/qtbase/src/widgets/kernel/qapplication.cpp:722

    #31 0x45a207 in main (/home/nico/workspace/qtwebengine-dev/examples/webenginewidgets/simplebrowser/build/simplebrowser+0x45a207) (BuildId: 9bb895e1b1ab860a39deb71cf12e318a37e514f1)

    #32 0x7f51a682a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

    #33 0x7f51a682a378 in __libc_start_main_impl ../csu/libc-start.c:360

    #34 0x412a04 in _start ../sysdeps/x86_64/start.S:115



0x503000531bc0 is located 16 bytes inside of 32-byte region [0x503000531bb0,0x503000531bd0)

freed by thread T0 here:

    #0 0x7f51d50fe198 in operator delete(void*, unsigned long) ../../../../libsanitizer/asan/asan_new_delete.cpp:164

    #1 0x7f51a0a105e5 in QtWaylandClient::QWaylandEglClientBufferIntegration::~QWaylandEglClientBufferIntegration() /home/nico/workspace/qt6-dev/qtwayland/src/hardwareintegration/client/wayland-egl/qwaylandeglclientbufferintegration.cpp:39

    #2 0x7f51a0d48e4b in QScopedPointerDeleter<QtWaylandClient::QWaylandClientBufferIntegration>::cleanup(QtWaylandClient::QWaylandClientBufferIntegration*) /home/nico/workspace/qt6-dev/qtbase/src/corelib/tools/qscopedpointer.h:24

    #3 0x7f51a0d48e4b in QScopedPointer<QtWaylandClient::QWaylandClientBufferIntegration, QScopedPointerDeleter<QtWaylandClient::QWaylandClientBufferIntegration> >::~QScopedPointer() /home/nico/workspace/qt6-dev/qtbase/src/corelib/tools/qscopedpointer.h:81

    #4 0x7f51a0d40f97 in QtWaylandClient::QWaylandIntegration::~QWaylandIntegration() /home/nico/workspace/qt6-dev/qtwayland/src/client/qwaylandintegration.cpp:100

    #5 0x7f51a0d40fe6 in QtWaylandClient::QWaylandIntegration::~QWaylandIntegration() /home/nico/workspace/qt6-dev/qtwayland/src/client/qwaylandintegration.cpp:100

    #6 0x7f51aa42fe68 in QGuiApplicationPrivate::~QGuiApplicationPrivate() /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qguiapplication.cpp:1832

    #7 0x7f51ada7b3fd in QApplicationPrivate::~QApplicationPrivate() /home/nico/workspace/qt6-dev/qtbase/src/widgets/kernel/qapplication.cpp:145

    #8 0x7f51ada7b442 in QApplicationPrivate::~QApplicationPrivate() /home/nico/workspace/qt6-dev/qtbase/src/widgets/kernel/qapplication.cpp:145

    #9 0x7f51a74bad3d in QScopedPointerDeleter<QObjectData>::cleanup(QObjectData*) /home/nico/workspace/qt6-dev/qtbase/src/corelib/tools/qscopedpointer.h:24

    #10 0x7f51a74bad3d in QScopedPointer<QObjectData, QScopedPointerDeleter<QObjectData> >::~QScopedPointer() /home/nico/workspace/qt6-dev/qtbase/src/corelib/tools/qscopedpointer.h:81

    #11 0x7f51a74b6b01 in QObject::~QObject() /home/nico/workspace/qt6-dev/qtbase/src/corelib/kernel/qobject.cpp:1148

    #12 0x7f51a73a21df in QCoreApplication::~QCoreApplication() /home/nico/workspace/qt6-dev/qtbase/src/corelib/kernel/qcoreapplication.cpp:957

    #13 0x7f51aa42f9be in QGuiApplication::~QGuiApplication() /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qguiapplication.cpp:707

    #14 0x7f51ada7c07c in QApplication::~QApplication() /home/nico/workspace/qt6-dev/qtbase/src/widgets/kernel/qapplication.cpp:722

    #15 0x45a207 in main (/home/nico/workspace/qtwebengine-dev/examples/webenginewidgets/simplebrowser/build/simplebrowser+0x45a207) (BuildId: 9bb895e1b1ab860a39deb71cf12e318a37e514f1)

    #16 0x7f51a682a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58



previously allocated by thread T0 here:

    #0 0x7f51d50fd298 in operator new(unsigned long) ../../../../libsanitizer/asan/asan_new_delete.cpp:95

    #1 0x7f51a1f024a4 in QtWaylandClient::QWaylandEglClientBufferPlugin::create(QString const&, QList<QString> const&) /home/nico/workspace/qt6-dev/qtwayland/src/plugins/hardwareintegration/client/wayland-egl/main.cpp:21

    #2 0x7f51a0cb1f52 in QtWaylandClient::QWaylandClientBufferIntegration* qLoadPlugin<QtWaylandClient::QWaylandClientBufferIntegration, QtWaylandClient::QWaylandClientBufferIntegrationPlugin, QList<QString> const&>(QFactoryLoader const*, QString const&, QList<QString> 
const&) (/home/nico/kde-qtdev/usr/lib64/libQt6WaylandClient.so.6+0xb1f52) (BuildId: d40faa0e9d0e5babefb498b6b662826bbb449c87)

    #3 0x7f51a0cb1b20 in QtWaylandClient::QWaylandClientBufferIntegrationFactory::create(QString const&, QList<QString> const&) /home/nico/workspace/qt6-dev/qtwayland/src/client/hardwareintegration/qwaylandclientbufferintegrationfactory.cpp:25

    #4 0x7f51a0d438f2 in QtWaylandClient::QWaylandIntegration::initializeClientBufferIntegration() /home/nico/workspace/qt6-dev/qtwayland/src/client/qwaylandintegration.cpp:356

    #5 0x7f51a0d44360 in QtWaylandClient::QWaylandIntegration::clientBufferIntegration() const /home/nico/workspace/qt6-dev/qtwayland/src/client/qwaylandintegration.cpp:308

    #6 0x7f51a0cbc527 in QtWaylandClient::QWaylandDisplay::clientBufferIntegration() const /home/nico/workspace/qt6-dev/qtwayland/src/client/qwaylanddisplay.cpp:310

    #7 0x7f51a0d40695 in QtWaylandClient::QWaylandIntegration::createPlatformOpenGLContext(QOpenGLContext*) const /home/nico/workspace/qt6-dev/qtwayland/src/client/qwaylandintegration.cpp:152

    #8 0x7f51aae8b847 in QOpenGLContext::create() /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qopenglcontext.cpp:374

    #9 0x7f51bd8bcbab in ensureShareContext /home/nico/workspace/qtwebengine-dev/src/core/api/qtwebenginecoreglobal.cpp:67

    #10 0x7f51bd8bce37 in QtWebEngineCore::initialize() /home/nico/workspace/qtwebengine-dev/src/core/api/qtwebenginecoreglobal.cpp:98

    #11 0x7f51a739f1a6 in qt_call_pre_routines /home/nico/workspace/qt6-dev/qtbase/src/corelib/kernel/qcoreapplication.cpp:321

    #12 0x7f51a73acb63 in QCoreApplicationPrivate::init() /home/nico/workspace/qt6-dev/qtbase/src/corelib/kernel/qcoreapplication.cpp:898

    #13 0x7f51aa44446a in QGuiApplicationPrivate::init() /home/nico/workspace/qt6-dev/qtbase/src/gui/kernel/qguiapplication.cpp:1627

    #14 0x7f51ada88fa8 in QApplicationPrivate::init() /home/nico/workspace/qt6-dev/qtbase/src/widgets/kernel/qapplication.cpp:472

    #15 0x7f51ada89128 in QApplication::QApplication(int&, char**, int) /home/nico/workspace/qt6-dev/qtbase/src/widgets/kernel/qapplication.cpp:460

    #16 0x459f95 in main (/home/nico/workspace/qtwebengine-dev/examples/webenginewidgets/simplebrowser/build/simplebrowser+0x459f95) (BuildId: 9bb895e1b1ab860a39deb71cf12e318a37e514f1)

    #17 0x7f51a682a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58



SUMMARY: AddressSanitizer: heap-use-after-free /home/nico/workspace/qt6-dev/qtwayland/src/hardwareintegration/client/wayland-egl/qwaylandeglclientbufferintegration.cpp:161 in QtWaylandClient::QWaylandEglClientBufferIntegration::eglDisplay() const

      Qt built from current dev (qtbase 195a35dbfb2453ae37d9541c82745c5795fe8b9c, qtwebengine 366f4a18f95891bc306af9412187133f76a1b6a5)

       

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            pvarga Peter Varga
            nicolasfella_kde Nicolas Fella
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:

              Gerrit Reviews

                There are no open Gerrit changes