search

python / cpython

The Python programming language
https://www.python.org
Other
63.42k stars 30.37k forks source link

Python 3.13b repeatedly setting superclass attribute in subclass leads to crashes #119462

Closed The-Compiler closed 4 months ago

The-Compiler commented 5 months ago

Crash report

What happened?

I'm trying to run the qutebrowser testsuite with Python 3.13, and am running into an issue where a test reproducibly fails (usually by crashing the interpreter), but only when I run the entire testsuite (not when run in isolation, or even just the tests in the same subfolder).

Given those circumstances, it seems tricky to get to a minimal example. I thought I'd open this issue in the hope of distilling things down further, and arriving at such an example. In the meantime, the best reproduction steps I can come up with are:

git clone https://github.com/qutebrowser/qutebrowser
cd qutebrowser
tox -e py313-pyqt66 -- tests/unit -v -s

A few tests will fail with a --with-pydebug build due to timeouts, those can be ignored. After a while (~13 minutes with --with-pydebug under gdb on my system), one of the tests in tests/unit/mainwindow/test_messageview.py will fail, usually due to a failing assertion because PyUnicode_KIND did return an invalid value.

Failing Python code:

value = value.replace('default_family', self.default_family)

stacktrace:

```c #0 0x00007211a3fda32c in ??? () at /usr/lib/libc.so.6 #1 0x00007211a3f896c8 in raise () at /usr/lib/libc.so.6 #2 0x00007211a3f89770 in () at /usr/lib/libc.so.6 #3 0x00007211a3fda32c in ??? () at /usr/lib/libc.so.6 #4 0x00007211a3f896c8 in raise () at /usr/lib/libc.so.6 #5 0x00007211a3f714b8 in abort () at /usr/lib/libc.so.6 #6 0x00007211a3f713dc in ??? () at /usr/lib/libc.so.6 #7 0x00007211a3f81d46 in __assert_fail () at /usr/lib/libc.so.6 #8 0x00007211a389feb4 in PyUnicode_MAX_CHAR_VALUE (op=) at ./Include/cpython/unicodeobject.h:374 #9 0x00007211a39ab346 in PyUnicode_MAX_CHAR_VALUE (op=) at ./Include/cpython/unicodeobject.h:371 #10 replace (self=Python Exception : There is no member named ready. , str1=Python Exception : There is no member named ready. , str2=, maxcount=) at Objects/unicodeobject.c:10133 #11 0x00007211a388e6e6 in _PyEval_EvalFrameDefault (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, frame=0x7211a414be50, throwflag=6) at Python/generated_cases.c.h:1688 #12 0x00007211a3a1a488 in _PyObject_VectorcallTstate (kwnames=0x0, nargsf=2, args=0x7ffecd2707a0, callable=, tstate=0x7211a3ecb1f0 <_PyRuntime+294032>) at ./Include/internal/pycore_call.h:168 #13 PyObject_Vectorcall (kwnames=0x0, nargsf=2, args=0x7ffecd2707a0, callable=) at Objects/call.c:327 #14 call_attribute (name=Python Exception : There is no member named ready. , attr=, self=) at Objects/typeobject.c:9435 #15 call_attribute (name=Python Exception : There is no member named ready. , attr=, self=) at Objects/typeobject.c:9429 #16 _Py_slot_tp_getattr_hook (self=, name=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9485 #17 0x00007211a3a1b123 in PyObject_GetAttr (v=Python Exception : , name=Python Exception : There is no member named ready. ) at Objects/object.c:1175 #18 0x00007211a3892454 in _PyEval_EvalFrameDefault (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, frame=0x7211a414bc98, throwflag=6) at Python/generated_cases.c.h:1165 #19 0x00007211a3c3d04d in _PyEval_EvalFrame (throwflag=0, frame=0x7211198c8208, tstate=0x7211a3ecb1f0 <_PyRuntime+294032>) at ./Include/internal/pycore_ceval.h:119 #20 gen_send_ex2 (gen=0x7211198c81c0, arg=arg@entry=0x0, presult=presult@entry=0x7ffecd270a90, exc=exc@entry=0, closing=closing@entry=0) at Objects/genobject.c:229 #21 0x00007211a3c3d242 in gen_iternext (gen=) at Objects/genobject.c:589 #22 0x00007211a3acbb60 in list_extend_iter_lock_held (iterable=, self=0x72110f8d1770) at Objects/listobject.c:1231 #23 _list_extend (self=self@entry=0x72110f8d1770, iterable=iterable@entry=) at Objects/listobject.c:1404 #24 0x00007211a3acc7b7 in list_extend (iterable=, self=0x72110f8d1770) at Objects/listobject.c:1430 #25 _PyList_Extend (iterable=, self=0x72110f8d1770) at Objects/listobject.c:1432 #26 PySequence_List (v=) at Objects/abstract.c:2135 #27 0x00007211a3ad6128 in PySequence_Fast (m=0x7211a3cae034 "can only join an iterable", v=) at Objects/abstract.c:2166 #28 PySequence_Fast (v=, m=0x7211a3cae034 "can only join an iterable") at Objects/abstract.c:2145 #29 0x00007211a3ad81bf in PyUnicode_Join (separator=Python Exception : There is no member named ready. , seq=) at Objects/unicodeobject.c:9557 --Type for more, q to quit, c to continue without paging-- #30 0x00007211a3892ba1 in _PyEval_EvalFrameDefault (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, frame=0x7211a414bbe0, throwflag=6) at Python/generated_cases.c.h:1264 #31 0x00007211a3a10d2a in PyObject_Call (kwargs=0x0, args=Python Exception : There is no member named ready. , callable=) at Objects/call.c:373 #32 bounded_lru_cache_wrapper (self=0x72118e3ed850, args=Python Exception : There is no member named ready. , kwds=0x0) at ./Modules/_functoolsmodule.c:1050 #33 0x00007211a39ec88d in _PyObject_MakeTpCall (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=Python Exception : There is no member named ready. , args=, nargs=1, keywords=) at Objects/call.c:242 #34 0x00007211a388d023 in _PyEval_EvalFrameDefault (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, frame=0x7211a414baf0, throwflag=6) at Python/generated_cases.c.h:1837 #35 0x00007211a39ece98 in _PyObject_VectorcallDictTstate (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:146 _hook.py'... #36 0x00007211a39ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=Python Exception : There is no member named ready. , args=args@entry=(), kwargs=kwargs@entry=Python Exception : There is no member named ready. ) at Objects/call.c:504 #37 0x00007211a3a1a645 in slot_tp_init (self=Python Exception : There is no member named ready. , args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9646 #38 0x00007211a39afafd in type_call (self=, args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:1909 #39 0x00007211a39ec88d in _PyObject_MakeTpCall (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=, nargs=0, keywords=) at Objects/call.c:242 #40 0x00007211a3884cc8 in _PyEval_EvalFrameDefault (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, frame=0x7211a414b880, throwflag=6) at Python/generated_cases.c.h:1500 #41 0x00007211a39ece98 in _PyObject_VectorcallDictTstate (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:146 piling '/home/florian/proj/aur/rixx/python313/pkg/python313/usr/lib/python3.13/test/test_importlib/import_/test_hel #42 0x00007211a39ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=, args=args@entry=(), kwargs=kwargs@entry=Python Exception : There is no member named ready. ) at Objects/call.c:504 #43 0x00007211a3a17ff5 in slot_tp_call (self=, args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9400 #44 0x00007211a39ec88d in _PyObject_MakeTpCall (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=, nargs=0, keywords=) at Objects/call.c:242 #45 0x00007211a3884cc8 in _PyEval_EvalFrameDefault (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, frame=0x7211a414b370, throwflag=6) at Python/generated_cases.c.h:1500 #46 0x00007211a39ece98 in _PyObject_VectorcallDictTstate (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:146 es/example2/example2/__init__.py'... #47 0x00007211a39ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=, args=args@entry=(), kwargs=kwargs@entry=Python Exception : There is no member named ready. ) at Objects/call.c:504 #48 0x00007211a3a17ff5 in slot_tp_call (self=, args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9400 #49 0x00007211a3a0e1ee in _PyObject_Call (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=(), kwargs=) at Objects/call.c:361 #50 0x00007211a3881380 in _PyEval_EvalFrameDefault (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, frame=0x7211a414b008, throwflag=6) at Python/generated_cases.c.h:1353 #51 0x00007211a39ece98 in _PyObject_VectorcallDictTstate (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:146 a_namespace_pkg/foo/one.py'... #52 0x00007211a39ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=, args=args@entry=(), kwargs=kwargs@entry=Python Exception : There is no member named ready. ) at Objects/call.c:504 #53 0x00007211a3a17ff5 in slot_tp_call (self=, args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9400 #54 0x00007211a39ec88d in _PyObject_MakeTpCall (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=, nargs=0, keywords=) at Objects/call.c:242 #55 0x00007211a3884cc8 in _PyEval_EvalFrameDefault (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, frame=0x7211a414aa10, throwflag=6) at Python/generated_cases.c.h:1500 #56 0x00007211a39ece98 in _PyObject_VectorcallDictTstate (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:146 piling '/home/florian/proj/aur/rixx/python313/pkg/python313/usr/lib/python3.13/test/test_importlib/namespace_pkgs/p #57 0x00007211a39ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=, args=args@entry=(), kwargs=kwargs@entry=Python Exception : There is no member named ready. ) at Objects/call.c:504 #58 0x00007211a3a17ff5 in slot_tp_call (self=, args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9400 #59 0x00007211a39ec88d in _PyObject_MakeTpCall (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=, nargs=0, keywords=) at Objects/call.c:242 #60 0x00007211a3884cc8 in _PyEval_EvalFrameDefault (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, frame=0x7211a414a730, throwflag=6) at Python/generated_cases.c.h:1500 #61 0x00007211a39ece98 in _PyObject_VectorcallDictTstate (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:146 piling '/home/florian/proj/aur/rixx/python313/pkg/python313/usr/lib/python3.13/test/test_httpservers.py'... #62 0x00007211a39ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=, args=args@entry=(), kwargs=kwargs@entry=Python Exception : There is no member named ready. ) at Objects/call.c:504 #63 0x00007211a3a17ff5 in slot_tp_call (self=, args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9400 #64 0x00007211a39ec88d in _PyObject_MakeTpCall (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, callable=, args=, nargs=0, keywords=) at Objects/call.c:242 #65 0x00007211a3884cc8 in _PyEval_EvalFrameDefault (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, frame=0x7211a414a2b0, throwflag=6) at Python/generated_cases.c.h:1500 #66 0x00007211a3c3f6d6 in PyEval_EvalCode (co=, globals=, locals=Python Exception : There is no member named ready. ) at Python/ceval.c:598 #67 0x00007211a3c51950 in builtin_exec_impl (module=, closure=, locals=Python Exception : There is no member named ready. , globals=Python Exception : There is no member named ready. , source=) at Python/bltinmodule.c:1145 #68 builtin_exec (module=, args=, nargs=, kwnames=) at Python/clinic/bltinmodule.c.h:556 #69 0x00007211a395a4ea in cfunction_vectorcall_FASTCALL_KEYWORDS (func=, args=0x7211a414a180, nargsf=, kwnames=0x0) at Objects/methodobject.c:441 #70 0x00007211a39fcce9 in _PyObject_VectorcallTstate (kwnames=0x0, nargsf=9223372036854775810, args=0x7211a414a180, callable=, tstate=0x7211a3ecb1f0 <_PyRuntime+294032>) at ./Include/internal/pycore_call.h:168 #71 PyObject_Vectorcall (callable=, args=0x7211a414a180, nargsf=9223372036854775810, kwnames=0x0) at Objects/call.c:327 #72 0x00007211a3889b59 in _PyEval_EvalFrameDefault (tstate=0x7211a3ecb1f0 <_PyRuntime+294032>, frame=0x7211a414a0d8, throwflag=6) at Python/generated_cases.c.h:813 #73 0x00007211a3c36c04 in PyObject_Call (kwargs=0x0, args=Python Exception : There is no member named ready. , callable=) at Objects/call.c:373 #74 pymain_run_module (modname=, set_argv0=set_argv0@entry=1) at Modules/main.c:297 #75 0x00007211a3c498d2 in pymain_run_python (exitcode=0x7ffecd272a68) at Modules/main.c:633 #76 Py_RunMain () at Modules/main.c:718 #77 0x00007211a3f72cd0 in ??? () at /usr/lib/libc.so.6 #78 0x00007211a3f72d8a in __libc_start_main () at /usr/lib/libc.so.6 #79 0x00005e3a1e856055 in _start () ```

Sometimes I've also seen a MemoryError on the line calling str.replace, or an ominous:

TypeError: replace() argument 2 must be str, not +

with the following Python stack (note that jinja is involved, which might or might not be a trigger?):

qtbot = <pytestqt.qtbot.QtBot object at 0x7552ae9d6200>, view = <qutebrowser.mainwindow.messageview.MessageView object at 0x7552acd7fb10>
config_stub = <qutebrowser.config.config.Config object at 0x7552acbe6170>

    def test_changing_timer_with_messages_shown(qtbot, view, config_stub):
        """When we change messages.timeout, the timer should be restarted."""
        config_stub.val.messages.timeout = 900000  # 15s
>       view.show_message(message.MessageInfo(usertypes.MessageLevel.info, 'test'))

tests/unit/mainwindow/test_messageview.py:172: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
qutebrowser/mainwindow/messageview.py:148: in show_message
    widget = Message.from_info(info)
qutebrowser/mainwindow/messageview.py:71: in from_info
    return cls(
qutebrowser/mainwindow/messageview.py:62: in __init__
    stylesheet.set_register(self, qss, update=False)
qutebrowser/config/stylesheet.py:32: in set_register
    observer.register()
qutebrowser/config/stylesheet.py:97: in register
    qss = self._get_stylesheet()
qutebrowser/config/stylesheet.py:86: in _get_stylesheet
    return _render_stylesheet(self._stylesheet)
qutebrowser/config/stylesheet.py:41: in _render_stylesheet
    return template.render(conf=config.val)
.tox/py313-pyqt66/lib/python3.13/site-packages/jinja2/environment.py:1304: in render
    self.environment.handle_exception()
.tox/py313-pyqt66/lib/python3.13/site-packages/jinja2/environment.py:939: in handle_exception
    raise rewrite_traceback_stack(source=source)
<template>:7: in top-level template code
    ???
qutebrowser/utils/jinja.py:117: in getattr
    return getattr(obj, attribute)
qutebrowser/config/config.py:633: in __getattr__
    return self._config.get(name)
qutebrowser/config/config.py:385: in get
    return opt.typ.to_py(obj)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <qutebrowser.config.configtypes.Font completions=None none_ok=False>, value = 'default_size default_family'

    def to_py(self, value: _StrUnset) -> _StrUnsetNone:
        self._basic_py_validation(value, str)
        if isinstance(value, usertypes.Unset):
            return value
        elif not value:
            return None

        if not self.font_regex.fullmatch(value):  # pragma: no cover
            # This should never happen, as the regex always matches everything
            # as family.
            raise configexc.ValidationError(value, "must be a valid font")

        if (value.endswith(' default_family') and
                self.default_family is not None):
>           value = value.replace('default_family', self.default_family)
E           TypeError: replace() argument 2 must be str, not +

qutebrowser/config/configtypes.py:1244: TypeError

which leads me to the conclusion that there must be some sort of memory corruption going on there.

On one run, I've also see a GC-related crash, which I'm not sure is related:

Python stack:

```pytb Fatal Python error: Aborted Thread 0x00007f31066006c0 (most recent call first): File "/usr/lib/python3.13/socket.py", line 295 in accept File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pytest_rerunfailures.py", line 433 in run_server File "/usr/lib/python3.13/threading.py", line 990 in run File "/usr/lib/python3.13/threading.py", line 1039 in _bootstrap_inner File "/usr/lib/python3.13/threading.py", line 1010 in _bootstrap Current thread 0x00007f311ca29740 (most recent call first): Garbage-collecting File "/home/florian/proj/qutebrowser/git/qutebrowser/config/configfiles.py", line 255 in __init__ File "/home/florian/proj/qutebrowser/git/tests/helpers/fixtures.py", line 315 in yaml_config_stub File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/fixtures.py", line 884 in call_fixture_func File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/fixtures.py", line 1122 in pytest_fixture_setup File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_callers.py", line 103 in _multicall File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_manager.py", line 120 in _hookexec File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_hooks.py", line 513 in __call__ File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/fixtures.py", line 1073 in execute File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/fixtures.py", line 603 in _get_active_fixturedef File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/fixtures.py", line 1035 in execute File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/fixtures.py", line 603 in _get_active_fixturedef File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/fixtures.py", line 1035 in execute File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/fixtures.py", line 603 in _get_active_fixturedef File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/fixtures.py", line 518 in getfixturevalue File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/fixtures.py", line 683 in _fillfixtures File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/python.py", line 1630 in setup File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/runner.py", line 512 in setup File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/runner.py", line 159 in pytest_runtest_setup File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_callers.py", line 103 in _multicall File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_manager.py", line 120 in _hookexec File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_hooks.py", line 513 in __call__ File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/runner.py", line 241 in File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/runner.py", line 341 in from_call File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/runner.py", line 240 in call_and_report File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/runner.py", line 129 in runtestprotocol File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/runner.py", line 116 in pytest_runtest_protocol File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_callers.py", line 103 in _multicall File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_manager.py", line 120 in _hookexec File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_hooks.py", line 513 in __call__ File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/main.py", line 364 in pytest_runtestloop File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_callers.py", line 103 in _multicall File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_manager.py", line 120 in _hookexec File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_hooks.py", line 513 in __call__ File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/main.py", line 339 in _main File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/main.py", line 285 in wrap_session File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/main.py", line 332 in pytest_cmdline_main File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_callers.py", line 103 in _multicall File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_manager.py", line 120 in _hookexec File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pluggy/_hooks.py", line 513 in __call__ File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/config/__init__.py", line 178 in main File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/_pytest/config/__init__.py", line 206 in console_main File "/home/florian/proj/qutebrowser/git/.tox/py313-pyqt66/lib/python3.13/site-packages/pytest/__main__.py", line 7 in File "/usr/lib/python3.13/runpy.py", line 88 in _run_code File "/usr/lib/python3.13/runpy.py", line 198 in _run_module_as_main Extension modules: hunter._predicates, hunter._tracer, hunter.vendor._cymem.cymem, hunter._event, markupsafe._speedups, PyQt6.QtCore, PyQt6.QtGui, PyQt6.QtWidgets, PyQt6.QtNetwork, PyQt6.QtPrintSupport, PyQt6.QtQml, PyQt6.QtOpenGL, PyQt6.QtWebChannel, PyQt6.QtWebEngineCore, PyQt6.QtSql, PyQt6.QtWebEngineWidgets, PyQt6.QtTest, PyQt6.QtDBus (total: 18) ```

C stack:

```c #0 0x00007f311c0ab32c in ??? () at /usr/lib/libc.so.6 #1 0x00007f311c05a6c8 in raise () at /usr/lib/libc.so.6 #2 0x00007f311c05a770 in () at /usr/lib/libc.so.6 #3 0x00007f311c0ab32c in ??? () at /usr/lib/libc.so.6 #4 0x00007f311c05a6c8 in raise () at /usr/lib/libc.so.6 #5 0x00007f311c0424b8 in abort () at /usr/lib/libc.so.6 #6 0x00007f311c0423dc in ??? () at /usr/lib/libc.so.6 #7 0x00007f311c052d46 in __assert_fail () at /usr/lib/libc.so.6 #8 0x00007f311c2a2bd1 in validate_old (gcstate=) at Python/gc.c:432 #9 validate_old (gcstate=gcstate@entry=0x7f311c89deb8 <_PyRuntime+108888>) at Python/gc.c:425 #10 0x00007f311c6076cc in gc_collect_increment (stats=0x7ffc5a234f70, tstate=) at Python/gc.c:1453 #11 _PyGC_Collect (tstate=tstate@entry=0x7f311c8cb1f0 <_PyRuntime+294032>, generation=generation@entry=1, reason=reason@entry=_Py_GC_REASON_HEAP) at Python/gc.c:1811 #12 0x00007f311c607b4b in _Py_RunGC (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>) at Python/gc.c:2010 #13 _Py_RunGC (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>) at Python/gc.c:2007 #14 _Py_HandlePending (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>) at Python/ceval_gil.c:1244 #15 0x00007f311c289f30 in _PyEval_EvalFrameDefault (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, frame=0x7f311cb34ed8, throwflag=6) at Python/generated_cases.c.h:846 #16 0x00007f311c3ece2f in _PyObject_VectorcallDictTstate (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:135 #17 0x00007f311c3ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=Python Exception : There is no member named ready. , args=args@entry=(), kwargs=kwargs@entry=0x0) at Objects/call.c:504 #18 0x00007f311c41a645 in slot_tp_init (self=Python Exception : There is no member named ready. , args=(), kwds=0x0) at Objects/typeobject.c:9646 #19 0x00007f311c3afafd in type_call (self=, args=(), kwds=0x0) at Objects/typeobject.c:1909 #20 0x00007f311c3ec88d in _PyObject_MakeTpCall (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=, nargs=0, keywords=) at Objects/call.c:242 #21 0x00007f311c28d023 in _PyEval_EvalFrameDefault (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, frame=0x7f311cb34e78, throwflag=6) at Python/generated_cases.c.h:1837 #22 0x00007f311c3ece98 in _PyObject_VectorcallDictTstate (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:146 #23 0x00007f311c3ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=, args=args@entry=(), kwargs=kwargs@entry=Python Exception : There is no member named ready. ) at Objects/call.c:504 #24 0x00007f311c417ff5 in slot_tp_call (self=, args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9400 #25 0x00007f311c3ec88d in _PyObject_MakeTpCall (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=, nargs=0, keywords=) at Objects/call.c:242 #26 0x00007f311c284cc8 in _PyEval_EvalFrameDefault (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, frame=0x7f311cb349d8, throwflag=6) at Python/generated_cases.c.h:1500 #27 0x00007f311c3ece98 in _PyObject_VectorcallDictTstate (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:146 #28 0x00007f311c3ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=, args=args@entry=(), kwargs=kwargs@entry=Python Exception : There is no member named ready. ) at Objects/call.c:504 #29 0x00007f311c417ff5 in slot_tp_call (self=, args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9400 #30 0x00007f311c40e1ee in _PyObject_Call (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=(), kwargs=) at Objects/call.c:361 #31 0x00007f311c281380 in _PyEval_EvalFrameDefault (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, frame=0x7f311cb34008, throwflag=6) at Python/generated_cases.c.h:1353 #32 0x00007f311c3ece98 in _PyObject_VectorcallDictTstate (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:146 #33 0x00007f311c3ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=, args=args@entry=(), kwargs=kwargs@entry=Python Exception : There is no member named ready. ) at Objects/call.c:504 #34 0x00007f311c417ff5 in slot_tp_call (self=, args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9400 #35 0x00007f311c3ec88d in _PyObject_MakeTpCall (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=, nargs=0, keywords=) at Objects/call.c:242 #36 0x00007f311c284cc8 in _PyEval_EvalFrameDefault (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, frame=0x7f311cb33a10, throwflag=6) at Python/generated_cases.c.h:1500 #37 0x00007f311c3ece98 in _PyObject_VectorcallDictTstate (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:146 #38 0x00007f311c3ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=, args=args@entry=(), kwargs=kwargs@entry=Python Exception : There is no member named ready. ) at Objects/call.c:504 #39 0x00007f311c417ff5 in slot_tp_call (self=, args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9400 #40 0x00007f311c3ec88d in _PyObject_MakeTpCall (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=, nargs=0, keywords=) at Objects/call.c:242 #41 0x00007f311c284cc8 in _PyEval_EvalFrameDefault (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, frame=0x7f311cb33730, throwflag=6) at Python/generated_cases.c.h:1500 #42 0x00007f311c3ece98 in _PyObject_VectorcallDictTstate (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=, nargsf=, kwargs=) at Objects/call.c:146 #43 0x00007f311c3ed0a6 in _PyObject_Call_Prepend (tstate=tstate@entry=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=callable@entry=, obj=obj@entry=, args=args@entry=(), kwargs=kwargs@entry=Python Exception : There is no member named ready. ) at Objects/call.c:504 #44 0x00007f311c417ff5 in slot_tp_call (self=, args=(), kwds=Python Exception : There is no member named ready. ) at Objects/typeobject.c:9400 #45 0x00007f311c3ec88d in _PyObject_MakeTpCall (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, callable=, args=, nargs=0, keywords=) at Objects/call.c:242 #46 0x00007f311c284cc8 in _PyEval_EvalFrameDefault (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, frame=0x7f311cb332b0, throwflag=6) at Python/generated_cases.c.h:1500 #47 0x00007f311c63f6d6 in PyEval_EvalCode (co=, globals=, locals=Python Exception : There is no member named ready. ) at Python/ceval.c:598 #48 0x00007f311c651950 in builtin_exec_impl (module=, closure=, locals=Python Exception : There is no member named ready. , globals=Python Exception : There is no member named ready. , source=) at Python/bltinmodule.c:1145 #49 builtin_exec (module=, args=, nargs=, kwnames=) at Python/clinic/bltinmodule.c.h:556 #50 0x00007f311c35a4ea in cfunction_vectorcall_FASTCALL_KEYWORDS (func=, args=0x7f311cb33180, nargsf=, kwnames=0x0) at Objects/methodobject.c:441 #51 0x00007f311c3fcce9 in _PyObject_VectorcallTstate (kwnames=0x0, nargsf=9223372036854775810, args=0x7f311cb33180, callable=, tstate=0x7f311c8cb1f0 <_PyRuntime+294032>) at ./Include/internal/pycore_call.h:168 #52 PyObject_Vectorcall (callable=, args=0x7f311cb33180, nargsf=9223372036854775810, kwnames=0x0) at Objects/call.c:327 #53 0x00007f311c289b59 in _PyEval_EvalFrameDefault (tstate=0x7f311c8cb1f0 <_PyRuntime+294032>, frame=0x7f311cb330d8, throwflag=6) at Python/generated_cases.c.h:813 #54 0x00007f311c636c04 in PyObject_Call (kwargs=0x0, args=Python Exception : There is no member named ready. , callable=) at Objects/call.c:373 #55 pymain_run_module (modname=, set_argv0=set_argv0@entry=1) at Modules/main.c:297 #56 0x00007f311c6498d2 in pymain_run_python (exitcode=0x7ffc5a236bd8) at Modules/main.c:633 #57 Py_RunMain () at Modules/main.c:718 #58 0x00007f311c043cd0 in ??? () at /usr/lib/libc.so.6 #59 0x00007f311c043d8a in __libc_start_main () at /usr/lib/libc.so.6 #60 0x000064c810b08055 in _start () ```

I'm lost here on how to best debug this further. My best bet would be to try and at least get an example that I can run more quickly, and then try and bisect CPython in order to find the offending change. If there are any other guesses or approaches to debug what could be going on here, I'd be happy to dig in further.

CPython versions tested on:

CPython main branch

Operating systems tested on:

Linux

Output from running 'python -VV' on the command line:

Python 3.13.0b1 (main, May 23 2024, 09:21:12) [GCC 13.2.1 20240417]

Linked PRs

  • gh-120731
  • gh-120748
rhettinger commented 5 months ago

I did a quick check for recent changes to Objects/unicodeobject.c::replace() but the code has been stable. The last edit was 17b4733f2ff Serhiy Storchaka 2020-04-01. That said, a lot of other things have changed in CPython (the memory allocator, method dispatch, and the next of include files).

It would help a great deal if you could bisect the problem to a particular edit or construct a minimal reproducer that excludes third-party extensions.

The-Compiler commented 5 months ago

I got it down from 15 minutes to 7 minutes runtime, but at this point, even just removing a handful of test files from the run makes it not reproduce anymore, from what I've tried. I don't think a minimal example is realistic at this point given that I can only get it to trigger after running >3000 test cases, but I'll keep trying to reduce it a bit more, and then do a git bisect. It will probably take me few days, unless I can get things reliable enough for a git bisect run.

The-Compiler commented 5 months ago

Quick status update: After trying to reduce the test files being run one by one, I found a more minimal combination that still reliably triggers the bug:

tox -e py313-pyqt66 -- \
    tests/unit/browser/test_browsertab.py \
    tests/unit/browser/test_caret.py \
    tests/unit/browser/test_downloadview.py \
    tests/unit/browser/test_history.py \
    tests/unit/browser/test_hints.py \
    tests/unit/browser/test_navigate.py \
    tests/unit/config/test_configdata.py \
    tests/unit/config/test_configtypes.py \
    tests/unit/config/test_configinit.py \
    tests/unit/config/test_configfiles.py \
    tests/unit/mainwindow/test_messageview.py -v -s

that's still almost 2000 tests with runtime of 4 minutes though. I'll now proceed to bisecting CPython and hope that'll help find the culprit.

The-Compiler commented 5 months ago

Bisected to 992446dd5bd3fff92ea0f8064fb19eebfe105cef:

  • 114900

  • issue: #113462

Not sure what to make of this. The change looks quite innocent, but I've double-checked it's indeed that commit that causes the memory corruption to happen.

cc @markshannon

The-Compiler commented 5 months ago

I got it to fail under valgrind with PYTHONMALLOC=malloc:

tests/unit/mainwindow/test_messageview.py::test_click_messages[MouseButton.RightButton-0] ./Include/object.h:1030: _Py_NegativeRefcount: Assertion failed: object has negative ref count
Enable tracemalloc to get the memory block allocation traceback

object address  : 0x5311b600
object refcount : 0
object type     : 0x6599c0
object type name: str
object repr     : <refcnt 0 at 0x5311b600>

Fatal Python error: _PyObject_AssertFailed: _PyObject_AssertFailed
Python runtime state: initialized
TypeError: replace() argument 2 must be str, not posix.DirEntry

Valgrind reports:

``` ==86205== Invalid read of size 4 ==86205== at 0x332898: Py_INCREF (object.h:814) ==86205== by 0x332898: _Py_NewRef (object.h:1046) ==86205== by 0x332898: _PyEval_EvalFrameDefault (generated_cases.c.h:3795) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== by 0x31D2D3: builtin_getattr (bltinmodule.c:1179) ==86205== by 0x329BE8: _PyEval_EvalFrameDefault (generated_cases.c.h:1072) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== Address 0x41ea4330 is 0 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid write of size 4 ==86205== at 0x332930: Py_INCREF (object.h:819) ==86205== by 0x332930: _Py_NewRef (object.h:1046) ==86205== by 0x332930: _PyEval_EvalFrameDefault (generated_cases.c.h:3795) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== by 0x31D2D3: builtin_getattr (bltinmodule.c:1179) ==86205== by 0x329BE8: _PyEval_EvalFrameDefault (generated_cases.c.h:1072) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== Address 0x41ea4330 is 0 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2C3CA8: Py_TYPE (object.h:333) ==86205== by 0x2C3CA8: unicode_replace (unicodeobject.c.h:803) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== by 0x31D2D3: builtin_getattr (bltinmodule.c:1179) ==86205== by 0x329BE8: _PyEval_EvalFrameDefault (generated_cases.c.h:1072) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC250: Py_TYPE (object.h:333) ==86205== by 0x2AC250: PyUnicode_IS_COMPACT (unicodeobject.h:219) ==86205== by 0x2AC3E1: PyUnicode_DATA (unicodeobject.h:262) ==86205== by 0x2C2D54: replace (unicodeobject.c:10123) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x2AC25D: PyUnicode_IS_COMPACT (unicodeobject.h:219) ==86205== by 0x2AC3E1: PyUnicode_DATA (unicodeobject.h:262) ==86205== by 0x2C2D54: replace (unicodeobject.c:10123) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== Address 0x41ea4350 is 32 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC28B: Py_TYPE (object.h:333) ==86205== by 0x2AC28B: PyUnicode_IS_ASCII (unicodeobject.h:212) ==86205== by 0x2AC2D6: _PyUnicode_COMPACT_DATA (unicodeobject.h:247) ==86205== by 0x2AC3FB: PyUnicode_DATA (unicodeobject.h:263) ==86205== by 0x2C2D54: replace (unicodeobject.c:10123) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x2AC298: PyUnicode_IS_ASCII (unicodeobject.h:212) ==86205== by 0x2AC2D6: _PyUnicode_COMPACT_DATA (unicodeobject.h:247) ==86205== by 0x2AC3FB: PyUnicode_DATA (unicodeobject.h:263) ==86205== by 0x2C2D54: replace (unicodeobject.c:10123) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== Address 0x41ea4350 is 32 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC2DB: Py_TYPE (object.h:333) ==86205== by 0x2AC2DB: _PyUnicode_COMPACT_DATA (unicodeobject.h:248) ==86205== by 0x2AC3FB: PyUnicode_DATA (unicodeobject.h:263) ==86205== by 0x2C2D54: replace (unicodeobject.c:10123) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2C2D96: Py_TYPE (object.h:333) ==86205== by 0x2C2D96: replace (unicodeobject.c:10127) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x2C2DA7: replace (unicodeobject.c:10127) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== Address 0x41ea4350 is 32 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2C2DD3: replace (unicodeobject.c:10130) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC5E8: PyUnicode_GET_LENGTH (unicodeobject.h:280) ==86205== by 0x2C2DD7: replace (unicodeobject.c:10130) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== Address 0x41ea4340 is 16 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC28B: Py_TYPE (object.h:333) ==86205== by 0x2AC28B: PyUnicode_IS_ASCII (unicodeobject.h:212) ==86205== by 0x2AC62B: PyUnicode_MAX_CHAR_VALUE (unicodeobject.h:363) ==86205== by 0x2C2E9B: replace (unicodeobject.c:10150) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x2AC298: PyUnicode_IS_ASCII (unicodeobject.h:212) ==86205== by 0x2AC62B: PyUnicode_MAX_CHAR_VALUE (unicodeobject.h:363) ==86205== by 0x2C2E9B: replace (unicodeobject.c:10150) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== Address 0x41ea4350 is 32 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x484FD00: memmove (vg_replace_strmem.c:1414) ==86205== by 0x2C3701: replace (unicodeobject.c:10316) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== Address 0x41ea4358 is 40 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x484FD0D: memmove (vg_replace_strmem.c:1414) ==86205== by 0x2C3701: replace (unicodeobject.c:10316) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== Address 0x41ea435a is 42 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC250: Py_TYPE (object.h:333) ==86205== by 0x2AC250: PyUnicode_IS_COMPACT (unicodeobject.h:219) ==86205== by 0x2AC3E1: PyUnicode_DATA (unicodeobject.h:262) ==86205== by 0x2C386D: replace (unicodeobject.c:10359) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x2AC25D: PyUnicode_IS_COMPACT (unicodeobject.h:219) ==86205== by 0x2AC3E1: PyUnicode_DATA (unicodeobject.h:262) ==86205== by 0x2C386D: replace (unicodeobject.c:10359) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== Address 0x41ea4350 is 32 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC28B: Py_TYPE (object.h:333) ==86205== by 0x2AC28B: PyUnicode_IS_ASCII (unicodeobject.h:212) ==86205== by 0x2AC2D6: _PyUnicode_COMPACT_DATA (unicodeobject.h:247) ==86205== by 0x2AC3FB: PyUnicode_DATA (unicodeobject.h:263) ==86205== by 0x2C386D: replace (unicodeobject.c:10359) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x2AC298: PyUnicode_IS_ASCII (unicodeobject.h:212) ==86205== by 0x2AC2D6: _PyUnicode_COMPACT_DATA (unicodeobject.h:247) ==86205== by 0x2AC3FB: PyUnicode_DATA (unicodeobject.h:263) ==86205== by 0x2C386D: replace (unicodeobject.c:10359) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== Address 0x41ea4350 is 32 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC2DB: Py_TYPE (object.h:333) ==86205== by 0x2AC2DB: _PyUnicode_COMPACT_DATA (unicodeobject.h:248) ==86205== by 0x2AC3FB: PyUnicode_DATA (unicodeobject.h:263) ==86205== by 0x2C386D: replace (unicodeobject.c:10359) ==86205== by 0x2C3BEC: unicode_replace_impl (unicodeobject.c:12187) ==86205== by 0x2C3D78: unicode_replace (unicodeobject.c.h:824) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x321E00: Py_DECREF (object.h:913) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== by 0x31D2D3: builtin_getattr (bltinmodule.c:1179) ==86205== by 0x329BE8: _PyEval_EvalFrameDefault (generated_cases.c.h:1072) ==86205== Address 0x41ea4330 is 0 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 4 ==86205== at 0x321E06: Py_DECREF (object.h:916) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== by 0x31D2D3: builtin_getattr (bltinmodule.c:1179) ==86205== by 0x329BE8: _PyEval_EvalFrameDefault (generated_cases.c.h:1072) ==86205== Address 0x41ea4330 is 0 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== ==86205== More than 100 errors detected. Subsequent errors ==86205== will still be recorded, but in less detail than before. ==86205== Invalid read of size 8 ==86205== at 0x321E10: Py_DECREF (object.h:921) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== by 0x31D2D3: builtin_getattr (bltinmodule.c:1179) ==86205== by 0x329BE8: _PyEval_EvalFrameDefault (generated_cases.c.h:1072) ==86205== Address 0x41ea4330 is 0 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid write of size 8 ==86205== at 0x321E17: Py_DECREF (object.h:921) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== by 0x31D2D3: builtin_getattr (bltinmodule.c:1179) ==86205== by 0x329BE8: _PyEval_EvalFrameDefault (generated_cases.c.h:1072) ==86205== Address 0x41ea4330 is 0 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x271E38: Py_TYPE (object.h:333) ==86205== by 0x271E38: _Py_Dealloc (object.c:2860) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== by 0x31D2D3: builtin_getattr (bltinmodule.c:1179) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC949: Py_TYPE (object.h:333) ==86205== by 0x2AC949: unicode_is_singleton (unicodeobject.c:1610) ==86205== by 0x2B60CD: unicode_dealloc (unicodeobject.c:1578) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC956: unicode_is_singleton (unicodeobject.c:1611) ==86205== by 0x2B60CD: unicode_dealloc (unicodeobject.c:1578) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== Address 0x41ea4340 is 16 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2B60D9: unicode_dealloc (unicodeobject.c:1586) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x2AC7A4: PyUnicode_CHECK_INTERNED (unicodeobject.h:198) ==86205== by 0x2B60DD: unicode_dealloc (unicodeobject.c:1586) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== Address 0x41ea4350 is 32 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2B60E6: Py_TYPE (object.h:333) ==86205== by 0x2B60E6: unicode_dealloc (unicodeobject.c:1587) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x2B60F3: unicode_dealloc (unicodeobject.c:1587) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== Address 0x41ea4350 is 32 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC469: Py_TYPE (object.h:333) ==86205== by 0x2AC469: PyUnicode_IS_COMPACT_ASCII (unicodeobject.h:226) ==86205== by 0x2B6104: unicode_dealloc (unicodeobject.c:1592) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x2AC476: PyUnicode_IS_COMPACT_ASCII (unicodeobject.h:226) ==86205== by 0x2B6104: unicode_dealloc (unicodeobject.c:1592) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== Address 0x41ea4350 is 32 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2AC4A2: PyUnicode_IS_COMPACT_ASCII (unicodeobject.h:226) ==86205== by 0x2B6104: unicode_dealloc (unicodeobject.c:1592) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x2AC25D: PyUnicode_IS_COMPACT (unicodeobject.h:219) ==86205== by 0x2AC4A6: PyUnicode_IS_COMPACT_ASCII (unicodeobject.h:226) ==86205== by 0x2B6104: unicode_dealloc (unicodeobject.c:1592) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== Address 0x41ea4350 is 32 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2B612A: unicode_dealloc (unicodeobject.c:1595) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 1 ==86205== at 0x2AC25D: PyUnicode_IS_COMPACT (unicodeobject.h:219) ==86205== by 0x2B612E: unicode_dealloc (unicodeobject.c:1595) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== Address 0x41ea4350 is 32 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x2B614E: Py_TYPE (object.h:333) ==86205== by 0x2B614E: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid free() / delete / delete[] / realloc() ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== Address 0x41ea4330 is 0 bytes inside a block of size 50 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x25B1B8: Py_DECREF (object.h:922) ==86205== by 0x25B1D7: Py_XDECREF (object.h:1030) ==86205== by 0x261539: insertdict (dictobject.c:1311) ==86205== by 0x2618F5: _PyDict_SetItem_Take2 (dictobject.c:1887) ==86205== by 0x261A05: PyDict_SetItem (dictobject.c:1905) ==86205== by 0x2626C9: _PyObjectDict_SetItem (dictobject.c:5869) ==86205== by 0x2743BB: _PyObject_GenericSetAttrWithDict (object.c:1730) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x9917CF2: sip_api_unicode_new (sip_core.c:11388) ==86205== by 0xB4DF146: qpycore_PyObject_FromQString(QString const&) (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so) ==86205== by 0x9919DFD: sip_api_convert_from_new_type (sip_core.c:8053) ==86205== by 0xE78A804: meth_QFont_family (in /home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtGui.abi3.so) ==86205== by 0x26E0C4: cfunction_call (methodobject.c:551) ==86205== by 0x2203EF: _PyObject_MakeTpCall (call.c:242) ==86205== by 0x22062F: _PyObject_VectorcallTstate (pycore_call.h:166) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x373C20: Py_TYPE (object.h:333) ==86205== by 0x373C20: _PyArg_BadArgument (getargs.c:570) ==86205== by 0x2C3D41: unicode_replace (unicodeobject.c.h:804) ==86205== by 0x32B839: _PyEval_EvalFrameDefault (generated_cases.c.h:1573) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== by 0x31D2D3: builtin_getattr (bltinmodule.c:1179) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 72 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x3D3BB7: DirEntry_dealloc (posixmodule.c:15097) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x321E4F: Py_XDECREF (object.h:1030) ==86205== by 0x336DB2: _PyEval_EvalFrameDefault (generated_cases.c.h:5301) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== by 0x31BDF5: map_next (bltinmodule.c:1407) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x271D1A: _PyObject_New (object.c:447) ==86205== by 0x3D3DC0: DirEntry_from_posix_info (posixmodule.c:15609) ==86205== by 0x3D3FD3: ScandirIterator_iternext (posixmodule.c:15802) ==86205== by 0x32E807: _PyEval_EvalFrameDefault (generated_cases.c.h:2486) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== by 0x31BDF5: map_next (bltinmodule.c:1407) ==86205== by 0x2093DA: PyIter_Next (abstract.c:2919) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x3D3B7E: Py_TYPE (object.h:333) ==86205== by 0x3D3B7E: DirEntry_dealloc (posixmodule.c:15091) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== Address 0x41ea4338 is 8 bytes inside a block of size 72 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x3D3BB7: DirEntry_dealloc (posixmodule.c:15097) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x321E4F: Py_XDECREF (object.h:1030) ==86205== by 0x336DB2: _PyEval_EvalFrameDefault (generated_cases.c.h:5301) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== by 0x31BDF5: map_next (bltinmodule.c:1407) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x271D1A: _PyObject_New (object.c:447) ==86205== by 0x3D3DC0: DirEntry_from_posix_info (posixmodule.c:15609) ==86205== by 0x3D3FD3: ScandirIterator_iternext (posixmodule.c:15802) ==86205== by 0x32E807: _PyEval_EvalFrameDefault (generated_cases.c.h:2486) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== by 0x31BDF5: map_next (bltinmodule.c:1407) ==86205== by 0x2093DA: PyIter_Next (abstract.c:2919) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x3D3B82: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== by 0x2A6334: _Py_slot_tp_getattr_hook (typeobject.c:8924) ==86205== by 0x273506: PyObject_GetAttr (object.c:1153) ==86205== Address 0x41ea4340 is 16 bytes inside a block of size 72 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x3D3BB7: DirEntry_dealloc (posixmodule.c:15097) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x321E4F: Py_XDECREF (object.h:1030) ==86205== by 0x336DB2: _PyEval_EvalFrameDefault (generated_cases.c.h:5301) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== by 0x31BDF5: map_next (bltinmodule.c:1407) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x271D1A: _PyObject_New (object.c:447) ==86205== by 0x3D3DC0: DirEntry_from_posix_info (posixmodule.c:15609) ==86205== by 0x3D3FD3: ScandirIterator_iternext (posixmodule.c:15802) ==86205== by 0x32E807: _PyEval_EvalFrameDefault (generated_cases.c.h:2486) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== by 0x31BDF5: map_next (bltinmodule.c:1407) ==86205== by 0x2093DA: PyIter_Next (abstract.c:2919) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x3D2918: Py_DECREF (object.h:913) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== by 0x22067D: PyObject_Vectorcall (call.c:327) ==86205== by 0x297D14: call_attribute (typeobject.c:8874) ==86205== Address 0x5311b600 is 0 bytes inside a block of size 68 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x3D2948: Py_DECREF (object.h:922) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x321E4F: Py_XDECREF (object.h:1030) ==86205== by 0x336DB2: _PyEval_EvalFrameDefault (generated_cases.c.h:5301) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x2CDE10: unicode_decode_utf8 (unicodeobject.c:4705) ==86205== by 0x2D1C16: PyUnicode_DecodeFSDefaultAndSize (unicodeobject.c:3705) ==86205== by 0x3D3E2E: DirEntry_from_posix_info (posixmodule.c:15629) ==86205== by 0x3D3FD3: ScandirIterator_iternext (posixmodule.c:15802) ==86205== by 0x32E807: _PyEval_EvalFrameDefault (generated_cases.c.h:2486) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x27165F: Py_TYPE (object.h:333) ==86205== by 0x27165F: _PyObject_IsFreed (object.c:594) ==86205== by 0x27262D: _PyObject_AssertFailed (object.c:2830) ==86205== by 0x2727D6: _Py_NegativeRefcount (object.c:217) ==86205== by 0x3D293E: Py_DECREF (object.h:914) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== Address 0x5311b608 is 8 bytes inside a block of size 68 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x3D2948: Py_DECREF (object.h:922) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x321E4F: Py_XDECREF (object.h:1030) ==86205== by 0x336DB2: _PyEval_EvalFrameDefault (generated_cases.c.h:5301) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x2CDE10: unicode_decode_utf8 (unicodeobject.c:4705) ==86205== by 0x2D1C16: PyUnicode_DecodeFSDefaultAndSize (unicodeobject.c:3705) ==86205== by 0x3D3E2E: DirEntry_from_posix_info (posixmodule.c:15629) ==86205== by 0x3D3FD3: ScandirIterator_iternext (posixmodule.c:15802) ==86205== by 0x32E807: _PyEval_EvalFrameDefault (generated_cases.c.h:2486) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x27268E: Py_TYPE (object.h:333) ==86205== by 0x27268E: _PyObject_AssertFailed (object.c:2840) ==86205== by 0x2727D6: _Py_NegativeRefcount (object.c:217) ==86205== by 0x3D293E: Py_DECREF (object.h:914) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== by 0x2205A9: _PyObject_VectorcallTstate (pycore_call.h:168) ==86205== Address 0x5311b608 is 8 bytes inside a block of size 68 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x3D2948: Py_DECREF (object.h:922) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x321E4F: Py_XDECREF (object.h:1030) ==86205== by 0x336DB2: _PyEval_EvalFrameDefault (generated_cases.c.h:5301) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x2CDE10: unicode_decode_utf8 (unicodeobject.c:4705) ==86205== by 0x2D1C16: PyUnicode_DecodeFSDefaultAndSize (unicodeobject.c:3705) ==86205== by 0x3D3E2E: DirEntry_from_posix_info (posixmodule.c:15629) ==86205== by 0x3D3FD3: ScandirIterator_iternext (posixmodule.c:15802) ==86205== by 0x32E807: _PyEval_EvalFrameDefault (generated_cases.c.h:2486) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x27165F: Py_TYPE (object.h:333) ==86205== by 0x27165F: _PyObject_IsFreed (object.c:594) ==86205== by 0x272402: _PyObject_Dump (object.c:605) ==86205== by 0x2726DD: _PyObject_AssertFailed (object.c:2847) ==86205== by 0x2727D6: _Py_NegativeRefcount (object.c:217) ==86205== by 0x3D293E: Py_DECREF (object.h:914) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== Address 0x5311b608 is 8 bytes inside a block of size 68 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x3D2948: Py_DECREF (object.h:922) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x321E4F: Py_XDECREF (object.h:1030) ==86205== by 0x336DB2: _PyEval_EvalFrameDefault (generated_cases.c.h:5301) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x2CDE10: unicode_decode_utf8 (unicodeobject.c:4705) ==86205== by 0x2D1C16: PyUnicode_DecodeFSDefaultAndSize (unicodeobject.c:3705) ==86205== by 0x3D3E2E: DirEntry_from_posix_info (posixmodule.c:15629) ==86205== by 0x3D3FD3: ScandirIterator_iternext (posixmodule.c:15802) ==86205== by 0x32E807: _PyEval_EvalFrameDefault (generated_cases.c.h:2486) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x272426: Py_REFCNT (object.h:315) ==86205== by 0x272426: _PyObject_Dump (object.c:615) ==86205== by 0x2726DD: _PyObject_AssertFailed (object.c:2847) ==86205== by 0x2727D6: _Py_NegativeRefcount (object.c:217) ==86205== by 0x3D293E: Py_DECREF (object.h:914) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== Address 0x5311b600 is 0 bytes inside a block of size 68 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x3D2948: Py_DECREF (object.h:922) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x321E4F: Py_XDECREF (object.h:1030) ==86205== by 0x336DB2: _PyEval_EvalFrameDefault (generated_cases.c.h:5301) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x2CDE10: unicode_decode_utf8 (unicodeobject.c:4705) ==86205== by 0x2D1C16: PyUnicode_DecodeFSDefaultAndSize (unicodeobject.c:3705) ==86205== by 0x3D3E2E: DirEntry_from_posix_info (posixmodule.c:15629) ==86205== by 0x3D3FD3: ScandirIterator_iternext (posixmodule.c:15802) ==86205== by 0x32E807: _PyEval_EvalFrameDefault (generated_cases.c.h:2486) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x27244D: Py_TYPE (object.h:333) ==86205== by 0x27244D: _PyObject_Dump (object.c:618) ==86205== by 0x2726DD: _PyObject_AssertFailed (object.c:2847) ==86205== by 0x2727D6: _Py_NegativeRefcount (object.c:217) ==86205== by 0x3D293E: Py_DECREF (object.h:914) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== by 0x220248: _PyFunction_Vectorcall (call.c:413) ==86205== Address 0x5311b608 is 8 bytes inside a block of size 68 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x3D2948: Py_DECREF (object.h:922) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x321E4F: Py_XDECREF (object.h:1030) ==86205== by 0x336DB2: _PyEval_EvalFrameDefault (generated_cases.c.h:5301) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x2CDE10: unicode_decode_utf8 (unicodeobject.c:4705) ==86205== by 0x2D1C16: PyUnicode_DecodeFSDefaultAndSize (unicodeobject.c:3705) ==86205== by 0x3D3E2E: DirEntry_from_posix_info (posixmodule.c:15629) ==86205== by 0x3D3FD3: ScandirIterator_iternext (posixmodule.c:15802) ==86205== by 0x32E807: _PyEval_EvalFrameDefault (generated_cases.c.h:2486) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x272275: PyObject_Print (object.c:539) ==86205== by 0x2724DE: _PyObject_Dump (object.c:630) ==86205== by 0x2726DD: _PyObject_AssertFailed (object.c:2847) ==86205== by 0x2727D6: _Py_NegativeRefcount (object.c:217) ==86205== by 0x3D293E: Py_DECREF (object.h:914) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== Address 0x5311b600 is 0 bytes inside a block of size 68 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x3D2948: Py_DECREF (object.h:922) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x321E4F: Py_XDECREF (object.h:1030) ==86205== by 0x336DB2: _PyEval_EvalFrameDefault (generated_cases.c.h:5301) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x2CDE10: unicode_decode_utf8 (unicodeobject.c:4705) ==86205== by 0x2D1C16: PyUnicode_DecodeFSDefaultAndSize (unicodeobject.c:3705) ==86205== by 0x3D3E2E: DirEntry_from_posix_info (posixmodule.c:15629) ==86205== by 0x3D3FD3: ScandirIterator_iternext (posixmodule.c:15802) ==86205== by 0x32E807: _PyEval_EvalFrameDefault (generated_cases.c.h:2486) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== ==86205== Invalid read of size 8 ==86205== at 0x272356: Py_REFCNT (object.h:315) ==86205== by 0x272356: PyObject_Print (object.c:541) ==86205== by 0x2724DE: _PyObject_Dump (object.c:630) ==86205== by 0x2726DD: _PyObject_AssertFailed (object.c:2847) ==86205== by 0x2727D6: _Py_NegativeRefcount (object.c:217) ==86205== by 0x3D293E: Py_DECREF (object.h:914) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x32B882: _PyEval_EvalFrameDefault (generated_cases.c.h:1577) ==86205== by 0x340E51: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x340F64: _PyEval_Vector (ceval.c:1788) ==86205== Address 0x5311b600 is 0 bytes inside a block of size 68 free'd ==86205== at 0x48458CF: free (vg_replace_malloc.c:989) ==86205== by 0x276249: _PyMem_RawFree (obmalloc.c:84) ==86205== by 0x28691A: PyObject_Free (obmalloc.c:995) ==86205== by 0x2B615A: unicode_dealloc (unicodeobject.c:1599) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x3D2948: Py_DECREF (object.h:922) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ==86205== by 0x321E30: Py_DECREF (object.h:922) ==86205== by 0x321E4F: Py_XDECREF (object.h:1030) ==86205== by 0x336DB2: _PyEval_EvalFrameDefault (generated_cases.c.h:5301) ==86205== Block was alloc'd at ==86205== at 0x4842788: malloc (vg_replace_malloc.c:446) ==86205== by 0x276F60: _PyMem_RawMalloc (obmalloc.c:56) ==86205== by 0x28689F: PyObject_Malloc (obmalloc.c:966) ==86205== by 0x2BB7E5: PyUnicode_New (unicodeobject.c:1238) ==86205== by 0x2CDE10: unicode_decode_utf8 (unicodeobject.c:4705) ==86205== by 0x2D1C16: PyUnicode_DecodeFSDefaultAndSize (unicodeobject.c:3705) ==86205== by 0x3D3E2E: DirEntry_from_posix_info (posixmodule.c:15629) ==86205== by 0x3D3FD3: ScandirIterator_iternext (posixmodule.c:15802) ==86205== by 0x32E807: _PyEval_EvalFrameDefault (generated_cases.c.h:2486) ==86205== by 0x238B86: _PyEval_EvalFrame (pycore_ceval.h:115) ==86205== by 0x238EC9: gen_send_ex2 (genobject.c:228) ==86205== by 0x23A43F: gen_iternext (genobject.c:586) ==86205== ==86205== ==86205== Process terminating with default action of signal 6 (SIGABRT): dumping core ==86205== at 0x4A35E44: __pthread_kill_implementation (pthread_kill.c:44) ==86205== by 0x49DDA2F: raise (raise.c:26) ==86205== by 0x49C54C2: abort (abort.c:79) ==86205== by 0x3A1FB1: fatal_error_exit (pylifecycle.c:2814) ==86205== by 0x3A39B0: fatal_error (pylifecycle.c:2995) ==86205== by 0x3A3A1A: _Py_FatalErrorFunc (pylifecycle.c:3011) ==86205== by 0x27266B: _PyObject_AssertFailed (object.c:2853) ==86205== by 0x2727D6: _Py_NegativeRefcount (object.c:217) ==86205== by 0x3D293E: Py_DECREF (object.h:914) ==86205== by 0x3D2A88: Py_XDECREF (object.h:1030) ==86205== by 0x3D3B8A: DirEntry_dealloc (posixmodule.c:15092) ==86205== by 0x271E6B: _Py_Dealloc (object.c:2875) ```

I'll play around with -X tracemalloc and maybe clang's sanitizers next, in the hope that they can say something more.

The-Compiler commented 5 months ago

Similar result with ASan:

tests/unit/mainwindow/test_messageview.py::test_replaced_messages[None-testid-2] =================================================================
==168082==ERROR: AddressSanitizer: heap-use-after-free on address 0x506004080b60 at pc 0x5f101832396d bp 0x7ffcbe3ffd90 sp 0x7ffcbe3ffd88
``` READ of size 4 at 0x506004080b60 thread T0 #0 0x5f101832396c in Py_INCREF /home/florian/proj/cpython/./Include/object.h:812:30 #1 0x5f101832396c in _Py_NewRef /home/florian/proj/cpython/./Include/object.h:1046:5 #2 0x5f101832396c in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:3795:24 #3 0x5f1017fe5a62 in _PyObject_VectorcallTstate /home/florian/proj/cpython/./Include/internal/pycore_call.h:168:11 #4 0x5f1018159a41 in call_attribute /home/florian/proj/cpython/Objects/typeobject.c:8874:15 #5 0x5f1018159a41 in _Py_slot_tp_getattr_hook /home/florian/proj/cpython/Objects/typeobject.c:8924:19 #6 0x5f10180e16a7 in PyObject_GetAttr /home/florian/proj/cpython/Objects/object.c:1153:18 #7 0x5f10182cdb21 in builtin_getattr /home/florian/proj/cpython/Python/bltinmodule.c:1179:18 #8 0x5f1018303e87 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1072:19 #9 0x5f101803861c in _PyEval_EvalFrame /home/florian/proj/cpython/./Include/internal/pycore_ceval.h:115:16 #10 0x5f101803861c in gen_send_ex2 /home/florian/proj/cpython/Objects/genobject.c:228:24 #11 0x5f101803419a in gen_iternext /home/florian/proj/cpython/Objects/genobject.c:586:9 #12 0x5f1018061d35 in list_extend_iter /home/florian/proj/cpython/Objects/listobject.c:985:26 #13 0x5f1018061d35 in list_extend /home/florian/proj/cpython/Objects/listobject.c:1042:16 #14 0x5f1018061628 in _PyList_Extend /home/florian/proj/cpython/Objects/listobject.c:1050:9 #15 0x5f1017f9a856 in PySequence_List /home/florian/proj/cpython/Objects/abstract.c:2135:10 #16 0x5f1017f9aaca in PySequence_Fast /home/florian/proj/cpython/Objects/abstract.c:2166:9 #17 0x5f10181cb7ce in PyUnicode_Join /home/florian/proj/cpython/Objects/unicodeobject.c:9569:12 #18 0x5f1018309140 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1166:19 #19 0x5f1017fe7e8c in _PyVectorcall_Call /home/florian/proj/cpython/Objects/call.c:273:16 #20 0x5f1018606d4b in bounded_lru_cache_wrapper /home/florian/proj/cpython/./Modules/_functoolsmodule.c:1013:14 #21 0x5f1017fe6594 in _PyObject_MakeTpCall /home/florian/proj/cpython/Objects/call.c:242:18 #22 0x5f10182ff363 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:815:23 #23 0x5f1017fe5ebb in _PyObject_VectorcallDictTstate /home/florian/proj/cpython/Objects/call.c:146:15 #24 0x5f1017fe8d8f in _PyObject_Call_Prepend /home/florian/proj/cpython/Objects/call.c:504:24 #25 0x5f1018162e73 in slot_tp_init /home/florian/proj/cpython/Objects/typeobject.c:9083:15 #26 0x5f101814f1de in type_call /home/florian/proj/cpython/Objects/typeobject.c:1694:19 #27 0x5f1017fe6594 in _PyObject_MakeTpCall /home/florian/proj/cpython/Objects/call.c:242:18 #28 0x5f10183067f8 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1394:19 #29 0x5f1017fe5ebb in _PyObject_VectorcallDictTstate /home/florian/proj/cpython/Objects/call.c:146:15 #30 0x5f1017fe8d8f in _PyObject_Call_Prepend /home/florian/proj/cpython/Objects/call.c:504:24 #31 0x5f10181608c2 in slot_tp_call /home/florian/proj/cpython/Objects/typeobject.c:8839:15 #32 0x5f1017fe6594 in _PyObject_MakeTpCall /home/florian/proj/cpython/Objects/call.c:242:18 #33 0x5f10183067f8 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1394:19 #34 0x5f1017fe5ebb in _PyObject_VectorcallDictTstate /home/florian/proj/cpython/Objects/call.c:146:15 #35 0x5f1017fe8d8f in _PyObject_Call_Prepend /home/florian/proj/cpython/Objects/call.c:504:24 #36 0x5f10181608c2 in slot_tp_call /home/florian/proj/cpython/Objects/typeobject.c:8839:15 #37 0x5f1017fe8255 in _PyObject_Call /home/florian/proj/cpython/Objects/call.c:361:18 #38 0x5f1018303a40 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1250:26 #39 0x5f1017fe5ebb in _PyObject_VectorcallDictTstate /home/florian/proj/cpython/Objects/call.c:146:15 #40 0x5f1017fe8d8f in _PyObject_Call_Prepend /home/florian/proj/cpython/Objects/call.c:504:24 #41 0x5f10181608c2 in slot_tp_call /home/florian/proj/cpython/Objects/typeobject.c:8839:15 #42 0x5f1017fe6594 in _PyObject_MakeTpCall /home/florian/proj/cpython/Objects/call.c:242:18 #43 0x5f10183067f8 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1394:19 #44 0x5f1017fe5ebb in _PyObject_VectorcallDictTstate /home/florian/proj/cpython/Objects/call.c:146:15 #45 0x5f1017fe8d8f in _PyObject_Call_Prepend /home/florian/proj/cpython/Objects/call.c:504:24 #46 0x5f10181608c2 in slot_tp_call /home/florian/proj/cpython/Objects/typeobject.c:8839:15 #47 0x5f1017fe6594 in _PyObject_MakeTpCall /home/florian/proj/cpython/Objects/call.c:242:18 #48 0x5f10183067f8 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1394:19 #49 0x5f1017fe5ebb in _PyObject_VectorcallDictTstate /home/florian/proj/cpython/Objects/call.c:146:15 #50 0x5f1017fe8d8f in _PyObject_Call_Prepend /home/florian/proj/cpython/Objects/call.c:504:24 #51 0x5f10181608c2 in slot_tp_call /home/florian/proj/cpython/Objects/typeobject.c:8839:15 #52 0x5f1017fe6594 in _PyObject_MakeTpCall /home/florian/proj/cpython/Objects/call.c:242:18 #53 0x5f10183067f8 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1394:19 #54 0x5f10182d6a65 in _PyEval_EvalFrame /home/florian/proj/cpython/./Include/internal/pycore_ceval.h:115:16 #55 0x5f10182d6a65 in _PyEval_Vector /home/florian/proj/cpython/Python/ceval.c:1788:12 #56 0x5f10182d6a65 in PyEval_EvalCode /home/florian/proj/cpython/Python/ceval.c:592:21 #57 0x5f10182cd527 in builtin_exec_impl /home/florian/proj/cpython/Python/bltinmodule.c:1118:17 #58 0x5f10182cd527 in builtin_exec /home/florian/proj/cpython/Python/clinic/bltinmodule.c.h:540:20 #59 0x5f10180d3511 in cfunction_vectorcall_FASTCALL_KEYWORDS /home/florian/proj/cpython/Objects/methodobject.c:441:24 #60 0x5f1017fe5a62 in _PyObject_VectorcallTstate /home/florian/proj/cpython/./Include/internal/pycore_call.h:168:11 #61 0x5f10182ff363 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:815:23 #62 0x5f1017fe7e8c in _PyVectorcall_Call /home/florian/proj/cpython/Objects/call.c:273:16 #63 0x5f10184f1d0d in pymain_run_module /home/florian/proj/cpython/Modules/main.c:297:14 #64 0x5f10184ef792 in pymain_run_python /home/florian/proj/cpython/Modules/main.c:622:21 #65 0x5f10184ef792 in Py_RunMain /home/florian/proj/cpython/Modules/main.c:707:5 #66 0x5f10184f17a3 in pymain_main /home/florian/proj/cpython/Modules/main.c:737:12 #67 0x5f10184f1a7e in Py_BytesMain /home/florian/proj/cpython/Modules/main.c:761:12 #68 0x74432a298c87 (/usr/lib/libc.so.6+0x25c87) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) #69 0x74432a298d4b in __libc_start_main (/usr/lib/libc.so.6+0x25d4b) (BuildId: 32a656aa5562eece8c59a585f5eacd6cf5e2307b) #70 0x5f1017cf7ec4 in _start (/home/florian/proj/cpython/python+0x23fec4) (BuildId: 472839294c0413d2f8beb5aa8c1f9ae1822dc88b) 0x506004080b60 is located 0 bytes inside of 50-byte region [0x506004080b60,0x506004080b92) freed by thread T0 here: #0 0x5f1017de6072 in free.part.0 asan_malloc_linux.cpp.o #1 0x5f10184c84d7 in tracemalloc_free /home/florian/proj/cpython/Python/tracemalloc.c:614:5 #2 0x5f10180e82c7 in _Py_Dealloc /home/florian/proj/cpython/Objects/object.c:2875:5 #3 0x5f1018098ac3 in Py_DECREF /home/florian/proj/cpython/./Include/object.h:922:9 #4 0x5f1018098ac3 in Py_XDECREF /home/florian/proj/cpython/./Include/object.h:1030:9 #5 0x5f1018098ac3 in insertdict /home/florian/proj/cpython/Objects/dictobject.c:1311:5 #6 0x5f10180b135a in _PyObjectDict_SetItem /home/florian/proj/cpython/Objects/dictobject.c #7 0x5f10180e5490 in _PyObject_GenericSetAttrWithDict /home/florian/proj/cpython/Objects/object.c:1730:19 #8 0x5f101814f877 in type_setattro /home/florian/proj/cpython/Objects/typeobject.c:4981:11 #9 0x5f10180e20ac in PyObject_SetAttr /home/florian/proj/cpython/Objects/object.c:1306:15 #10 0x5f1018304731 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:5144:27 #11 0x5f1017fe5ebb in _PyObject_VectorcallDictTstate /home/florian/proj/cpython/Objects/call.c:146:15 #12 0x5f1017fe8d8f in _PyObject_Call_Prepend /home/florian/proj/cpython/Objects/call.c:504:24 #13 0x5f10181608c2 in slot_tp_call /home/florian/proj/cpython/Objects/typeobject.c:8839:15 #14 0x5f1017fe6594 in _PyObject_MakeTpCall /home/florian/proj/cpython/Objects/call.c:242:18 #15 0x5f10183067f8 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1394:19 #16 0x5f1017fe5ebb in _PyObject_VectorcallDictTstate /home/florian/proj/cpython/Objects/call.c:146:15 #17 0x5f1017fe8d8f in _PyObject_Call_Prepend /home/florian/proj/cpython/Objects/call.c:504:24 #18 0x5f10181608c2 in slot_tp_call /home/florian/proj/cpython/Objects/typeobject.c:8839:15 #19 0x5f1017fe8255 in _PyObject_Call /home/florian/proj/cpython/Objects/call.c:361:18 #20 0x5f1018303a40 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1250:26 #21 0x5f1017fe5ebb in _PyObject_VectorcallDictTstate /home/florian/proj/cpython/Objects/call.c:146:15 #22 0x5f1017fe8d8f in _PyObject_Call_Prepend /home/florian/proj/cpython/Objects/call.c:504:24 #23 0x5f10181608c2 in slot_tp_call /home/florian/proj/cpython/Objects/typeobject.c:8839:15 #24 0x5f1017fe6594 in _PyObject_MakeTpCall /home/florian/proj/cpython/Objects/call.c:242:18 #25 0x5f10183067f8 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1394:19 #26 0x5f1017fe5ebb in _PyObject_VectorcallDictTstate /home/florian/proj/cpython/Objects/call.c:146:15 #27 0x5f1017fe8d8f in _PyObject_Call_Prepend /home/florian/proj/cpython/Objects/call.c:504:24 #28 0x5f10181608c2 in slot_tp_call /home/florian/proj/cpython/Objects/typeobject.c:8839:15 #29 0x5f1017fe6594 in _PyObject_MakeTpCall /home/florian/proj/cpython/Objects/call.c:242:18 #30 0x5f10183067f8 in _PyEval_EvalFrameDefault /home/florian/proj/cpython/Python/generated_cases.c.h:1394:19 #31 0x5f1017fe5ebb in _PyObject_VectorcallDictTstate /home/florian/proj/cpython/Objects/call.c:146:15 previously allocated by thread T0 here: #0 0x5f1017de70a9 in malloc (/home/florian/proj/cpython/python+0x32f0a9) (BuildId: 472839294c0413d2f8beb5aa8c1f9ae1822dc88b) #1 0x5f10184cd6c8 in tracemalloc_alloc /home/florian/proj/cpython/Python/tracemalloc.c:536:15 #2 0x5f10184cdc4d in tracemalloc_alloc_gil /home/florian/proj/cpython/Python/tracemalloc.c:640:11 #3 0x5f1018192780 in PyUnicode_New /home/florian/proj/cpython/Objects/unicodeobject.c:1238:24 #4 0x744327ffacf2 in sip_api_unicode_new /tmp/pip-install-y87d3n5v/pyqt6-sip_626af1e47840447c9f7c098c3c07b101/sip_core.c:11388:16 #5 0x744308e15146 in qpycore_PyObject_FromQString(QString const&) (/home/florian/proj/qutebrowser/git/.venv-py313dev/lib/python3.13/site-packages/PyQt6/QtCore.abi3.so+0x215146) (BuildId: 74342f967c05e7e19c5fd152ab11397679a17e61) SUMMARY: AddressSanitizer: heap-use-after-free /home/florian/proj/cpython/./Include/object.h:812:30 in Py_INCREF Shadow bytes around the buggy address: 0x506004080880: fd fd fd fd fa fa fa fa fd fd fd fd fd fd fd fd 0x506004080900: fa fa fa fa fd fd fd fd fd fd fd fd fa fa fa fa 0x506004080980: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd 0x506004080a00: fd fd fd fa fa fa fa fa fd fd fd fd fd fd fd fd 0x506004080a80: fa fa fa fa 00 00 00 00 00 00 00 00 fa fa fa fa =>0x506004080b00: fd fd fd fd fd fd fd fd fa fa fa fa[fd]fd fd fd 0x506004080b80: fd fd fd fa fa fa fa fa fd fd fd fd fd fd fd fd 0x506004080c00: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa 0x506004080c80: fd fd fd fd fd fd fd fd fa fa fa fa fd fd fd fd 0x506004080d00: fd fd fd fd fa fa fa fa fd fd fd fd fd fd fd fd 0x506004080d80: fa fa fa fa 00 00 00 00 00 00 06 fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ```
The-Compiler commented 5 months ago

I've finally been able to reduce this a lot at least within the qutebrowser project - those two tests trigger the bug as soon as the second one runs for the 1010th time.

import pytest

from qutebrowser.config import configdata, configtypes, configdata
from qutebrowser.utils import standarddir

def test_crash_1(qapp):
    standarddir.init(None)
    configdata.init()
    configtypes.FontBase.set_defaults(None, '10pt')

@pytest.mark.parametrize("i", range(1010))
def test_crash_2(config_stub, i):
    configtypes.Font().to_py("10pt default_family")

I've not yet been able to reproduce this outside of pytest (or qutebrowser), as it still seems to be pretty sensitive about what's going on before the bug gets triggered (probably because gc related?). But at this point it looks like I should be able to cook up a minimal-ish example with a couple more hours of try and error.

The-Compiler commented 5 months ago

Aaaand I arrived at a minimal example:

from PyQt6.QtCore import QSysInfo

def maybe_crash():
    class StringHolder:

        value = None

        @classmethod
        def set_value(cls):
            # needs to be set here, setting from outside doesn't trigger the crash.
            # anything that returns a QString from Qt/C++
            cls.value = QSysInfo.productType()

    class StringHolderSub(StringHolder):

        # needs to be subclass, using StringHolder directly to access .value
        # doesn't trigger the crash.

        pass

    for _ in range(1010):  # triggers exactly after 1010 times.
        StringHolder.set_value()
        StringHolderSub.value

if __name__ == "__main__":
    for _ in range(5):
        # crash is not 100% reproducible with the minimal reproducer
        maybe_crash()

Crashes reliably when using a --with-address-sanitizer or with PYTHONMALLOC=malloc for me. With the default allocator, it needs 2-3 times, but the for loop will take care of that.

@rhettinger @markshannon Hope that works? It still requires PyQt6, I have not tested yet if the string can also be from another third-party library. A normal Python string won't trigger it.

Sorry for the notification-heavy notes to myself here - since this was a longer process, I figured it'd be better to have my notes here than just for myself.

The-Compiler commented 5 months ago

From the PyQt maintainer:

The PyQt code that triggers the crash is the qpycore_PyObject_FromQString() function. Base on that I think the following (similar) code would also trigger it...

PyObject *obj;
int kind;
void *data;

obj = PyUnicode_New(1, 127);
kind = PyUnicode_KIND(obj);
data = PyUnicode_DATA(obj);

PyUnicode_WRITE(kind, data, 0, (Py_UCS4)'A');

If the length is initialised to 0 (rather than 1) and there is no call to PyUnicode_WRITE() then there is no crash.

markshannon commented 4 months ago

Is the string you are creating escaping to other code before it is fully initialized? If the hash and data contradict, strange things can happen.

Can you link to the source of qpycore_PyObject_FromQString()? That might give me a clue.

vstinner commented 4 months ago

I ran a git bisect and the regression was introduced by: commit 992446dd5bd3fff92ea0f8064fb19eebfe105cef.

commit 992446dd5bd3fff92ea0f8064fb19eebfe105cef (HEAD)
Author: Mark Shannon <mark@hotpy.org>
Date:   Mon Feb 5 16:20:54 2024 +0000

    GH-113462: Limit the number of versions that a single class can use. (GH-114900)

 Include/cpython/object.h                                                          |  1 +
 Lib/test/test_type_cache.py                                                       | 13 +++++++++++++
 Misc/NEWS.d/next/Core and Builtins/2024-02-02-05-27-48.gh-issue-113462.VMml8q.rst |  2 ++
 Objects/typeobject.c                                                              |  7 ++++++-
 4 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 Misc/NEWS.d/next/Core and Builtins/2024-02-02-05-27-48.gh-issue-113462.VMml8q.rst
vstinner commented 4 months ago

I can reproduce the bug in a reliable way without PyQt with a debug build of Python:

def maybe_crash():
    class StringHolder:
        value = None

        @classmethod
        def set_value(cls):
            cls.value = b'abc'.decode()

    class StringHolderSub(StringHolder):
        pass

    for _ in range(1010):
        StringHolder.set_value()
        StringHolderSub.value

if __name__ == "__main__":
    for _ in range(5):
        maybe_crash()

Example of output:

$ ~/python/main/python bug.py 
Python/generated_cases.c.h:5040: _Py_NegativeRefcount: Assertion failed: object has negative ref count
<object at 0x7f1b8f86fa60 is freed>
Fatal Python error: _PyObject_AssertFailed: _PyObject_AssertFailed
Python runtime state: initialized

Current thread 0x00007f1b9d5f0740 (most recent call first):
  File "/home/vstinner/python/3.13/bug.py", line 14 in maybe_crash
  File "/home/vstinner/python/3.13/bug.py", line 18 in <module>
Abandon (core dumped)
vstinner commented 4 months ago

If I revert this change on the main branch, I can no longer reproduce the bug:

diff --git a/Include/cpython/object.h b/Include/cpython/object.h
index 0ab94e5e2a..0bfc20ac9c 100644
--- a/Include/cpython/object.h
+++ b/Include/cpython/object.h
@@ -229,7 +229,6 @@ struct _typeobject {

     /* bitset of which type-watchers care about this type */
     unsigned char tp_watched;
-    uint16_t tp_versions_used;
 };

 /* This struct is used by the specializer
diff --git a/Objects/typeobject.c b/Objects/typeobject.c
index 958f42430c..333ddb811c 100644
--- a/Objects/typeobject.c
+++ b/Objects/typeobject.c
@@ -1214,8 +1214,6 @@ _PyType_GetVersionForCurrentState(PyTypeObject *tp)

-#define MAX_VERSIONS_PER_CLASS 1000
-
 static int
 assign_version_tag(PyInterpreterState *interp, PyTypeObject *type)
 {
@@ -1232,10 +1230,6 @@ assign_version_tag(PyInterpreterState *interp, PyTypeObject *type)
     if (!_PyType_HasFeature(type, Py_TPFLAGS_READY)) {
         return 0;
     }
-    if (type->tp_versions_used >= MAX_VERSIONS_PER_CLASS) {
-        return 0;
-    }
-    type->tp_versions_used++;
     if (type->tp_flags & Py_TPFLAGS_IMMUTABLETYPE) {
         /* static types */
         if (NEXT_GLOBAL_VERSION_TAG > _Py_MAX_GLOBAL_TYPE_VERSION_TAG) {
markshannon commented 4 months ago

Thanks @vstinner, that's really helpful.

markshannon commented 4 months ago

We were failing to maintain the invariant that superclass versions must be updated before subclass versions. https://github.com/python/cpython/commit/992446dd5bd3fff92ea0f8064fb19eebfe105cef exposed the bug.

It should be possible to cause the same failure with https://github.com/python/cpython/commit/992446dd5bd3fff92ea0f8064fb19eebfe105cef reverted by changing the 1010 in the reproducer to ~4 billion.

vstinner commented 4 months ago

Would it make sense to revert the change for now (in 3.13 and main branches), and consider a more long term approach in Python 3.14?

markshannon commented 4 months ago

@The-Compiler can you confirm that this is fixed for you on both the main and 3.13 branches?

markshannon commented 4 months ago

Would it make sense to revert the change for now (in 3.13 and main branches), and consider a more long term approach in Python 3.14?

It's fixed now (pending confirmation)

vstinner commented 4 months ago

I confirm that I can no longer reproduce the https://github.com/python/cpython/issues/119462#issuecomment-2135613367 crash on the 3.13 development branch. I close the issue.

The-Compiler commented 4 months ago

The main branch seems to be failing for me in ways that look to be unrelated (will dig into those at a later point); and indeed 3.13 now is working fine for me. Thanks @markshannon and @vstinner! :+1:

  • © Githubissues.
  • Githubissues is a development platform for aggregating issues.