=================================================================
==17024==ERROR: AddressSanitizer: heap-use-after-free on address 0x60d00002db28 at pc 0x69193a bp 0x7fff79454960 sp 0x7fff79454958
READ of size 2 at 0x60d00002db28 thread T0
    #0 0x691939 in operator() /mnt/ram/qtbase-opensource-src-5.7.0/src/corelib/tools/qstring.cpp:695
    #1 0x691939 in exec<int, findChar(const QChar*, int, QChar, int, Qt::CaseSensitivity)::<lambda(int)>, findChar(const QChar*, int, QChar, int, Qt::CaseSensitivity)::<lambda(int)> > /mnt/ram/qtbase-opensource-src-5.7.0/src/corelib/tools/qstring.cpp:185
    #2 0x691939 in findChar /mnt/ram/qtbase-opensource-src-5.7.0/src/corelib/tools/qstring.cpp:696
    #3 0x436902 in QMakeGlobals::expandEnvVars(QString const&) const /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeglobals.cpp:278
    #4 0x48c22c in QMakeEvaluator::evaluateBuiltinExpand(int, ProKey const&, ProStringList const&) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakebuiltins.cpp:720
    #5 0x466609 in QMakeEvaluator::evaluateExpandFunction(ProKey const&, unsigned short const*&) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1747
    #6 0x466c56 in QMakeEvaluator::evaluateExpression(unsigned short const*&, ProStringList*, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:458
    #7 0x46807a in QMakeEvaluator::expandVariableReferences(unsigned short const*&, int, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1621
    #8 0x469292 in QMakeEvaluator::visitProVariable(unsigned short, ProStringList const&, unsigned short const*&) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:876
    #9 0x462f17 in QMakeEvaluator::visitProBlock(unsigned short const*) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:535
    #10 0x46ca63 in QMakeEvaluator::visitProBlock(ProFile*, unsigned short const*) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:513
    #11 0x46ca63 in QMakeEvaluator::visitProFile(ProFile*, QMakeHandler::EvalFileType, QFlags<QMakeEvaluator::LoadFlag>) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1421
    #12 0x46e54b in QMakeEvaluator::evaluateFile(QString const&, QMakeHandler::EvalFileType, QFlags<QMakeEvaluator::LoadFlag>) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1857
    #13 0x406c3b in QMakeProject::read(QString const&, QFlags<QMakeEvaluator::LoadFlag>) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/project.cpp:69
    #14 0x4276a1 in runQMake(int, char**) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/main.cpp:367
    #15 0x7f98c99f078f in __libc_start_main (/lib64/libc.so.6+0x2078f)
    #16 0x4065b8 in _start (/mnt/ram/qtbase-opensource-src-5.7.0/bin/qmake+0x4065b8)

0x60d00002db28 is located 120 bytes inside of 136-byte region [0x60d00002dab0,0x60d00002db38)
freed by thread T0 here:
    #0 0x7f98ca6c4797 in __interceptor_free (/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.3/libasan.so.1+0x54797)
    #1 0x44b96e in QTypedArrayData<unsigned short>::deallocate(QArrayData*) /mnt/ram/qtbase-opensource-src-5.7.0/include/QtCore/../../src/corelib/tools/qarraydata.h:228
    #2 0x44b96e in ~QString /mnt/ram/qtbase-opensource-src-5.7.0/include/QtCore/../../src/corelib/tools/qstring.h:1075
    #3 0x44b96e in ~ProString /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/proitems.h:66
    #4 0x44b96e in QVector<ProString>::destruct(ProString*, ProString*) /mnt/ram/qtbase-opensource-src-5.7.0/include/QtCore/../../src/corelib/tools/qvector.h:351
    #5 0x44b96e in QVector<ProString>::freeData(QTypedArrayData<ProString>*) /mnt/ram/qtbase-opensource-src-5.7.0/include/QtCore/../../src/corelib/tools/qvector.h:523
    #6 0x46663c in ~QVector /mnt/ram/qtbase-opensource-src-5.7.0/include/QtCore/../../src/corelib/tools/qvector.h:75
    #7 0x46663c in ~ProStringList /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/proitems.h:224
    #8 0x46663c in QMakeEvaluator::evaluateExpandFunction(ProKey const&, unsigned short const*&) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1747
    #9 0x466c56 in QMakeEvaluator::evaluateExpression(unsigned short const*&, ProStringList*, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:458
    #10 0x46807a in QMakeEvaluator::expandVariableReferences(unsigned short const*&, int, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1621
    #11 0x4665f2 in QMakeEvaluator::evaluateExpandFunction(ProKey const&, unsigned short const*&) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1747
    #12 0x466c56 in QMakeEvaluator::evaluateExpression(unsigned short const*&, ProStringList*, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:458
    #13 0x46807a in QMakeEvaluator::expandVariableReferences(unsigned short const*&, int, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1621
    #14 0x469292 in QMakeEvaluator::visitProVariable(unsigned short, ProStringList const&, unsigned short const*&) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:876
    #15 0x462f17 in QMakeEvaluator::visitProBlock(unsigned short const*) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:535
    #16 0x46ca63 in QMakeEvaluator::visitProBlock(ProFile*, unsigned short const*) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:513
    #17 0x46ca63 in QMakeEvaluator::visitProFile(ProFile*, QMakeHandler::EvalFileType, QFlags<QMakeEvaluator::LoadFlag>) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1421
    #18 0x46e54b in QMakeEvaluator::evaluateFile(QString const&, QMakeHandler::EvalFileType, QFlags<QMakeEvaluator::LoadFlag>) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1857
    #19 0x406c3b in QMakeProject::read(QString const&, QFlags<QMakeEvaluator::LoadFlag>) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/project.cpp:69
    #20 0x4276a1 in runQMake(int, char**) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/main.cpp:367
    #21 0x7f98c99f078f in __libc_start_main (/lib64/libc.so.6+0x2078f)
    #22 0x4065b8 in _start (/mnt/ram/qtbase-opensource-src-5.7.0/bin/qmake+0x4065b8)

previously allocated by thread T0 here:
    #0 0x7f98ca6c49af in malloc (/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.3/libasan.so.1+0x549af)
    #1 0x6d47ca in QArrayData::allocate(unsigned long, unsigned long, unsigned long, QFlags<QArrayData::AllocationOption>) /mnt/ram/qtbase-opensource-src-5.7.0/src/corelib/tools/qarraydata.cpp:114
    #2 0x697247 in QTypedArrayData<unsigned short>::allocate(unsigned long, QFlags<QArrayData::AllocationOption>) /mnt/ram/qtbase-opensource-src-5.7.0/include/QtCore/../../src/corelib/tools/qarraydata.h:222
    #3 0x697247 in QString::QString(int, Qt::Initialization) /mnt/ram/qtbase-opensource-src-5.7.0/src/corelib/tools/qstring.cpp:1565
    #4 0x42c160 in ProString::prepareExtend(int, int, int) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/proitems.cpp:183
    #5 0x42d21e in ProString::append(ProString const&, bool*) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/proitems.cpp:238
    #6 0x467774 in addStr /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:361
    #7 0x467774 in QMakeEvaluator::evaluateExpression(unsigned short const*&, ProStringList*, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:430
    #8 0x46807a in QMakeEvaluator::expandVariableReferences(unsigned short const*&, int, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1621
    #9 0x4665f2 in QMakeEvaluator::evaluateExpandFunction(ProKey const&, unsigned short const*&) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1747
    #10 0x466c56 in QMakeEvaluator::evaluateExpression(unsigned short const*&, ProStringList*, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:458
    #11 0x46807a in QMakeEvaluator::expandVariableReferences(unsigned short const*&, int, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1621
    #12 0x4665f2 in QMakeEvaluator::evaluateExpandFunction(ProKey const&, unsigned short const*&) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1747
    #13 0x466c56 in QMakeEvaluator::evaluateExpression(unsigned short const*&, ProStringList*, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:458
    #14 0x46807a in QMakeEvaluator::expandVariableReferences(unsigned short const*&, int, bool) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1621
    #15 0x469292 in QMakeEvaluator::visitProVariable(unsigned short, ProStringList const&, unsigned short const*&) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:876
    #16 0x462f17 in QMakeEvaluator::visitProBlock(unsigned short const*) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:535
    #17 0x46ca63 in QMakeEvaluator::visitProBlock(ProFile*, unsigned short const*) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:513
    #18 0x46ca63 in QMakeEvaluator::visitProFile(ProFile*, QMakeHandler::EvalFileType, QFlags<QMakeEvaluator::LoadFlag>) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1421
    #19 0x46e54b in QMakeEvaluator::evaluateFile(QString const&, QMakeHandler::EvalFileType, QFlags<QMakeEvaluator::LoadFlag>) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/library/qmakeevaluator.cpp:1857
    #20 0x406c3b in QMakeProject::read(QString const&, QFlags<QMakeEvaluator::LoadFlag>) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/project.cpp:69
    #21 0x4276a1 in runQMake(int, char**) /mnt/ram/qtbase-opensource-src-5.7.0/qmake/main.cpp:367
    #22 0x7f98c99f078f in __libc_start_main (/lib64/libc.so.6+0x2078f)
    #23 0x4065b8 in _start (/mnt/ram/qtbase-opensource-src-5.7.0/bin/qmake+0x4065b8)

SUMMARY: AddressSanitizer: heap-use-after-free /mnt/ram/qtbase-opensource-src-5.7.0/src/corelib/tools/qstring.cpp:695 operator()
Shadow bytes around the buggy address:
  0x0c1a7fffdb10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c1a7fffdb20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c1a7fffdb30: fa fa fa fa fa fa fa fa fa fa fa fa fd fd fd fd
  0x0c1a7fffdb40: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa
  0x0c1a7fffdb50: fa fa fa fa fa fa fd fd fd fd fd fd fd fd fd fd
=>0x0c1a7fffdb60: fd fd fd fd fd[fd]fd fa fa fa fa fa fa fa fa fa
  0x0c1a7fffdb70: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c1a7fffdb80: fd fd fa fa fa fa fa fa fa fa fd fd fd fd fd fd
  0x0c1a7fffdb90: fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa
  0x0c1a7fffdba0: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c1a7fffdbb0: fd fd fd fd fd fd fa fa fa fa fa fa fa fa fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Contiguous container OOB:fc
  ASan internal:           fe
==17024==ABORTING