Uploaded image for project: 'Qt Automotive Suite'
  1. Qt Automotive Suite
  2. AUTOSUITE-1653

Heap-use-after-free on exit in QtAM

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Not Evaluated
    • Resolution: Done
    • Affects Version/s: 5.15.1
    • Fix Version/s: None
    • Component/s: Qt Application Manager
    • Labels:
      None
    • Platform/s:
      Linux/X11, Linux/Yocto
    • Commits:
      baed6890cf9c55609b62106c0b7c4f737088d826 (qt/qtapplicationmanager/dev) d384e5b9654e110066498b7932f7f3410718710b (qt/qtapplicationmanager/5.15)

      Description

      Qt Application Manager crashes with segmentation fault when application is exited

      =================================================================
      ==3596==ERROR: AddressSanitizer: heap-use-after-free on address 0x608000086368 at pc 0x000000766db1 bp 0x7ffffbf54480 sp 0x7ffffbf54478
      READ of size 8 at 0x608000086368 thread T0
          #0 0x766db0 in QVector<QtAM::IntentInfo*>::begin() const /build-linux-asan/install/include/QtCore/qvector.h:211:59
          #1 0x82bbc4 in void qDeleteAll<QVector<QtAM::IntentInfo*> >(QVector<QtAM::IntentInfo*> const&) /build-linux-asan/install/include/QtCore/qalgorithms.h:328:18
          #2 0x828182 in QtAM::PackageInfo::~PackageInfo() /qt/qtapplicationmanager/src/application-lib/packageinfo.cpp:62:5
          #3 0x835c90 in void qDeleteAll<QtAM::PackageInfo* const*>(QtAM::PackageInfo* const*, QtAM::PackageInfo* const*) /build-linux-asan/install/include/QtCore/qalgorithms.h:320:9
          #4 0x8347fd in void qDeleteAll<QVector<QtAM::PackageInfo*> >(QVector<QtAM::PackageInfo*> const&) /build-linux-asan/install/include/QtCore/qalgorithms.h:328:5
          #5 0x82fbb2 in QtAM::PackageDatabase::~PackageDatabase() /qt/qtapplicationmanager/src/application-lib/packagedatabase.cpp:95:5
          #6 0x749aef in QtAM::PackageManager::~PackageManager() /qt/qtapplicationmanager/src/manager-lib/packagemanager.cpp:497:5
          #7 0x749bdb in QtAM::PackageManager::~PackageManager() /qt/qtapplicationmanager/src/manager-lib/packagemanager.cpp:495:1
          #8 0x43a17b in QtAM::Main::~Main() /qt/qtapplicationmanager/src/main-lib/main.cpp:213:5
          #9 0x436047 in main /qt/qtapplicationmanager/src/tools/appman/appman.cpp:141:1
          #10 0x7f8b0844a0b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16
          #11 0x4350ad in _start (/qt-install-asan/b77e7c5ce8b4b57cb8886a82d9457cf3d3988890/bin/appman+0x4350ad)0x608000086368 is located 72 bytes inside of 96-byte region [0x608000086320,0x608000086380)
      freed by thread T0 here:
          #0 0x7f8b1189e8cd in operator delete(void*) (/usr/lib/llvm-10/lib/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.so+0xc68cd)
          #1 0x835c9c in void qDeleteAll<QtAM::PackageInfo* const*>(QtAM::PackageInfo* const*, QtAM::PackageInfo* const*) /build-linux-asan/install/include/QtCore/qalgorithms.h:320:9
          #2 0x8347fd in void qDeleteAll<QVector<QtAM::PackageInfo*> >(QVector<QtAM::PackageInfo*> const&) /build-linux-asan/install/include/QtCore/qalgorithms.h:328:5
          #3 0x82fbb2 in QtAM::PackageDatabase::~PackageDatabase() /qt/qtapplicationmanager/src/application-lib/packagedatabase.cpp:95:5
          #4 0x749aef in QtAM::PackageManager::~PackageManager() /qt/qtapplicationmanager/src/manager-lib/packagemanager.cpp:497:5
          #5 0x749bdb in QtAM::PackageManager::~PackageManager() /qt/qtapplicationmanager/src/manager-lib/packagemanager.cpp:495:1
          #6 0x43a17b in QtAM::Main::~Main() /qt/qtapplicationmanager/src/main-lib/main.cpp:213:5
          #7 0x436047 in main /qt/qtapplicationmanager/src/tools/appman/appman.cpp:141:1
          #8 0x7f8b0844a0b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16previously allocated by thread T0 here:
          #0 0x7f8b1189e06d in operator new(unsigned long) (/usr/lib/llvm-10/lib/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.so+0xc606d)
          #1 0x82aab3 in QtAM::PackageInfo::readFromDataStream(QDataStream&) /qt/qtapplicationmanager/src/application-lib/packageinfo.cpp:210:37
          #2 0x836b08 in QtAM::ConfigCacheAdaptor<QtAM::PackageInfo>::loadFromCache(QDataStream&) /qt/qtapplicationmanager/src/application-lib/packagedatabase.cpp:69:16
          #3 0x836805 in QtAM::ConfigCache<QtAM::PackageInfo, QtAM::ConfigCacheAdaptor<QtAM::PackageInfo> >::loadFromCache(QDataStream&) /build-linux-asan/appman/build/src/application-lib/../../include/QtAppManCommon/../../../../../qt/qtapplicationmanager/src/common-lib/configcache.h:150:24
          #4 0x94607f in QtAM::AbstractConfigCache::parse() /qt/qtapplicationmanager/src/common-lib/configcache.cpp:216:38
          #5 0x835157 in QtAM::ConfigCache<QtAM::PackageInfo, QtAM::ConfigCacheAdaptor<QtAM::PackageInfo> >::parse() /build-linux-asan/appman/build/src/application-lib/../../include/QtAppManCommon/../../../../../qt/qtapplicationmanager/src/common-lib/configcache.h:128:30
          #6 0x832fd7 in QtAM::PackageDatabase::parse() /qt/qtapplicationmanager/src/application-lib/packagedatabase.cpp:199:15
          #7 0x43f857 in QtAM::Main::loadPackageDatabase(bool, QString const&) /qt/qtapplicationmanager/src/main-lib/main.cpp:474:24
          #8 0x43bd17 in QtAM::Main::setup(QtAM::Configuration const*) /qt/qtapplicationmanager/src/main-lib/main.cpp:263:5
          #9 0x435c7f in main /qt/qtapplicationmanager/src/tools/appman/appman.cpp:116:11
          #10 0x7f8b0844a0b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16
       

        Attachments

        For Gerrit Dashboard: AUTOSUITE-1653
        # Subject Branch Project Status CR V

          Activity

            People

            Assignee:
            rgriebl Robert Griebl
            Reporter:
            diredko diredko
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Gerrit Reviews

                There are no open Gerrit changes