Details
-
Bug
-
Resolution: Fixed
-
P2: Important
-
6.4
-
macOS 12.3
-
-
Team B Foundation Sprint 58
Description
The usage of QObject::objectName() from the render thread of an object that lives in the main thread causes Address Sanitiser to post an error when running the tst_qquickanimations::cleanupWhenRenderThreadStops() auto test. This is supposed to work according to https://code.qt.io/cgit/qt/qtbase.git/commit/?id=3f32dcd1ddcbe04c77ccd83e2eaa566d7212e732
But it doesn't in this case. This should be a safe operation because this is during a "sync" phase of the rendering where the main thread is blocked by a wait condition while the render thread "syncs" it state with the main thread. This seems to be caused by the new binding system in Qt 6.
13:55:09: Starting /Users/mitch/dev/qt-dev2-debug-non-fw/qtdeclarative/tests/auto/quick/qquickanimations/tst_qquickanimations... ********* Start testing of tst_qquickanimations ********* Config: Using QtTest library 6.4.0, Qt 6.4.0 (x86_64-little_endian-lp64 shared (dynamic) debug build; by Clang 13.1.6 (clang-1316.0.21.2) (Apple)), macos 12.3 PASS : tst_qquickanimations::initTestCase() PASS : tst_qquickanimations::simpleProperty() PASS : tst_qquickanimations::simpleNumber() PASS : tst_qquickanimations::simpleColor() PASS : tst_qquickanimations::simpleRotation() PASS : tst_qquickanimations::simplePath() PASS : tst_qquickanimations::simpleAnchor() PASS : tst_qquickanimations::reparent() PASS : tst_qquickanimations::pathInterpolator() PASS : tst_qquickanimations::pathInterpolatorBackwardJump() PASS : tst_qquickanimations::pathWithNoStart() PASS : tst_qquickanimations::alwaysRunToEnd() PASS : tst_qquickanimations::complete() PASS : tst_qquickanimations::resume() PASS : tst_qquickanimations::dotProperty() PASS : tst_qquickanimations::badTypes() PASS : tst_qquickanimations::badProperties() PASS : tst_qquickanimations::mixedTypes() PASS : tst_qquickanimations::properties() PASS : tst_qquickanimations::propertiesTransition() QWARN : tst_qquickanimations::pathTransition() Binding on animations is not deferred as requested by the DeferredPropertyNames class info because one or more of its sub-objects contain an id. PASS : tst_qquickanimations::pathTransition() PASS : tst_qquickanimations::disabledTransition() PASS : tst_qquickanimations::invalidDuration() PASS : tst_qquickanimations::attached() QWARN : tst_qquickanimations::propertyValueSourceDefaultStart() Binding on animation is not deferred as requested by the DeferredPropertyNames class info because one or more of its sub-objects contain an id. PASS : tst_qquickanimations::propertyValueSourceDefaultStart() QWARN : tst_qquickanimations::dontStart() Binding on animations is not deferred as requested by the DeferredPropertyNames class info because one or more of its sub-objects contain an id. PASS : tst_qquickanimations::dontStart() PASS : tst_qquickanimations::easingProperties() PASS : tst_qquickanimations::rotation() PASS : tst_qquickanimations::startStopSignals() PASS : tst_qquickanimations::signalOrder(ColorAnimation, duration = 10) PASS : tst_qquickanimations::signalOrder(ColorAnimation, duration = 0) PASS : tst_qquickanimations::signalOrder(ParallelAnimation, duration = 0) PASS : tst_qquickanimations::runningTrueBug() PASS : tst_qquickanimations::nonTransitionBug() PASS : tst_qquickanimations::registrationBug() PASS : tst_qquickanimations::doubleRegistrationBug() PASS : tst_qquickanimations::alwaysRunToEndRestartBug() PASS : tst_qquickanimations::transitionAssignmentBug() PASS : tst_qquickanimations::pauseBindingBug() PASS : tst_qquickanimations::pauseBug() PASS : tst_qquickanimations::loopingBug() PASS : tst_qquickanimations::anchorBug() PASS : tst_qquickanimations::pathAnimationInOutBackBug() PASS : tst_qquickanimations::scriptActionBug() PASS : tst_qquickanimations::groupAnimationNullChildBug() PASS : tst_qquickanimations::scriptActionCrash() PASS : tst_qquickanimations::animatorInvalidTargetCrash() PASS : tst_qquickanimations::defaultPropertyWarning() PASS : tst_qquickanimations::pathSvgAnimation() PASS : tst_qquickanimations::pathLineUnspecifiedXYBug() PASS : tst_qquickanimations::unsetAnimatorProxyJobWindow() QWARN : tst_qquickanimations::finished() Binding on animation is not deferred as requested by the DeferredPropertyNames class info because one or more of its sub-objects contain an id. QWARN : tst_qquickanimations::finished() Binding on animations is not deferred as requested by the DeferredPropertyNames class info because one or more of its sub-objects contain an id. PASS : tst_qquickanimations::finished() PASS : tst_qquickanimations::replacingTransitions() PASS : tst_qquickanimations::animationJobSelfDestruction() PASS : tst_qquickanimations::fastFlickingBug() PASS : tst_qquickanimations::opacityAnimationFromZero() PASS : tst_qquickanimations::alwaysRunToEndInSequentialAnimationBug() ================================================================= ==29412==ERROR: AddressSanitizer: heap-use-after-free on address 0x6080001f4028 at pc 0x000116c7e474 bp 0x700000e0caf0 sp 0x700000e0cae8 READ of size 8 at 0x6080001f4028 thread T94 #0 0x116c7e473 in _ZNK21QObjectCompatPropertyIN14QObjectPrivate9ExtraDataE7QStringXadL_ZNS1_30_qt_property_objectName_offsetEvEEXadL_ZNS1_22setObjectNameForwarderERKS2_EEXadL_ZNS1_20nameChangedForwarderES4_EELDn0EE5valueEv qproperty_p.h:520 #1 0x116c7d0e4 in _ZNK21QObjectCompatPropertyIN14QObjectPrivate9ExtraDataE7QStringXadL_ZNS1_30_qt_property_objectName_offsetEvEEXadL_ZNS1_22setObjectNameForwarderERKS2_EEXadL_ZNS1_20nameChangedForwarderES4_EELDn0EEcvS4_Ev qproperty_p.h:544 #2 0x116c7d031 in QObject::objectName() const qobject.cpp:1265 #3 0x116c84ab4 in qt_qFindChild_helper(QObject const*, QString const&, QMetaObject const&, QFlags<Qt::FindChildOption>) qobject.cpp:2143 #4 0x110736d48 in QSGBatchRenderer::ShaderManager* QObject::findChild<QSGBatchRenderer::ShaderManager*>(QString const&, QFlags<Qt::FindChildOption>) const qobject.h:180 #5 0x11073628f in QSGBatchRenderer::Renderer::Renderer(QSGDefaultRenderContext*, QSGRendererInterface::RenderMode) qsgbatchrenderer.cpp:903 #6 0x1107370c2 in QSGBatchRenderer::Renderer::Renderer(QSGDefaultRenderContext*, QSGRendererInterface::RenderMode) qsgbatchrenderer.cpp:886 #7 0x11091c833 in QSGDefaultRenderContext::createRenderer(QSGRendererInterface::RenderMode) qsgdefaultrendercontext.cpp:248 #8 0x11060b241 in QQuickWindowPrivate::syncSceneGraph() qquickwindow.cpp:558 #9 0x11121d0d0 in QSGRenderThread::sync(bool) qsgthreadedrenderloop.cpp:585 #10 0x11121fa6b in QSGRenderThread::syncAndRender() qsgthreadedrenderloop.cpp:723 #11 0x111223e47 in QSGRenderThread::run() qsgthreadedrenderloop.cpp:974 #12 0x117418dda in QThreadPrivate::start(void*)::$_0::operator()() const qthread_unix.cpp:358 #13 0x117411c0c in void (anonymous namespace)::terminate_on_exception<QThreadPrivate::start(void*)::$_0>(QThreadPrivate::start(void*)::$_0&&) qthread_unix.cpp:294 #14 0x117411846 in QThreadPrivate::start(void*) qthread_unix.cpp:317 #15 0x7ff81092b4e0 in _pthread_start+0x7c (libsystem_pthread.dylib:x86_64+0x64e0) #16 0x7ff810926f6a in thread_start+0xe (libsystem_pthread.dylib:x86_64+0x1f6a) 0x6080001f4028 is located 8 bytes inside of 89-byte region [0x6080001f4020,0x6080001f4079) freed by thread T93 here: #0 0x10b78e6d9 in wrap_free+0xa9 (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x486d9) #1 0x7ff81092951b in _pthread_tsd_cleanup+0x19b (libsystem_pthread.dylib:x86_64+0x451b) #2 0x7ff81092bb88 in _pthread_exit+0x45 (libsystem_pthread.dylib:x86_64+0x6b88) #3 0x7ff81092b4eb in _pthread_start+0x87 (libsystem_pthread.dylib:x86_64+0x64eb) #4 0x7ff810926f6a in thread_start+0xe (libsystem_pthread.dylib:x86_64+0x1f6a) previously allocated by thread T93 here: #0 0x10b78e590 in wrap_malloc+0xa0 (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x48590) #1 0x10ff8391e in dyld4::RuntimeState::_instantiateTLVs(unsigned long)+0xae (dyld:x86_64+0xf91e) #2 0x7ff810932563 in tlv_get_addr+0x127 (libdyld.dylib:x86_64+0x1563) #3 0x117411138 in set_thread_data(QThreadData*) qthread_unix.cpp:169 #4 0x1174189a9 in QThreadPrivate::start(void*)::$_0::operator()() const qthread_unix.cpp:332 #5 0x117411c0c in void (anonymous namespace)::terminate_on_exception<QThreadPrivate::start(void*)::$_0>(QThreadPrivate::start(void*)::$_0&&) qthread_unix.cpp:294 #6 0x117411846 in QThreadPrivate::start(void*) qthread_unix.cpp:317 #7 0x7ff81092b4e0 in _pthread_start+0x7c (libsystem_pthread.dylib:x86_64+0x64e0) #8 0x7ff810926f6a in thread_start+0xe (libsystem_pthread.dylib:x86_64+0x1f6a) Thread T94 created by T0 here: #0 0x10b78871c in wrap_pthread_create+0x5c (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x4271c) #1 0x11741381f in QThread::start(QThread::Priority) qthread_unix.cpp:744 #2 0x11122b870 in QSGThreadedRenderLoop::handleExposure(QQuickWindow*) qsgthreadedrenderloop.cpp:1319 #3 0x111229a55 in QSGThreadedRenderLoop::exposureChanged(QQuickWindow*) qsgthreadedrenderloop.cpp:1244 #4 0x1106070ec in QQuickWindow::exposeEvent(QExposeEvent*) qquickwindow.cpp:214 #5 0x11ac33b15 in QWindow::event(QEvent*) qwindow.cpp:2501 #6 0x110617e74 in QQuickWindow::event(QEvent*) qquickwindow.cpp:1552 #7 0x116aa439d in QCoreApplicationPrivate::notify_helper(QObject*, QEvent*) qcoreapplication.cpp:1237 #8 0x116aa355c in doNotify(QObject*, QEvent*) qcoreapplication.cpp:1166 #9 0x116aa3780 in QCoreApplication::notify(QObject*, QEvent*) qcoreapplication.cpp:1149 #10 0x11aa39a13 in QGuiApplication::notify(QObject*, QEvent*) qguiapplication.cpp:1939 #11 0x116aa3217 in QCoreApplication::notifyInternal2(QObject*, QEvent*) qcoreapplication.cpp:1070 #12 0x116aa5f93 in QCoreApplication::sendSpontaneousEvent(QObject*, QEvent*) qcoreapplication.cpp:1500 #13 0x11aa4920f in QGuiApplicationPrivate::processExposeEvent(QWindowSystemInterfacePrivate::ExposeEvent*) qguiapplication.cpp:3181 #14 0x11aa3b54b in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) qguiapplication.cpp:2078 #15 0x11ac87901 in bool QWindowSystemHelper<QWindowSystemInterface::SynchronousDelivery>::handleEvent<QWindowSystemInterfacePrivate::ExposeEvent, QWindow*, QRegion>(QWindow*, QRegion) qwindowsysteminterface.cpp:135 #16 0x11ac6cb48 in bool handleWindowSystemEvent<QWindowSystemInterfacePrivate::ExposeEvent, QWindowSystemInterface::SynchronousDelivery, QWindow*, QRegion>(QWindow*, QRegion) qwindowsysteminterface.cpp:167 #17 0x11ac6c9dc in bool QWindowSystemInterface::handleExposeEvent<QWindowSystemInterface::SynchronousDelivery>(QWindow*, QRegion const&) qwindowsysteminterface.cpp:360 #18 0x10ee28c6e in QCocoaWindow::handleExposeEvent(QRegion const&) qcocoawindow.mm:1444 #19 0x10ee5ad5d in -[QNSView(Drawing) displayLayer:] qnsview_drawing.mm:243 #20 0x7ff817a9e950 in CA::Layer::display_if_needed(CA::Transaction*)+0x368 (QuartzCore:x86_64+0x20950) #21 0x7ff817bf5335 in CA::Context::commit_transaction(CA::Transaction*, double, double*)+0x27f (QuartzCore:x86_64+0x177335) #22 0x7ff817a80230 in CA::Transaction::commit()+0x308 (QuartzCore:x86_64+0x2230) #23 0x7ff8135827f0 in __62+[CATransaction(NSCATransaction) NS_setFlushesWithDisplayLink]_block_invoke+0x11c (AppKit:x86_64+0x1aa7f0) #24 0x7ff813cc9687 in ___NSRunLoopObserverCreateWithHandler_block_invoke+0x28 (AppKit:x86_64+0x8f1687) #25 0x7ff8109f0e8f in __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__+0x16 (CoreFoundation:x86_64h+0x7ee8f) #26 0x7ff8109f0d21 in __CFRunLoopDoObservers+0x21e (CoreFoundation:x86_64h+0x7ed21) #27 0x7ff8109f01b3 in __CFRunLoopRun+0x347 (CoreFoundation:x86_64h+0x7e1b3) #28 0x7ff8109ef7ab in CFRunLoopRunSpecific+0x231 (CoreFoundation:x86_64h+0x7d7ab) #29 0x7ff819676ce5 in RunCurrentEventLoopInMode+0x123 (HIToolbox:x86_64+0x2fce5) #30 0x7ff819676912 in ReceiveNextEventCommon+0x11a (HIToolbox:x86_64+0x2f912) #31 0x7ff8196767e4 in _BlockUntilNextEventMatchingListInModeWithFilter+0x45 (HIToolbox:x86_64+0x2f7e4) #32 0x7ff8134165cc in _DPSNextEvent+0x39e (AppKit:x86_64+0x3e5cc) #33 0x7ff813414c89 in -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:]+0x571 (AppKit:x86_64+0x3cc89) #34 0x10edb3247 in QCocoaEventDispatcher::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) qcocoaeventdispatcher.mm:482 #35 0x116aa463d in QCoreApplication::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) qcoreapplication.cpp:1299 #36 0x11ac08181 in bool QTest::qWaitFor<QTest::qWaitForWindowExposed(QWindow*, int)::$_1>(QTest::qWaitForWindowExposed(QWindow*, int)::$_1, int) qtestsupport_core.h:75 #37 0x11ac078b2 in QTest::qWaitForWindowExposed(QWindow*, int) qtestsupport_gui.cpp:93 #38 0x109c5851d in tst_qquickanimations::cleanupWhenRenderThreadStops() tst_qquickanimations.cpp:2011 #39 0x109c58fa7 in tst_qquickanimations::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) tst_qquickanimations.moc:320 #40 0x116b103cc in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const qmetaobject.cpp:2393 #41 0x10b44ab0d in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const qmetaobject.h:126 #42 0x10b448681 in QTest::TestMethods::invokeTestOnData(int) const qtestcase.cpp:967 #43 0x10b44bd7e in QTest::TestMethods::invokeTest(int, char const*, QTest::WatchDog*) const qtestcase.cpp:1218 #44 0x10b4522ca in QTest::TestMethods::invokeTests(QObject*) const qtestcase.cpp:1560 #45 0x10b45466f in QTest::qRun() qtestcase.cpp:2026 #46 0x10b4532e7 in QTest::qExec(QObject*, int, char**) qtestcase.cpp:1928 #47 0x109c5893c in main tst_qquickanimations.cpp:2014 #48 0x10ff7951d in start+0x1cd (dyld:x86_64+0x551d) Thread T93 created by T0 here: #0 0x10b78871c in wrap_pthread_create+0x5c (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x4271c) #1 0x11741381f in QThread::start(QThread::Priority) qthread_unix.cpp:744 #2 0x11122b870 in QSGThreadedRenderLoop::handleExposure(QQuickWindow*) qsgthreadedrenderloop.cpp:1319 #3 0x111229a55 in QSGThreadedRenderLoop::exposureChanged(QQuickWindow*) qsgthreadedrenderloop.cpp:1244 #4 0x1106070ec in QQuickWindow::exposeEvent(QExposeEvent*) qquickwindow.cpp:214 #5 0x11ac33b15 in QWindow::event(QEvent*) qwindow.cpp:2501 #6 0x110617e74 in QQuickWindow::event(QEvent*) qquickwindow.cpp:1552 #7 0x116aa439d in QCoreApplicationPrivate::notify_helper(QObject*, QEvent*) qcoreapplication.cpp:1237 #8 0x116aa355c in doNotify(QObject*, QEvent*) qcoreapplication.cpp:1166 #9 0x116aa3780 in QCoreApplication::notify(QObject*, QEvent*) qcoreapplication.cpp:1149 #10 0x11aa39a13 in QGuiApplication::notify(QObject*, QEvent*) qguiapplication.cpp:1939 #11 0x116aa3217 in QCoreApplication::notifyInternal2(QObject*, QEvent*) qcoreapplication.cpp:1070 #12 0x116aa5f93 in QCoreApplication::sendSpontaneousEvent(QObject*, QEvent*) qcoreapplication.cpp:1500 #13 0x11aa4920f in QGuiApplicationPrivate::processExposeEvent(QWindowSystemInterfacePrivate::ExposeEvent*) qguiapplication.cpp:3181 #14 0x11aa3b54b in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) qguiapplication.cpp:2078 #15 0x11ac87901 in bool QWindowSystemHelper<QWindowSystemInterface::SynchronousDelivery>::handleEvent<QWindowSystemInterfacePrivate::ExposeEvent, QWindow*, QRegion>(QWindow*, QRegion) qwindowsysteminterface.cpp:135 #16 0x11ac6cb48 in bool handleWindowSystemEvent<QWindowSystemInterfacePrivate::ExposeEvent, QWindowSystemInterface::SynchronousDelivery, QWindow*, QRegion>(QWindow*, QRegion) qwindowsysteminterface.cpp:167 #17 0x11ac6c9dc in bool QWindowSystemInterface::handleExposeEvent<QWindowSystemInterface::SynchronousDelivery>(QWindow*, QRegion const&) qwindowsysteminterface.cpp:360 #18 0x10ee28c6e in QCocoaWindow::handleExposeEvent(QRegion const&) qcocoawindow.mm:1444 #19 0x10ee5ad5d in -[QNSView(Drawing) displayLayer:] qnsview_drawing.mm:243 #20 0x7ff817a9e950 in CA::Layer::display_if_needed(CA::Transaction*)+0x368 (QuartzCore:x86_64+0x20950) #21 0x7ff817bf5335 in CA::Context::commit_transaction(CA::Transaction*, double, double*)+0x27f (QuartzCore:x86_64+0x177335) #22 0x7ff817a80230 in CA::Transaction::commit()+0x308 (QuartzCore:x86_64+0x2230) #23 0x7ff8135827f0 in __62+[CATransaction(NSCATransaction) NS_setFlushesWithDisplayLink]_block_invoke+0x11c (AppKit:x86_64+0x1aa7f0) #24 0x7ff813cc9687 in ___NSRunLoopObserverCreateWithHandler_block_invoke+0x28 (AppKit:x86_64+0x8f1687) #25 0x7ff8109f0e8f in __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__+0x16 (CoreFoundation:x86_64h+0x7ee8f) #26 0x7ff8109f0d21 in __CFRunLoopDoObservers+0x21e (CoreFoundation:x86_64h+0x7ed21) #27 0x7ff8109f01b3 in __CFRunLoopRun+0x347 (CoreFoundation:x86_64h+0x7e1b3) #28 0x7ff8109ef7ab in CFRunLoopRunSpecific+0x231 (CoreFoundation:x86_64h+0x7d7ab) #29 0x7ff819676ce5 in RunCurrentEventLoopInMode+0x123 (HIToolbox:x86_64+0x2fce5) #30 0x7ff819676912 in ReceiveNextEventCommon+0x11a (HIToolbox:x86_64+0x2f912) #31 0x7ff8196767e4 in _BlockUntilNextEventMatchingListInModeWithFilter+0x45 (HIToolbox:x86_64+0x2f7e4) #32 0x7ff8134165cc in _DPSNextEvent+0x39e (AppKit:x86_64+0x3e5cc) #33 0x7ff813414c89 in -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:]+0x571 (AppKit:x86_64+0x3cc89) #34 0x10edb3247 in QCocoaEventDispatcher::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) qcocoaeventdispatcher.mm:482 #35 0x116aa463d in QCoreApplication::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) qcoreapplication.cpp:1299 #36 0x11ac08181 in bool QTest::qWaitFor<QTest::qWaitForWindowExposed(QWindow*, int)::$_1>(QTest::qWaitForWindowExposed(QWindow*, int)::$_1, int) qtestsupport_core.h:75 #37 0x11ac078b2 in QTest::qWaitForWindowExposed(QWindow*, int) qtestsupport_gui.cpp:93 #38 0x109c58420 in tst_qquickanimations::cleanupWhenRenderThreadStops() tst_qquickanimations.cpp:2007 #39 0x109c58fa7 in tst_qquickanimations::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) tst_qquickanimations.moc:320 #40 0x116b103cc in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const qmetaobject.cpp:2393 #41 0x10b44ab0d in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const qmetaobject.h:126 #42 0x10b448681 in QTest::TestMethods::invokeTestOnData(int) const qtestcase.cpp:967 #43 0x10b44bd7e in QTest::TestMethods::invokeTest(int, char const*, QTest::WatchDog*) const qtestcase.cpp:1218 #44 0x10b4522ca in QTest::TestMethods::invokeTests(QObject*) const qtestcase.cpp:1560 #45 0x10b45466f in QTest::qRun() qtestcase.cpp:2026 #46 0x10b4532e7 in QTest::qExec(QObject*, int, char**) qtestcase.cpp:1928 #47 0x109c5893c in main tst_qquickanimations.cpp:2014 #48 0x10ff7951d in start+0x1cd (dyld:x86_64+0x551d) SUMMARY: AddressSanitizer: heap-use-after-free qproperty_p.h:520 in _ZNK21QObjectCompatPropertyIN14QObjectPrivate9ExtraDataE7QStringXadL_ZNS1_30_qt_property_objectName_offsetEvEEXadL_ZNS1_22setObjectNameForwarderERKS2_EEXadL_ZNS1_20nameChangedForwarderES4_EELDn0EE5valueEv Shadow bytes around the buggy address: 0x1c100003e7b0: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fa 0x1c100003e7c0: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd 0x1c100003e7d0: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd 0x1c100003e7e0: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd 0x1c100003e7f0: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd =>0x1c100003e800: fa fa fa fa fd[fd]fd fd fd fd fd fd fd fd fd fd 0x1c100003e810: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fa 0x1c100003e820: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fa 0x1c100003e830: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd 0x1c100003e840: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fa 0x1c100003e850: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==29412==ABORTING 13:56:00: /Users/mitch/dev/qt-dev2-debug-non-fw/qtdeclarative/tests/auto/quick/qquickanimations/tst_qquickanimations crashed.
Attachments
Issue Links
- relates to
-
QTBUG-101177 QTimer random segmentation fault (SIGSEGV)
- Closed
-
QTBUG-101681 tst_QPointer::threadSafety() is flaky (probably race condition)
- Closed
-
QTBUG-99775 Crash on QObject::objectName access when using QThreadPool from non-owning thread
- Closed
For Gerrit Dashboard: QTBUG-102403 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
414213,4 | QSGBatchRenderer: look for ShaderManager by type only, ignore name | dev | qt/qtdeclarative | Status: MERGED | +2 | 0 |
414485,2 | QSGBatchRenderer: look for ShaderManager by type only, ignore name | 6.3 | qt/qtdeclarative | Status: MERGED | +2 | 0 |
414486,2 | QSGBatchRenderer: look for ShaderManager by type only, ignore name | 6.3.1 | qt/qtdeclarative | Status: MERGED | +2 | 0 |
414487,2 | QSGBatchRenderer: look for ShaderManager by type only, ignore name | tqtc/lts-6.2 | qt/tqtc-qtdeclarative | Status: MERGED | +2 | 0 |
416979,5 | Avoid misleading bindingStatus | dev | qt/qtbase | Status: MERGED | +2 | 0 |
417017,3 | QThread: Initialize bindingStatus for adopted threads | dev | qt/qtbase | Status: MERGED | +2 | 0 |
417424,2 | Avoid misleading bindingStatus | 6.4 | qt/qtbase | Status: MERGED | +2 | 0 |
421576,2 | QThread: Initialize bindingStatus for adopted threads | 6.4 | qt/qtbase | Status: MERGED | +2 | 0 |
421577,1 | QThread: Initialize bindingStatus for adopted threads | 6.3 | qt/qtbase | Status: ABANDONED | -1 | 0 |
424407,3 | QThread: Initialize bindingStatus for adopted threads | tqtc/lts-6.2 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
424411,3 | Avoid misleading bindingStatus | tqtc/lts-6.2 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |