Description
********* Start testing of tst_QMesh ********* Config: Using QtTest library 6.7.0, Qt 6.7.0 (x86_64-little_endian-lp64 shared (dynamic) debug build; by GCC 9.3.1 20200406 [revision 6db837a5288ee3ca5ec504fbd5a765817e556ac2]), opensuse-leap 15.5 PASS : tst_QMesh::initTestCase() PASS : tst_QMesh::checkDefaultConstruction() PASS : tst_QMesh::checkPropertyChanges() =================================================================
==2647==ERROR: AddressSanitizer: heap-use-after-free on address 0x604000018ee8 at pc 0x7fbef0642fb7 bp 0x7ffef90932e0 sp 0x7ffef90932d8
READ of size 8 at 0x604000018ee8 thread T0
#0 0x7fbef0642fb6 (/home/qt/work/install/lib/libQt63DCore.so.6+0x17dfb6) #1 0x7fbef06414d3 (/home/qt/work/install/lib/libQt63DCore.so.6+0x17c4d3) #2 0x7fbef063f7b2 (/home/qt/work/install/lib/libQt63DCore.so.6+0x17a7b2) #3 0x7fbef063df70 (/home/qt/work/install/lib/libQt63DCore.so.6+0x178f70) #4 0x7fbef063e443 (/home/qt/work/install/lib/libQt63DCore.so.6+0x179443) #5 0x7fbef063e55d (/home/qt/work/install/lib/libQt63DCore.so.6+0x17955d) #6 0x7fbef063e5b8 (/home/qt/work/install/lib/libQt63DCore.so.6+0x1795b8) #7 0x7fbef063ac62 (/home/qt/work/install/lib/libQt63DCore.so.6+0x175c62) #8 0x7fbef0637210 in Qt3DCore::QNodePrivate::notifyDestructionChangesAndRemoveFromScene() (/home/qt/work/install/lib/libQt63DCore.so.6+0x172210) #9 0x7fbef0639f85 in Qt3DCore::QNode::~QNode() (/home/qt/work/install/lib/libQt63DCore.so.6+0x174f85) #10 0x7fbef061c4fd in Qt3DCore::QComponent::~QComponent() (/home/qt/work/install/lib/libQt63DCore.so.6+0x1574fd) #11 0x7fbef05b1c78 in Qt3DCore::QBoundingVolume::~QBoundingVolume() (/home/qt/work/install/lib/libQt63DCore.so.6+0xecc78) #12 0x7fbef0e60e28 in Qt3DRender::QGeometryRenderer::~QGeometryRenderer() (/home/qt/work/install/lib/libQt63DRender.so.6+0x6cee28) #13 0x7fbef0e6be88 in Qt3DRender::QMesh::~QMesh() (/home/qt/work/install/lib/libQt63DRender.so.6+0x6d9e88) #14 0x55ccd58586be in tst_QMesh::checkSourceUpdate() (/home/qt/work/qt/qt3d_standalone_tests/tests/auto/render/qmesh/tst_qmesh+0x156be) #15 0x55ccd5850cf5 in tst_QMesh::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/qt/work/qt/qt3d_standalone_tests/tests/auto/render/qmesh/tst_qmesh_autogen/include/tst_qmesh.moc:177 #16 0x7fbeec5ddc47 in QMetaMethodInvoker::invokeImpl(QMetaMethod, void*, Qt::ConnectionType, long long, void const* const*, char const* const*, QtPrivate::QMetaTypeInterface const* const*) (/home/qt/work/install/lib/libQt6Core.so.6+0x485c47) #17 0x7fbeec5db8cc in QMetaMethod::invokeImpl(QMetaMethod, void*, Qt::ConnectionType, long long, void const* const*, char const* const*, QtPrivate::QMetaTypeInterface const* const*) (/home/qt/work/install/lib/libQt6Core.so.6+0x4838cc) #18 0x7fbef16ed5cc in std::enable_if<!std::disjunction<>::value, bool>::type QMetaMethod::invoke<void>(QObject*, Qt::ConnectionType, QTemplatedMetaMethodReturnArgument<void>) const (/home/qt/work/install/lib/libQt6Test.so.6+0xba5cc) #19 0x7fbef16e8599 in std::enable_if<!std::disjunction<>::value, bool>::type QMetaMethod::invoke<>(QObject*, Qt::ConnectionType) const (/home/qt/work/install/lib/libQt6Test.so.6+0xb5599) #20 0x7fbef16c69e1 (/home/qt/work/install/lib/libQt6Test.so.6+0x939e1) #21 0x7fbef16c8746 (/home/qt/work/install/lib/libQt6Test.so.6+0x95746) #22 0x7fbef16cb4e8 (/home/qt/work/install/lib/libQt6Test.so.6+0x984e8) #23 0x7fbef16cdf9b in QTest::qRun() (/home/qt/work/install/lib/libQt6Test.so.6+0x9af9b) #24 0x7fbef16cccd5 in QTest::qExec(QObject*, int, char**) (/home/qt/work/install/lib/libQt6Test.so.6+0x99cd5) #25 0x55ccd5850a96 in main /home/qt/work/qt/qt3d/tests/auto/render/qmesh/tst_qmesh.cpp:175 #26 0x7fbeeb7e424c in __libc_start_main (/lib64/libc.so.6+0x3524c) #27 0x55ccd584e099 in _start ../sysdeps/x86_64/start.S:120
0x604000018ee8 is located 24 bytes inside of 48-byte region [0x604000018ed0,0x604000018f00)
freed by thread T0 here:
#0 0x7fbef18fde45 in operator delete(void*, unsigned long) (/usr/lib64/libasan.so.5+0x10ce45) #1 0x7fbef063a8ee (/home/qt/work/install/lib/libQt63DCore.so.6+0x1758ee) #2 0x7fbeec6be95f in QObjectPrivate::deleteChildren() (/home/qt/work/install/lib/libQt6Core.so.6+0x56695f) #3 0x7fbeec6ba4ac in QObject::~QObject() (/home/qt/work/install/lib/libQt6Core.so.6+0x5624ac) #4 0x7fbef055e9c0 in Qt3DCore::QAspectEngine::~QAspectEngine() (/home/qt/work/install/lib/libQt63DCore.so.6+0x999c0) #5 0x55ccd585869b in tst_QMesh::checkSourceUpdate() (/home/qt/work/qt/qt3d_standalone_tests/tests/auto/render/qmesh/tst_qmesh+0x1569b) #6 0x55ccd5850cf5 in tst_QMesh::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/qt/work/qt/qt3d_standalone_tests/tests/auto/render/qmesh/tst_qmesh_autogen/include/tst_qmesh.moc:177 #7 0x7fbeec5ddc47 in QMetaMethodInvoker::invokeImpl(QMetaMethod, void*, Qt::ConnectionType, long long, void const* const*, char const* const*, QtPrivate::QMetaTypeInterface const* const*) (/home/qt/work/install/lib/libQt6Core.so.6+0x485c47) #8 0x7fbeec5db8cc in QMetaMethod::invokeImpl(QMetaMethod, void*, Qt::ConnectionType, long long, void const* const*, char const* const*, QtPrivate::QMetaTypeInterface const* const*) (/home/qt/work/install/lib/libQt6Core.so.6+0x4838cc) #9 0x7fbef16ed5cc in std::enable_if<!std::disjunction<>::value, bool>::type QMetaMethod::invoke<void>(QObject*, Qt::ConnectionType, QTemplatedMetaMethodReturnArgument<void>) const (/home/qt/work/install/lib/libQt6Test.so.6+0xba5cc) #10 0x7fbef16e8599 in std::enable_if<!std::disjunction<>::value, bool>::type QMetaMethod::invoke<>(QObject*, Qt::ConnectionType) const (/home/qt/work/install/lib/libQt6Test.so.6+0xb5599) #11 0x7fbef16c69e1 (/home/qt/work/install/lib/libQt6Test.so.6+0x939e1) #12 0x7fbef16c8746 (/home/qt/work/install/lib/libQt6Test.so.6+0x95746) #13 0x7fbef16cb4e8 (/home/qt/work/install/lib/libQt6Test.so.6+0x984e8) #14 0x7fbef16cdf9b in QTest::qRun() (/home/qt/work/install/lib/libQt6Test.so.6+0x9af9b) #15 0x7fbef16cccd5 in QTest::qExec(QObject*, int, char**) (/home/qt/work/install/lib/libQt6Test.so.6+0x99cd5) #16 0x55ccd5850a96 in main /home/qt/work/qt/qt3d/tests/auto/render/qmesh/tst_qmesh.cpp:175 #17 0x7fbeeb7e424c in __libc_start_main (/lib64/libc.so.6+0x3524c)
previously allocated by thread T0 here:
#0 0x7fbef18fc9bf in operator new(unsigned long) (/usr/lib64/libasan.so.5+0x10b9bf) #1 0x7fbef0650c99 (/home/qt/work/install/lib/libQt63DCore.so.6+0x18bc99) #2 0x7fbef064e98b in Qt3DCore::QScene::QScene(Qt3DCore::QAspectEngine*) (/home/qt/work/install/lib/libQt63DCore.so.6+0x18998b) #3 0x55ccd5857d4a in tst_QMesh::checkSourceUpdate() (/home/qt/work/qt/qt3d_standalone_tests/tests/auto/render/qmesh/tst_qmesh+0x14d4a) #4 0x55ccd5850cf5 in tst_QMesh::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/qt/work/qt/qt3d_standalone_tests/tests/auto/render/qmesh/tst_qmesh_autogen/include/tst_qmesh.moc:177 #5 0x7fbeec5ddc47 in QMetaMethodInvoker::invokeImpl(QMetaMethod, void*, Qt::ConnectionType, long long, void const* const*, char const* const*, QtPrivate::QMetaTypeInterface const* const*) (/home/qt/work/install/lib/libQt6Core.so.6+0x485c47) #6 0x7fbeec5db8cc in QMetaMethod::invokeImpl(QMetaMethod, void*, Qt::ConnectionType, long long, void const* const*, char const* const*, QtPrivate::QMetaTypeInterface const* const*) (/home/qt/work/install/lib/libQt6Core.so.6+0x4838cc) #7 0x7fbef16ed5cc in std::enable_if<!std::disjunction<>::value, bool>::type QMetaMethod::invoke<void>(QObject*, Qt::ConnectionType, QTemplatedMetaMethodReturnArgument<void>) const (/home/qt/work/install/lib/libQt6Test.so.6+0xba5cc) #8 0x7fbef16e8599 in std::enable_if<!std::disjunction<>::value, bool>::type QMetaMethod::invoke<>(QObject*, Qt::ConnectionType) const (/home/qt/work/install/lib/libQt6Test.so.6+0xb5599) #9 0x7fbef16c69e1 (/home/qt/work/install/lib/libQt6Test.so.6+0x939e1) #10 0x7fbef16c8746 (/home/qt/work/install/lib/libQt6Test.so.6+0x95746) #11 0x7fbef16cb4e8 (/home/qt/work/install/lib/libQt6Test.so.6+0x984e8) #12 0x7fbef16cdf9b in QTest::qRun() (/home/qt/work/install/lib/libQt6Test.so.6+0x9af9b) #13 0x7fbef16cccd5 in QTest::qExec(QObject*, int, char**) (/home/qt/work/install/lib/libQt6Test.so.6+0x99cd5) #14 0x55ccd5850a96 in main /home/qt/work/qt/qt3d/tests/auto/render/qmesh/tst_qmesh.cpp:175 #15 0x7fbeeb7e424c in __libc_start_main (/lib64/libc.so.6+0x3524c)
SUMMARY: AddressSanitizer: heap-use-after-free (/home/qt/work/install/lib/libQt63DCore.so.6+0x17dfb6)
Shadow bytes around the buggy address:
0x0c087fffb180: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fd 0x0c087fffb190: fa fa fd fd fd fd fd fa fa fa 00 00 00 00 00 fa 0x0c087fffb1a0: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd 0x0c087fffb1b0: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd 0x0c087fffb1c0: fa fa fd fd fd fd fd fa fa fa 00 00 00 00 00 07 =>0x0c087fffb1d0: fa fa fd fd fd fd fd fd fa fa fd fd fd[fd]fd fd 0x0c087fffb1e0: fa fa 00 00 00 00 00 fa fa fa 00 00 00 00 00 04 0x0c087fffb1f0: fa fa fd fd fd fd fd fd fa fa fa fa fa fa fa fa 0x0c087fffb200: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c087fffb210: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c087fffb220: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==2647==ABORTING
Attachments
Issue Links
- blocks
-
QTQAINFRA-5375 Enable ASAN build for Qt modules
- Closed
For Gerrit Dashboard: QTBUG-119137 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
519099,1 | tst_qmesh: fix heap-use-after-free read errors due to wrong destruction order | tqtc/lts-6.5 | qt/tqtc-qt3d | Status: NEW | +2 | 0 |