Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-137928

Jemalloc crash in QtPrivate::sizedFree

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • P1: Critical
    • None
    • 6.10
    • Core: Other
    • None
    • Linux/X11

    Description

      When building Qt with -DFEATURE_jemalloc=ON we've seen some crashes like:

       

      ==1729690==ERROR: AddressSanitizer: SEGV on unknown address 0x00000007be58 (pc 0x7f496c015194 bp 0x7ffd8a5528f0 sp 0x7ffd8a552870 T0)

==1729690==The signal is caused by a READ memory access.

    #0 0x7f496c015194  (/usr/lib/libjemalloc.so.2+0x79194) (BuildId: 845c1445614473730daf8ee0747d2f5a3ee63729)

    #1 0x7f496c012799  (/usr/lib/libjemalloc.so.2+0x76799) (BuildId: 845c1445614473730daf8ee0747d2f5a3ee63729)

    #2 0x7f496bfbe9c0  (/usr/lib/libjemalloc.so.2+0x229c0) (BuildId: 845c1445614473730daf8ee0747d2f5a3ee63729)

    #3 0x7f4964da1aa6 in QtPrivate::sizedFree(void*, unsigned long) /pub_data/sources/qt/qt6/qtbase/src/corelib/global/qalloc.cpp:35

    #4 0x7f4965b35257 in QArrayData::deallocate(QArrayData*, long long, long long) /pub_data/sources/qt/qt6/qtbase/src/corelib/tools/qarraydata.cpp:273

    #5 0x559cb42397da in QTypedArrayData<char>::deallocate(QArrayData*) /pub_data/sources/qt/qt6/qtbase/src/corelib/tools/qarraydata.h:162

    #6 0x559cb42307b8 in QArrayDataPointer<char>::~QArrayDataPointer() /pub_data/sources/qt/qt6/qtbase/src/corelib/tools/qarraydatapointer.h:110

    #7 0x559cb4229905 in QByteArray::~QByteArray() /pub_data/sources/qt/qt6/qtbase/src/corelib/text/qbytearray.h:625

    #8 0x559cb4210918 in Scanner::printEvent(Scanner::WaylandEvent const&, bool, bool) /pub_data/sources/qt/qt6/qtbase/src/tools/qtwaylandscanner/qtwaylandscanner.cpp:338

    #9 0x559cb4220c69 in Scanner::process() /pub_data/sources/qt/qt6/qtbase/src/tools/qtwaylandscanner/qtwaylandscanner.cpp:1053

    #10 0x559cb42277fc in main /pub_data/sources/qt/qt6/qtbase/src/tools/qtwaylandscanner/qtwaylandscanner.cpp:1326

    #11 0x7f4960a376b4  (/usr/lib/libc.so.6+0x276b4) (BuildId: 468e3585c794491a48ea75fceb9e4d6b1464fc35)

    #12 0x7f4960a37768 in __libc_start_main (/usr/lib/libc.so.6+0x27768) (BuildId: 468e3585c794491a48ea75fceb9e4d6b1464fc35)

    #13 0x559cb4209b94 in _start (/pub_data/sources/qt/qt6/build-dev-qtbase-jemalloc-asan/qtbase/libexec/qtwaylandscanner+0x8cb94) (BuildId: 4fcc4df9dfbfa83242722767685a696e29453f9f)

      And also similar crashes without ASAN enabled.

      The easiest way to repro is build Qt with:
      -DFEATURE_jemalloc=ON -DQT_BUILD_SUBMODULES=qtbase -DQT_FEATURE_sanitize_undefined=ON -DQT_FEATURE_sanitize_address=ON

      and you'll notice either RCC or qtwaylandscanner crashing.

      This was reproed with latest dev branch

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            thiago Thiago Macieira
            sergio.luis Sergio Martins
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:

              Gerrit Reviews

                There are no open Gerrit changes