Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-138514

Segfault in QTestPrivate::generateTestIdentifier()

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Not Evaluated
    • None
    • 6.11
    • Testing: qtestlib
    • None
    • Linux/X11

    Description

      There seems to be a race condition in Qt Test which can lead to a segfault when writing debug messages to QDebug from a background thread.

      I was so far unable to reproduce the crash with a local build of qtbase (commit ab1431e1), but the CI triggered it once: https://testresults.qt.io/logs/qt/qtopcua/209e4e49d98640165e6ad43e3a654f8cc32e4806/LinuxopenSUSE_15_6x86_64LinuxopenSUSE_15_6x86_64GCCqtci-linux-openSUSE-15.6-x86_64-51-c5f162Sccache_UseAddressSanitizer_UseConfigure_WarningsAreErrors/d2428c571c99b23d9a20dead68834753e03eae35/test_1752590089/log.txt.gz

      This is the relevant part of the stack trace, #9 writes a debug message using qCInfo(). The object the thread belongs to lives for the entire duration of the test case.

      build.go:412: ==14466==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f89e92757d0 bp 0x7f89e07fb9a0 sp 0x7f89e07fb950 T2)
build.go:412: ==14466==The signal is caused by a READ memory access.
build.go:412: ==14466==Hint: address points to the zero page.

#0 0x7f89e92757cf in QTestPrivate::generateTestIdentifier(QTestCharBuffer*, int) /home/qt/work/qt/qtbase/src/testlib/qabstracttestlogger.cpp:441
#1 0x7f89e929a93e in QPlainTestLogger::printMessage(QPlainTestLogger::MessageSource, char const*, char const*, char const*, int) /home/qt/work/qt/qtbase/src/testlib/qplaintestlogger.cpp:287
#2 0x7f89e929ccd7 in QPlainTestLogger::addMessage(QAbstractTestLogger::MessageTypes, QString const&, char const*, int) /home/qt/work/qt/qtbase/src/testlib/qplaintestlogger.cpp:501
#3 0x7f89e92752b8 in QAbstractTestLogger::addMessage(QtMsgType, QMessageLogContext const&, QString const&) /home/qt/work/qt/qtbase/src/testlib/qabstracttestlogger.cpp:384
#4 0x7f89e929cb1d in QPlainTestLogger::addMessage(QtMsgType, QMessageLogContext const&, QString const&) /home/qt/work/qt/qtbase/src/testlib/qplaintestlogger.cpp:491
#5 0x7f89e931776c in messageHandler /home/qt/work/qt/qtbase/src/testlib/qtestlog.cpp:344
#6 0x7f89e61bd1c5 in qt_message_print /home/qt/work/qt/qtbase/src/corelib/global/qlogging.cpp:2132
#7 0x7f89e61bd3e4 in qt_message_output(QtMsgType, QMessageLogContext const&, QString const&) /home/qt/work/qt/qtbase/src/corelib/global/qlogging.cpp:2177
#8 0x7f89e621bb0b in QDebug::~QDebug() /home/qt/work/qt/qtbase/src/corelib/io/qdebug.cpp:163
#9 0x7f89e0910b09 in Open62541AsyncBackend::open62541LogHandler(void*, UA_LogLevel, UA_LogCategory, char const*, __va_list_tag*) /home/qt/work/qt/qtopcua/src/plugins/opcua/open62541/qopen62541backend.cpp:494

      The debug output happens at the end of a test, which implies a race condition when the current data tag changes from that test to the next test.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            macadder Jason McDonald
            basyskom.jannis.voelker Jannis Völker
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Gerrit Reviews

                There are no open Gerrit changes