Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-139413

Crash in QApplication startup in QXcbKeyboard::updateKeymap()

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: P4: Low P4: Low
    • None
    • 6.10.0 Beta3
    • Widgets: Main Window
    • Arch Linux using GNOME + Wayland, but running my app with the xcb platform
    • Linux/X11

      I get the following crash on startup (caught by ASAN):

      =================================================================
==3120623==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7dcff1401174 at pc 0x55555dae7956 bp 0x7fffffffbaf0 sp 0x7fffffffb2b0
READ of size 333 at 0x7dcff1401174 thread T0
    #0 0x55555dae7955 in strndup.part.0 (/home/alex/Documents/git/zrythm/builddir_cmake/products/bin/zrythm+0x8593955) (BuildId: 5ea3bdabe140d174ddb18cbc24dc792f25685eea)
    #1 0x7ffff4069753 in atom_intern /usr/src/debug/libxkbcommon/build/../libxkbcommon/src/atom.c:119:17
    #2 0x7ffff406ba6f in xkb_atom_intern /usr/src/debug/libxkbcommon/build/../libxkbcommon/src/context-priv.c:56:12
    #3 0x7ffff406ba6f in get_aliases /usr/src/debug/libxkbcommon/build/../libxkbcommon/src/x11/keymap.c:1072:13
    #4 0x7ffff406ba6f in get_names /usr/src/debug/libxkbcommon/build/../libxkbcommon/src/x11/keymap.c:1123:10
    #5 0x7ffff406ba6f in xkb_x11_keymap_new_from_device /usr/src/debug/libxkbcommon/build/../libxkbcommon/src/x11/keymap.c:1210:10
    #6 0x7ffff178dbad in QXcbKeyboard::updateKeymap() /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/plugins/platforms/xcb/qxcbkeyboard.cpp:355:26
    #7 0x7ffff178e03d in QXcbKeyboard::QXcbKeyboard(QXcbConnection*) /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/plugins/platforms/xcb/qxcbkeyboard.cpp:516:17
    #8 0x7ffff1762233 in QXcbConnection::QXcbConnection(QXcbNativeInterface*, bool, unsigned int, char const*) /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/plugins/platforms/xcb/qxcbconnection.cpp:79:39
    #9 0x7ffff178aaee in QXcbIntegration::QXcbIntegration(QList<QString> const&, int&, char**) /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/plugins/platforms/xcb/qxcbintegration.cpp:173:106
    #10 0x7ffff4c1e371 in QXcbIntegrationPlugin::create(QString const&, QList<QString> const&, int&, char**) /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/plugins/platforms/xcb/qxcbmain.cpp:22:73
    #11 0x7ffff67ffc19 in QPlatformIntegration* qLoadPlugin<QPlatformIntegration, QPlatformIntegrationPlugin, QList<QString> const&, int&, char**&>(QFactoryLoader const*, QString const&, QList<QString> const&, int&, char**&) /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/corelib/plugin/qfactoryloader_p.h:102:58
    #12 0x7ffff67ffb30 in QPlatformIntegrationFactory::create(QString const&, QList<QString> const&, int&, char**, QString const&) /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/gui/kernel/qplatformintegrationfactory.cpp:23:73
    #13 0x7ffff67c3b69 in init_platform(QString const&, QString const&, QString const&, int&, char**) /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/gui/kernel/qguiapplication.cpp:1308:91
    #14 0x7ffff67c5eac in QGuiApplicationPrivate::createPlatformIntegration() /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/gui/kernel/qguiapplication.cpp:1590:18
    #15 0x7ffff67c6092 in QGuiApplicationPrivate::createEventDispatcher() /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/gui/kernel/qguiapplication.cpp:1608:34
    #16 0x7ffff774cb1c in QApplicationPrivate::createEventDispatcher() /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/widgets/kernel/qapplication.cpp:153:50
    #17 0x7ffff554c6d8 in QCoreApplicationPrivate::init() /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/corelib/kernel/qcoreapplication.cpp:865:30
    #18 0x7ffff67c89e3 in QGuiApplicationPrivate::init() /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/gui/kernel/qguiapplication.cpp:1636:34
    #19 0x7ffff775feca in QApplicationPrivate::init() /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/widgets/kernel/qapplication.cpp:475:33
    #20 0x7ffff775ff79 in QApplication::QApplication(int&, char**, int) /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/widgets/kernel/qapplication.cpp:463:12
    #21 0x55555ec6180f in zrythm::gui::ZrythmApplication::ZrythmApplication(int&, char**) /home/alex/Documents/git/zrythm/src/gui/backend/zrythm_application.cpp:30:7
    #22 0x55555e2aabcc in main /home/alex/Documents/git/zrythm/src/main.cpp:14:34
    #23 0x7ffff4a27674 in __libc_start_call_main /usr/src/debug/glibc/glibc/csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #24 0x7ffff4a27728 in __libc_start_main /usr/src/debug/glibc/glibc/csu/../csu/libc-start.c:360:3
    #25 0x55555da8aea4 in _start (/home/alex/Documents/git/zrythm/builddir_cmake/products/bin/zrythm+0x8536ea4) (BuildId: 5ea3bdabe140d174ddb18cbc24dc792f25685eea)

0x7dcff1401174 is located 0 bytes after 2292-byte region [0x7dcff1400880,0x7dcff1401174)
allocated by thread T2 (QXcbEventQueue) here:
    #0 0x55555db8c0b5 in malloc (/home/alex/Documents/git/zrythm/builddir_cmake/products/bin/zrythm+0x86380b5) (BuildId: 5ea3bdabe140d174ddb18cbc24dc792f25685eea)
    #1 0x7ffff4d68bc3 in read_packet /usr/src/debug/libxcb/libxcb-1.17.0/src/xcb_in.c:265:15
    #2 0x7ffff4d68bc3 in _xcb_in_read /usr/src/debug/libxcb/libxcb-1.17.0/src/xcb_in.c:1042:11

Thread T2 (QXcbEventQueue) created by T0 here:
    #0 0x55555db82dd4 in pthread_create (/home/alex/Documents/git/zrythm/builddir_cmake/products/bin/zrythm+0x862edd4) (BuildId: 5ea3bdabe140d174ddb18cbc24dc792f25685eea)
    #1 0x7ffff540083f in QThread::start(QThread::Priority) /home/alex/Downloads/qt-everywhere-src-6.10.0-beta3/qtbase/src/corelib/thread/qthread_unix.cpp:848:30

SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/alex/Documents/git/zrythm/builddir_cmake/products/bin/zrythm+0x8593955) (BuildId: 5ea3bdabe140d174ddb18cbc24dc792f25685eea) in strndup.part.0
Shadow bytes around the buggy address:
  0x7dcff1400e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x7dcff1400f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x7dcff1400f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x7dcff1401000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x7dcff1401080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x7dcff1401100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00[04]fa
  0x7dcff1401180: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x7dcff1401200: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x7dcff1401280: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x7dcff1401300: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x7dcff1401380: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==3120623==ABORTING

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            qt.team.quick.subscriptions Qt Quick and Widgets Team
            alextee Alexandros Theodotou
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:

                There are no open Gerrit changes