Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-85128

heap-use-after-free in tst_QQuickApplicationWindow::qmlCreation

    XMLWordPrintable

Details

    Description

      15:19:50: Starting /home/mitch/dev/qt-dev2-debug/qtquickcontrols2/tests/auto/qquickapplicationwindow/tst_qquickapplicationwindow ...
      ********* Start testing of tst_QQuickApplicationWindow *********
      Config: Using QtTest library 6.0.0, Qt 6.0.0 (x86_64-little_endian-lp64 shared (dynamic) debug build; by GCC 7.5.0)
      PASS   : tst_QQuickApplicationWindow::initTestCase()
      PASS   : tst_QQuickApplicationWindow::qmlCreation()
      =================================================================
      ==4628==ERROR: AddressSanitizer: heap-use-after-free on address 0x604000097a9c at pc 0x7f0dda985b5c bp 0x7f0dc135e8a0 sp 0x7f0dc135e890
      READ of size 4 at 0x604000097a9c thread T7 (QQmlThread)
          #0 0x7f0dda985b5b in QHashedString::compare(QChar const*, QChar const*, int) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/ftw/qhashedstring.cpp:81
          #1 0x7f0dda733f15 in QHashedStringRef::operator==(QHashedStringRef const&) const (/home/mitch/dev/qt-dev2-debug/qtbase/lib/libQt6Qml.so.6+0x9eff15)
          #2 0x7f0dda74197c in QHashPrivate::Data<QHashPrivate::MultiNode<QHashedStringRef, QQmlTypePrivate*> >::find(QHashedStringRef const&) const /home/mitch/dev/qt-dev2-debug/qtbase/include/QtCore/../../../../qt-dev2/qtbase/src/corelib/tools/qhash.h:568
          #3 0x7f0dda738830 in QMultiHash<QHashedStringRef, QQmlTypePrivate*>::constFind(QHashedStringRef const&) const /home/mitch/dev/qt-dev2-debug/qtbase/include/QtCore/../../../../qt-dev2/qtbase/src/corelib/tools/qhash.h:1651
          #4 0x7f0dda72e624 in QQmlMetaType::qmlType(QHashedStringRef const&, QHashedStringRef const&, QTypeRevision) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlmetatype.cpp:1192
          #5 0x7f0dda81e9f8 in QQmlImportInstance::resolveType(QQmlTypeLoader*, QHashedStringRef const&, QTypeRevision*, QQmlType*, QString*, bool*, QQmlType::RegistrationType, QQmlImport::RecursionRestriction, QVector<QQmlError>*) const /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlimport.cpp:746
          #6 0x7f0dda823bab in QQmlImportNamespace::resolveType(QQmlTypeLoader*, QHashedStringRef const&, QTypeRevision*, QQmlType*, QString*, QVector<QQmlError>*, QQmlType::RegistrationType, bool*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlimport.cpp:1039
          #7 0x7f0dda820c7d in operator() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlimport.cpp:906
          #8 0x7f0dda821abd in QQmlImportsPrivate::resolveType(QHashedStringRef const&, QTypeRevision*, QQmlType*, QVector<QQmlError>*, QQmlType::RegistrationType, bool*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlimport.cpp:922
          #9 0x7f0dda81b69f in QQmlImports::resolveType(QHashedStringRef const&, QQmlType*, QTypeRevision*, QQmlImportNamespace**, QVector<QQmlError>*, QQmlType::RegistrationType, bool*) const /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlimport.cpp:645
          #10 0x7f0dda63a2db in QQmlTypeData::resolveType(QString const&, QTypeRevision&, QQmlTypeData::TypeReference&, int, int, bool, QQmlType::RegistrationType, bool*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypedata.cpp:989
          #11 0x7f0dda637664 in QQmlTypeData::resolveTypes() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypedata.cpp:864
          #12 0x7f0dda63506b in QQmlTypeData::allDependenciesDone() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypedata.cpp:744
          #13 0x7f0dda7a2263 in QQmlTypeLoader::setData(QQmlDataBlob*, QQmlDataBlob::SourceCodeData const&) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:450
          #14 0x7f0dda7a1fbc in QQmlTypeLoader::setData(QQmlDataBlob*, QString const&) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:437
          #15 0x7f0dda7a0852 in QQmlTypeLoader::loadThread(QQmlDataBlob*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:299
          #16 0x7f0dda672a99 in QQmlTypeLoaderThread::loadThread(QQmlDataBlob*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloaderthread.cpp:162
          #17 0x7f0dda6731f8 in void QQmlThread::callMethodInThread<QQmlDataBlob*, QQmlDataBlob*, QQmlTypeLoaderThread>(void (QQmlTypeLoaderThread::*)(QQmlDataBlob*), QQmlDataBlob* const&)::I::call(QQmlThread*) /home/mitch/dev/qt-dev2-debug/qtbase/include/QtQml/6.0.0/QtQml/private/../../../../../../../qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlthread_p.h:164
          #18 0x7f0dda989a85 in QQmlThreadPrivate::threadEvent() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlthread.cpp:198
          #19 0x7f0dda98955b in QQmlThreadPrivate::event(QEvent*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlthread.cpp:142
          #20 0x7f0dd8f1d751 in QCoreApplicationPrivate::notify_helper(QObject*, QEvent*) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1239
          #21 0x7f0dd8f1ceee in doNotify /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1168
          #22 0x7f0dd8f1cdc5 in QCoreApplication::notify(QObject*, QEvent*) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1154
          #23 0x7f0ddbb26d3e in QGuiApplication::notify(QObject*, QEvent*) /home/mitch/dev/qt-dev2/qtbase/src/gui/kernel/qguiapplication.cpp:1890
          #24 0x7f0dd8f1cbed in QCoreApplication::notifyInternal2(QObject*, QEvent*) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1078
          #25 0x7f0dd8f1e246 in QCoreApplication::sendEvent(QObject*, QEvent*) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1473
          #26 0x7f0dd8f20743 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1832
          #27 0x7f0dd8f1f2a7 in QCoreApplication::sendPostedEvents(QObject*, int) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1691
          #28 0x7f0dd9094096 in postEventSourceDispatch /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:277
          #29 0x7f0dd4d5f416 in g_main_context_dispatch (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4c416)
          #30 0x7f0dd4d5f64f  (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4c64f)
          #31 0x7f0dd4d5f6db in g_main_context_iteration (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4c6db)
          #32 0x7f0dd90955c9 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:423
          #33 0x7f0dd8f1326b in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qeventloop.cpp:139
          #34 0x7f0dd8f13c00 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qeventloop.cpp:232
          #35 0x7f0dd891c5c4 in QThread::exec() /home/mitch/dev/qt-dev2/qtbase/src/corelib/thread/qthread.cpp:538
          #36 0x7f0dda989633 in QQmlThreadPrivate::run() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlthread.cpp:155
          #37 0x7f0dd89229f0 in QThreadPrivate::start(void*) /home/mitch/dev/qt-dev2/qtbase/src/corelib/thread/qthread_unix.cpp:342
          #38 0x7f0dd77256da in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da)
          #39 0x7f0dd7e6a88e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x12188e)
      
      0x604000097a9c is located 12 bytes inside of 48-byte region [0x604000097a90,0x604000097ac0)
      freed by thread T0 here:
          #0 0x7f0de07bd7a8 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xde7a8)
          #1 0x7f0dd895fcea in QArrayData::deallocate(QArrayData*, unsigned long, unsigned long) /home/mitch/dev/qt-dev2/qtbase/src/corelib/tools/qarraydata.cpp:281
          #2 0x7f0dd9f45a5a in QTypedArrayData<char16_t>::deallocate(QArrayData*) /home/mitch/dev/qt-dev2-debug/qtbase/include/QtCore/../../../../qt-dev2/qtbase/src/corelib/tools/qarraydata.h:231
          #3 0x7f0dd9f451cc in QArrayDataPointer<char16_t>::~QArrayDataPointer() /home/mitch/dev/qt-dev2-debug/qtbase/include/QtCore/../../../../qt-dev2/qtbase/src/corelib/tools/qarraydatapointer.h:140
          #4 0x7f0dd9f44567 in QString::~QString() /home/mitch/dev/qt-dev2-debug/qtbase/include/QtCore/../../../../qt-dev2/qtbase/src/corelib/text/qstring.h:1190
          #5 0x7f0dda781d01 in QQmlTypePrivate::~QQmlTypePrivate() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltype.cpp:94
          #6 0x7f0dda781d3d in QQmlTypePrivate::~QQmlTypePrivate() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltype.cpp:118
          #7 0x7f0dda12836c in QQmlRefCount::release() const /home/mitch/dev/qt-dev2-debug/qtbase/include/QtQml/6.0.0/QtQml/private/../../../../../../../qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlrefcount_p.h:129
          #8 0x7f0dda78cab3 in QQmlRefPointer<QQmlTypePrivate const>::~QQmlRefPointer() /home/mitch/dev/qt-dev2-debug/qtbase/include/QtQml/6.0.0/QtQml/private/../../../../../../../qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlrefcount_p.h:167
          #9 0x7f0dda78cd4e in QQmlRefPointer<QQmlTypePrivate const>::operator=(QQmlRefPointer<QQmlTypePrivate const>&&) /home/mitch/dev/qt-dev2-debug/qtbase/include/QtQml/6.0.0/QtQml/private/../../../../../../../qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlrefcount_p.h:182
          #10 0x7f0dda781e06 in QQmlType::operator=(QQmlType&&) /home/mitch/dev/qt-dev2-debug/qtbase/include/QtQml/6.0.0/QtQml/private/../../../../../../../qt-dev2/qtdeclarative/src/qml/qml/qqmltype_p.h:80
          #11 0x7f0dda7303fc in QQmlMetaType::freeUnusedTypesAndCaches() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlmetatype.cpp:1337
          #12 0x7f0dda7ada49 in QQmlTypeLoader::clearCache() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:1193
          #13 0x7f0dda7a78f9 in QQmlTypeLoader::~QQmlTypeLoader() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:798
          #14 0x7f0dda694dfb in QQmlEnginePrivate::~QQmlEnginePrivate() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlengine.cpp:631
          #15 0x7f0dda694f73 in QQmlEnginePrivate::~QQmlEnginePrivate() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlengine.cpp:659
          #16 0x7f0dd8fe29ff in QScopedPointerDeleter<QObjectData>::cleanup(QObjectData*) ../../include/QtCore/../../../../qt-dev2/qtbase/src/corelib/tools/qscopedpointer.h:60
          #17 0x7f0dd8fddc1f in QScopedPointer<QObjectData, QScopedPointerDeleter<QObjectData> >::~QScopedPointer() ../../include/QtCore/../../../../qt-dev2/qtbase/src/corelib/tools/qscopedpointer.h:107
          #18 0x7f0dd8fc1843 in QObject::~QObject() /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qobject.cpp:966
          #19 0x7f0dda122fee in QJSEngine::~QJSEngine() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/jsapi/qjsengine.cpp:367
          #20 0x7f0dda69727e in QQmlEngine::~QQmlEngine() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlengine.cpp:975
          #21 0x5579d00e892b in tst_QQuickApplicationWindow::qmlCreation() /home/mitch/dev/qt-dev2/qtquickcontrols2/tests/auto/qquickapplicationwindow/tst_qquickapplicationwindow.cpp:86
          #22 0x5579d010509b in tst_QQuickApplicationWindow::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) .moc/tst_qquickapplicationwindow.moc:116
          #23 0x7f0dd8f469f6 in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qmetaobject.cpp:2320
          #24 0x7f0dd9a6a6c2 in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const (/home/mitch/dev/qt-dev2-debug/qtbase/lib/libQt6Test.so.6+0x4c6c2)
          #25 0x7f0dd9a557b4 in QTest::TestMethods::invokeTestOnData(int) const /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:934
          #26 0x7f0dd9a57886 in QTest::TestMethods::invokeTest(int, char const*, QTest::WatchDog*) const /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1162
          #27 0x7f0dd9a5ad34 in QTest::TestMethods::invokeTests(QObject*) const /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1503
          #28 0x7f0dd9a5c47b in QTest::qRun() /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1928
          #29 0x7f0dd9a5b6a0 in QTest::qExec(QObject*, int, char**) /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1836
      
      previously allocated by thread T5 (QQmlThread) here:
          #0 0x7f0de07bdb40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
          #1 0x7f0dd895f3ee in allocateData /home/mitch/dev/qt-dev2/qtbase/src/corelib/tools/qarraydata.cpp:184
          #2 0x7f0dd895f67c in QArrayData::allocate(QArrayData**, unsigned long, unsigned long, unsigned long, QFlags<QArrayData::ArrayOption>) /home/mitch/dev/qt-dev2/qtbase/src/corelib/tools/qarraydata.cpp:230
          #3 0x7f0dd8b2b3ab in QTypedArrayData<char16_t>::allocate(unsigned long, QFlags<QArrayData::ArrayOption>) ../../include/QtCore/../../../../qt-dev2/qtbase/src/corelib/tools/qarraydata.h:211
          #4 0x7f0dd8aefb0c in QString::QString(QChar const*, int) /home/mitch/dev/qt-dev2/qtbase/src/corelib/text/qstring.cpp:2137
          #5 0x7f0dda986926 in QHashedStringRef::toString() const /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/ftw/qhashedstring.cpp:161
          #6 0x7f0dda72a695 in QQmlMetaType::typeForUrl(QString const&, QHashedStringRef const&, bool, QVector<QQmlError>*, QTypeRevision) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlmetatype.cpp:819
          #7 0x7f0dda81ff67 in QQmlImportInstance::resolveType(QQmlTypeLoader*, QHashedStringRef const&, QTypeRevision*, QQmlType*, QString*, bool*, QQmlType::RegistrationType, QQmlImport::RecursionRestriction, QVector<QQmlError>*) const /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlimport.cpp:845
          #8 0x7f0dda823bab in QQmlImportNamespace::resolveType(QQmlTypeLoader*, QHashedStringRef const&, QTypeRevision*, QQmlType*, QString*, QVector<QQmlError>*, QQmlType::RegistrationType, bool*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlimport.cpp:1039
          #9 0x7f0dda820c7d in operator() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlimport.cpp:906
          #10 0x7f0dda821abd in QQmlImportsPrivate::resolveType(QHashedStringRef const&, QTypeRevision*, QQmlType*, QVector<QQmlError>*, QQmlType::RegistrationType, bool*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlimport.cpp:922
          #11 0x7f0dda81b69f in QQmlImports::resolveType(QHashedStringRef const&, QQmlType*, QTypeRevision*, QQmlImportNamespace**, QVector<QQmlError>*, QQmlType::RegistrationType, bool*) const /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlimport.cpp:645
          #12 0x7f0dda63a2db in QQmlTypeData::resolveType(QString const&, QTypeRevision&, QQmlTypeData::TypeReference&, int, int, bool, QQmlType::RegistrationType, bool*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypedata.cpp:989
          #13 0x7f0dda637664 in QQmlTypeData::resolveTypes() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypedata.cpp:864
          #14 0x7f0dda63506b in QQmlTypeData::allDependenciesDone() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypedata.cpp:744
          #15 0x7f0dda7a2263 in QQmlTypeLoader::setData(QQmlDataBlob*, QQmlDataBlob::SourceCodeData const&) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:450
          #16 0x7f0dda7a1fbc in QQmlTypeLoader::setData(QQmlDataBlob*, QString const&) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:437
          #17 0x7f0dda7a0852 in QQmlTypeLoader::loadThread(QQmlDataBlob*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:299
          #18 0x7f0dda672a99 in QQmlTypeLoaderThread::loadThread(QQmlDataBlob*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloaderthread.cpp:162
          #19 0x7f0dda6731f8 in void QQmlThread::callMethodInThread<QQmlDataBlob*, QQmlDataBlob*, QQmlTypeLoaderThread>(void (QQmlTypeLoaderThread::*)(QQmlDataBlob*), QQmlDataBlob* const&)::I::call(QQmlThread*) /home/mitch/dev/qt-dev2-debug/qtbase/include/QtQml/6.0.0/QtQml/private/../../../../../../../qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlthread_p.h:164
          #20 0x7f0dda989a85 in QQmlThreadPrivate::threadEvent() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlthread.cpp:198
          #21 0x7f0dda98955b in QQmlThreadPrivate::event(QEvent*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlthread.cpp:142
          #22 0x7f0dd8f1d751 in QCoreApplicationPrivate::notify_helper(QObject*, QEvent*) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1239
          #23 0x7f0dd8f1ceee in doNotify /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1168
          #24 0x7f0dd8f1cdc5 in QCoreApplication::notify(QObject*, QEvent*) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1154
          #25 0x7f0ddbb26d3e in QGuiApplication::notify(QObject*, QEvent*) /home/mitch/dev/qt-dev2/qtbase/src/gui/kernel/qguiapplication.cpp:1890
          #26 0x7f0dd8f1cbed in QCoreApplication::notifyInternal2(QObject*, QEvent*) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1078
          #27 0x7f0dd8f1e246 in QCoreApplication::sendEvent(QObject*, QEvent*) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1473
          #28 0x7f0dd8f20743 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1832
          #29 0x7f0dd8f1f2a7 in QCoreApplication::sendPostedEvents(QObject*, int) /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qcoreapplication.cpp:1691
      
      Thread T7 (QQmlThread) created by T0 here:
          #0 0x7f0de0716d2f in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x37d2f)
          #1 0x7f0dd892422d in QThread::start(QThread::Priority) /home/mitch/dev/qt-dev2/qtbase/src/corelib/thread/qthread_unix.cpp:727
          #2 0x7f0dda989dca in QQmlThread::startup() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlthread.cpp:234
          #3 0x7f0dda6722a9 in QQmlTypeLoaderThread::QQmlTypeLoaderThread(QQmlTypeLoader*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloaderthread.cpp:57
          #4 0x7f0dda7a77a6 in QQmlTypeLoader::QQmlTypeLoader(QQmlEngine*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:785
          #5 0x7f0dda69419c in QQmlEnginePrivate::QQmlEnginePrivate(QQmlEngine*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlengine.cpp:627
          #6 0x7f0dda696e60 in QQmlEngine::QQmlEngine(QObject*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlengine.cpp:949
          #7 0x5579d00e8dce in tst_QQuickApplicationWindow::activeFocusOnTab1() /home/mitch/dev/qt-dev2/qtquickcontrols2/tests/auto/qquickapplicationwindow/tst_qquickapplicationwindow.cpp:110
          #8 0x5579d01050ac in tst_QQuickApplicationWindow::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) .moc/tst_qquickapplicationwindow.moc:117
          #9 0x7f0dd8f469f6 in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qmetaobject.cpp:2320
          #10 0x7f0dd9a6a6c2 in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const (/home/mitch/dev/qt-dev2-debug/qtbase/lib/libQt6Test.so.6+0x4c6c2)
          #11 0x7f0dd9a557b4 in QTest::TestMethods::invokeTestOnData(int) const /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:934
          #12 0x7f0dd9a57886 in QTest::TestMethods::invokeTest(int, char const*, QTest::WatchDog*) const /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1162
          #13 0x7f0dd9a5ad34 in QTest::TestMethods::invokeTests(QObject*) const /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1503
          #14 0x7f0dd9a5c47b in QTest::qRun() /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1928
          #15 0x7f0dd9a5b6a0 in QTest::qExec(QObject*, int, char**) /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1836
          #16 0x5579d0104f5d in main /home/mitch/dev/qt-dev2/qtquickcontrols2/tests/auto/qquickapplicationwindow/tst_qquickapplicationwindow.cpp:874
          #17 0x7f0dd7d6ab96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
      
      Thread T5 (QQmlThread) created by T0 here:
          #0 0x7f0de0716d2f in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x37d2f)
          #1 0x7f0dd892422d in QThread::start(QThread::Priority) /home/mitch/dev/qt-dev2/qtbase/src/corelib/thread/qthread_unix.cpp:727
          #2 0x7f0dda989dca in QQmlThread::startup() /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/ftw/qqmlthread.cpp:234
          #3 0x7f0dda6722a9 in QQmlTypeLoaderThread::QQmlTypeLoaderThread(QQmlTypeLoader*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloaderthread.cpp:57
          #4 0x7f0dda7a77a6 in QQmlTypeLoader::QQmlTypeLoader(QQmlEngine*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:785
          #5 0x7f0dda69419c in QQmlEnginePrivate::QQmlEnginePrivate(QQmlEngine*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlengine.cpp:627
          #6 0x7f0dda696e60 in QQmlEngine::QQmlEngine(QObject*) /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/qqmlengine.cpp:949
          #7 0x5579d00e8268 in tst_QQuickApplicationWindow::qmlCreation() /home/mitch/dev/qt-dev2/qtquickcontrols2/tests/auto/qquickapplicationwindow/tst_qquickapplicationwindow.cpp:85
          #8 0x5579d010509b in tst_QQuickApplicationWindow::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) .moc/tst_qquickapplicationwindow.moc:116
          #9 0x7f0dd8f469f6 in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const /home/mitch/dev/qt-dev2/qtbase/src/corelib/kernel/qmetaobject.cpp:2320
          #10 0x7f0dd9a6a6c2 in QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const (/home/mitch/dev/qt-dev2-debug/qtbase/lib/libQt6Test.so.6+0x4c6c2)
          #11 0x7f0dd9a557b4 in QTest::TestMethods::invokeTestOnData(int) const /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:934
          #12 0x7f0dd9a57886 in QTest::TestMethods::invokeTest(int, char const*, QTest::WatchDog*) const /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1162
          #13 0x7f0dd9a5ad34 in QTest::TestMethods::invokeTests(QObject*) const /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1503
          #14 0x7f0dd9a5c47b in QTest::qRun() /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1928
          #15 0x7f0dd9a5b6a0 in QTest::qExec(QObject*, int, char**) /home/mitch/dev/qt-dev2/qtbase/src/testlib/qtestcase.cpp:1836
          #16 0x5579d0104f5d in main /home/mitch/dev/qt-dev2/qtquickcontrols2/tests/auto/qquickapplicationwindow/tst_qquickapplicationwindow.cpp:874
          #17 0x7f0dd7d6ab96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
      
      SUMMARY: AddressSanitizer: heap-use-after-free /home/mitch/dev/qt-dev2/qtdeclarative/src/qml/qml/ftw/qhashedstring.cpp:81 in QHashedString::compare(QChar const*, QChar const*, int)
      Shadow bytes around the buggy address:
        0x0c088000af00: fa fa 00 00 00 00 04 fa fa fa 00 00 00 00 04 fa
        0x0c088000af10: fa fa 00 00 00 00 04 fa fa fa fd fd fd fd fd fd
        0x0c088000af20: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd
        0x0c088000af30: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd
        0x0c088000af40: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd
      =>0x0c088000af50: fa fa fd[fd]fd fd fd fd fa fa 00 00 00 00 00 fa
        0x0c088000af60: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
        0x0c088000af70: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fa
        0x0c088000af80: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fa
        0x0c088000af90: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd
        0x0c088000afa0: fa fa fd fd fd fd fd fa fa fa fd fd fd fd fd fd
      Shadow byte legend (one shadow byte represents 8 application bytes):
        Addressable:           00
        Partially addressable: 01 02 03 04 05 06 07 
        Heap left redzone:       fa
        Freed heap region:       fd
        Stack left redzone:      f1
        Stack mid redzone:       f2
        Stack right redzone:     f3
        Stack after return:      f5
        Stack use after scope:   f8
        Global redzone:          f9
        Global init order:       f6
        Poisoned by user:        f7
        Container overflow:      fc
        Array cookie:            ac
        Intra object redzone:    bb
        ASan internal:           fe
        Left alloca redzone:     ca
        Right alloca redzone:    cb
      ==4628==ABORTING
      15:19:52: /home/mitch/dev/qt-dev2-debug/qtquickcontrols2/tests/auto/qquickapplicationwindow/tst_qquickapplicationwindow exited with code 1
      

      Steps to reproduce:

      1. Checkout https://codereview.qt-project.org/c/qt/qtquickcontrols2/+/297488/60/
      2. Run the qquickapplicationwindow test

      Attachments

        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              qt.team.quick.subscriptions Qt Quick and Widgets Team
              mitch_curtis Mitch Curtis
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes