-
Bug
-
Resolution: Fixed
-
P1: Critical
-
None
-
6.2, 6.3
-
None
When running
tst_basic -input /Users/mitch/dev/qt-dev/qtdeclarative/tests/auto/quickcontrols2/controls/data/tst_swipeview.qml SwipeView::test_orientation
I get a heap-use-after-free:
PASS : tst_controls::Basic::SwipeView::test_orientation()
=================================================================
==39684==ERROR: AddressSanitizer: heap-use-after-free on address 0x61d000779e20 at pc 0x0001081e228c bp 0x7ffee7e5e830 sp 0x7ffee7e5e828
READ of size 8 at 0x61d000779e20 thread T0
#0 0x1081e228b in QQuickItem::~QQuickItem() qquickitem.cpp:2357
#1 0x1081c0857 in QQuickImplicitSizeItem::~QQuickImplicitSizeItem() qquickimplicitsizeitem_p.h:60
#2 0x108468107 in QQuickText::~QQuickText() qquicktext.cpp:1368
#3 0x108fd4ea8 in QQmlPrivate::QQmlElement<QQuickText>::~QQmlElement() qqmlprivate.h:136
#4 0x108fd4d54 in QQmlPrivate::QQmlElement<QQuickText>::~QQmlElement() qqmlprivate.h:134
#5 0x108fd4d7b in QQmlPrivate::QQmlElement<QQuickText>::~QQmlElement() qqmlprivate.h:134
#6 0x1157acee5 in QObjectPrivate::deleteChildren() qobject.cpp:2120
#7 0x1157abff1 in QObject::~QObject() qobject.cpp:1104
#8 0x1081e2fc3 in QQuickItem::~QQuickItem() qquickitem.cpp:2400
#9 0x117c81a9a in QQuickControl::~QQuickControl() qquickcontrol.cpp:877
#10 0x117c5ee22 in QQuickContainer::~QQuickContainer() qquickcontainer.cpp:474
#11 0x117f02387 in QQuickSwipeView::~QQuickSwipeView() qquickswipeview_p.h:58
#12 0x117ffd768 in QQmlPrivate::QQmlElement<QQuickSwipeView>::~QQmlElement() qqmlprivate.h:136
#13 0x117ffd614 in QQmlPrivate::QQmlElement<QQuickSwipeView>::~QQmlElement() qqmlprivate.h:134
#14 0x117ffd63b in QQmlPrivate::QQmlElement<QQuickSwipeView>::~QQmlElement() qqmlprivate.h:134
#15 0x1157afa91 in qDeleteInEventHandler(QObject*) qobject.cpp:4776
#16 0x1157af046 in QObject::event(QEvent*) qobject.cpp:1338
#17 0x108229da1 in QQuickItem::event(QEvent*) qquickitem.cpp:8638
#18 0x1155c9a6a in QCoreApplicationPrivate::notify_helper(QObject*, QEvent*) qcoreapplication.cpp:1230
#19 0x1155c8bc7 in doNotify(QObject*, QEvent*) qcoreapplication.cpp:1159
#20 0x1155c8df0 in QCoreApplication::notify(QObject*, QEvent*) qcoreapplication.cpp:1142
#21 0x10bcf388c in QGuiApplication::notify(QObject*, QEvent*) qguiapplication.cpp:1930
#22 0x1155c88b9 in QCoreApplication::notifyInternal2(QObject*, QEvent*) qcoreapplication.cpp:1063
#23 0x1155cb63e in QCoreApplication::sendEvent(QObject*, QEvent*) qcoreapplication.cpp:1479
#24 0x1155ceedf in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) qcoreapplication.cpp:1843
#25 0x1155cb2fc in QCoreApplication::sendPostedEvents(QObject*, int) qcoreapplication.cpp:1702
#26 0x11585bd35 in QTest::qWait(int) qtestsupport_core.cpp:120
#27 0x107edff16 in QuickTestResult::wait(int) quicktestresult.cpp:657
#28 0x107ee85f5 in QuickTestResult::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) moc_quicktestresult_p.cpp:347
#29 0x107eebf6c in QuickTestResult::qt_metacall(QMetaObject::Call, int, void**) moc_quicktestresult_p.cpp:532
#30 0x1156279e2 in QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) qmetaobject.cpp:321
#31 0x110c0e5ac in QQmlObjectOrGadget::metacall(QMetaObject::Call, int, void**) const qqmlobjectorgadget.cpp:50
#32 0x11047e461 in CallMethod(QQmlObjectOrGadget const&, int, QMetaType, int, QMetaType const*, QV4::ExecutionEngine*, QV4::CallData*, QMetaObject::Call) qv4qobjectwrapper.cpp:1417
#33 0x11045f4de in CallPrecise(QQmlObjectOrGadget const&, QQmlPropertyData const&, QV4::ExecutionEngine*, QV4::CallData*, QMetaObject::Call) qv4qobjectwrapper.cpp:1677
#34 0x11047b240 in QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const::$_4::operator()() const qv4qobjectwrapper.cpp:2279
#35 0x11045c752 in auto QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const::$_2::operator()<QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const::$_4>(QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const::$_4 const&) const qv4qobjectwrapper.cpp:2257
#36 0x11045b08f in QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const qv4qobjectwrapper.cpp:2279
#37 0x11045a342 in QV4::QObjectMethod::virtualCall(QV4::FunctionObject const*, QV4::Value const*, QV4::Value const*, int) qv4qobjectwrapper.cpp:2216
#38 0x11008e0b8 in QV4::FunctionObject::call(QV4::Value const*, QV4::Value const*, int) const qv4functionobject_p.h:205
#39 0x110591110 in QV4::Runtime::CallPropertyLookup::call(QV4::ExecutionEngine*, QV4::Value const&, unsigned int, QV4::Value*, int) qv4runtime.cpp:1527
#40 0x124096f45 (<unknown module>)
#41 0x11067bd2d in QV4::Moth::VME::exec(QV4::JSTypesStackFrame*, QV4::ExecutionEngine*) qv4vme_moth.cpp:552
#42 0x110307886 in QV4::ArrowFunction::virtualCall(QV4::FunctionObject const*, QV4::Value const*, QV4::Value const*, int) qv4functionobject.cpp:578
#43 0x11008e0b8 in QV4::FunctionObject::call(QV4::Value const*, QV4::Value const*, int) const qv4functionobject_p.h:205
#44 0x11058f477 in QV4::Runtime::CallQmlContextPropertyLookup::call(QV4::ExecutionEngine*, unsigned int, QV4::Value*, int) qv4runtime.cpp:1434
#45 0x124096bc4 (<unknown module>)
#46 0x11067bd2d in QV4::Moth::VME::exec(QV4::JSTypesStackFrame*, QV4::ExecutionEngine*) qv4vme_moth.cpp:552
#47 0x110307886 in QV4::ArrowFunction::virtualCall(QV4::FunctionObject const*, QV4::Value const*, QV4::Value const*, int) qv4functionobject.cpp:578
#48 0x11008e0b8 in QV4::FunctionObject::call(QV4::Value const*, QV4::Value const*, int) const qv4functionobject_p.h:205
#49 0x11058f477 in QV4::Runtime::CallQmlContextPropertyLookup::call(QV4::ExecutionEngine*, unsigned int, QV4::Value*, int) qv4runtime.cpp:1434
#50 0x11068e434 in QV4::Moth::VME::interpret(QV4::JSTypesStackFrame*, QV4::ExecutionEngine*, char const*) qv4vme_moth.cpp:903
#51 0x11067bdd6 in QV4::Moth::VME::exec(QV4::JSTypesStackFrame*, QV4::ExecutionEngine*) qv4vme_moth.cpp:555
#52 0x110307886 in QV4::ArrowFunction::virtualCall(QV4::FunctionObject const*, QV4::Value const*, QV4::Value const*, int) qv4functionobject.cpp:578
#53 0x11008e0b8 in QV4::FunctionObject::call(QV4::Value const*, QV4::Value const*, int) const qv4functionobject_p.h:205
#54 0x11058f477 in QV4::Runtime::CallQmlContextPropertyLookup::call(QV4::ExecutionEngine*, unsigned int, QV4::Value*, int) qv4runtime.cpp:1434
#55 0x11068e434 in QV4::Moth::VME::interpret(QV4::JSTypesStackFrame*, QV4::ExecutionEngine*, char const*) qv4vme_moth.cpp:903
#56 0x11067bdd6 in QV4::Moth::VME::exec(QV4::JSTypesStackFrame*, QV4::ExecutionEngine*) qv4vme_moth.cpp:555
#57 0x1102f40d1 in QV4::Function::call(QV4::Value const*, QV4::Value const*, int, QV4::ExecutionContext*) qv4function.cpp:98
#58 0x1102fa9f5 in QV4::Function::call(QObject*, void**, QMetaType const*, int, QV4::ExecutionContext*)::$_0::operator()(QV4::Value const*, QV4::Value const*, int) const qv4function.cpp:67
#59 0x1102f3056 in bool QV4::convertAndCall<QV4::Function::call(QObject*, void**, QMetaType const*, int, QV4::ExecutionContext*)::$_0>(QV4::ExecutionEngine*, QObject*, void**, QMetaType const*, int, QV4::Function::call(QObject*, void**, QMetaType const*, int, QV4::ExecutionContext*)::$_0) qv4jscall_p.h:229
#60 0x1102f2810 in QV4::Function::call(QObject*, void**, QMetaType const*, int, QV4::ExecutionContext*) qv4function.cpp:64
#61 0x110a55a0f in QQmlJavaScriptExpression::evaluate(void**, QMetaType const*, int) qqmljavascriptexpression.cpp:306
#62 0x11085687b in QQmlBoundSignalExpression::evaluate(void**) qqmlboundsignal.cpp:235
#63 0x11085831d in QQmlBoundSignal_callback(QQmlNotifierEndpoint*, void**) qqmlboundsignal.cpp:350
#64 0x110b4ef02 in QQmlNotifier::emitNotify(QQmlNotifierEndpoint*, void**) qqmlnotifier.cpp:104
#65 0x11091497a in QQmlData::signalEmitted(QAbstractDeclarativeData*, QObject*, int, void**) qqmlengine.cpp:628
#66 0x1157c97de in void doActivate<false>(QObject*, int, void**) qobject.cpp:3802
#67 0x1157cb001 in QMetaObject::activate(QObject*, int, int, void**) qobject.cpp:3983
#68 0x110faf445 in QQmlVMEMetaObject::activate(QObject*, int, void**) qqmlvmemetaobject.cpp:1304
#69 0x110fb9d23 in QQmlVMEMetaObject::metaCall(QObject*, QMetaObject::Call, int, void**) qqmlvmemetaobject.cpp:888
#70 0x110fbb47e in QQmlVMEMetaObject::metaCall(QObject*, QMetaObject::Call, int, void**) qqmlvmemetaobject.cpp:1038
#71 0x115627937 in QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) qmetaobject.cpp:319
#72 0x1107bcd9c in QQmlPropertyData::writeProperty(QObject*, void*, QFlags<QQmlPropertyData::WriteFlag>) const qqmlpropertydata_p.h:375
#73 0x11083712e in GenericBinding<1>::write(QV4::Value const&, bool, QFlags<QQmlPropertyData::WriteFlag>) qqmlbinding.cpp:354
#74 0x110806f31 in QQmlNonbindingBinding::doUpdate(QQmlJavaScriptExpression::DeleteWatcher const&, QFlags<QQmlPropertyData::WriteFlag>, QV4::Scope&) qqmlbinding.cpp:285
#75 0x1107e5cfd in QQmlBinding::update(QFlags<QQmlPropertyData::WriteFlag>) qqmlbinding.cpp:199
#76 0x1107ed3a1 in QQmlBinding::expressionChanged() qqmlbinding.cpp:651
#77 0x110a5a7bb in QQmlJavaScriptExpressionGuard_callback(QQmlNotifierEndpoint*, void**) qqmljavascriptexpression.cpp:584
#78 0x110b4ef02 in QQmlNotifier::emitNotify(QQmlNotifierEndpoint*, void**) qqmlnotifier.cpp:104
#79 0x11091497a in QQmlData::signalEmitted(QAbstractDeclarativeData*, QObject*, int, void**) qqmlengine.cpp:628
#80 0x1157c97de in void doActivate<false>(QObject*, int, void**) qobject.cpp:3802
#81 0x1157cb001 in QMetaObject::activate(QObject*, int, int, void**) qobject.cpp:3983
#82 0x110faf445 in QQmlVMEMetaObject::activate(QObject*, int, void**) qqmlvmemetaobject.cpp:1304
#83 0x110fb9d23 in QQmlVMEMetaObject::metaCall(QObject*, QMetaObject::Call, int, void**) qqmlvmemetaobject.cpp:888
#84 0x110fbb47e in QQmlVMEMetaObject::metaCall(QObject*, QMetaObject::Call, int, void**) qqmlvmemetaobject.cpp:1038
#85 0x115627937 in QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) qmetaobject.cpp:319
#86 0x1107bcd9c in QQmlPropertyData::writeProperty(QObject*, void*, QFlags<QQmlPropertyData::WriteFlag>) const qqmlpropertydata_p.h:375
#87 0x11083712e in GenericBinding<1>::write(QV4::Value const&, bool, QFlags<QQmlPropertyData::WriteFlag>) qqmlbinding.cpp:354
#88 0x110806f31 in QQmlNonbindingBinding::doUpdate(QQmlJavaScriptExpression::DeleteWatcher const&, QFlags<QQmlPropertyData::WriteFlag>, QV4::Scope&) qqmlbinding.cpp:285
#89 0x1107e5cfd in QQmlBinding::update(QFlags<QQmlPropertyData::WriteFlag>) qqmlbinding.cpp:199
#90 0x1107ed3a1 in QQmlBinding::expressionChanged() qqmlbinding.cpp:651
#91 0x110a5a7bb in QQmlJavaScriptExpressionGuard_callback(QQmlNotifierEndpoint*, void**) qqmljavascriptexpression.cpp:584
#92 0x110b4ef02 in QQmlNotifier::emitNotify(QQmlNotifierEndpoint*, void**) qqmlnotifier.cpp:104
#93 0x11091497a in QQmlData::signalEmitted(QAbstractDeclarativeData*, QObject*, int, void**) qqmlengine.cpp:628
#94 0x1157c97de in void doActivate<false>(QObject*, int, void**) qobject.cpp:3802
#95 0x1157c74a0 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) qobject.cpp:3970
#96 0x107e63714 in QTestRootObject::windowShownChanged() moc_quicktest_p.cpp:210
#97 0x107eb8e93 in QTestRootObject::setWindowShown(bool) quicktest_p.h:96
#98 0x107ec71cd in quick_test_main_with_setup(int, char**, char const*, char const*, QObject*)::$_1::operator()() const quicktest.cpp:602
#99 0x107ec70fe in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, quick_test_main_with_setup(int, char**, char const*, char const*, QObject*)::$_1>::call(quick_test_main_with_setup(int, char**, char const*, char const*, QObject*)::$_1&, void**) qobjectdefs_impl.h:146
#100 0x107ec6fe0 in void QtPrivate::Functor<quick_test_main_with_setup(int, char**, char const*, char const*, QObject*)::$_1, 0>::call<QtPrivate::List<>, void>(quick_test_main_with_setup(int, char**, char const*, char const*, QObject*)::$_1&, void*, void**) qobjectdefs_impl.h:252
#101 0x107ec6f0b in QtPrivate::QFunctorSlotObject<quick_test_main_with_setup(int, char**, char const*, char const*, QObject*)::$_1, 0, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) qobjectdefs_impl.h:419
#102 0x115639a27 in QtPrivate::QSlotObjectBase::call(QObject*, void**) qobjectdefs_impl.h:374
#103 0x1157a9be9 in QMetaCallEvent::placeMetaCall(QObject*) qobject.cpp:623
#104 0x1157af1f0 in QObject::event(QEvent*) qobject.cpp:1351
#105 0x115c4c1db in QThread::event(QEvent*) qthread.cpp:1003
#106 0x1155c9a6a in QCoreApplicationPrivate::notify_helper(QObject*, QEvent*) qcoreapplication.cpp:1230
#107 0x1155c8bc7 in doNotify(QObject*, QEvent*) qcoreapplication.cpp:1159
#108 0x1155c8df0 in QCoreApplication::notify(QObject*, QEvent*) qcoreapplication.cpp:1142
#109 0x10bcf388c in QGuiApplication::notify(QObject*, QEvent*) qguiapplication.cpp:1930
#110 0x1155c88b9 in QCoreApplication::notifyInternal2(QObject*, QEvent*) qcoreapplication.cpp:1063
#111 0x1155cb63e in QCoreApplication::sendEvent(QObject*, QEvent*) qcoreapplication.cpp:1479
#112 0x1155ceedf in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) qcoreapplication.cpp:1843
#113 0x1155cb2fc in QCoreApplication::sendPostedEvents(QObject*, int) qcoreapplication.cpp:1702
#114 0x11bcb2c6c in QCocoaEventDispatcherPrivate::processPostedEvents() qcocoaeventdispatcher.mm:902
#115 0x11bcb3aad in QCocoaEventDispatcherPrivate::postedEventsSourceCallback(void*) qcocoaeventdispatcher.mm:925
#116 0x7fff205cb2bb in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__+0x10 (CoreFoundation:x86_64h+0x802bb)
#117 0x7fff205cb223 in __CFRunLoopDoSource0+0xb3 (CoreFoundation:x86_64h+0x80223)
#118 0x7fff205cafa3 in __CFRunLoopDoSources0+0xf1 (CoreFoundation:x86_64h+0x7ffa3)
#119 0x7fff205c99cb in __CFRunLoopRun+0x37c (CoreFoundation:x86_64h+0x7e9cb)
#120 0x7fff205c8f8b in CFRunLoopRunSpecific+0x232 (CoreFoundation:x86_64h+0x7df8b)
#121 0x7fff288111f2 in RunCurrentEventLoopInMode+0x123 (HIToolbox:x86_64+0x311f2)
#122 0x7fff28810e25 in ReceiveNextEventCommon+0x11b (HIToolbox:x86_64+0x30e25)
#123 0x7fff28810cf2 in _BlockUntilNextEventMatchingListInModeWithFilter+0x45 (HIToolbox:x86_64+0x30cf2)
#124 0x7fff22dd2171 in _DPSNextEvent+0x35f (AppKit:x86_64+0x3f171)
#125 0x7fff22dd0944 in -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:]+0x553 (AppKit:x86_64+0x3d944)
#126 0x7fff22dc2c68 in -[NSApplication run]+0x249 (AppKit:x86_64+0x2fc68)
#127 0x11bcb1725 in QCocoaEventDispatcher::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) qcocoaeventdispatcher.mm:430
#128 0x1156145b9 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) qeventloop.cpp:135
#129 0x115614c59 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) qeventloop.cpp:217
#130 0x107e80cfd in quick_test_main_with_setup(int, char**, char const*, char const*, QObject*) quicktest.cpp:610
#131 0x107e7b56f in quick_test_main(int, char**, char const*, char const*) quicktest.cpp:359
#132 0x107d7e9cd in main tst_basic.cpp:45
#133 0x7fff204eef3c in start+0x0 (libdyld.dylib:x86_64+0x15f3c)
0x61d000779e20 is located 416 bytes inside of 2400-byte region [0x61d000779c80,0x61d00077a5e0)
freed by thread T0 here:
#0 0x113c9305d in wrap__ZdlPv+0x7d (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x5505d)
#1 0x1093840b7 in QQuickListViewPrivate::~QQuickListViewPrivate() qquicklistview.cpp:205
#2 0x1157ea1d1 in QScopedPointerDeleter<QObjectData>::cleanup(QObjectData*) qscopedpointer.h:60
#3 0x1157ea12f in QScopedPointer<QObjectData, QScopedPointerDeleter<QObjectData> >::~QScopedPointer() qscopedpointer.h:116
#4 0x1157aad74 in QScopedPointer<QObjectData, QScopedPointerDeleter<QObjectData> >::~QScopedPointer() qscopedpointer.h:114
#5 0x1157ac12a in QObject::~QObject() qobject.cpp:1113
#6 0x1081e2fc3 in QQuickItem::~QQuickItem() qquickitem.cpp:2400
#7 0x10815fe17 in QQuickFlickable::~QQuickFlickable() qquickflickable.cpp:766
#8 0x1092cb0ee in QQuickItemView::~QQuickItemView() qquickitemview.cpp:170
#9 0x109373fd7 in QQuickListView::~QQuickListView() qquicklistview.cpp:2216
#10 0x108ef63e8 in QQmlPrivate::QQmlElement<QQuickListView>::~QQmlElement() qqmlprivate.h:136
#11 0x108ef6294 in QQmlPrivate::QQmlElement<QQuickListView>::~QQmlElement() qqmlprivate.h:134
#12 0x108ef62bb in QQmlPrivate::QQmlElement<QQuickListView>::~QQmlElement() qqmlprivate.h:134
#13 0x1157acee5 in QObjectPrivate::deleteChildren() qobject.cpp:2120
#14 0x1157abff1 in QObject::~QObject() qobject.cpp:1104
#15 0x1081e2fc3 in QQuickItem::~QQuickItem() qquickitem.cpp:2400
#16 0x117c81a9a in QQuickControl::~QQuickControl() qquickcontrol.cpp:877
#17 0x117c5ee22 in QQuickContainer::~QQuickContainer() qquickcontainer.cpp:474
#18 0x117f02387 in QQuickSwipeView::~QQuickSwipeView() qquickswipeview_p.h:58
#19 0x117ffd768 in QQmlPrivate::QQmlElement<QQuickSwipeView>::~QQmlElement() qqmlprivate.h:136
#20 0x117ffd614 in QQmlPrivate::QQmlElement<QQuickSwipeView>::~QQmlElement() qqmlprivate.h:134
#21 0x117ffd63b in QQmlPrivate::QQmlElement<QQuickSwipeView>::~QQmlElement() qqmlprivate.h:134
#22 0x1157afa91 in qDeleteInEventHandler(QObject*) qobject.cpp:4776
#23 0x1157af046 in QObject::event(QEvent*) qobject.cpp:1338
#24 0x108229da1 in QQuickItem::event(QEvent*) qquickitem.cpp:8638
#25 0x1155c9a6a in QCoreApplicationPrivate::notify_helper(QObject*, QEvent*) qcoreapplication.cpp:1230
#26 0x1155c8bc7 in doNotify(QObject*, QEvent*) qcoreapplication.cpp:1159
#27 0x1155c8df0 in QCoreApplication::notify(QObject*, QEvent*) qcoreapplication.cpp:1142
#28 0x10bcf388c in QGuiApplication::notify(QObject*, QEvent*) qguiapplication.cpp:1930
#29 0x1155c88b9 in QCoreApplication::notifyInternal2(QObject*, QEvent*) qcoreapplication.cpp:1063
previously allocated by thread T0 here:
#0 0x113c92c3d in wrap__Znwm+0x7d (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x54c3d)
#1 0x109373eb8 in QQuickListView::QQuickListView(QQuickItem*) qquicklistview.cpp:2210
#2 0x108ef61e2 in QQmlPrivate::QQmlElement<QQuickListView>::QQmlElement() qqmlprivate.h:131
#3 0x108ef61b4 in QQmlPrivate::QQmlElement<QQuickListView>::QQmlElement() qqmlprivate.h:131
#4 0x108ef3d9b in void QQmlPrivate::createInto<QQuickListView>(void*, void*) qqmlprivate.h:191
#5 0x110da9bf4 in QQmlType::create(QObject**, void**, unsigned long) const qqmltype.cpp:504
#6 0x110b56a86 in QQmlObjectCreator::createInstance(int, QObject*, bool) qqmlobjectcreator.cpp:1226
#7 0x110b5c799 in QQmlObjectCreator::setPropertyBinding(QQmlPropertyData const*, QV4::CompiledData::Binding const*) qqmlobjectcreator.cpp:833
#8 0x110b5a56c in QQmlObjectCreator::populateDeferred(QObject*, int, QQmlPropertyPrivate const*, QV4::CompiledData::Binding const*) qqmlobjectcreator.cpp:310
#9 0x110b65554 in QQmlObjectCreator::populateDeferredBinding(QQmlProperty const&, int, QV4::CompiledData::Binding const*) qqmlobjectcreator.cpp:341
#10 0x117c9052f in QtQuickPrivate::beginDeferred(QQmlEnginePrivate*, QQmlProperty const&, QQmlComponentPrivate::DeferredState*) qquickdeferredexecute.cpp:98
#11 0x117c8ef49 in QtQuickPrivate::beginDeferred(QObject*, QString const&) qquickdeferredexecute.cpp:120
#12 0x117b5bd00 in void quickBeginDeferred<QQuickItem>(QObject*, QString const&, QQuickDeferredPointer<QQuickItem>&) qquickdeferredexecute_p_p.h:75
#13 0x117c7fcbf in QQuickControlPrivate::executeContentItem(bool) qquickcontrol.cpp:729
#14 0x117c8581b in QQuickControl::componentComplete() qquickcontrol.cpp:1903
#15 0x117c601cb in QQuickContainer::componentComplete() qquickcontainer.cpp:837
#16 0x117c601fd in non-virtual thunk to QQuickContainer::componentComplete() qquickcontainer.cpp
#17 0x110b7968d in QQmlObjectCreator::finalize(QQmlInstantiationInterrupt&) qqmlobjectcreator.cpp:1475
#18 0x11088eb5b in QQmlComponentPrivate::complete(QQmlEnginePrivate*, QQmlComponentPrivate::ConstructionState*) qqmlcomponent.cpp:1010
#19 0x1108874dd in QQmlComponentPrivate::completeCreate() qqmlcomponent.cpp:1102
#20 0x11089605c in QQmlComponent::createObject(QQmlV4Function*) qqmlcomponent.cpp:1514
#21 0x11089b416 in QQmlComponent::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) moc_qqmlcomponent.cpp:156
#22 0x11089bd17 in QQmlComponent::qt_metacall(QMetaObject::Call, int, void**) moc_qqmlcomponent.cpp:232
#23 0x1156279e2 in QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) qmetaobject.cpp:321
#24 0x110c0e5ac in QQmlObjectOrGadget::metacall(QMetaObject::Call, int, void**) const qqmlobjectorgadget.cpp:50
#25 0x110478344 in QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const::$_3::operator()() const qv4qobjectwrapper.cpp:2267
#26 0x11045b632 in auto QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const::$_2::operator()<QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const::$_3>(QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const::$_3 const&) const qv4qobjectwrapper.cpp:2257
#27 0x11045ad1d in QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const qv4qobjectwrapper.cpp:2261
#28 0x11045a342 in QV4::QObjectMethod::virtualCall(QV4::FunctionObject const*, QV4::Value const*, QV4::Value const*, int) qv4qobjectwrapper.cpp:2216
#29 0x11008e0b8 in QV4::FunctionObject::call(QV4::Value const*, QV4::Value const*, int) const qv4functionobject_p.h:205
SUMMARY: AddressSanitizer: heap-use-after-free qquickitem.cpp:2357 in QQuickItem::~QQuickItem()
Shadow bytes around the buggy address:
0x1c3a000ef370: fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa
0x1c3a000ef380: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x1c3a000ef390: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x1c3a000ef3a0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x1c3a000ef3b0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x1c3a000ef3c0: fd fd fd fd[fd]fd fd fd fd fd fd fd fd fd fd fd
0x1c3a000ef3d0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x1c3a000ef3e0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x1c3a000ef3f0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x1c3a000ef400: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x1c3a000ef410: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==39684==ABORTING
11:26:56: The program has unexpectedly finished.
11:26:56: The process was ended forcefully.
11:26:56: /Users/mitch/dev/qt-dev-debug-non-fw/qtdeclarative/tests/auto/quickcontrols2/controls/basic/tst_basic crashed.
- duplicates
-
-
- Closed
-
- is duplicated by
-
-
- Closed
-
- relates to
-
QTBUG-99629 Improve safety/debuggability of item change listeners
-
- Open
-
- resulted from
-
-
- Closed
-