================================================================= ==13935==ERROR: AddressSanitizer: heap-use-after-free on address 0x6060000dffb8 at pc 0x7f764f27320b bp 0x7ffd49b11bb0 sp 0x7ffd49b11358 READ of size 7 at 0x6060000dffb8 thread T0 #0 0x7f764f27320a in __interceptor_strlen (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x7020a) #1 0x7f7649d174e2 in g_strdup (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x684e2) #2 0x7f763f7abe5b (/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x39e5b) #3 0x7f763f78915a in g_object_new_valist (/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x1715a) #4 0x7f763f789520 in g_object_new (/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x17520) #5 0x7f7640f6bcb0 in gtk_dialog_add_button (/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x186cb0) #6 0x7f7640f8d2c9 in gtk_file_chooser_dialog_new (/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x1a82c9) #7 0x7f7641727281 (/opt/Qt5.8.0/5.8/gcc_64/plugins/platformthemes/libqgtk3.so+0x13281) #8 0x7f764172b49c (/opt/Qt5.8.0/5.8/gcc_64/plugins/platformthemes/libqgtk3.so+0x1749c) #9 0x7f764e9328d6 in QDialogPrivate::platformHelper() const (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x3298d6) #10 0x7f764e943f9a in QFileDialogPrivate::init(QUrl const&, QString const&, QString const&) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x33af9a) #11 0x7f764e9443c5 in QFileDialog::QFileDialog(QFileDialogArgs const&) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x33b3c5) #12 0x7f764e94450a in QFileDialog::getOpenFileUrl(QWidget*, QString const&, QUrl const&, QString const&, QString*, QFlags, QStringList const&) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x33b50a) #13 0x7f764e944769 in QFileDialog::getOpenFileName(QWidget*, QString const&, QString const&, QString const&, QString*, QFlags) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x33b769) #14 0x5596a75c597e in MainWindow::bug() (/home/waltz/build-buggy-Desktop_Qt_5_8_0_GCC_64bit-Debug/buggy+0x697e) #15 0x5596a75c62c6 in QtPrivate::FunctorCall, QtPrivate::List<>, void, void (MainWindow::*)()>::call(void (MainWindow::*)(), MainWindow*, void**) (/home/waltz/build-buggy-Desktop_Qt_5_8_0_GCC_64bit-Debug/buggy+0x72c6) #16 0x5596a75c617b in void QtPrivate::FunctionPointer::call, void>(void (MainWindow::*)(), MainWindow*, void**) (/home/waltz/build-buggy-Desktop_Qt_5_8_0_GCC_64bit-Debug/buggy+0x717b) #17 0x5596a75c6021 in QtPrivate::QSlotObject, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) (/home/waltz/build-buggy-Desktop_Qt_5_8_0_GCC_64bit-Debug/buggy+0x7021) #18 0x7f764e185745 in QMetaObject::activate(QObject*, int, int, void**) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Core.so.5+0x29c745) #19 0x7f764e83c821 in QAbstractButton::clicked(bool) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x233821) #20 0x7f764e83ca13 (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x233a13) #21 0x7f764e83e5b6 (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x2355b6) #22 0x7f764e83e70b in QAbstractButton::mouseReleaseEvent(QMouseEvent*) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x23570b) #23 0x7f764e7a0007 in QWidget::event(QEvent*) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x197007) #24 0x7f764e75bdcb in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x152dcb) #25 0x7f764e763c2c in QApplication::notify(QObject*, QEvent*) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x15ac2c) #26 0x7f764e15c457 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Core.so.5+0x273457) #27 0x7f764e76287e in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer&, bool) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x15987e) #28 0x7f764e7b99f5 (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x1b09f5) #29 0x7f764e7bc32a (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x1b332a) #30 0x7f764e75bdcb in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x152dcb) #31 0x7f764e763235 in QApplication::notify(QObject*, QEvent*) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Widgets.so.5+0x15a235) #32 0x7f764e15c457 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Core.so.5+0x273457) #33 0x7f764cbb7baf in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Gui.so.5+0x12bbaf) #34 0x7f764cbb9954 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Gui.so.5+0x12d954) #35 0x7f764cb96a1a in QWindowSystemInterface::sendWindowSystemEvents(QFlags) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Gui.so.5+0x10aa1a) #36 0x7f76445904af (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5XcbQpa.so.5+0xaf4af) #37 0x7f7649cf9196 in g_main_context_dispatch (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4a196) #38 0x7f7649cf93ef (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4a3ef) #39 0x7f7649cf949b in g_main_context_iteration (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4a49b) #40 0x7f764e1accbe in QEventDispatcherGlib::processEvents(QFlags) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Core.so.5+0x2c3cbe) #41 0x7f764e15a9c9 in QEventLoop::exec(QFlags) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Core.so.5+0x2719c9) #42 0x7f764e1629f3 in QCoreApplication::exec() (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Core.so.5+0x2799f3) #43 0x5596a75c35fa in main (/home/waltz/build-buggy-Desktop_Qt_5_8_0_GCC_64bit-Debug/buggy+0x45fa) #44 0x7f764ee5a82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #45 0x5596a75c33f8 in _start (/home/waltz/build-buggy-Desktop_Qt_5_8_0_GCC_64bit-Debug/buggy+0x43f8) 0x6060000dffb8 is located 24 bytes inside of 64-byte region [0x6060000dffa0,0x6060000dffe0) freed by thread T0 here: #0 0x7f764f29b2ca in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x982ca) #1 0x7f76417269de (/opt/Qt5.8.0/5.8/gcc_64/plugins/platformthemes/libqgtk3.so+0x129de) previously allocated by thread T0 here: #0 0x7f764f29b961 in realloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98961) #1 0x7f764df97f4d in QByteArray::reallocData(unsigned int, QFlags) (/opt/Qt5.8.0/5.8/gcc_64/lib/libQt5Core.so.5+0xaef4d) #2 0x61a00001327f () SUMMARY: AddressSanitizer: heap-use-after-free ??:0 __interceptor_strlen Shadow bytes around the buggy address: 0x0c0c80013fa0: fd fd fd fd fd fd fd fd fa fa fa fa fd fd fd fd 0x0c0c80013fb0: fd fd fd fd fa fa fa fa fd fd fd fd fd fd fd fd 0x0c0c80013fc0: fa fa fa fa fd fd fd fd fd fd fd fd fa fa fa fa 0x0c0c80013fd0: 00 00 00 00 00 00 00 00 fa fa fa fa 00 00 00 00 0x0c0c80013fe0: 00 00 00 00 fa fa fa fa 00 00 00 00 00 00 00 00 =>0x0c0c80013ff0: fa fa fa fa fd fd fd[fd]fd fd fd fd fa fa fa fa 0x0c0c80014000: 00 00 00 00 00 00 00 02 fa fa fa fa 00 00 00 00 0x0c0c80014010: 00 00 00 06 fa fa fa fa 00 00 00 00 00 00 00 00 0x0c0c80014020: fa fa fa fa fd fd fd fd fd fd fd fd fa fa fa fa 0x0c0c80014030: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd 0x0c0c80014040: fd fd fd fa fa fa fa fa fd fd fd fd fd fd fd fd Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe ==13935==ABORTING