Details
-
Bug
-
Resolution: Done
-
Not Evaluated
-
5.4.0
-
None
-
OSX Clang Address Sanitizer 3.6
-
247607a1af0253576b3330075fdcbb3d5c4cca00
Description
When running the qtquickcontrols controls auto tests in 5.4.0 compiled with clang address sanitizer on OSX, I get the following crash:
================================================================= ==4137==ERROR: AddressSanitizer: global-buffer-overflow on address 0x00010a3a4eae at pc 0x00010396713d bp 0x00011f57dfb0 sp 0x00011f57d768 READ of size 17 at 0x00010a3a4eae thread T7 #0 0x10396713c in 0x0002513c (in libclang_rt.asan_osx_dynamic.dylib) + 412 #1 0x10c80402f in match qtranslator.cpp:95 #2 0x10c8080fb in getMessage qtranslator.cpp:914 #3 0x10c8026ca in QTranslatorPrivate::do_translate const qtranslator.cpp:1022 #4 0x10c8093ee in QTranslator::translate const qtranslator.cpp:1105 #5 0x10c482706 in QCoreApplication::translate qcoreapplication.cpp:1896 #6 0x108420b98 in QtFontStyle::Key::Key qfontdatabase.cpp:225 #7 0x108424de9 in QtFontStyle::Key::Key qfontdatabase.cpp:230 #8 0x108435b9f in QFontDatabase::isSmoothlyScalable const qfontdatabase.cpp:1562 #9 0x111f6447e in QQuickTextNode::addGlyphs qquicktextnode.cpp:144 #10 0x111f94428 in QQuickTextNodeEngine::addToSceneGraph qquicktextnodeengine.cpp:737 #11 0x111f6adb1 in QQuickTextNode::addTextLayout qquicktextnode.cpp:305 #12 0x111f380e2 in QQuickText::updatePaintNode qquicktext.cpp:2253 #13 0x111c11b69 in QQuickWindowPrivate::updateDirtyNode qquickwindow.cpp:2822 #14 0x111bc9961 in QQuickWindowPrivate::updateDirtyNodes qquickwindow.cpp:2647 #15 0x111bc7ffd in QQuickWindowPrivate::syncSceneGraph qquickwindow.cpp:338 #16 0x111a099de in QSGRenderThread::sync qsgthreadedrenderloop.cpp:510 #17 0x111a0ae4c in QSGRenderThread::syncAndRender qsgthreadedrenderloop.cpp:553 #18 0x111a0e2d4 in QSGRenderThread::run qsgthreadedrenderloop.cpp:663 #19 0x10af0f513 in QThreadPrivate::start qthread_unix.cpp:337 #20 0x7fff8ca58898 in _pthread_body (in libsystem_pthread.dylib) + 137 #21 0x7fff8ca58729 in _pthread_start (in libsystem_pthread.dylib) + 136 #22 0x7fff8ca5cfc8 in thread_start (in libsystem_pthread.dylib) + 12 0x00010a3a4eae is located 50 bytes to the left of global variable '<string literal>' defined in 'text/qfontdatabase.cpp:227:49' (0x10a3a4ee0) of size 8 '<string literal>' is ascii string 'Oblique' 0x00010a3a4eae is located 0 bytes to the right of global variable '<string literal>' defined in 'text/qfontdatabase.cpp:225:61' (0x10a3a4ea0) of size 14 '<string literal>' is ascii string 'QFontDatabase' SUMMARY: AddressSanitizer: global-buffer-overflow ??:0 ?? Shadow bytes around the buggy address: 0x100021474980: f9 f9 f9 f9 00 00 00 00 00 00 00 00 f9 f9 f9 f9 0x100021474990: 00 00 00 00 00 00 00 02 f9 f9 f9 f9 00 00 07 f9 0x1000214749a0: f9 f9 f9 f9 00 00 00 00 03 f9 f9 f9 f9 f9 f9 f9 0x1000214749b0: 00 00 00 00 00 01 f9 f9 f9 f9 f9 f9 00 00 00 00 0x1000214749c0: 00 00 00 07 f9 f9 f9 f9 00 00 00 00 07 f9 f9 f9 =>0x1000214749d0: f9 f9 f9 f9 00[06]f9 f9 f9 f9 f9 f9 00 f9 f9 f9 0x1000214749e0: f9 f9 f9 f9 00 00 07 f9 f9 f9 f9 f9 00 02 f9 f9 0x1000214749f0: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00 0x100021474a00: 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 07 0x100021474a10: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 07 f9 f9 0x100021474a20: f9 f9 f9 f9 03 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac ASan internal: fe Thread T7 created by T0 here: #0 0x103966d4f in 0x00024d4f (in libclang_rt.asan_osx_dynamic.dylib) + 63 #1 0x10af13e47 in QThread::start qthread_unix.cpp:616 #2 0x111a1911a in QSGThreadedRenderLoop::handleExposure qsgthreadedrenderloop.cpp:922 #3 0x111a162e1 in QSGThreadedRenderLoop::exposureChanged qsgthreadedrenderloop.cpp:843 #4 0x111bc4f6b in QQuickWindow::exposeEvent qquickwindow.cpp:206 #5 0x107a8a5dc in QWindow::event qwindow.cpp:2021 #6 0x111be8eb6 in QQuickWindow::event qquickwindow.cpp:1392 #7 0x1047d2b37 in QApplicationPrivate::notify_helper qapplication.cpp:3719 #8 0x1047df4d1 in QApplication::notify qapplication.cpp:3161 #9 0x10c47335d in QCoreApplication::notifyInternal qcoreapplication.cpp:932 #10 0x107a218f5 in QCoreApplication::sendSpontaneousEvent qcoreapplication.h:231 #11 0x107a00248 in QGuiApplicationPrivate::processExposeEvent qguiapplication.cpp:2643 #12 0x1079e7b36 in QGuiApplicationPrivate::processWindowSystemEvent qguiapplication.cpp:1671 #13 0x1078d9b65 in QWindowSystemInterface::sendWindowSystemEvents qwindowsysteminterface.cpp:573 #14 0x1078c6ed9 in QWindowSystemInterface::flushWindowSystemEvents qwindowsysteminterface.cpp:557 #15 0x11821d526 in QCocoaWindow::setVisible qcocoawindow.mm:679 #16 0x107a6f115 in QWindow::setVisible qwindow.cpp:499 #17 0x107a6a8c1 in QWindow::showNormal qwindow.cpp:1843 #18 0x107a6a6ff in QWindow::show qwindow.cpp:1771 #19 0x104622ed6 in quick_test_main quicktest.cpp:363 #20 0x10393f8a0 in main tst_controls.cpp:35 #21 0x10393f3b3 in start (in tst_controls) + 51 #22 0x2 (<unknown module>) ==4137==ABORTING
The call from qfontdatabase.cpp:225 is
QCoreApplication::translate("QFontDatabase", "Italic")