Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix for #178. dwfl_attach_state should be called only for user-level … #11

Closed
wants to merge 2 commits into from
Closed

Fix for #178. dwfl_attach_state should be called only for user-level … #11

wants to merge 2 commits into from

Conversation

vtoropov
Copy link
Contributor

@vtoropov vtoropov commented Jul 3, 2020

Fix for #178. The function dwfl_attach_state should be called only for user-level CPU register state
and user level stack, allowing stack unwinding

@vtoropov
Fix for #178. dwfl_attach_state should be called only for user-level …
e19ead6 
…CPU register state and user level stack, allowing stack unwinding
milianw
milianw requested changes Jul 3, 2020
View reviewed changes
Copy link
Member

@milianw milianw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks, but some more work is needed on this

app/perfdata.h Outdated
* in the overflow packets.
*/
enum perf_event_sample_format {
PERF_SAMPLE_REGS_USER = 1U << 12,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please copy the full definition from an up2date perf_event.h

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually, please use PerfEventAttributes::SampleFormat instead

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good, the using PerfEventAttributes::SampleFormat instead enum perf_event_sample_format is ok.
I think that the enum from perf_event.h is redundant in this case

app/perfsymboltable.cpp Outdated
PerfUnwind::UnwindInfo *unwindInfo = static_cast<PerfUnwind::UnwindInfo *>(arg);
if (!((unwindInfo->sample->type() & PERF_SAMPLE_REGS_USER) &&
// Records the current user-level CPU register state
(unwindInfo->sample->type() & PERF_SAMPLE_STACK_USER)))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this part shouldn't be checked here, it will break analysis of data files recorded without --call-graph dwarf - we still want dwfl setup then to analyze inline frames and symbols

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if this part is needed, then maybe move it to PerfUnwind::analyze - but I don't think we should need it - do we really get a userStack().length() > 0 without PERF_SAMPLE_STACK_USER? I doubt that

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This check did not break analysis of data files recorded without --call-graph dwarf.
We simply disable the erroneous call to the dwfl_attach_state function. And this check should be done right here, after the if statement if (static_cast <pid_t> (m_pid) == dwfl_pid (m_dwfl)). In this case, the check does not violate the analysis in the resolveCallchain function, and moreover, unwindStack. Moreover, this check is performed only once for each pid when attachDwfl is called from unwindStack and only unnecessary calls from resolveCallchain are intercepted by this check.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just looked at the checks when calling the dwfl_attach_state function in linux perf.
Perf report does the same check: machine.c, line 2495 -
if (! ((evsel-> core.attr.sample_type & PERF_SAMPLE_REGS_USER) &&
(evsel-> core.attr.sample_type & PERF_SAMPLE_STACK_USER)))
return 0;

@vtoropov
removed enum perf_event_sample_format
525c4da 
enum PERF_SAMPLE_REGS_USER replaced by PerfEventAttributes::SAMPLE_REGS_USER
enum PERF_SAMPLE_STACK_USER replased by PerfEventAttributes::SAMPLE_STACK_USER
@milianw
Copy link
Member

milianw commented Jul 9, 2020

cleaned up and expanded the commit message with a better explanation in 71689f1

thanks!

@milianw milianw closed this Jul 9, 2020
lievenhey added a commit that referenced this pull request Oct 11, 2024
@lievenhey
feat: fix crash in qt6
ba23f32 
In qt6 QHash is no longer iterator safe

==138723==ERROR: AddressSanitizer: heap-use-after-free on address 0x51b000035c68 at pc 0x5d085ec696b9 bp 0x7ffe43776e00 sp 0x7ffe43776df0
READ of size 8 at 0x51b000035c68 thread T0
    #0 0x5d085ec696b8 in void qt_ptr_swap<QTypedArrayData<char> >(QTypedArrayData<char>*&, QTypedArrayData<char>*&) /usr/include/qt6/QtCore/qswap.h:31
    #1 0x5d085ec67e4f in QArrayDataPointer<char>::swap(QArrayDataPointer<char>&) /usr/include/qt6/QtCore/qarraydatapointer.h:131
    #2 0x5d085ec66e97 in QByteArray::swap(QByteArray&) /usr/include/qt6/QtCore/qbytearray.h:103
    #3 0x5d085ec66da8 in QByteArray::operator=(QByteArray&&) /usr/include/qt6/QtCore/qbytearray.h:101
    #4 0x5d085ef0ca5c in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:364
    #5 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #6 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #7 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #8 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #9 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #10 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #11 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #12 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #13 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #14 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #15 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #16 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #17 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #18 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #19 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #20 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #21 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #22 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #23 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #24 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #25 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234
    #26 0x5d085ec5d91c in PerfHeader::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfheader.cpp:122
    #27 0x5d085ec2f1b7 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (PerfHeader::*)()>::call(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:145
    #28 0x5d085ec2e24a in void QtPrivate::FunctionPointer<void (PerfHeader::*)()>::call<QtPrivate::List<>, void>(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:182
    #29 0x5d085ec2bf91 in QtPrivate::QCallableObject<void (PerfHeader::*)(), QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) /usr/include/qt6/QtCore/qobjectdefs_impl.h:553
    #30 0x75a74298d93e in QObject::event(QEvent*) (/usr/lib/libQt6Core.so.6+0x18d93e) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #31 0x75a742945bc2 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/libQt6Core.so.6+0x145bc2) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #32 0x75a742945faa in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (/usr/lib/libQt6Core.so.6+0x145faa) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #33 0x75a742babe4b  (/usr/lib/libQt6Core.so.6+0x3abe4b) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #34 0x75a740d13558  (/usr/lib/libglib-2.0.so.0+0x5d558) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #35 0x75a740d76156  (/usr/lib/libglib-2.0.so.0+0xc0156) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #36 0x75a740d12a54 in g_main_context_iteration (/usr/lib/libglib-2.0.so.0+0x5ca54) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #37 0x75a742ba985c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt6Core.so.6+0x3a985c) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #38 0x75a742950105 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt6Core.so.6+0x150105) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #39 0x75a74294a27c in QCoreApplication::exec() (/usr/lib/libQt6Core.so.6+0x14a27c) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #40 0x5d085ec04e44 in main /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:481
    #41 0x75a741a34e07  (/usr/lib/libc.so.6+0x25e07) (BuildId: 98b3d8e0b8c534c769cb871c438b4f8f3a8e4bf3)
    #42 0x75a741a34ecb in __libc_start_main (/usr/lib/libc.so.6+0x25ecb) (BuildId: 98b3d8e0b8c534c769cb871c438b4f8f3a8e4bf3)
    #43 0x5d085ebf4b64 in _start (/home/lieven/KDAB/hotspot/build-dev-asan-qt6/libexec/hotspot-perfparser+0x72db64) (BuildId: 580374afdfc7f3994c76369459f6848384c3c771)

0x51b000035c68 is located 1512 bytes inside of 1536-byte region [0x51b000035680,0x51b000035c80)
freed by thread T0 here:
    #0 0x75a7430ff22a in operator delete[](void*) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:155
    #1 0x5d085ef2c5af in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::addStorage() /usr/include/qt6/QtCore/qhash.h:409
    #2 0x5d085ef240f5 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::insert(unsigned long) /usr/include/qt6/QtCore/qhash.h:283
    #3 0x5d085ef1d324 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::Bucket::insert() const /usr/include/qt6/QtCore/qhash.h:511
    #4 0x5d085ef18c64 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::findOrInsert(unsigned long const&) /usr/include/qt6/QtCore/qhash.h:728
    #5 0x5d085ef1551a in QHash<unsigned long, QByteArray>::operator[](unsigned long const&) /usr/include/qt6/QtCore/qhash.h:1064
    #6 0x5d085ef08e30 in prependScopeNames(QByteArray&, Dwarf_Die*, QHash<unsigned long, QByteArray>&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:204
    #7 0x5d085ef0965b in qualifiedDieName(Dwarf_Die*, QHash<unsigned long, QByteArray>&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:229
    #8 0x5d085ef0c9b8 in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:364
    #9 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #10 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #11 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #12 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #13 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #14 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #15 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #16 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #17 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #18 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #19 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #20 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #21 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #22 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #23 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #24 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #25 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #26 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #27 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #28 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #29 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234

previously allocated by thread T0 here:
    #0 0x75a7430fe682 in operator new[](unsigned long) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:98
    #1 0x5d085ef2c181 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::addStorage() /usr/include/qt6/QtCore/qhash.h:394
    #2 0x5d085ef240f5 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::insert(unsigned long) /usr/include/qt6/QtCore/qhash.h:283
    #3 0x5d085ef1d324 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::Bucket::insert() const /usr/include/qt6/QtCore/qhash.h:511
    #4 0x5d085ef18c64 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::findOrInsert(unsigned long const&) /usr/include/qt6/QtCore/qhash.h:728
    #5 0x5d085ef1551a in QHash<unsigned long, QByteArray>::operator[](unsigned long const&) /usr/include/qt6/QtCore/qhash.h:1064
    #6 0x5d085ef0c883 in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:362
    #7 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #8 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #9 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #10 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #11 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #12 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #13 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #14 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #15 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #16 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #17 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #18 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #19 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #20 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #21 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #22 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #23 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #24 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #25 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #26 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #27 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234
    #28 0x5d085ec5d91c in PerfHeader::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfheader.cpp:122
    #29 0x5d085ec2f1b7 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (PerfHeader::*)()>::call(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:145

SUMMARY: AddressSanitizer: heap-use-after-free /usr/include/qt6/QtCore/qswap.h:31 in void qt_ptr_swap<QTypedArrayData<char> >(QTypedArrayData<char>*&, QTypedArrayData<char>*&)
Shadow bytes around the buggy address:
  0x51b000035980: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035a00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035a80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035b00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035b80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x51b000035c00: fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd fd
  0x51b000035c80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x51b000035d00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x51b000035d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000035e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000035e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==138723==ABORTING
@lievenhey lievenhey mentioned this pull request Oct 11, 2024
Merged
lievenhey added a commit that referenced this pull request Oct 11, 2024
@lievenhey
feat: fix crash in qt6
90164b7 
In qt6 QHash is no longer iterator safe

==138723==ERROR: AddressSanitizer: heap-use-after-free on address 0x51b000035c68 at pc 0x5d085ec696b9 bp 0x7ffe43776e00 sp 0x7ffe43776df0
READ of size 8 at 0x51b000035c68 thread T0
    #0 0x5d085ec696b8 in void qt_ptr_swap<QTypedArrayData<char> >(QTypedArrayData<char>*&, QTypedArrayData<char>*&) /usr/include/qt6/QtCore/qswap.h:31
    #1 0x5d085ec67e4f in QArrayDataPointer<char>::swap(QArrayDataPointer<char>&) /usr/include/qt6/QtCore/qarraydatapointer.h:131
    #2 0x5d085ec66e97 in QByteArray::swap(QByteArray&) /usr/include/qt6/QtCore/qbytearray.h:103
    #3 0x5d085ec66da8 in QByteArray::operator=(QByteArray&&) /usr/include/qt6/QtCore/qbytearray.h:101
    #4 0x5d085ef0ca5c in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:364
    #5 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #6 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #7 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #8 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #9 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #10 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #11 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #12 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #13 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #14 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #15 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #16 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #17 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #18 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #19 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #20 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #21 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #22 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #23 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #24 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #25 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234
    #26 0x5d085ec5d91c in PerfHeader::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfheader.cpp:122
    #27 0x5d085ec2f1b7 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (PerfHeader::*)()>::call(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:145
    #28 0x5d085ec2e24a in void QtPrivate::FunctionPointer<void (PerfHeader::*)()>::call<QtPrivate::List<>, void>(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:182
    #29 0x5d085ec2bf91 in QtPrivate::QCallableObject<void (PerfHeader::*)(), QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) /usr/include/qt6/QtCore/qobjectdefs_impl.h:553
    #30 0x75a74298d93e in QObject::event(QEvent*) (/usr/lib/libQt6Core.so.6+0x18d93e) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #31 0x75a742945bc2 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/libQt6Core.so.6+0x145bc2) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #32 0x75a742945faa in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (/usr/lib/libQt6Core.so.6+0x145faa) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #33 0x75a742babe4b  (/usr/lib/libQt6Core.so.6+0x3abe4b) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #34 0x75a740d13558  (/usr/lib/libglib-2.0.so.0+0x5d558) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #35 0x75a740d76156  (/usr/lib/libglib-2.0.so.0+0xc0156) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #36 0x75a740d12a54 in g_main_context_iteration (/usr/lib/libglib-2.0.so.0+0x5ca54) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #37 0x75a742ba985c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt6Core.so.6+0x3a985c) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #38 0x75a742950105 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt6Core.so.6+0x150105) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #39 0x75a74294a27c in QCoreApplication::exec() (/usr/lib/libQt6Core.so.6+0x14a27c) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #40 0x5d085ec04e44 in main /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:481
    #41 0x75a741a34e07  (/usr/lib/libc.so.6+0x25e07) (BuildId: 98b3d8e0b8c534c769cb871c438b4f8f3a8e4bf3)
    #42 0x75a741a34ecb in __libc_start_main (/usr/lib/libc.so.6+0x25ecb) (BuildId: 98b3d8e0b8c534c769cb871c438b4f8f3a8e4bf3)
    #43 0x5d085ebf4b64 in _start (/home/lieven/KDAB/hotspot/build-dev-asan-qt6/libexec/hotspot-perfparser+0x72db64) (BuildId: 580374afdfc7f3994c76369459f6848384c3c771)

0x51b000035c68 is located 1512 bytes inside of 1536-byte region [0x51b000035680,0x51b000035c80)
freed by thread T0 here:
    #0 0x75a7430ff22a in operator delete[](void*) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:155
    #1 0x5d085ef2c5af in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::addStorage() /usr/include/qt6/QtCore/qhash.h:409
    #2 0x5d085ef240f5 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::insert(unsigned long) /usr/include/qt6/QtCore/qhash.h:283
    #3 0x5d085ef1d324 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::Bucket::insert() const /usr/include/qt6/QtCore/qhash.h:511
    #4 0x5d085ef18c64 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::findOrInsert(unsigned long const&) /usr/include/qt6/QtCore/qhash.h:728
    #5 0x5d085ef1551a in QHash<unsigned long, QByteArray>::operator[](unsigned long const&) /usr/include/qt6/QtCore/qhash.h:1064
    #6 0x5d085ef08e30 in prependScopeNames(QByteArray&, Dwarf_Die*, QHash<unsigned long, QByteArray>&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:204
    #7 0x5d085ef0965b in qualifiedDieName(Dwarf_Die*, QHash<unsigned long, QByteArray>&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:229
    #8 0x5d085ef0c9b8 in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:364
    #9 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #10 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #11 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #12 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #13 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #14 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #15 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #16 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #17 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #18 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #19 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #20 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #21 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #22 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #23 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #24 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #25 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #26 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #27 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #28 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #29 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234

previously allocated by thread T0 here:
    #0 0x75a7430fe682 in operator new[](unsigned long) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:98
    #1 0x5d085ef2c181 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::addStorage() /usr/include/qt6/QtCore/qhash.h:394
    #2 0x5d085ef240f5 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::insert(unsigned long) /usr/include/qt6/QtCore/qhash.h:283
    #3 0x5d085ef1d324 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::Bucket::insert() const /usr/include/qt6/QtCore/qhash.h:511
    #4 0x5d085ef18c64 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::findOrInsert(unsigned long const&) /usr/include/qt6/QtCore/qhash.h:728
    #5 0x5d085ef1551a in QHash<unsigned long, QByteArray>::operator[](unsigned long const&) /usr/include/qt6/QtCore/qhash.h:1064
    #6 0x5d085ef0c883 in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:362
    #7 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #8 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #9 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #10 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #11 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #12 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #13 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #14 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #15 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #16 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #17 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #18 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #19 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #20 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #21 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #22 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #23 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #24 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #25 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #26 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #27 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234
    #28 0x5d085ec5d91c in PerfHeader::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfheader.cpp:122
    #29 0x5d085ec2f1b7 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (PerfHeader::*)()>::call(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:145

SUMMARY: AddressSanitizer: heap-use-after-free /usr/include/qt6/QtCore/qswap.h:31 in void qt_ptr_swap<QTypedArrayData<char> >(QTypedArrayData<char>*&, QTypedArrayData<char>*&)
Shadow bytes around the buggy address:
  0x51b000035980: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035a00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035a80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035b00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035b80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x51b000035c00: fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd fd
  0x51b000035c80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x51b000035d00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x51b000035d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000035e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000035e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==138723==ABORTING
lievenhey added a commit that referenced this pull request Oct 11, 2024
@lievenhey
feat: fix crash in qt6
b014762 
In qt6 QHash is no longer iterator safe

==138723==ERROR: AddressSanitizer: heap-use-after-free on address 0x51b000035c68 at pc 0x5d085ec696b9 bp 0x7ffe43776e00 sp 0x7ffe43776df0
READ of size 8 at 0x51b000035c68 thread T0
    #0 0x5d085ec696b8 in void qt_ptr_swap<QTypedArrayData<char> >(QTypedArrayData<char>*&, QTypedArrayData<char>*&) /usr/include/qt6/QtCore/qswap.h:31
    #1 0x5d085ec67e4f in QArrayDataPointer<char>::swap(QArrayDataPointer<char>&) /usr/include/qt6/QtCore/qarraydatapointer.h:131
    #2 0x5d085ec66e97 in QByteArray::swap(QByteArray&) /usr/include/qt6/QtCore/qbytearray.h:103
    #3 0x5d085ec66da8 in QByteArray::operator=(QByteArray&&) /usr/include/qt6/QtCore/qbytearray.h:101
    #4 0x5d085ef0ca5c in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:364
    #5 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #6 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #7 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #8 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #9 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #10 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #11 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #12 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #13 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #14 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #15 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #16 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #17 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #18 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #19 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #20 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #21 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #22 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #23 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #24 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #25 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234
    #26 0x5d085ec5d91c in PerfHeader::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfheader.cpp:122
    #27 0x5d085ec2f1b7 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (PerfHeader::*)()>::call(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:145
    #28 0x5d085ec2e24a in void QtPrivate::FunctionPointer<void (PerfHeader::*)()>::call<QtPrivate::List<>, void>(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:182
    #29 0x5d085ec2bf91 in QtPrivate::QCallableObject<void (PerfHeader::*)(), QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) /usr/include/qt6/QtCore/qobjectdefs_impl.h:553
    #30 0x75a74298d93e in QObject::event(QEvent*) (/usr/lib/libQt6Core.so.6+0x18d93e) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #31 0x75a742945bc2 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/libQt6Core.so.6+0x145bc2) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #32 0x75a742945faa in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (/usr/lib/libQt6Core.so.6+0x145faa) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #33 0x75a742babe4b  (/usr/lib/libQt6Core.so.6+0x3abe4b) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #34 0x75a740d13558  (/usr/lib/libglib-2.0.so.0+0x5d558) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #35 0x75a740d76156  (/usr/lib/libglib-2.0.so.0+0xc0156) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #36 0x75a740d12a54 in g_main_context_iteration (/usr/lib/libglib-2.0.so.0+0x5ca54) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #37 0x75a742ba985c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt6Core.so.6+0x3a985c) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #38 0x75a742950105 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt6Core.so.6+0x150105) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #39 0x75a74294a27c in QCoreApplication::exec() (/usr/lib/libQt6Core.so.6+0x14a27c) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #40 0x5d085ec04e44 in main /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:481
    #41 0x75a741a34e07  (/usr/lib/libc.so.6+0x25e07) (BuildId: 98b3d8e0b8c534c769cb871c438b4f8f3a8e4bf3)
    #42 0x75a741a34ecb in __libc_start_main (/usr/lib/libc.so.6+0x25ecb) (BuildId: 98b3d8e0b8c534c769cb871c438b4f8f3a8e4bf3)
    #43 0x5d085ebf4b64 in _start (/home/lieven/KDAB/hotspot/build-dev-asan-qt6/libexec/hotspot-perfparser+0x72db64) (BuildId: 580374afdfc7f3994c76369459f6848384c3c771)

0x51b000035c68 is located 1512 bytes inside of 1536-byte region [0x51b000035680,0x51b000035c80)
freed by thread T0 here:
    #0 0x75a7430ff22a in operator delete[](void*) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:155
    #1 0x5d085ef2c5af in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::addStorage() /usr/include/qt6/QtCore/qhash.h:409
    #2 0x5d085ef240f5 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::insert(unsigned long) /usr/include/qt6/QtCore/qhash.h:283
    #3 0x5d085ef1d324 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::Bucket::insert() const /usr/include/qt6/QtCore/qhash.h:511
    #4 0x5d085ef18c64 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::findOrInsert(unsigned long const&) /usr/include/qt6/QtCore/qhash.h:728
    #5 0x5d085ef1551a in QHash<unsigned long, QByteArray>::operator[](unsigned long const&) /usr/include/qt6/QtCore/qhash.h:1064
    #6 0x5d085ef08e30 in prependScopeNames(QByteArray&, Dwarf_Die*, QHash<unsigned long, QByteArray>&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:204
    #7 0x5d085ef0965b in qualifiedDieName(Dwarf_Die*, QHash<unsigned long, QByteArray>&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:229
    #8 0x5d085ef0c9b8 in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:364
    #9 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #10 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #11 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #12 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #13 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #14 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #15 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #16 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #17 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #18 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #19 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #20 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #21 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #22 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #23 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #24 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #25 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #26 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #27 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #28 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #29 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234

previously allocated by thread T0 here:
    #0 0x75a7430fe682 in operator new[](unsigned long) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:98
    #1 0x5d085ef2c181 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::addStorage() /usr/include/qt6/QtCore/qhash.h:394
    #2 0x5d085ef240f5 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::insert(unsigned long) /usr/include/qt6/QtCore/qhash.h:283
    #3 0x5d085ef1d324 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::Bucket::insert() const /usr/include/qt6/QtCore/qhash.h:511
    #4 0x5d085ef18c64 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::findOrInsert(unsigned long const&) /usr/include/qt6/QtCore/qhash.h:728
    #5 0x5d085ef1551a in QHash<unsigned long, QByteArray>::operator[](unsigned long const&) /usr/include/qt6/QtCore/qhash.h:1064
    #6 0x5d085ef0c883 in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:362
    #7 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #8 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #9 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #10 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #11 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #12 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #13 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #14 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #15 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #16 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #17 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #18 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #19 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #20 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #21 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #22 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #23 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #24 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #25 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #26 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #27 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234
    #28 0x5d085ec5d91c in PerfHeader::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfheader.cpp:122
    #29 0x5d085ec2f1b7 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (PerfHeader::*)()>::call(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:145

SUMMARY: AddressSanitizer: heap-use-after-free /usr/include/qt6/QtCore/qswap.h:31 in void qt_ptr_swap<QTypedArrayData<char> >(QTypedArrayData<char>*&, QTypedArrayData<char>*&)
Shadow bytes around the buggy address:
  0x51b000035980: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035a00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035a80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035b00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035b80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x51b000035c00: fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd fd
  0x51b000035c80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x51b000035d00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x51b000035d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000035e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000035e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==138723==ABORTING
milianw pushed a commit that referenced this pull request Oct 11, 2024
@lievenhey @milianw
feat: fix crash in qt6
a6aeb01 
In qt6 QHash is no longer iterator safe

==138723==ERROR: AddressSanitizer: heap-use-after-free on address 0x51b000035c68 at pc 0x5d085ec696b9 bp 0x7ffe43776e00 sp 0x7ffe43776df0
READ of size 8 at 0x51b000035c68 thread T0
    #0 0x5d085ec696b8 in void qt_ptr_swap<QTypedArrayData<char> >(QTypedArrayData<char>*&, QTypedArrayData<char>*&) /usr/include/qt6/QtCore/qswap.h:31
    #1 0x5d085ec67e4f in QArrayDataPointer<char>::swap(QArrayDataPointer<char>&) /usr/include/qt6/QtCore/qarraydatapointer.h:131
    #2 0x5d085ec66e97 in QByteArray::swap(QByteArray&) /usr/include/qt6/QtCore/qbytearray.h:103
    #3 0x5d085ec66da8 in QByteArray::operator=(QByteArray&&) /usr/include/qt6/QtCore/qbytearray.h:101
    #4 0x5d085ef0ca5c in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:364
    #5 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #6 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #7 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #8 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #9 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #10 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #11 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #12 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #13 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #14 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #15 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #16 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #17 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #18 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #19 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #20 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #21 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #22 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #23 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #24 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #25 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234
    #26 0x5d085ec5d91c in PerfHeader::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfheader.cpp:122
    #27 0x5d085ec2f1b7 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (PerfHeader::*)()>::call(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:145
    #28 0x5d085ec2e24a in void QtPrivate::FunctionPointer<void (PerfHeader::*)()>::call<QtPrivate::List<>, void>(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:182
    #29 0x5d085ec2bf91 in QtPrivate::QCallableObject<void (PerfHeader::*)(), QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) /usr/include/qt6/QtCore/qobjectdefs_impl.h:553
    #30 0x75a74298d93e in QObject::event(QEvent*) (/usr/lib/libQt6Core.so.6+0x18d93e) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #31 0x75a742945bc2 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/libQt6Core.so.6+0x145bc2) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #32 0x75a742945faa in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (/usr/lib/libQt6Core.so.6+0x145faa) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #33 0x75a742babe4b  (/usr/lib/libQt6Core.so.6+0x3abe4b) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #34 0x75a740d13558  (/usr/lib/libglib-2.0.so.0+0x5d558) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #35 0x75a740d76156  (/usr/lib/libglib-2.0.so.0+0xc0156) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #36 0x75a740d12a54 in g_main_context_iteration (/usr/lib/libglib-2.0.so.0+0x5ca54) (BuildId: 7b781c8d1a6e2161838c5d8f3bd797797c132753)
    #37 0x75a742ba985c in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt6Core.so.6+0x3a985c) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #38 0x75a742950105 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/libQt6Core.so.6+0x150105) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #39 0x75a74294a27c in QCoreApplication::exec() (/usr/lib/libQt6Core.so.6+0x14a27c) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #40 0x5d085ec04e44 in main /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:481
    #41 0x75a741a34e07  (/usr/lib/libc.so.6+0x25e07) (BuildId: 98b3d8e0b8c534c769cb871c438b4f8f3a8e4bf3)
    #42 0x75a741a34ecb in __libc_start_main (/usr/lib/libc.so.6+0x25ecb) (BuildId: 98b3d8e0b8c534c769cb871c438b4f8f3a8e4bf3)
    #43 0x5d085ebf4b64 in _start (/home/lieven/KDAB/hotspot/build-dev-asan-qt6/libexec/hotspot-perfparser+0x72db64) (BuildId: 580374afdfc7f3994c76369459f6848384c3c771)

0x51b000035c68 is located 1512 bytes inside of 1536-byte region [0x51b000035680,0x51b000035c80)
freed by thread T0 here:
    #0 0x75a7430ff22a in operator delete[](void*) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:155
    #1 0x5d085ef2c5af in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::addStorage() /usr/include/qt6/QtCore/qhash.h:409
    #2 0x5d085ef240f5 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::insert(unsigned long) /usr/include/qt6/QtCore/qhash.h:283
    #3 0x5d085ef1d324 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::Bucket::insert() const /usr/include/qt6/QtCore/qhash.h:511
    #4 0x5d085ef18c64 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::findOrInsert(unsigned long const&) /usr/include/qt6/QtCore/qhash.h:728
    #5 0x5d085ef1551a in QHash<unsigned long, QByteArray>::operator[](unsigned long const&) /usr/include/qt6/QtCore/qhash.h:1064
    #6 0x5d085ef08e30 in prependScopeNames(QByteArray&, Dwarf_Die*, QHash<unsigned long, QByteArray>&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:204
    #7 0x5d085ef0965b in qualifiedDieName(Dwarf_Die*, QHash<unsigned long, QByteArray>&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:229
    #8 0x5d085ef0c9b8 in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:364
    #9 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #10 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #11 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #12 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #13 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #14 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #15 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #16 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #17 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #18 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #19 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #20 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #21 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #22 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #23 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #24 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #25 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #26 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #27 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #28 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #29 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234

previously allocated by thread T0 here:
    #0 0x75a7430fe682 in operator new[](unsigned long) /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_new_delete.cpp:98
    #1 0x5d085ef2c181 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::addStorage() /usr/include/qt6/QtCore/qhash.h:394
    #2 0x5d085ef240f5 in QHashPrivate::Span<QHashPrivate::Node<unsigned long, QByteArray> >::insert(unsigned long) /usr/include/qt6/QtCore/qhash.h:283
    #3 0x5d085ef1d324 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::Bucket::insert() const /usr/include/qt6/QtCore/qhash.h:511
    #4 0x5d085ef18c64 in QHashPrivate::Data<QHashPrivate::Node<unsigned long, QByteArray> >::findOrInsert(unsigned long const&) /usr/include/qt6/QtCore/qhash.h:728
    #5 0x5d085ef1551a in QHash<unsigned long, QByteArray>::operator[](unsigned long const&) /usr/include/qt6/QtCore/qhash.h:1064
    #6 0x5d085ef0c883 in CuDieRangeMapping::dieName(Dwarf_Die*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdwarfdiecache.cpp:362
    #7 0x5d085ee36e7c in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:768
    #8 0x5d085ee39eea in PerfSymbolTable::lookupFrame(unsigned long, bool, bool*) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfsymboltable.cpp:774
    #9 0x5d085ed06ec5 in frameCallback /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:541
    #10 0x75a7437f7b08 in dwfl_thread_getframes (/usr/lib/libdw.so.1+0x5bb08) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #11 0x75a7437f2eba  (/usr/lib/libdw.so.1+0x56eba) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #12 0x75a7437f3f2b in dwfl_getthreads (/usr/lib/libdw.so.1+0x57f2b) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #13 0x75a7437f7e81 in dwfl_getthread_frames (/usr/lib/libdw.so.1+0x5be81) (BuildId: 9b3f42d0dd4107f1cd947702b04157dad2a9069a)
    #14 0x5d085ed07b21 in PerfUnwind::unwindStack() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:557
    #15 0x5d085ed0d129 in PerfUnwind::analyze(PerfRecordSample const&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:744
    #16 0x5d085ed1b65f in PerfUnwind::flushEventBuffer(unsigned int) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:1115
    #17 0x5d085ed164b1 in PerfUnwind::finishedRound() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfunwind.cpp:976
    #18 0x5d085ecc2fe8 in PerfData::processEvents(QDataStream&) /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:243
    #19 0x5d085eccbdc2 in PerfData::doRead() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:414
    #20 0x5d085eccd6f3 in PerfData::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfdata.cpp:431
    #21 0x5d085ebfa511 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:383
    #22 0x5d085ebfd5c6 in operator() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/main.cpp:452
    #23 0x5d085ec0b9b9 in call /usr/include/qt6/QtCore/qobjectdefs_impl.h:137
    #24 0x5d085ec0b121 in call<QtPrivate::List<>, void> /usr/include/qt6/QtCore/qobjectdefs_impl.h:345
    #25 0x5d085ec0aa1e in impl /usr/include/qt6/QtCore/qobjectdefs_impl.h:555
    #26 0x75a7429a3456  (/usr/lib/libQt6Core.so.6+0x1a3456) (BuildId: 2dc7cac262eec1f545dffaf6727f87faf910fb09)
    #27 0x5d085ec33520 in PerfHeader::finished() /home/lieven/KDAB/hotspot/build-dev-asan-qt6/3rdparty/libhotspot-perfparser_autogen/6F7ISLN55V/moc_perfheader.cpp:234
    #28 0x5d085ec5d91c in PerfHeader::read() /home/lieven/KDAB/hotspot/3rdparty/perfparser/app/perfheader.cpp:122
    #29 0x5d085ec2f1b7 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (PerfHeader::*)()>::call(void (PerfHeader::*)(), PerfHeader*, void**) /usr/include/qt6/QtCore/qobjectdefs_impl.h:145

SUMMARY: AddressSanitizer: heap-use-after-free /usr/include/qt6/QtCore/qswap.h:31 in void qt_ptr_swap<QTypedArrayData<char> >(QTypedArrayData<char>*&, QTypedArrayData<char>*&)
Shadow bytes around the buggy address:
  0x51b000035980: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035a00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035a80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035b00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x51b000035b80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x51b000035c00: fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd fd
  0x51b000035c80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x51b000035d00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x51b000035d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000035e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x51b000035e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==138723==ABORTING
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@milianw milianw milianw requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vtoropov @milianw