CMake IMPORTED_LINK_DEPENDENT_LIBRARIES not on configuration basis #1

bjoernthiel · 2014-05-23T12:54:06Z

We don't need the CMake IMPORTED_LINK_DEPENDENT_LIBRARIES on a
configuration basis as they point to other CMake imported targets
(Qt5::Gui_EGL and Qt5::Gui_GLESv2).

We don't need the CMake IMPORTED_LINK_DEPENDENT_LIBRARIES on a configuration basis as they point to other CMake imported targets (Qt5::Gui_EGL and Qt5::Gui_GLESv2).

jakepetroules · 2014-09-11T11:49:48Z

Unfortunately, we cannot accept pull requests on GitHub. Please see http://qt-project.org/contribute for information about contributing to Qt.

Commit bb3d2ca (QToolButton: properly reset the size hint when a menu is set on it) didn't take the case of re-setting the same menu into account, and the result was that we would unconditionally cause an update, resulting in the following backtrace again and again, as each posted update event was processed by the event loop: frame #0: QToolButton::setMenu(this=0x7af59500, menu=0x00000000) frame #1: QToolBarLayout::setUsePopupMenu(this=0x7ae65a30, set=false) frame #2: QToolBarLayout::checkUsePopupMenu(this=0x7ae65a30) frame #3: QToolBarAreaLayoutLine::fitLayout(this=0x78e5f870) frame #4: QToolBarAreaLayoutInfo::fitLayout(this=0x790be278) ... Besides consuming needless CPU time this also uncovered a case on iOS where Qt would starve native events and animations from being processed, preventing eg. rotation animations from running. Change-Id: Ib6bd4ba21d8e84ca73fb0a75b598016dbd9ae0fd Reviewed-by: Richard Moe Gustavsen <richard.gustavsen@digia.com>

Report by asan: READ of size 2 at 0x00000041dd40 thread T0 #0 0x2af097b84da6 in QLoggingRegistry::defaultCategoryFilter(QLoggingCategory*) (lib/libQt5Core.so.5+0x566da6) #1 0x2af097b8387b in QLoggingRegistry::registerCategory(QLoggingCategory*, QtMsgType) (lib/libQt5Core.so.5+0x56587b) #2 0x4067f7 in tst_QLogging::QLoggingCategory_categoryName() tests/auto/corelib/io/qloggingcategory/tst_qloggingcategory.cpp:238 <snip> 0x00000041dd41 is located 0 bytes to the right of global variable '*.LC115' defined in 'tests/auto/corelib/io/qloggingcategory/tst_qloggingcategory.cpp' (0x41dd40) of size 1 '*.LC115' is ascii string '' At face value, memcmp("", "qt", 2) should not return 0, but since the code invokes undefined behavior, the compiler can do whatever it wants, including returning 0 here, further proving the fact that there are *no* benign cases of undefined behavior. Change-Id: I0c38622c47d1dcea450ea549370be1673b47b18d Reviewed-by: Kai Koehne <kai.koehne@theqtcompany.com> Reviewed-by: Olivier Goffart <ogoffart@woboq.com>

ASAN report: READ of size 8 at 0x606000011990 thread T0 #0 0x505e3b in EnterTestMainDialog::eventFilter(QObject*, QEvent*) tests/auto/widgets/kernel/qwidget/tst_qwidget.cpp:10294 [...] 0x606000011990 is located 48 bytes inside of 56-byte region [0x606000011960,0x606000011998) freed by thread T0 here: #0 0x2b8df3551c79 in operator delete(void*) ../../../../gcc/libsanitizer/asan/asan_new_delete.cc:92 #1 0x418ab5 in EnterTestMainDialog::buttonPressed() tests/auto/widgets/kernel/qwidget/tst_qwidget.cpp:10276 previously allocated by thread T0 here: #0 0x2b8df3551739 in operator new(unsigned long) ../../../../gcc/libsanitizer/asan/asan_new_delete.cc:60 #1 0x4188cf in EnterTestMainDialog::buttonPressed() tests/auto/widgets/kernel/qwidget/tst_qwidget.cpp:10272 EnterTestMainDialog::eventFilter() checks for nullness of 'modal' before accessing it, but buttonPressed() did not reset 'modal' to nullptr after deletion. Change-Id: I65562a29f8264a6996d7d615e06de1d1afb5af53 Reviewed-by: Friedemann Kleint <Friedemann.Kleint@digia.com>

This was easy to hit with KDE Plasma 5.2.1; KWindowSystem called QX11Info::appRootWindow() which in turn tried to dereference a nullptr returned from QXcbConnection::primaryScreen(). #0 QXcbConnection::rootWindow (this=<optimized out>) at qtgui-5.5.9999/src/plugins/platforms/xcb/qxcbconnection.cpp:1303 #1 0x00007fc26da096d7 in QXcbNativeInterface::rootWindow (this=this@entry=0x7fc27d1734d0) at qtgui-5.5.9999/work/qtgui-5.5.9999/src/plugins/platforms/xcb/qxcbnativeinterface.cpp:425 #2 0x00007fc26da0ab21 in QXcbNativeInterface::nativeResourceForIntegration (this=0x7fc27d1734d0, resourceString=...) at qtgui-5.5.9999/work/qtgui-5.5.9999/src/plugins/platforms/xcb/qxcbnativeinterface.cpp:223 #3 0x00007fc27c563148 in QX11Info::appRootWindow (screen=screen@entry=-1) at qtx11extras-5.5.9999/work/qtx11extras-5.5.9999/src/x11extras/qx11info_x11.cpp:158 #4 0x00007fc27a98c444 in NETEventFilter::nativeEventFilter (this=0x7fc27d425b60, ev=0x7fc264004ad0) at kwindowsystem-5.7.0/work/kwindowsystem-5.7.0/src/kwindowsystem_x11.cpp:192 #5 0x00007fc2795d0a8a in QAbstractEventDispatcher::filterNativeEvent (this=<optimized out>, eventType=..., message=message@entry=0x7fc264004ad0, result=result@entry=0x7ffc96ecf348) at qtcore-5.5.9999/work/qtcore-5.5.9999/src/corelib/kernel/qabstracteventdispatcher.cpp:460 #6 0x00007fc26d9ea941 in QXcbConnection::handleXcbEvent (this=this@entry=0x7fc27d173580, event=event@entry=0x7fc264004ad0) at qtgui-5.5.9999/src/plugins/platforms/xcb/qxcbconnection.cpp:971 Change-Id: I98a5d767cd7e143f00666f6fc78e9dc10893513d Reviewed-by: Shawn Rutledge <shawn.rutledge@digia.com>

This was motivated by a real segfault: #0 QScreen::handle (this=0x0) at qtgui-5.5.9999/work/qtgui-5.5.9999/src/gui/kernel/qscreen.cpp:112 #1 0x00007faaf5d5e85e in QXcbNativeInterface::connectionForWindow (this=this@entry=0x7fab04d684f0, window=window@entry=0x0) at qtgui-5.5.9999/src/plugins/platforms/xcb/qxcbnativeinterface.cpp:483 #2 0x00007faaf5d5fa53 in QXcbNativeInterface::nativeResourceForWindow (this=this@entry=0x7fab04d684f0, resourceString=..., window=window@entry=0x0) at qtgui-5.5.9999/work/qtgui-5.5.9999/src/plugins/platforms/xcb/qxcbnativeinterface.cpp:304 #3 0x00007fab048b8b57 in QX11Info::connection () at /var/tmp/portage/dev-qt/qtx11extras-5.5.9999/work/qtx11extras-5.5.9999/src/x11extras/qx11info_x11.cpp:358 #4 0x00007fab02ce14c6 in NETEventFilter::nativeEventFilter (this=0x7fab04ea5e70, ev=0x7faaec003a60) at kwindowsystem-5.7.0/work/kwindowsystem-5.7.0/src/kwindowsystem_x11.cpp:229 ...at which point I tried to stop playing the get-backtrace-patch-rebuild-repeat cycle and looked at the stuff which looked fishy to my untrained eye. So this is speculative in nature, but I think that each of these cases can be hit and dereference a nullptr. Change-Id: I046debaa1b49fa55e876247fc62f3eb924496fe8 Reviewed-by: Shawn Rutledge <shawn.rutledge@digia.com>

Sometimes it works and sometimes it hangs. This is the back-trace when it hangs: FAIL! : tst_QThreadPool::expiryTimeoutRace() 'task.semaphore.tryAcquire(numTasks, 10000)' returned FALSE. () Loc: [tst_qthreadpool.cpp(380)] ========= Received signal, dumping stack ============== (lldb) process attach --pid 31360 Process 31360 stopped Executable module set to "/Users/qt/work/qt/qtbase/tests/auto/corelib/thread/qthreadpool/./tst_qthreadpool.app/Contents/MacOS/tst_qthreadpool". Architecture set to: x86_64-apple-macosx. (lldb) bt all * thread #1: tid = 0x11f82a, 0x00007fff87451716 libsystem_kernel.dylib`__psynch_cvwait + 10, queue = 'com.apple.main-thread', stop reason = signal SIGSTOP * frame #0: 0x00007fff87451716 libsystem_kernel.dylib`__psynch_cvwait + 10 frame #1: 0x00007fff8102dc3b libsystem_pthread.dylib`_pthread_cond_wait + 727 frame #2: 0x000000010b160dab QtCore`QWaitConditionPrivate::wait(unsigned long) + 75 frame #3: 0x000000010b160c62 QtCore`QWaitCondition::wait(QMutex*, unsigned long) + 162 frame #4: 0x000000010b15d66a QtCore`QThreadPool::~QThreadPool() + 106 frame #5: 0x000000010b0c6bec tst_qthreadpool`tst_QThreadPool::expiryTimeoutRace() + 380 frame #6: 0x000000010b0ccabb tst_qthreadpool`tst_QThreadPool::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) + 139 frame #7: 0x000000010b3138e2 QtCore`QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const + 1026 frame #8: 0x000000010b312f0a QtCore`QMetaObject::invokeMethod(QObject*, char const*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) + 2122 frame #9: 0x000000010b0ec18f QtTest`QTest::qInvokeTestMethod(char const*, char const*, QTest::WatchDog*) + 1535 frame #10: 0x000000010b0e7847 QtTest`QTest::qExec(QObject*, int, char**) + 1447 frame #11: 0x000000010b0cc954 tst_qthreadpool`main + 132 frame #12: 0x000000010b0c4e74 tst_qthreadpool`start + 52 thread #2: tid = 0x11f82c, 0x00007fff87452662 libsystem_kernel.dylib`kevent64 + 10, queue = 'com.apple.libdispatch-manager' frame #0: 0x00007fff87452662 libsystem_kernel.dylib`kevent64 + 10 frame #1: 0x00007fff88af1421 libdispatch.dylib`_dispatch_mgr_invoke + 239 frame #2: 0x00007fff88af1136 libdispatch.dylib`_dispatch_mgr_thread + 52 thread #3: tid = 0x11f82e, 0x00007fff87451e3a libsystem_kernel.dylib`__wait4_nocancel + 10, name = 'QThread' frame #0: 0x00007fff87451e3a libsystem_kernel.dylib`__wait4_nocancel + 10 frame #1: 0x00007fff81911090 libsystem_c.dylib`system + 425 frame #2: 0x000000010b0e6fa6 QtTest`stackTrace() + 150 frame #3: 0x000000010b0efd1d QtTest`QTest::WatchDog::run() + 77 frame #4: 0x000000010b15f723 QtCore`QThreadPrivate::start(void*) + 339 frame #5: 0x00007fff8102b899 libsystem_pthread.dylib`_pthread_body + 138 frame #6: 0x00007fff8102b72a libsystem_pthread.dylib`_pthread_start + 137 frame #7: 0x00007fff8102ffc9 libsystem_pthread.dylib`thread_start + 13 (lldb) quit ========= End of stack trace ============== QFATAL : tst_QThreadPool::expiryTimeoutRace() Test function timed out FAIL! : tst_QThreadPool::expiryTimeoutRace() Received a fatal error. Loc: [Unknown file(0)] Change-Id: I12a61496e101c1bc04bb7f1141c4f6318e8238e4 Reviewed-by: Morten Johan Sørvig <morten.sorvig@theqtcompany.com> Reviewed-by: Lars Knoll <lars.knoll@digia.com>

If the data fits inline, let's store it using the dummy member. GCC, Clang and ICC optimize the code on all architectures I tested to one single store. Previously, the function for "return QVersionNumber(5,4,0);" was: x86-64: movb $7, (%rdi) movb $5, 1(%rdi) movb $4, 2(%rdi) movb $0, 3(%rdi) x86: movb $7, (%eax) movb $5, 1(%eax) movb $4, 2(%eax) movb $0, 3(%eax) ia64: addl r17 = 7, r0 adds r16 = 1, in0 adds r15 = 2, in0 adds r14 = 3, in0 st1 [in0] = r17 addl r17 = 5, r0 ;; st1 [r16] = r17 addl r16 = 4, r0 ;; st1 [r15] = r16 st1 [r14] = r0 armv7a: mov r1, #7 mov r2, #5 strb r1, [r0] mov r1, #4 strb r2, [r0, #1] mov r2, #0 strb r1, [r0, #2] strb r2, [r0, #3] mips32: li $3,7 # 0x7 sb $3,3($4) li $3,5 # 0x5 sb $3,0($4) li $3,4 # 0x4 sb $3,1($4) sb $0,2($4) mips64: li $3,7 # 0x7 sb $3,7($4) li $3,5 # 0x5 sb $3,0($4) li $3,4 # 0x4 sb $3,1($4) sb $0,2($4) ppc32: li 10,7 stb 10,3(3) li 10,5 stb 10,0(3) li 10,4 stb 10,1(3) li 10,0 stb 10,2(3) ppc64: li 10,7 stb 10,7(3) li 10,5 stb 10,0(3) li 10,4 stb 10,1(3) li 10,0 stb 10,2(3) Now it is: x86-64: movq $263431, (%rdi) x86: movl $263431, (%eax) ia64: addl r14 = 263431, r0 ;; st8 [in0] = r14 armv7a: movw r3, #1287 movt r3, 4 str r3, [r0] mips32: li $3,84148224 # 0x5040000 addiu $3,$3,7 sw $3,0($4) mips64: li $3,321 # 0x141 dsll $3,$3,50 daddiu $3,$3,7 sd $3,0($4) ppc64: lis 9,0x504 sldi 9,9,32 ori 9,9,7 std 9,0(3) ppc32: lis 9,0x504 ori 9,9,7 stw 9,0(3) All assembly listings from GCC 4.8.1, but the Clang and ICC outputs are identical or at least very similar (I tested Clang for ARM, MIPS and PowerPC). Both MIPS and PowerPC were compiled in big-endian mode and this listing shows that the 64-bit implementation is correct. Additionally, the output is also the same for GCC when using brace initialization (that is, return QVersionNumber{5,4,0}). Clang and ICC couldn't optimize that. Change-Id: I9a4a4c9fc83f1182401f63fd2da829c935a8c9da Reviewed-by: Keith Gardner <kreios4004@gmail.com> Reviewed-by: Marc Mutz <marc.mutz@kdab.com>

If a user selected the text "foo" and typed "bar", upon pressing undo, the text would change to "b". This is incorrect and does not match the functionality of QLineEdit or the default behaviours of Windows/OSX/Ubuntu. This was fixed by a change made to always merge two sequential inserts if they are not part of the same block. Previously the selection delete and the "b" were part of one edit block and "ar" was part of another. With this change, the selection delete and "bar" are part of the same edit block. Unit test changes are part of a separate review (Part #1) since they required changes in qtdeclarative. [ChangeLog][QtGui][Important Behavior Changes] Fixed QTextEdit to match undo functionality of QLineEdit to group two sequential inserts into one undo action. Task-number: QTBUG-38825 Change-Id: I76bf30e331e3526277c3e0ade58cf95b611fc117 Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@theqtcompany.com>

Before actually deleting QTreeWidgetItems from QTree{Model,Widget{,Item}} dtors, their 'view' members need to be set to nullptr, lest they attempt to delist themselves from the list of top-level items. For the QTreeModel::headerItem, this was forgottten. Found by UBSan: qtreewidget.cpp:1488:70: runtime error: member call on address 0x7ffd843dd470 which does not point to an object of type 'QAbstractItemView' 0x7ffd843dd470: note: object is of type 'QWidget' #0 0x2b83d5b48323 in QTreeWidgetItem::~QTreeWidgetItem() src/widgets/itemviews/qtreewidget.cpp:1488 #1 0x2b83d5b48860 in QTreeWidgetItem::~QTreeWidgetItem() src/widgets/itemviews/qtreewidget.cpp:1535 #2 0x2b83d5b41659 in QTreeModel::~QTreeModel() src/widgets/itemviews/qtreewidget.cpp:143 #3 0x2b83d5b41bc0 in QTreeModel::~QTreeModel() src/widgets/itemviews/qtreewidget.cpp:146 #4 0x2b83df220747 in QObjectPrivate::deleteChildren() src/corelib/kernel/qobject.cpp:2010 #5 0x2b83d4603dd0 in QWidget::~QWidget() src/widgets/kernel/qwidget.cpp:1675 #6 0x2b83d4d76066 in QFrame::~QFrame() src/widgets/widgets/qframe.cpp:256 #7 0x2b83d5270442 in QAbstractScrollArea::~QAbstractScrollArea() src/widgets/widgets/qabstractscrollarea.cpp:575 #8 0x2b83d5733eb9 in QAbstractItemView::~QAbstractItemView() src/widgets/itemviews/qabstractitemview.cpp:617 #9 0x2b83d598b216 in QTreeView::~QTreeView() src/widgets/itemviews/qtreeview.cpp:206 #10 0x2b83d5b218b6 in QTreeWidget::~QTreeWidget() src/widgets/itemviews/qtreewidget.cpp:2549 #11 0x4eef42 in tst_QTreeWidgetItemIterator::updateIfModifiedFromWidget() tests/auto/widgets/itemviews/qtreewidgetitemiterator/tst_qtreewidgetitemiterator.cpp:1089 Change-Id: I57c277adee8c99eb07b274d6d8ea1f6fbf3575be Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>

CID 11131 (#1 of 1): Dereference after null check (FORWARD_NULL)46. var_deref_op: Dereferencing null pointer fe. Change-Id: Ifc0cd0b208db511516db93c3d0e0367299df6d80 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com> Reviewed-by: Konstantin Ritt <ritt.ks@gmail.com>

…in Private::canBeNativeDialog() Found by UBSan: qfontdialog_p.h:77:5: runtime error: downcast of address 0x7ffc3ceadc90 which does not point to an object of type 'QFontDialog' 0x7ffc3ceadc90: note: object is of type 'QDialog' fc 7f 00 00 38 5f a8 27 fc 2a 00 00 60 e2 14 02 00 00 00 00 10 61 a8 27 fc 2a 00 00 00 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QDialog' #0 0x2afc24d29490 in QFontDialogPrivate::q_func() const qfontdialog_p.h:77 #1 0x2afc24d29490 in QFontDialogPrivate::canBeNativeDialog() const qfontdialog.cpp:1033 #2 0x2afc24c93f56 in QDialog::setVisible(bool) qdialog.cpp:696 #3 0x2afc24c7b27a in QDialog::~QDialog() qdialog.cpp:357 #4 0x2afc24d286a6 in QFontDialog::~QFontDialog() qfontdialog.cpp:339 #5 0x2afc24d481a2 in QFontDialogPrivate::getFont(bool*, QFont const&, QWidget*, QString const&, QFlags<QFontDialog::FontDialogOption>) qfontdialog.cpp:402 #6 0x2afc24d483f1 in QFontDialog::getFont(bool*, QWidget*) qfontdialog.cpp:396 #7 0x407652 in tst_QFontDialog::testGetFont() tst_qfontdialog.cpp:120 qcolordialog.cpp:86:5: runtime error: downcast of address 0x7ffdf50c1ec0 which does not point to an object of type 'QColorDialog' 0x7ffdf50c1ec0: note: object is of type 'QDialog' fd 7f 00 00 d8 6e c7 23 b7 2a 00 00 50 c1 af 01 00 00 00 00 b0 70 c7 23 b7 2a 00 00 00 00 1a 1e ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QDialog' #0 0x2ab720e4ec97 in QColorDialogPrivate::q_func() const qcolordialog.cpp:86 #1 0x2ab720e4ec97 in QColorDialogPrivate::canBeNativeDialog() const qcolordialog.cpp:1865 #2 0x2ab720e84ed6 in QDialog::setVisible(bool) qdialog.cpp:696 #3 0x2ab720e6c1fa in QDialog::~QDialog() qdialog.cpp:357 #4 0x2ab720e2b276 in QColorDialog::~QColorDialog() qcolordialog.cpp:2187 #5 0x2ab720e5e2c6 in QColorDialog::getColor(QColor const&, QWidget*, QString const&, QFlags<QColorDialog::ColorDialogOption>) qcolordialog.cpp:2148 #6 0x2ab720e5e473 in QColorDialog::getRgba(unsigned int, bool*, QWidget*) qcolordialog.cpp:2176 #7 0x407180 in tst_QColorDialog::testGetRgba() tst_qcolordialog.cpp:118 qfiledialog_p.h:112:5: runtime error: downcast of address 0x7ffd6858cc60 which does not point to an object of type 'QFileDialog' 0x7ffd6858cc60: note: object is of type 'QDialog' a1 2b 00 00 d8 1e 5e 0c a1 2b 00 00 b0 af 01 20 a1 2b 00 00 b0 20 5e 0c a1 2b 00 00 00 00 46 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QDialog' #0 0x2ba10980a9e7 in QFileDialogPrivate::q_func() const qfiledialog_p.h:112 #1 0x2ba10980a9e7 in QFileDialogPrivate::canBeNativeDialog() const qfiledialog.cpp:695 #2 0x2ba1097efe36 in QDialog::setVisible(bool) qdialog.cpp:696 #3 0x2ba1097d715a in QDialog::~QDialog() qdialog.cpp:357 #4 0x2ba109854c4b in QFileDialog::~QFileDialog() qfiledialog.cpp:380 #5 0x4179dc in tst_QFiledialog::init() tst_qfiledialog.cpp:175 Fix by replacing Q_Q with the the equivalent expression for QDialog. We can't re-use QDialogPrivate::q_func() here, since that is private, and probably should stay like that. Also fix an invalid member call in QColorDialogPrivate::canBeNativeDialog(): qcolordialog.cpp:2050:5: runtime error: member call on address 0x7ffdf50c1ec0 which does not point to an object of type 'QColorDialog' 0x7ffdf50c1ec0: note: object is of type 'QDialog' fd 7f 00 00 d8 6e c7 23 b7 2a 00 00 50 c1 af 01 00 00 00 00 b0 70 c7 23 b7 2a 00 00 00 00 1a 1e ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QDialog' #0 0x2ab720e4e5ea in QColorDialog::options() const qcolordialog.cpp:2050 #1 0x2ab720e4e8c8 in QColorDialogPrivate::canBeNativeDialog() const qcolordialog.cpp:1870 #2 0x2ab720e84ed6 in QDialog::setVisible(bool) qdialog.cpp:696 #3 0x2ab720e6c1fa in QDialog::~QDialog() qdialog.cpp:357 #4 0x2ab720e2b276 in QColorDialog::~QColorDialog() qcolordialog.cpp:2187 #5 0x2ab720e5e2c6 in QColorDialog::getColor(QColor const&, QWidget*, QString const&, QFlags<QColorDialog::ColorDialogOption>) qcolordialog.cpp:2148 #6 0x2ab720e5e473 in QColorDialog::getRgba(unsigned int, bool*, QWidget*) qcolordialog.cpp:2176 #7 0x407180 in tst_QColorDialog::testGetRgba() tst_qcolordialog.cpp:118 by accessing the data member directly instead of through the Public API. Fix the same code in QFileDialog, even though the autotest coverage is too limited for UBSan to point that one out explicitly. Change-Id: Idd278744961435e417d91fb2f89b6d91a94e0c71 Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>

Found by UBSan: qgraphicsscene.cpp:1000:40: runtime error: downcast of address 0x2af0d4072b00 which does not point to an object of type 'QGraphicsWidget' 0x2af0d4072b00: note: object is of type 'QGraphicsObject' 00 00 00 00 30 f5 26 bd f0 2a 00 00 90 e1 05 d4 f0 2a 00 00 a8 e3 26 bd f0 2a 00 00 d0 33 0f d4 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QGraphicsObject' #0 0x2af0badf1305 in QGraphicsScenePrivate::ungrabMouse(QGraphicsItem*, bool) qgraphicsscene.cpp:1000 #1 0x2af0bae0fc24 in QGraphicsScenePrivate::removeItemHelper(QGraphicsItem*) qgraphicsscene.cpp:692 #2 0x2af0bacd21f6 in QGraphicsItem::~QGraphicsItem() qgraphicsitem.cpp:1555 #3 0x2af0bacd4c48 in QGraphicsObject::~QGraphicsObject() qgraphicsitem.cpp:7766 #4 0x2af0baf7e99c in QGraphicsWidget::~QGraphicsWidget() qgraphicswidget.cpp:231 #5 0x2af0baf7f8c0 in QGraphicsWidget::~QGraphicsWidget() qgraphicswidget.cpp:282 #6 0x2af0badcee34 in QGraphicsScene::clear() qgraphicsscene.cpp:2388 #7 0x2af0badcf3fc in QGraphicsScene::~QGraphicsScene() qgraphicsscene.cpp:1682 #8 0x4b26f0 in tst_QGraphicsWidget::popupMouseGrabber() tst_qgraphicswidget.cpp:47 Fix by using the existing graphics widget pointer, determined a line above to be equivalent to 'item', for the removePopup() function call instead of casting 'item' itself. The rest of removePopup() appears to be well-behaved and doesn't trigger any more UBSan errors, so it was indeed just the cast which was undefined, no member calls. Change-Id: Ia54da90262a7a02f527914a90b0208be0ffc0f0b Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>

…ivate::canBeNativeDialog() Found by UBSan: qcolordialog.cpp:86:5: runtime error: downcast of address 0x7ffdf50c1ec0 which does not point to an object of type 'QColorDialog' 0x7ffdf50c1ec0: note: object is of type 'QDialog' fd 7f 00 00 d8 6e c7 23 b7 2a 00 00 50 c1 af 01 00 00 00 00 b0 70 c7 23 b7 2a 00 00 00 00 1a 1e ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QDialog' #0 0x2ab720e4ec97 in QColorDialogPrivate::q_func() const qcolordialog.cpp:86 #1 0x2ab720e4ec97 in QColorDialogPrivate::canBeNativeDialog() const qcolordialog.cpp:1865 #2 0x2ab720e84ed6 in QDialog::setVisible(bool) qdialog.cpp:696 #3 0x2ab720e6c1fa in QDialog::~QDialog() qdialog.cpp:357 #4 0x2ab720e2b276 in QColorDialog::~QColorDialog() qcolordialog.cpp:2187 #5 0x2ab720e5e2c6 in QColorDialog::getColor(QColor const&, QWidget*, QString const&, QFlags<QColorDialog::ColorDialogOption>) qcolordialog.cpp:2148 #6 0x2ab720e5e473 in QColorDialog::getRgba(unsigned int, bool*, QWidget*) qcolordialog.cpp:2176 #7 0x407180 in tst_QColorDialog::testGetRgba() tst_qcolordialog.cpp:118 qfiledialog_p.h:112:5: runtime error: downcast of address 0x7ffd6858cc60 which does not point to an object of type 'QFileDialog' 0x7ffd6858cc60: note: object is of type 'QDialog' a1 2b 00 00 d8 1e 5e 0c a1 2b 00 00 b0 af 01 20 a1 2b 00 00 b0 20 5e 0c a1 2b 00 00 00 00 46 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QDialog' #0 0x2ba10980a9e7 in QFileDialogPrivate::q_func() const qfiledialog_p.h:112 #1 0x2ba10980a9e7 in QFileDialogPrivate::canBeNativeDialog() const qfiledialog.cpp:695 #2 0x2ba1097efe36 in QDialog::setVisible(bool) qdialog.cpp:696 #3 0x2ba1097d715a in QDialog::~QDialog() qdialog.cpp:357 #4 0x2ba109854c4b in QFileDialog::~QFileDialog() qfiledialog.cpp:380 #5 0x4179dc in tst_QFiledialog::init() tst_qfiledialog.cpp:175 Fix by replacing Q_Q with the the equivalent expression for QDialog. We can't re-use QDialogPrivate::q_func() here, since that is private, and probably should stay like that. Also fix an invalid member call in QColorDialogPrivate::canBeNativeDialog(): qcolordialog.cpp:2050:5: runtime error: member call on address 0x7ffdf50c1ec0 which does not point to an object of type 'QColorDialog' 0x7ffdf50c1ec0: note: object is of type 'QDialog' fd 7f 00 00 d8 6e c7 23 b7 2a 00 00 50 c1 af 01 00 00 00 00 b0 70 c7 23 b7 2a 00 00 00 00 1a 1e ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QDialog' #0 0x2ab720e4e5ea in QColorDialog::options() const qcolordialog.cpp:2050 #1 0x2ab720e4e8c8 in QColorDialogPrivate::canBeNativeDialog() const qcolordialog.cpp:1870 #2 0x2ab720e84ed6 in QDialog::setVisible(bool) qdialog.cpp:696 #3 0x2ab720e6c1fa in QDialog::~QDialog() qdialog.cpp:357 #4 0x2ab720e2b276 in QColorDialog::~QColorDialog() qcolordialog.cpp:2187 #5 0x2ab720e5e2c6 in QColorDialog::getColor(QColor const&, QWidget*, QString const&, QFlags<QColorDialog::ColorDialogOption>) qcolordialog.cpp:2148 #6 0x2ab720e5e473 in QColorDialog::getRgba(unsigned int, bool*, QWidget*) qcolordialog.cpp:2176 #7 0x407180 in tst_QColorDialog::testGetRgba() tst_qcolordialog.cpp:118 by accessing the data member directly instead of through the Public API. Fix the same code in QFileDialog, even though the autotest coverage is too limited for UBSan to point that one out explicitly. This commit amends abe8b4a, in which it should have been included in the first place... Change-Id: Iff0538eba61d2381359f0b61f35918d643f7aa0c Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>

Found by UBSan: qstackedlayout.cpp:261:98: runtime error: downcast of address 0x60400003cd10 which does not point to an object of type 'QtFriendlyLayoutWidget' 0x60400003cd10: note: object is of type 'QWidget' 0e 00 80 76 70 0b 06 3f d6 2a 00 00 00 99 00 00 50 61 00 00 20 0d 06 3f d6 2a 00 00 00 00 be be ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QWidget' #0 0x2ad637b8f58f in qt_wasDeleted qstackedlayout.cpp:261 #1 0x2ad637b8f58f in QStackedLayout::takeAt(int) qstackedlayout.cpp:285 #2 0x2ad637b4afcb in QLayout::removeWidget(QWidget*) qlayout.cpp:1369 #3 0x413534 in tst_QStackedLayout::testCase() tst_qstackedlayout.cpp:155 Caused by using a struct to get access to QWidgetPrivate::wasDeleted using a cast. That cast is invalid, of course, so simply use QWidgetPrivate::get(). Caveat: we need a const version of that function, but that didn't exist, yet, so added one. Change-Id: I27d449b90be7e2072646d950c676b500ef698349 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>

Found by UBSan: qlayout.cpp:612:50: runtime error: downcast of address 0x7ffcd4c39a70 which does not point to an object of type 'QWidget' 0x7ffcd4c39a70: note: object is of type 'QObject' 00 00 00 00 b0 43 4c 7b f5 2a 00 00 70 c9 28 02 00 00 00 00 08 93 9a 77 f5 2a 00 00 00 00 c3 d4 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QObject' #0 0x2af56f189960 in QLayout::widgetEvent(QEvent*) qlayout.cpp:612 #1 0x2af56f037660 in QApplicationPrivate::notify_helper(QObject*, QEvent*) qapplication.cpp:3732 #2 0x2af56f06ae5b in QApplication::notify(QObject*, QEvent*) qapplication.cpp:3704 #3 0x2af57989e383 in QCoreApplication::notifyInternal2(QObject*, QEvent*) qcoreapplication.cpp:988 #4 0x2af5799c1696 in QCoreApplication::sendEvent(QObject*, QEvent*) qcoreapplication.h:231 #5 0x2af5799c1696 in QObjectPrivate::setParent_helper(QObject*) qobject.cpp:2043 #6 0x2af5799c4823 in QObject::~QObject() qobject.cpp:1095 #7 0x2af56f2d205d in QWidget::~QWidget() qwidget.cpp:1549 #8 0x2af56f9c1366 in QFrame::~QFrame() qframe.cpp:262 #9 0x2af56f9e76cb in QLabel::~QLabel() qlabel.cpp:247 #10 0x458077 in tst_QStyleSheetStyle::emptyStyleSheet() tst_qstylesheetstyle.cpp:1400 Fix by not casting at all (or, to be precise, casting implicitly up instead of explicitly down). Change-Id: Ic19fd29e0cabd1aee5b1c93ca4c0fc70bc7a5927 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>

Found by UBSan: qwidget.cpp:5228:62: runtime error: downcast of address 0x61b00003d480 which does not point to an object of type 'QWidget' 0x61b00003d480: note: object is of type 'QMainWindowLayout' bc 00 00 75 90 2e 2a 78 4f 2b 00 00 40 c1 02 00 f0 60 00 00 78 2f 2a 78 4f 2b 00 00 00 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QMainWindowLayout' #0 0x2b4f70efb1c2 in sendResizeEvents qwidget.cpp:5228 #1 0x2b4f70f65f7f in QWidget::grab(QRect const&) qwidget.cpp:5252 #2 0x6b1746 in tst_QWidget::render_task188133() tst_qwidget.cpp:6615 Fix by performing the cast only after the test for isWidgetType() has succeeded. Change-Id: I061a60ef35bcb5fbefb9bc7b84706c9dd5afd207 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>

…nize() As found by UBSan: qstandardgestures.cpp:511:67: runtime error: downcast of address 0x7ffc9beb1b90 which does not point to an object of type 'QTouchEvent' 0x7ffc9beb1b90: note: object is of type 'QPlatformSurfaceEvent' fc 7f 00 00 08 93 b1 6f f5 2a 00 00 00 00 00 00 00 00 00 00 d9 00 ec 9b 00 00 00 00 49 01 c1 5e ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QPlatformSurfaceEvent' #0 0x2af55edfa66a in QTapAndHoldGestureRecognizer::recognize(QGesture*, QObject*, QEvent*) qstandardgestures.cpp:511 #1 0x2af55ee3d9bb in QGestureManager::filterEventThroughContexts(QMultiMap<QObject*, Qt::GestureType> const&, QEvent*) qgesturemanager.cpp:276 #2 0x2af55ee4565b in QGestureManager::filterEvent(QWidget*, QEvent*) qgesturemanager.cpp:512 #3 0x2af55ee53945 in QGestureManager::filterEvent(QObject*, QEvent*) qgesturemanager.cpp:556 #4 0x2af55ea1b83a in QApplication::notify(QObject*, QEvent*) qapplication.cpp:3053 #5 0x2af573949d0f in QCoreApplication::notifyInternal2(QObject*, QEvent*) qcoreapplication.cpp:988 #6 0x2af56982ff94 in QCoreApplication::sendEvent(QObject*, QEvent*) qcoreapplication.h:231 #7 0x2af56982ff94 in QWindowPrivate::create(bool) qwindow.cpp:435 #8 0x2af55ecd10fe in QWidgetPrivate::create_sys(unsigned long long, bool, bool) qwidget.cpp:1471 #9 0x2af55ecc770e in QWidget::create(unsigned long long, bool, bool) qwidget.cpp:1333 #10 0x2af55ed80618 in QWidget::setVisible(bool) qwidget.cpp:8156 #11 0x4feec4 in tst_QWidget::touchEventsForGesturePendingWidgets() tst_qwidget.cpp:9824 qstandardgestures.cpp:512:67: runtime error: downcast of address 0x7ffc9beb1b90 which does not point to an object of type 'QMouseEvent' 0x7ffc9beb1b90: note: object is of type 'QPlatformSurfaceEvent' fc 7f 00 00 08 93 b1 6f f5 2a 00 00 00 00 00 00 00 00 00 00 d9 00 ec 9b 00 00 00 00 49 01 c1 5e ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QPlatformSurfaceEvent' #0 0x2af55edfaa19 in QTapAndHoldGestureRecognizer::recognize(QGesture*, QObject*, QEvent*) qstandardgestures.cpp:512 [... skipping common lines ...] qstandardgestures.cpp:514:95: runtime error: downcast of address 0x 0x7ffc9beb1b90: note: object is of type 'QPlatformSurfaceEvent' fc 7f 00 00 08 93 b1 6f f5 2a 00 00 00 00 00 00 00 00 00 00 d9 00 ec 9b 00 00 00 0 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QPlatformSurfaceEvent' #0 0x2af55edfa966 in QTapAndHoldGestureRecognizer::recognize(QGesture*, QObject*, QEvent*) qstandardgestures.cpp:514 [... skipping common lines ...] The problem is that the casts are done outside the switch that determines the event's type, so for any given event object, at least any two of the casts are invalid. This could actually be a real problem, because it's trivial for a compiler to prove that these three lines unconditionally invoke UB, so it has all the right in the world to decide to drop the complete rest of the function, using this line of reasoning: 1. The only way for these three casts not to be UB is if event == nullptr. 2. If event == nullptr, then event->type() invokes UB, so event cannot be nullptr. 3. The only way both can be true is if this code path is never taken. I can thus assume that object == state && event->type() == QEvent::Timer is always true, drop the check and execute the if block unconditionally (I need to call QEvent::type(), to satisfy the as-if-rule, but I needn't check its return value). Fix by moving the casts where they belong: into each case of the switch, where the type of the event has been checked to match the target type of the cast. Change-Id: I3aee8e213dc19d2f51636bcc5221cc92b3142e58 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>

The slot is invoked from QObject::destroyed(), which is emitted from ~QObject. By that time the object is no longer a QShortcut, so the static_cast it invalid. Found by UBSan: tst_qshortcut.cpp:1210:53: runtime error: downcast of address 0x6020000289d0 which does not point to an object of type 'QShortcut' 0x6020000289d0: note: object is of type 'QObject' 10 00 80 17 c0 ce 63 df 93 2b 00 00 b0 02 00 00 d0 60 00 00 02 00 00 00 ff ff ff 04 04 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QObject' #0 0x42b3bb in tst_QShortcut::shortcutDestroyed(QObject*) tst_qshortcut.cpp:1210 #1 0x446cc9 in tst_QShortcut::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) .moc/tst_qshortcut.moc:186 #2 0x2b93dba52c86 in QMetaObject::activate(QObject*, int, int, void**) qobject.cpp:3787 #3 0x2b93dba55400 in QObject::destroyed(QObject*) .moc/moc_qobject.cpp:213 #4 0x2b93dba8d80d in QObject::~QObject() qobject.cpp:967 #5 0x2b93c6b6e032 in QShortcut::~QShortcut() qshortcut.cpp:476 #6 0x2b93c6b6e370 in QShortcut::~QShortcut() qshortcut.cpp:481 #7 0x42a5de in void qDeleteAll<QList<QShortcut*>::const_iterator>(QList<QShortcut*>::const_iterator, QList<QShortcut*>::const_iterator) qalgorithms.h:317 #8 0x42a5de in void qDeleteAll<QList<QShortcut*> >(QList<QShortcut*> const&) qalgorithms.h:325 #9 0x42a5de in tst_QShortcut::clearAllShortcuts() tst_qshortcut.cpp:1136 Fix by replacing QVector::replaceAll() with the erase-remove idiom, which does not require the cast, because it can perform mixed-type lookups. Change-Id: I4251c1895fa4398023f489dbfd7108d90c1a6c94 Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>

Found by UBSan: qgraphicswidget_p.h:72:5: runtime error: downcast of address 0x2ab6a8021400 which does not point to an object of type 'QGraphicsWidget' 0x2ab6a8021400: note: object is of type 'QGraphicsObject' 00 00 00 00 70 93 5c 91 b6 2a 00 00 f0 c0 01 a8 b6 2a 00 00 e8 81 5c 91 b6 2a 00 00 10 bf 01 a8 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QGraphicsObject' #0 0x2ab68f2fdd7c in QGraphicsWidgetPrivate::q_func() qgraphicswidget_p.h:72 #1 0x2ab68f2fdd7c in QGraphicsWidgetPrivate::fixFocusChainBeforeReparenting(QGraphicsWidget*, QGraphicsScene*, QGraphicsScene*) qgraphicswidget_p.cpp:775 #2 0x2ab68f020d2a in QGraphicsItemPrivate::setParentItemHelper(QGraphicsItem*, QVariant const*, QVariant const*) qgraphicsitem.cpp:1181 #3 0x2ab68f024f73 in QGraphicsItem::setParentItem(QGraphicsItem*) qgraphicsitem.cpp:1781 #4 0x2ab68f168401 in QGraphicsScenePrivate::removeItemHelper(QGraphicsItem*) qgraphicsscene.cpp:620 #5 0x2ab68f02c166 in QGraphicsItem::~QGraphicsItem() qgraphicsitem.cpp:1555 #6 0x2ab68f02ebb8 in QGraphicsObject::~QGraphicsObject() qgraphicsitem.cpp:7766 #7 0x2ab68f2d8888 in QGraphicsWidget::~QGraphicsWidget() qgraphicswidget.cpp:231 #8 0x4bce62 in SubQGraphicsWidget::~SubQGraphicsWidget() /tst_qgraphicswidget.cpp:175 #9 0x4bce62 in SubQGraphicsWidget::~SubQGraphicsWidget() /tst_qgraphicswidget.cpp:175 #10 0x2ab68f02c9ec in QGraphicsItem::~QGraphicsItem() qgraphicsitem.cpp:1550 #11 0x2ab68f02ebb8 in QGraphicsObject::~QGraphicsObject() qgraphicsitem.cpp:7766 #12 0x2ab68f2d8888 in QGraphicsWidget::~QGraphicsWidget() qgraphicswidget.cpp:231 #13 0x4bce62 in SubQGraphicsWidget::~SubQGraphicsWidget() /tst_qgraphicswidget.cpp:175 #14 0x4bce62 in SubQGraphicsWidget::~SubQGraphicsWidget() /tst_qgraphicswidget.cpp:175 #15 0x2ab68f128da4 in QGraphicsScene::clear() qgraphicsscene.cpp:2388 #16 0x2ab68f12936c in QGraphicsScene::~QGraphicsScene() qgraphicsscene.cpp:1682 #17 0x44d44c in tst_QGraphicsWidget::focusWidget() /tst_qgraphicswidget.cpp:435 qgraphicswidget_p.cpp:805:24: runtime error: member call on address 0x2ab6a8021400 which does not point to an object of type 'QGraphicsWidget' 0x2ab6a8021400: note: object is of type 'QGraphicsObject' 00 00 00 00 70 93 5c 91 b6 2a 00 00 f0 c0 01 a8 b6 2a 00 00 e8 81 5c 91 b6 2a 00 00 10 bf 01 a8 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QGraphicsObject' #0 0x2ab68f2fdc68 in QGraphicsWidgetPrivate::fixFocusChainBeforeReparenting(QGraphicsWidget*, QGraphicsScene*, QGraphicsScene*) qgraphicswidget_p.cpp:805 #1 0x2ab68f020d2a in QGraphicsItemPrivate::setParentItemHelper(QGraphicsItem*, QVariant const*, QVariant const*) qgraphicsitem.cpp:1181 [... identical lines omitted ...] qgraphicswidget_p.cpp:806:23: runtime error: member call on address 0x2ab6a8021400 which does not point to an object of type 'QGraphicsWidget' 0x2ab6a8021400: note: object is of type 'QGraphicsObject' 00 00 00 00 70 93 5c 91 b6 2a 00 00 f0 c0 01 a8 b6 2a 00 00 e8 81 5c 91 b6 2a 00 00 10 bf 01 a8 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QGraphicsObject' #0 0x2ab68f2fdb6b in QGraphicsWidgetPrivate::fixFocusChainBeforeReparenting(QGraphicsWidget*, QGraphicsScene*, QGraphicsScene*) qgraphicswidget_p.cpp:806 #1 0x2ab68f020d2a in QGraphicsItemPrivate::setParentItemHelper(QGraphicsItem*, QVariant const*, QVariant const*) qgraphicsitem.cpp:1181 [... identical lines omitted ...] qgraphicswidget_p.cpp:827:26: runtime error: member call on address 0x2ab6a8021400 which does not point to an object of type 'QGraphicsWidget' 0x2ab6a8021400: note: object is of type 'QGraphicsObject' 00 00 00 00 70 93 5c 91 b6 2a 00 00 f0 c0 01 a8 b6 2a 00 00 e8 81 5c 91 b6 2a 00 00 10 bf 01 a8 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QGraphicsObject' #0 0x2ab68f2fdf91 in QGraphicsWidgetPrivate::fixFocusChainBeforeReparenting(QGraphicsWidget*, QGraphicsScene*, QGraphicsScene*) qgraphicswidget_p.cpp:827 #1 0x2ab68f020d2a in QGraphicsItemPrivate::setParentItemHelper(QGraphicsItem*, QVariant const*, QVariant const*) qgraphicsitem.cpp:1181 [... identical lines omitted ...] Fix by moving the setParentItem(nullptr) call up the call stack into ~QGraphicsWidget(), ensuring that the object is still a QGraphicsWidget when these calls are made. Change-Id: I264779e33098e9752de9a312a146fb203578a3cc Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>

…ventFilter() Found by UBSan: tst_qwidget.cpp:10207:29: runtime error: member access within address 0x6060000e8880 which does not point to an object of type 'EnterTestModalDialog' 0x6060000e8880: note: object is of type 'QWidget' eb 00 80 45 10 4b 32 ab 11 2b 00 00 80 df 08 00 60 61 00 00 c0 4c 32 ab 11 2b 00 00 00 00 be be ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QWidget' #0 0x6ca13f in EnterTestMainDialog::eventFilter(QObject*, QEvent*) tst_qwidget.cpp:10207 #1 0x2b11b8bc90c3 in QCoreApplicationPrivate::sendThroughApplicationEventFilters(QObject*, QEvent*) qcoreapplication.cpp:1081 #2 0x2b11a3c49b4a in QApplicationPrivate::notify_helper(QObject*, QEvent*) qapplication.cpp:3716 #3 0x2b11a3c8ec72 in QApplication::notify(QObject*, QEvent*) qapplication.cpp:3704 #4 0x2b11b8bccd0f in QCoreApplication::notifyInternal2(QObject*, QEvent*) qcoreapplication.cpp:988 #5 0x2b11aea5c34d in QCoreApplication::sendEvent(QObject*, QEvent*) qcoreapplication.h:231 #6 0x2b11aea5c34d in QGuiApplicationPrivate::_q_updateFocusObject(QObject*) qguiapplication.cpp:3690 #7 0x2b11aea61360 in QGuiApplication::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) .moc/moc_qguiapplication.cpp:177 #8 0x2b11b8d1dc86 in QMetaObject::activate(QObject*, int, int, void**) qobject.cpp:3787 #9 0x2b11aea784a3 in QWindow::focusObjectChanged(QObject*) .moc/moc_qwindow.cpp:760 #10 0x2b11a3fb24f2 in QWidget::clearFocus() qwidget.cpp:6705 #11 0x2b11a3fc87b1 in QWidget::~QWidget() qwidget.cpp:1608 #12 0x2b11a526688c in QDialog::~QDialog() qdialog.cpp:352 #13 0x6c43e2 in EnterTestModalDialog::~EnterTestModalDialog() tst_qwidget.cpp:10160 #14 0x6c43e2 in EnterTestModalDialog::~EnterTestModalDialog() tst_qwidget.cpp:10160 #15 0x492be3 in EnterTestMainDialog::buttonPressed() tst_qwidget.cpp:10188 #16 0x492be3 in EnterTestMainDialog::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) .moc/tst_qwidget.moc:2056 #17 0x2b11b8d1dc86 in QMetaObject::activate(QObject*, int, int, void**) qobject.cpp:3787 #18 0x2b11a45cb833 in QAbstractButton::clicked(bool) .moc/moc_qabstractbutton.cpp:307 #19 0x2b11a45cd54b in QAbstractButtonPrivate::emitClicked() qabstractbutton.cpp:411 #20 0x2b11a45df73a in QAbstractButtonPrivate::click() qabstractbutton.cpp:404 [...] #41 0x6bb2cf in tst_QWidget::taskQTBUG_27643_enterEvents() tst_qwidget.cpp:10249 [...] Fix by checking the event type first, and accessing modal->button only if it's QEvent::Enter. Change-Id: I2c7df3a1f43ecbfe14741b5861729078a91a32d6 Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>

Found by UBSan: qnetworkreplyhttpimpl.cpp:457:29: runtime error: member call on address 0x602000009cf0 which does not point to an object of type 'QNetworkReplyHttpImpl' 0x602000009cf0: note: object is of type 'QObject' 1e 00 80 18 20 e0 bb 12 54 7f 00 00 00 f2 00 00 70 61 00 00 02 00 00 00 ff ff ff 06 08 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QObject' #0 0x7f541461b71b in QNetworkReplyHttpImplPrivate::~QNetworkReplyHttpImplPrivate() qnetworkreplyhttpimpl.cpp:457 #1 0x7f541461b7f0 in QNetworkReplyHttpImplPrivate::~QNetworkReplyHttpImplPrivate() qnetworkreplyhttpimpl.cpp:458 #2 0x7f540f26df1a in QScopedPointerDeleter<QObjectData>::cleanup(QObjectData*) qscopedpointer.h:54 #3 0x7f540f26df1a in QScopedPointer<QObjectData, QScopedPointerDeleter<QObjectData> >::~QScopedPointer() qscopedpointer.h:101 #4 0x7f540f26df1a in QObject::~QObject() qobject.cpp:940 #5 0x7f540e915f6e in QIODevice::~QIODevice() qiodevice.cpp:416 #6 0x7f5414599bae in QNetworkReply::~QNetworkReply() qnetworkreply.cpp:444 #7 0x7f54145e6f5e in QNetworkReplyHttpImpl::~QNetworkReplyHttpImpl() qnetworkreplyhttpimpl.cpp:239 #8 0x7f54145e6f5e in QNetworkReplyHttpImpl::~QNetworkReplyHttpImpl() qnetworkreplyhttpimpl.cpp:242 #9 0x7f54144b3539 in void qDeleteAll<QList<QNetworkReply*>::const_iterator>(QList<QNetworkReply*>::const_iterator, QList<QNetworkReply*>::const_iterator) qalgorithms.h:317 #10 0x7f54144b3539 in void qDeleteAll<QList<QNetworkReply*> >(QList<QNetworkReply*> const&) qalgorithms.h:325 #11 0x7f54144b3539 in QNetworkAccessManager::~QNetworkAccessManager() qnetworkaccessmanager.cpp:496 Fix by moving the emission of the QNetworkReplyHttpImpl::abortHttpRequest() signal from ~Private, when the public object is merely a QObject anymore, to ~QNetworkReplyHttpImpl(), when the public class is still itself. Change-Id: Ifb3b19f6d180452bdf3fc26f54629ef780a5d9d9 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>

QString::toUtf8() returns QByteArray, which got implicitly converted to C strings and promptly deleted. Instead, return the QByteArray to the caller. Found by ASAN: ==13935==ERROR: AddressSanitizer: heap-use-after-free on address 0x6060000dffb8 at pc 0x7f764f27320b bp 0x7ffd49b11bb0 sp 0x7ffd49b11358 READ of size 7 at 0x6060000dffb8 thread T0 #1 0x7f7649d174e2 in g_strdup (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x684e2) #2 0x7f763f7abe5b (/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x39e5b) #3 0x7f763f78915a in g_object_new_valist (/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x1715a) #4 0x7f763f789520 in g_object_new (/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x17520) #5 0x7f7640f6bcb0 in gtk_dialog_add_button (/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x186cb0) #6 0x7f7640f8d2c9 in gtk_file_chooser_dialog_new (/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x1a82c9) #7 0x7f7641727281 (/opt/Qt5.8.0/5.8/gcc_64/plugins/platformthemes/libqgtk3.so+0x13281) Task-number: QTBUG-59611 Change-Id: I37cc967e689f4523b504fffd14adbf944b53b754 Reviewed-by: J-P Nurmi <jpnurmi@qt.io>

Delete the QGraphicsEffect from the QWidget destructor instead of from the QWidgetPrivate destructor. The destructor of QGraphicsEffect still access methods of the QWidget, but the QObjectPrivate being destroyed from ~QObject, the pointer is no longer a QWidget. Fix warning with UB sanitizer in tst_QWidget::setGraphicsEffect qwidget_p.h:900:23: runtime error: member call on address 0x000001d822c0 which does not point to an object of type 'QWidget' 0x000001d822c0: note: object is of type 'QObject' 00 00 00 00 b0 46 5f 40 e5 7f 00 00 00 23 d8 01 00 00 00 00 f0 e6 00 44 e5 7f 00 00 00 00 74 47 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'QObject' #0 0x7fe54767db76 in QWidgetEffectSourcePrivate::detach() #1 0x7fe548f29815 in QGraphicsEffect::~QGraphicsEffect() #2 0x7fe548f2a1b7 in QGraphicsBlurEffect::~QGraphicsBlurEffect() #3 0x7fe548f2a208 in QGraphicsBlurEffect::~QGraphicsBlurEffect() #4 0x7fe5475cd463 in QWidgetPrivate::~QWidgetPrivate() #5 0x7fe5475ce62c in QWidgetPrivate::~QWidgetPrivate() #6 0x7fe5400d0dda in QObject::~QObject() #7 0x7fe54763d411 in QWidget::~QWidget() #8 0x7fe54763d7f4 in QWidget::~QWidget() #9 0x4cc309 in QScopedPointerDeleter<QWidget>::cleanup(QWidget*) #10 0x4cc309 in QScopedPointer<QWidget, QScopedPointerDeleter<QWidget> >::reset(QWidget*) #11 0x4cc309 in tst_QWidget::setGraphicsEffect() Change-Id: I19c049e979cfce2adda908af8336cb4adac8f6c4 Reviewed-by: Marc Mutz <marc.mutz@kdab.com>

CID 178811 (#1 of 1): Resource leak (RESOURCE_LEAK) 25. leaked_storage: Variable dptr going out of scope leaks the storage it points to. Change-Id: I3354fe46cfb08701f387f65aaaa5c4f235079501 Coverity-Id: 178811 Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>

CID 10994 (#1 of 1): Resource leak in object (CTOR_DTOR_LEAK) The font database was not destroyed in the destructor. Coverity-Id: 10994 Change-Id: Ibd4cb0b65d1e554593295a3654e8d8c946551cc2 Reviewed-by: Laszlo Agocs <laszlo.agocs@qt.io> Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>

CID 11161 (#1 of 1): Missing break in switch (MISSING_BREAK) unterminated_case: The case for value Qt::BottomToolBarArea is not terminated by a 'break' statement. Coverity-Id: 11161 Change-Id: Ie254d0339e41a58004632e9997febac4a1ab4edd Reviewed-by: Jan Arve Sæther <jan-arve.saether@qt.io>

I'm getting crashes in Akonadi processes due to libproxy. I don't have direct evidence that this was caused by a threading condition, but it's clear from the source code of libproxy that the plugins it runs for expanding PAC scripts are not thread-safe. To overcome this problem, we only run libproxy functions in one thread only. #0 0x00007f745f0ac1d8 in JSC::HeapTimer::timerDidFire() () at /usr/lib64/libjavascriptcoregtk-4.0.so.18 #1 0x00007f745f0ac287 in () at /usr/lib64/libjavascriptcoregtk-4.0.so.18 #2 0x00007f748e5ae9c5 in g_main_context_dispatch () at /usr/lib64/libglib-2.0.so.0 #3 0x00007f748e5aed88 in () at /usr/lib64/libglib-2.0.so.0 #4 0x00007f748e5aee1c in g_main_context_iteration () at /usr/lib64/libglib-2.0.so.0 #5 0x00007f7494f4268f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib64/libQt5Core.so.5 #6 0x00007f7494eeb35a in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib64/libQt5Core.so.5 #7 0x00007f7494d1b31a in QThread::exec() () at /usr/lib64/libQt5Core.so.5 #8 0x00007f7494d1fd2e in () at /usr/lib64/libQt5Core.so.5 #9 0x00007f74913174e7 in start_thread () at /lib64/libpthread.so.0 The pacrunner implementation of libproxy uses libdbus-1 which (officially) is thread-safe, but experience tells that it has problems. Since it is not running a JS engine, we don't need a thread, but we do need to lock around it. Change-Id: I84e45059a888497fb55ffffd14d2f638f21e807d Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>

Replace if (hash.contains(x)) { // lookup #1 ~~~ hash[x]; // lookup #2 with if (auto it = hash.find(x); it != hash.end()) { // lookup ~~~ *it; // no lookup halving the number of QHash lookups. The container is not shared, so there's no danger of a detach when going directly to the non-const function. Change-Id: Ifae409f98e0be972b31a24326ad548723831fda8 Reviewed-by: Lars Knoll <lars.knoll@qt.io>

The trick we use by spawning lldb to print the backtrace doesn't work for some reason, and just results in: Process 91619 stopped * thread #1, stop reason = signal SIGSTOP frame #0: 0xffffffffffffffff Target 0: (No executable module.) stopped. Architecture set to: . (lldb) bt all * thread #1, stop reason = signal SIGSTOP frame #0: 0xffffffffffffffff thread #2 frame #0: 0xffffffffffffffff thread #3 frame #0: 0xffffffffffffffff thread #4 frame #0: 0xffffffffffffffff Debugging the stopped process manually with lldb works fine. Change-Id: If5582803a11f1c5c84c31b42d1ae52bdd245bbbb Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>

We can't guarantee that the library didn't define Objective-C classes that still have lingering references, resulting in warnings such as: Attempt to use unknown class 0x10e52e110. And possibly crashes such as: thread #1, queue = 'com.apple.main-thread' frame #0: 0x00007fff203829ee libsystem_kernel.dylib`__ulock_wait + 10 frame #1: 0x00007fff203fa0c5 libsystem_platform.dylib`_os_unfair_lock_lock_slow + 162 frame #2: 0x00007fff2026226b libobjc.A.dylib`unmap_image + 85 frame #3: 0x000000010001e11f dyld`dyld::removeImage(ImageLoader*) + 557 frame #4: 0x000000010002291d dyld`dyld::garbageCollectImages() + 956 frame #5: 0x000000010002e35d dyld`dlclose + 191 frame #6: 0x00007fff203cf1c9 libdyld.dylib`dlclose + 183 frame #7: 0x0000000103f9f2f1 libQt6Core_debug.6.dylib`QLibraryPrivate::unload_sys(this=0x000000011ba2c7d0) at qlibrary_unix.cpp:294:9 frame #8: 0x0000000103f93f3f libQt6Core_debug.6.dylib`QLibraryPrivate::unload(this=0x000000011ba2c7d0, flag=UnloadSys) at qlibrary.cpp:614:36 frame #9: 0x0000000103f971fb libQt6Core_debug.6.dylib`QLibraryStore::cleanup() at qlibrary.cpp:425:22 frame #10: 0x0000000103f970f9 libQt6Core_debug.6.dylib`qlibraryCleanup() at qlibrary.cpp:447:5 frame #11: 0x0000000103f970d1 libQt6Core_debug.6.dylib`(anonymous namespace)::qlibraryCleanup_dtor_class_::~qlibraryCleanup_dtor_class_(this=0x00000001041edd38) at qlibrary.cpp:449:1 frame #12: 0x0000000103f930f5 libQt6Core_debug.6.dylib`(anonymous namespace)::qlibraryCleanup_dtor_class_::~qlibraryCleanup_dtor_class_(this=0x00000001041edd38) at qlibrary.cpp:449:1 frame #13: 0x00007fff202e5d25 libsystem_c.dylib`__cxa_finalize_ranges + 316 frame #14: 0x00007fff202e6010 libsystem_c.dylib`exit + 53 frame #15: 0x00007fff203d1f44 libdyld.dylib`start + 8 frame #16: 0x00007fff203d1f3d libdyld.dylib`start + 1 thread #5, queue = 'com.apple.root.user-interactive-qos', stop reason = signal SIGABRT frame #0: 0x00007fff203a356e libsystem_kernel.dylib`__abort_with_payload + 10 frame #1: 0x00007fff203a4fbd libsystem_kernel.dylib`abort_with_payload_wrapper_internal + 80 frame #2: 0x00007fff203a4f6d libsystem_kernel.dylib`abort_with_reason + 19 frame #3: 0x00007fff202749e3 libobjc.A.dylib`_objc_fatalv(unsigned long long, unsigned long long, char const*, __va_list_tag*) + 114 frame #4: 0x00007fff20274971 libobjc.A.dylib`_objc_fatal(char const*, ...) + 135 frame #5: 0x00007fff20255ccb libobjc.A.dylib`lookUpImpOrForward + 881 frame #6: 0x00007fff2025539b libobjc.A.dylib`_objc_msgSend_uncached + 75 frame #7: 0x00007fff22f368d6 AppKit`-[_NSWindowTransformAnimation setCurrentProgress:] + 42 frame #8: 0x00007fff22f37a8a AppKit`__55-[NSAnimation(NSInternal) _advanceTimeWithDisplayLink:]_block_invoke + 31 frame #9: 0x00007fff22d0774f AppKit`NSPerformVisuallyAtomicChange + 132 frame #10: 0x00007fff22f379dc AppKit`-[NSAnimation(NSInternal) _advanceTimeWithDisplayLink:] + 172 frame #11: 0x00007fff22e9a184 AppKit`-[NSScreenDisplayLink _fire] + 180 frame #12: 0x00007fff2362f0b4 AppKit`___NSRunLoopTimerCreateWithHandler_block_invoke + 34 frame #13: 0x00007fff204c6be9 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20 frame #14: 0x00007fff204c66dd CoreFoundation`__CFRunLoopDoTimer + 927 frame #15: 0x00007fff204c623a CoreFoundation`__CFRunLoopDoTimers + 307 frame #16: 0x00007fff204ace13 CoreFoundation`__CFRunLoopRun + 1988 frame #17: 0x00007fff204abf8c CoreFoundation`CFRunLoopRunSpecific + 563 frame #18: 0x00007fff2123d607 Foundation`-[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212 frame #19: 0x00007fff22f378f0 AppKit`-[NSAnimation(NSInternal) _runBlocking] + 453 frame #20: 0x00007fff22f376ae AppKit`__42-[NSAnimation(NSInternal) _runInNewThread]_block_invoke + 97 frame #21: 0x0000000104edb032 libdispatch.dylib`_dispatch_call_block_and_release + 12 frame #22: 0x0000000104edc264 libdispatch.dylib`_dispatch_client_callout + 8 frame #23: 0x0000000104ef04ac libdispatch.dylib`_dispatch_root_queue_drain + 828 frame #24: 0x0000000104ef0d3f libdispatch.dylib`_dispatch_worker_thread2 + 127 frame #25: 0x0000000104f7eac7 libsystem_pthread.dylib`_pthread_wqthread + 244 frame #26: 0x0000000104f7dae3 libsystem_pthread.dylib`start_wqthread + 15 This has been e.g. observed when a QNSWindow isn't closed and released at application quit as expected. Although that is a corner case that shouldn't happen, the general case is still valid. Fixes: QTBUG-96208 Pick-to: 6.2 5.15 Change-Id: I6c9d220e6f5389707baf7ae983f3156e8e51c316 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> Reviewed-by: Morten Johan Sørvig <morten.sorvig@qt.io>

We can't guarantee that the library didn't define Objective-C classes that still have lingering references, resulting in warnings such as: Attempt to use unknown class 0x10e52e110. And possibly crashes such as: thread #1, queue = 'com.apple.main-thread' frame #0: 0x00007fff203829ee libsystem_kernel.dylib`__ulock_wait + 10 frame #1: 0x00007fff203fa0c5 libsystem_platform.dylib`_os_unfair_lock_lock_slow + 162 frame #2: 0x00007fff2026226b libobjc.A.dylib`unmap_image + 85 frame #3: 0x000000010001e11f dyld`dyld::removeImage(ImageLoader*) + 557 frame #4: 0x000000010002291d dyld`dyld::garbageCollectImages() + 956 frame #5: 0x000000010002e35d dyld`dlclose + 191 frame #6: 0x00007fff203cf1c9 libdyld.dylib`dlclose + 183 frame #7: 0x0000000103f9f2f1 libQt6Core_debug.6.dylib`QLibraryPrivate::unload_sys(this=0x000000011ba2c7d0) at qlibrary_unix.cpp:294:9 frame #8: 0x0000000103f93f3f libQt6Core_debug.6.dylib`QLibraryPrivate::unload(this=0x000000011ba2c7d0, flag=UnloadSys) at qlibrary.cpp:614:36 frame #9: 0x0000000103f971fb libQt6Core_debug.6.dylib`QLibraryStore::cleanup() at qlibrary.cpp:425:22 frame #10: 0x0000000103f970f9 libQt6Core_debug.6.dylib`qlibraryCleanup() at qlibrary.cpp:447:5 frame #11: 0x0000000103f970d1 libQt6Core_debug.6.dylib`(anonymous namespace)::qlibraryCleanup_dtor_class_::~qlibraryCleanup_dtor_class_(this=0x00000001041edd38) at qlibrary.cpp:449:1 frame #12: 0x0000000103f930f5 libQt6Core_debug.6.dylib`(anonymous namespace)::qlibraryCleanup_dtor_class_::~qlibraryCleanup_dtor_class_(this=0x00000001041edd38) at qlibrary.cpp:449:1 frame #13: 0x00007fff202e5d25 libsystem_c.dylib`__cxa_finalize_ranges + 316 frame #14: 0x00007fff202e6010 libsystem_c.dylib`exit + 53 frame #15: 0x00007fff203d1f44 libdyld.dylib`start + 8 frame #16: 0x00007fff203d1f3d libdyld.dylib`start + 1 thread #5, queue = 'com.apple.root.user-interactive-qos', stop reason = signal SIGABRT frame #0: 0x00007fff203a356e libsystem_kernel.dylib`__abort_with_payload + 10 frame #1: 0x00007fff203a4fbd libsystem_kernel.dylib`abort_with_payload_wrapper_internal + 80 frame #2: 0x00007fff203a4f6d libsystem_kernel.dylib`abort_with_reason + 19 frame #3: 0x00007fff202749e3 libobjc.A.dylib`_objc_fatalv(unsigned long long, unsigned long long, char const*, __va_list_tag*) + 114 frame #4: 0x00007fff20274971 libobjc.A.dylib`_objc_fatal(char const*, ...) + 135 frame #5: 0x00007fff20255ccb libobjc.A.dylib`lookUpImpOrForward + 881 frame #6: 0x00007fff2025539b libobjc.A.dylib`_objc_msgSend_uncached + 75 frame #7: 0x00007fff22f368d6 AppKit`-[_NSWindowTransformAnimation setCurrentProgress:] + 42 frame #8: 0x00007fff22f37a8a AppKit`__55-[NSAnimation(NSInternal) _advanceTimeWithDisplayLink:]_block_invoke + 31 frame #9: 0x00007fff22d0774f AppKit`NSPerformVisuallyAtomicChange + 132 frame #10: 0x00007fff22f379dc AppKit`-[NSAnimation(NSInternal) _advanceTimeWithDisplayLink:] + 172 frame #11: 0x00007fff22e9a184 AppKit`-[NSScreenDisplayLink _fire] + 180 frame #12: 0x00007fff2362f0b4 AppKit`___NSRunLoopTimerCreateWithHandler_block_invoke + 34 frame #13: 0x00007fff204c6be9 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20 frame #14: 0x00007fff204c66dd CoreFoundation`__CFRunLoopDoTimer + 927 frame #15: 0x00007fff204c623a CoreFoundation`__CFRunLoopDoTimers + 307 frame #16: 0x00007fff204ace13 CoreFoundation`__CFRunLoopRun + 1988 frame #17: 0x00007fff204abf8c CoreFoundation`CFRunLoopRunSpecific + 563 frame #18: 0x00007fff2123d607 Foundation`-[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212 frame #19: 0x00007fff22f378f0 AppKit`-[NSAnimation(NSInternal) _runBlocking] + 453 frame #20: 0x00007fff22f376ae AppKit`__42-[NSAnimation(NSInternal) _runInNewThread]_block_invoke + 97 frame #21: 0x0000000104edb032 libdispatch.dylib`_dispatch_call_block_and_release + 12 frame #22: 0x0000000104edc264 libdispatch.dylib`_dispatch_client_callout + 8 frame #23: 0x0000000104ef04ac libdispatch.dylib`_dispatch_root_queue_drain + 828 frame #24: 0x0000000104ef0d3f libdispatch.dylib`_dispatch_worker_thread2 + 127 frame #25: 0x0000000104f7eac7 libsystem_pthread.dylib`_pthread_wqthread + 244 frame #26: 0x0000000104f7dae3 libsystem_pthread.dylib`start_wqthread + 15 This has been e.g. observed when a QNSWindow isn't closed and released at application quit as expected. Although that is a corner case that shouldn't happen, the general case is still valid. Fixes: QTBUG-96208 Change-Id: I6c9d220e6f5389707baf7ae983f3156e8e51c316 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> Reviewed-by: Morten Johan Sørvig <morten.sorvig@qt.io> (cherry picked from commit b6200de) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>

********** Crash dump: ********** #00 0x0000000000592f8c /apex/com.android.runtime/lib64/libart.so (artQuickToInterpreterBridge+1036) (BuildId: a5b81c452e2ce0b9c64167ee12585bec) qt#1 0x0000000000140468 /apex/com.android.runtime/lib64/libart.so (art_quick_to_interpreter_bridge+88) (BuildId: a5b81c452e2ce0b9c64167ee12585bec) qt#2 0x000000000201598c /memfd:/jit-cache (deleted) (android.view.GestureDetector.onTouchEvent+4268) qt#3 0x00000000020188ac /memfd:/jit-cache (deleted) (org.qtproject.qt5.android.QtLayout.onTouchEvent+108) qt#4 0x00000000020161d4 /memfd:/jit-cache (deleted) (android.view.View.dispatchTouchEvent+996) qt#5 0x000000000201333c /memfd:/jit-cache (deleted) (android.view.ViewGroup.dispatchTransformedTouchEvent+252) qt#6 0x0000000002012d08 /memfd:/jit-cache (deleted) (android.view.ViewGroup.dispatchTouchEvent+4104) qt#7 0x0000000002013394 /memfd:/jit-cache (deleted) (android.view.ViewGroup.dispatchTransformedTouchEvent+340) qt#8 0x00000000020129e4 /memfd:/jit-cache (deleted) (android.view.ViewGroup.dispatchTouchEvent+3300) qt#9 0x0000000002013394 /memfd:/jit-cache (deleted) (android.view.ViewGroup.dispatchTransformedTouchEvent+340) [...]

==1585319== 1,112 (720 direct, 392 indirect) bytes in 2 blocks are definitely lost in loss record 110 of 123 ==1585319== at 0x483EF2F: operator new(unsigned long) (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==1585319== by 0x7D01D6C: QXcbConnection::xi2SetupSlavePointerDevice(void*, bool, QPointingDevice*)::{lambda()#1}::operator()() const (qxcbconnection_xi2.cpp:262) ==1585319== by 0x7D025C2: QXcbConnection::xi2SetupSlavePointerDevice(void*, bool, QPointingDevice*) (qxcbconnection_xi2.cpp:316) ==1585319== by 0x7D03D2D: QXcbConnection::xi2SetupDevices() (qxcbconnection_xi2.cpp:499) ==1585319== by 0x7CE81A3: QXcbConnection::QXcbConnection(QXcbNativeInterface*, bool, unsigned int, char const*) (qxcbconnection.cpp:105) ==1585319== by 0x7D27BEA: QXcbIntegration::QXcbIntegration(QList<QString> const&, int&, char**) (qxcbintegration.cpp:199) ==1585319== by 0x7C9D282: QXcbIntegrationPlugin::create(QString const&, QList<QString> const&, int&, char**) (qxcbmain.cpp:56) ==1585319== by 0x4B516DE: QPlatformIntegration* qLoadPlugin<QPlatformIntegration, QPlatformIntegrationPlugin, QList<QString> const&, int&, char**&>(QFactoryLoader const*, QString const&, QList<QString> const&, int&, char**&) (qfactoryloader_p.h:108) ==1585319== by 0x4B512A9: QPlatformIntegrationFactory::create(QString const&, QList<QString> const&, int&, char**, QString const&) (qplatformintegrationfactory.cpp:71) ==1585319== by 0x4B074EC: init_platform(QString const&, QString const&, QString const&, int&, char**) (qguiapplication.cpp:1209) ==1585319== by 0x4B0A646: QGuiApplicationPrivate::createPlatformIntegration() (qguiapplication.cpp:1491) ==1585319== by 0x4B0A7C9: QGuiApplicationPrivate::createEventDispatcher() (qguiapplication.cpp:1508) ==1585319== by 0x568853F: QCoreApplicationPrivate::init() (qcoreapplication.cpp:847) ==1585319== by 0x4B0A89F: QGuiApplicationPrivate::init() (qguiapplication.cpp:1532) ==1585319== by 0x4B05D16: QGuiApplication::QGuiApplication(int&, char**, int) (qguiapplication.cpp:653) ==1585319== by 0x451613: main (tst_qmetatype.cpp:2141) Fixes: QTBUG-95468 Pick-to: 6.3 6.2 Change-Id: I7e0b82c2d2fe464082d8fffd1696c0122c3b35b7 Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>

==1585319== 1,112 (720 direct, 392 indirect) bytes in 2 blocks are definitely lost in loss record 110 of 123 ==1585319== at 0x483EF2F: operator new(unsigned long) (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==1585319== by 0x7D01D6C: QXcbConnection::xi2SetupSlavePointerDevice(void*, bool, QPointingDevice*)::{lambda()#1}::operator()() const (qxcbconnection_xi2.cpp:262) ==1585319== by 0x7D025C2: QXcbConnection::xi2SetupSlavePointerDevice(void*, bool, QPointingDevice*) (qxcbconnection_xi2.cpp:316) ==1585319== by 0x7D03D2D: QXcbConnection::xi2SetupDevices() (qxcbconnection_xi2.cpp:499) ==1585319== by 0x7CE81A3: QXcbConnection::QXcbConnection(QXcbNativeInterface*, bool, unsigned int, char const*) (qxcbconnection.cpp:105) ==1585319== by 0x7D27BEA: QXcbIntegration::QXcbIntegration(QList<QString> const&, int&, char**) (qxcbintegration.cpp:199) ==1585319== by 0x7C9D282: QXcbIntegrationPlugin::create(QString const&, QList<QString> const&, int&, char**) (qxcbmain.cpp:56) ==1585319== by 0x4B516DE: QPlatformIntegration* qLoadPlugin<QPlatformIntegration, QPlatformIntegrationPlugin, QList<QString> const&, int&, char**&>(QFactoryLoader const*, QString const&, QList<QString> const&, int&, char**&) (qfactoryloader_p.h:108) ==1585319== by 0x4B512A9: QPlatformIntegrationFactory::create(QString const&, QList<QString> const&, int&, char**, QString const&) (qplatformintegrationfactory.cpp:71) ==1585319== by 0x4B074EC: init_platform(QString const&, QString const&, QString const&, int&, char**) (qguiapplication.cpp:1209) ==1585319== by 0x4B0A646: QGuiApplicationPrivate::createPlatformIntegration() (qguiapplication.cpp:1491) ==1585319== by 0x4B0A7C9: QGuiApplicationPrivate::createEventDispatcher() (qguiapplication.cpp:1508) ==1585319== by 0x568853F: QCoreApplicationPrivate::init() (qcoreapplication.cpp:847) ==1585319== by 0x4B0A89F: QGuiApplicationPrivate::init() (qguiapplication.cpp:1532) ==1585319== by 0x4B05D16: QGuiApplication::QGuiApplication(int&, char**, int) (qguiapplication.cpp:653) ==1585319== by 0x451613: main (tst_qmetatype.cpp:2141) Fixes: QTBUG-95468 Change-Id: I7e0b82c2d2fe464082d8fffd1696c0122c3b35b7 Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io> (cherry picked from commit 3116edd) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>

At least for my FreeBSD this makes sense. The default debugger search is gdb first then lldb on Linux-not-Android and for QNX (qcc is GCC after all), but lldb first everywhere else. With LLVM14 from Ports, I get: $ tests/auto/corelib/tools/qhashseed/tst_qhashseed | head -1 ********* Start testing of tst_QHashSeed ********* Config: Using QtTest library 6.4.0, Qt 6.4.0 (x86_64-little_endian-lp64 shared (dynamic) debug build; by Clang 14.0.0), freebsd 13.0 === Received signal at function time: 1ms, total time: 3ms, dumping stack === (lldb) process attach --pid 1782 Process 1782 stopped Executable module set to "/usr/home/tjmaciei/obj/qt/qt6/qtbase/tests/auto/corelib/tools/qhashseed/tst_qhashseed". Architecture set to: x86_64--freebsd13.0. (lldb) bt all * thread #1, name = 'tst_qhashseed' * frame #0: 0x0000000800f227c8 libc.so.7`_wait4 at _wait4.S:4 frame #1: 0x00000008003243bc libthr.so.3`__thr_wait4(pid=<unavailable>, status=<unavailable>, options=<unavailable>, rusage=<unavailable>) at thr_syscalls.c:581:8 frame #2: 0x00000008002b9c73 libQt6Test.t.so.6`(anonymous namespace)::StackTraceHandler::generate() at qtestcase.cpp:393:9 [...] === End of stack trace === Received signal 13 Function time: 1ms Total time: 3ms Support for Windows left as an exercise for later. The WindowsFaultHandler code doesn't even call generateStackTrace(). Change-Id: I5ff8e16fcdcb4ffd9ab6fffd16eba471f58ff3cb Reviewed-by: Edward Welbourne <edward.welbourne@qt.io> Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>

We can't guarantee that the library didn't define Objective-C classes that still have lingering references, resulting in warnings such as: Attempt to use unknown class 0x10e52e110. And possibly crashes such as: thread #1, queue = 'com.apple.main-thread' frame #0: 0x00007fff203829ee libsystem_kernel.dylib`__ulock_wait + 10 frame #1: 0x00007fff203fa0c5 libsystem_platform.dylib`_os_unfair_lock_lock_slow + 162 frame #2: 0x00007fff2026226b libobjc.A.dylib`unmap_image + 85 frame #3: 0x000000010001e11f dyld`dyld::removeImage(ImageLoader*) + 557 frame #4: 0x000000010002291d dyld`dyld::garbageCollectImages() + 956 frame #5: 0x000000010002e35d dyld`dlclose + 191 frame #6: 0x00007fff203cf1c9 libdyld.dylib`dlclose + 183 frame #7: 0x0000000103f9f2f1 libQt6Core_debug.6.dylib`QLibraryPrivate::unload_sys(this=0x000000011ba2c7d0) at qlibrary_unix.cpp:294:9 frame #8: 0x0000000103f93f3f libQt6Core_debug.6.dylib`QLibraryPrivate::unload(this=0x000000011ba2c7d0, flag=UnloadSys) at qlibrary.cpp:614:36 frame #9: 0x0000000103f971fb libQt6Core_debug.6.dylib`QLibraryStore::cleanup() at qlibrary.cpp:425:22 frame #10: 0x0000000103f970f9 libQt6Core_debug.6.dylib`qlibraryCleanup() at qlibrary.cpp:447:5 frame #11: 0x0000000103f970d1 libQt6Core_debug.6.dylib`(anonymous namespace)::qlibraryCleanup_dtor_class_::~qlibraryCleanup_dtor_class_(this=0x00000001041edd38) at qlibrary.cpp:449:1 frame #12: 0x0000000103f930f5 libQt6Core_debug.6.dylib`(anonymous namespace)::qlibraryCleanup_dtor_class_::~qlibraryCleanup_dtor_class_(this=0x00000001041edd38) at qlibrary.cpp:449:1 frame #13: 0x00007fff202e5d25 libsystem_c.dylib`__cxa_finalize_ranges + 316 frame #14: 0x00007fff202e6010 libsystem_c.dylib`exit + 53 frame #15: 0x00007fff203d1f44 libdyld.dylib`start + 8 frame #16: 0x00007fff203d1f3d libdyld.dylib`start + 1 thread #5, queue = 'com.apple.root.user-interactive-qos', stop reason = signal SIGABRT frame #0: 0x00007fff203a356e libsystem_kernel.dylib`__abort_with_payload + 10 frame #1: 0x00007fff203a4fbd libsystem_kernel.dylib`abort_with_payload_wrapper_internal + 80 frame #2: 0x00007fff203a4f6d libsystem_kernel.dylib`abort_with_reason + 19 frame #3: 0x00007fff202749e3 libobjc.A.dylib`_objc_fatalv(unsigned long long, unsigned long long, char const*, __va_list_tag*) + 114 frame #4: 0x00007fff20274971 libobjc.A.dylib`_objc_fatal(char const*, ...) + 135 frame #5: 0x00007fff20255ccb libobjc.A.dylib`lookUpImpOrForward + 881 frame #6: 0x00007fff2025539b libobjc.A.dylib`_objc_msgSend_uncached + 75 frame #7: 0x00007fff22f368d6 AppKit`-[_NSWindowTransformAnimation setCurrentProgress:] + 42 frame #8: 0x00007fff22f37a8a AppKit`__55-[NSAnimation(NSInternal) _advanceTimeWithDisplayLink:]_block_invoke + 31 frame #9: 0x00007fff22d0774f AppKit`NSPerformVisuallyAtomicChange + 132 frame #10: 0x00007fff22f379dc AppKit`-[NSAnimation(NSInternal) _advanceTimeWithDisplayLink:] + 172 frame #11: 0x00007fff22e9a184 AppKit`-[NSScreenDisplayLink _fire] + 180 frame #12: 0x00007fff2362f0b4 AppKit`___NSRunLoopTimerCreateWithHandler_block_invoke + 34 frame #13: 0x00007fff204c6be9 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 20 frame #14: 0x00007fff204c66dd CoreFoundation`__CFRunLoopDoTimer + 927 frame #15: 0x00007fff204c623a CoreFoundation`__CFRunLoopDoTimers + 307 frame #16: 0x00007fff204ace13 CoreFoundation`__CFRunLoopRun + 1988 frame #17: 0x00007fff204abf8c CoreFoundation`CFRunLoopRunSpecific + 563 frame #18: 0x00007fff2123d607 Foundation`-[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212 frame #19: 0x00007fff22f378f0 AppKit`-[NSAnimation(NSInternal) _runBlocking] + 453 frame #20: 0x00007fff22f376ae AppKit`__42-[NSAnimation(NSInternal) _runInNewThread]_block_invoke + 97 frame #21: 0x0000000104edb032 libdispatch.dylib`_dispatch_call_block_and_release + 12 frame #22: 0x0000000104edc264 libdispatch.dylib`_dispatch_client_callout + 8 frame #23: 0x0000000104ef04ac libdispatch.dylib`_dispatch_root_queue_drain + 828 frame #24: 0x0000000104ef0d3f libdispatch.dylib`_dispatch_worker_thread2 + 127 frame #25: 0x0000000104f7eac7 libsystem_pthread.dylib`_pthread_wqthread + 244 frame #26: 0x0000000104f7dae3 libsystem_pthread.dylib`start_wqthread + 15 This has been e.g. observed when a QNSWindow isn't closed and released at application quit as expected. Although that is a corner case that shouldn't happen, the general case is still valid. Fixes: QTBUG-96208 Change-Id: I6c9d220e6f5389707baf7ae983f3156e8e51c316 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> Reviewed-by: Morten Johan Sørvig <morten.sorvig@qt.io> (cherry picked from commit b6200de) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>

The result is retained so long as we don't attempt to change our locale, but failing to change that is the reason why we printed anything. ==20227==ERROR: AddressSanitizer: heap-use-after-free on address 0x000107312696 at pc 0x000103c48088 bp 0x00016ee180c0 sp 0x00016ee17880 READ of size 9 at 0x000107312696 thread T0 #0 0x103c48084 in wrap_strlen+0x164 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x18084) (BuildId: f0a7ac5c49bc3abc851181b6f92b308a32000000200000000100000000000b00) #1 0x1023804bc in QString::vasprintf(char const*, char*) qstring.cpp:7112 #2 0x102243578 in qt_message(QtMsgType, QMessageLogContext const&, char const*, char*) qlogging.cpp:368 #3 0x10252630c in QMessageLogger::warning(char const*, ...) const qlogging.cpp:647 #4 0x10229f940 in QCoreApplicationPrivate::initLocale() qcoreapplication.cpp:664 #5 0x10229fba0 in QCoreApplicationPrivate::init() qcoreapplication.cpp:826 #6 0x1022a07c0 in QCoreApplication::QCoreApplication(int&, char**, int) qcoreapplication.cpp:799 #7 0x101454ef8 in main+0xeb0 (WSgen:arm64+0x100470ef8) (BuildId: ae9b4fec1fd73c1693047a6b9d9ce91432000000200000000100000000000b00) Pick-to: 6.5 Task-number: QTBUG-111443 Change-Id: I6f518d59e63249ddbf43fffd1759d28738124797 Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@qt.io>

The result is retained so long as we don't attempt to change our locale, but failing to change that is the reason why we printed anything. ==20227==ERROR: AddressSanitizer: heap-use-after-free on address 0x000107312696 at pc 0x000103c48088 bp 0x00016ee180c0 sp 0x00016ee17880 READ of size 9 at 0x000107312696 thread T0 #0 0x103c48084 in wrap_strlen+0x164 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x18084) (BuildId: f0a7ac5c49bc3abc851181b6f92b308a32000000200000000100000000000b00) #1 0x1023804bc in QString::vasprintf(char const*, char*) qstring.cpp:7112 #2 0x102243578 in qt_message(QtMsgType, QMessageLogContext const&, char const*, char*) qlogging.cpp:368 #3 0x10252630c in QMessageLogger::warning(char const*, ...) const qlogging.cpp:647 #4 0x10229f940 in QCoreApplicationPrivate::initLocale() qcoreapplication.cpp:664 #5 0x10229fba0 in QCoreApplicationPrivate::init() qcoreapplication.cpp:826 #6 0x1022a07c0 in QCoreApplication::QCoreApplication(int&, char**, int) qcoreapplication.cpp:799 #7 0x101454ef8 in main+0xeb0 (WSgen:arm64+0x100470ef8) (BuildId: ae9b4fec1fd73c1693047a6b9d9ce91432000000200000000100000000000b00) Task-number: QTBUG-111443 Change-Id: I6f518d59e63249ddbf43fffd1759d28738124797 Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@qt.io> (cherry picked from commit 3690c20) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>

==1585319== 1,112 (720 direct, 392 indirect) bytes in 2 blocks are definitely lost in loss record 110 of 123 ==1585319== at 0x483EF2F: operator new(unsigned long) (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==1585319== by 0x7D01D6C: QXcbConnection::xi2SetupSlavePointerDevice(void*, bool, QPointingDevice*)::{lambda()#1}::operator()() const (qxcbconnection_xi2.cpp:262) ==1585319== by 0x7D025C2: QXcbConnection::xi2SetupSlavePointerDevice(void*, bool, QPointingDevice*) (qxcbconnection_xi2.cpp:316) ==1585319== by 0x7D03D2D: QXcbConnection::xi2SetupDevices() (qxcbconnection_xi2.cpp:499) ==1585319== by 0x7CE81A3: QXcbConnection::QXcbConnection(QXcbNativeInterface*, bool, unsigned int, char const*) (qxcbconnection.cpp:105) ==1585319== by 0x7D27BEA: QXcbIntegration::QXcbIntegration(QList<QString> const&, int&, char**) (qxcbintegration.cpp:199) ==1585319== by 0x7C9D282: QXcbIntegrationPlugin::create(QString const&, QList<QString> const&, int&, char**) (qxcbmain.cpp:56) ==1585319== by 0x4B516DE: QPlatformIntegration* qLoadPlugin<QPlatformIntegration, QPlatformIntegrationPlugin, QList<QString> const&, int&, char**&>(QFactoryLoader const*, QString const&, QList<QString> const&, int&, char**&) (qfactoryloader_p.h:108) ==1585319== by 0x4B512A9: QPlatformIntegrationFactory::create(QString const&, QList<QString> const&, int&, char**, QString const&) (qplatformintegrationfactory.cpp:71) ==1585319== by 0x4B074EC: init_platform(QString const&, QString const&, QString const&, int&, char**) (qguiapplication.cpp:1209) ==1585319== by 0x4B0A646: QGuiApplicationPrivate::createPlatformIntegration() (qguiapplication.cpp:1491) ==1585319== by 0x4B0A7C9: QGuiApplicationPrivate::createEventDispatcher() (qguiapplication.cpp:1508) ==1585319== by 0x568853F: QCoreApplicationPrivate::init() (qcoreapplication.cpp:847) ==1585319== by 0x4B0A89F: QGuiApplicationPrivate::init() (qguiapplication.cpp:1532) ==1585319== by 0x4B05D16: QGuiApplication::QGuiApplication(int&, char**, int) (qguiapplication.cpp:653) ==1585319== by 0x451613: main (tst_qmetatype.cpp:2141) Fixes: QTBUG-95468 Change-Id: I7e0b82c2d2fe464082d8fffd1696c0122c3b35b7 Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io> (cherry picked from commit 3116edd) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>

Says ASAN: Direct leak of 524 byte(s) in 1 object(s) allocated from: #0 0x7f708f0a67cf in __interceptor_malloc ../../../../gcc/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x7f707d94bf9e in CRYPTO_malloc crypto/mem.c:196 #2 0x7f707d7bd248 in asn1_item_flags_i2d crypto/asn1/tasn_enc.c:65 #3 0x7f707d7bd1b7 in ASN1_item_i2d crypto/asn1/tasn_enc.c:45 #4 0x7f707d85b7be in i2d_DHparams crypto/dh/dh_asn1.c:54 #5 0x7f7075a82223 in q_i2d_DHparams(dh_st*, unsigned char**) qsslsocket_openssl_symbols.cpp:435 #6 0x7f7075a82223 in QTlsBackendOpenSSL::dhParametersFromPem(QByteArray const&, QByteArray*) const qssldiffiehellmanparameters_openssl.cpp:139 #7 0x7f708ca9b588 in QSslDiffieHellmanParametersPrivate::initFromPem(QByteArray const&) qssldiffiehellmanparameters.cpp:285 #8 0x7f708ca9b588 in QSslDiffieHellmanParameters::fromEncoded(QByteArray const&, QSsl::EncodingFormat) qssldiffiehellmanparameters.cpp:94 #9 0x55fd8a545ebe in tst_QSslDiffieHellmanParameters::constructionPEM() tst_qssldiffiehellmanparameters.cpp:98 [...] The pointer returned in the out-parameter of a i2d_DHparams() call is supposed to be OPENSSL_free()ed by the user (this is not at all obvious from the docs¹, but an SO answer² indicates that's how it should be (as well as asan stopping from complaining with this patch applied)). ¹ https://www.openssl.org/docs/man3.1/man3/i2d_DHparams.html ² https://stackoverflow.com/a/53563669. Amends 2cf63c7. [ChangeLog][QtNetwork][SSL] Fixed a memory leak in parsing of PEM-encoded Diffie-Hellman parameters. Pick-to: 6.6 6.5 6.2 5.15 Change-Id: I9ed4a26c4676db1c0d54a1945a4fb5014ce568cd Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>

Says ASAN: Direct leak of 524 byte(s) in 1 object(s) allocated from: #0 0x7f708f0a67cf in __interceptor_malloc ../../../../gcc/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x7f707d94bf9e in CRYPTO_malloc crypto/mem.c:196 #2 0x7f707d7bd248 in asn1_item_flags_i2d crypto/asn1/tasn_enc.c:65 #3 0x7f707d7bd1b7 in ASN1_item_i2d crypto/asn1/tasn_enc.c:45 #4 0x7f707d85b7be in i2d_DHparams crypto/dh/dh_asn1.c:54 #5 0x7f7075a82223 in q_i2d_DHparams(dh_st*, unsigned char**) qsslsocket_openssl_symbols.cpp:435 #6 0x7f7075a82223 in QTlsBackendOpenSSL::dhParametersFromPem(QByteArray const&, QByteArray*) const qssldiffiehellmanparameters_openssl.cpp:139 #7 0x7f708ca9b588 in QSslDiffieHellmanParametersPrivate::initFromPem(QByteArray const&) qssldiffiehellmanparameters.cpp:285 #8 0x7f708ca9b588 in QSslDiffieHellmanParameters::fromEncoded(QByteArray const&, QSsl::EncodingFormat) qssldiffiehellmanparameters.cpp:94 #9 0x55fd8a545ebe in tst_QSslDiffieHellmanParameters::constructionPEM() tst_qssldiffiehellmanparameters.cpp:98 [...] The pointer returned in the out-parameter of a i2d_DHparams() call is supposed to be OPENSSL_free()ed by the user (this is not at all obvious from the docs¹, but an SO answer² indicates that's how it should be (as well as asan stopping from complaining with this patch applied)). ¹ https://www.openssl.org/docs/man3.1/man3/i2d_DHparams.html ² https://stackoverflow.com/a/53563669. Amends 2cf63c7. [ChangeLog][QtNetwork][SSL] Fixed a memory leak in parsing of PEM-encoded Diffie-Hellman parameters. Change-Id: I9ed4a26c4676db1c0d54a1945a4fb5014ce568cd Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> (cherry picked from commit 676087e) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>

Says ASAN: Direct leak of 524 byte(s) in 1 object(s) allocated from: #0 0x7f708f0a67cf in __interceptor_malloc ../../../../gcc/libsanitizer/asan/asan_malloc_linux.cpp:145 qt#1 0x7f707d94bf9e in CRYPTO_malloc crypto/mem.c:196 qt#2 0x7f707d7bd248 in asn1_item_flags_i2d crypto/asn1/tasn_enc.c:65 qt#3 0x7f707d7bd1b7 in ASN1_item_i2d crypto/asn1/tasn_enc.c:45 qt#4 0x7f707d85b7be in i2d_DHparams crypto/dh/dh_asn1.c:54 qt#5 0x7f7075a82223 in q_i2d_DHparams(dh_st*, unsigned char**) qsslsocket_openssl_symbols.cpp:435 qt#6 0x7f7075a82223 in QTlsBackendOpenSSL::dhParametersFromPem(QByteArray const&, QByteArray*) const qssldiffiehellmanparameters_openssl.cpp:139 qt#7 0x7f708ca9b588 in QSslDiffieHellmanParametersPrivate::initFromPem(QByteArray const&) qssldiffiehellmanparameters.cpp:285 qt#8 0x7f708ca9b588 in QSslDiffieHellmanParameters::fromEncoded(QByteArray const&, QSsl::EncodingFormat) qssldiffiehellmanparameters.cpp:94 qt#9 0x55fd8a545ebe in tst_QSslDiffieHellmanParameters::constructionPEM() tst_qssldiffiehellmanparameters.cpp:98 [...] The pointer returned in the out-parameter of a i2d_DHparams() call is supposed to be OPENSSL_free()ed by the user (this is not at all obvious from the docs¹, but an SO answer² indicates that's how it should be (as well as asan stopping from complaining with this patch applied)). ¹ https://www.openssl.org/docs/man3.1/man3/i2d_DHparams.html ² https://stackoverflow.com/a/53563669. Amends 2cf63c7. [ChangeLog][QtNetwork][SSL] Fixed a memory leak in parsing of PEM-encoded Diffie-Hellman parameters. Pick-to: 6.6 6.5 6.2 5.15 Change-Id: I9ed4a26c4676db1c0d54a1945a4fb5014ce568cd Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> (cherry picked from commit 676087e)

This reverts commit f20adcd. The implementation had the right idea, but this is not expected to work reliably in C++. It's jumping out of several frames without cleaning them out properly and our ASan-based memory leak-checker has started complaining (the next commit will move this test elsewhere). ==19313==ERROR: LeakSanitizer: detected memory leaks Direct leak of 258 byte(s) in 1 object(s) allocated from: #0 0x7ffa505c8e48 in __interceptor_malloc (/usr/lib64/libasan.so.5+0x109e48) #1 0x7ffa4f2d7ff9 (/home/qt/work/install/lib/libQt6Core.so.6+0x896ff9) #2 0x7ffa4f2d834d in QArrayData::allocate(QArrayData**, long long, long long, long long, QArrayData::AllocationOption) (/home/qt/work/install/lib/libQt6Core.so.6+0x89734d) #3 0x7ffa4f23b700 (/home/qt/work/install/lib/libQt6Core.so.6+0x7fa700) #4 0x7ffa4f1f6cc8 in QString::reallocData(long long, QArrayData::AllocationOption) (/home/qt/work/install/lib/libQt6Core.so.6+0x7b5cc8) #5 0x7ffa4f1f68a7 in QString::resize(long long) (/home/qt/work/install/lib/libQt6Core.so.6+0x7b58a7) #6 0x7ffa4f2092ff (/home/qt/work/install/lib/libQt6Core.so.6+0x7c82ff) #7 0x7ffa4f209e09 in QString::vasprintf(char const*, __va_list_tag*) (/home/qt/work/install/lib/libQt6Core.so.6+0x7c8e09) #8 0x7ffa4ed0d83d (/home/qt/work/install/lib/libQt6Core.so.6+0x2cc83d) #9 0x7ffa4ed114a9 in QMessageLogger::fatal(char const*, ...) const (/home/qt/work/install/lib/libQt6Core.so.6+0x2d04a9) #10 0x5641d2604c40 in tst_Silent::messages() /home/qt/work/qt/qtbase/tests/auto/testlib/selftests/silent/tst_silent.cpp:77 #11 0x5641d26050fb in tst_Silent::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) tests/auto/testlib/selftests/silent/silent_autogen/include/tst_silent.moc:118 The restoration of the signal handler (which QtTest now has) is also wrong: this needed to use sigaction() instead. Change-Id: Ifa1111900d6945ea8e05fffd177f14fbc09a1d7d Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>

Says ASAN: Direct leak of 524 byte(s) in 1 object(s) allocated from: #0 0x7f708f0a67cf in __interceptor_malloc ../../../../gcc/libsanitizer/asan/asan_malloc_linux.cpp:145 qt#1 0x7f707d94bf9e in CRYPTO_malloc crypto/mem.c:196 qt#2 0x7f707d7bd248 in asn1_item_flags_i2d crypto/asn1/tasn_enc.c:65 qt#3 0x7f707d7bd1b7 in ASN1_item_i2d crypto/asn1/tasn_enc.c:45 qt#4 0x7f707d85b7be in i2d_DHparams crypto/dh/dh_asn1.c:54 qt#5 0x7f7075a82223 in q_i2d_DHparams(dh_st*, unsigned char**) qsslsocket_openssl_symbols.cpp:435 qt#6 0x7f7075a82223 in QTlsBackendOpenSSL::dhParametersFromPem(QByteArray const&, QByteArray*) const qssldiffiehellmanparameters_openssl.cpp:139 qt#7 0x7f708ca9b588 in QSslDiffieHellmanParametersPrivate::initFromPem(QByteArray const&) qssldiffiehellmanparameters.cpp:285 qt#8 0x7f708ca9b588 in QSslDiffieHellmanParameters::fromEncoded(QByteArray const&, QSsl::EncodingFormat) qssldiffiehellmanparameters.cpp:94 qt#9 0x55fd8a545ebe in tst_QSslDiffieHellmanParameters::constructionPEM() tst_qssldiffiehellmanparameters.cpp:98 [...] The pointer returned in the out-parameter of a i2d_DHparams() call is supposed to be OPENSSL_free()ed by the user (this is not at all obvious from the docs¹, but an SO answer² indicates that's how it should be (as well as asan stopping from complaining with this patch applied)). ¹ https://www.openssl.org/docs/man3.1/man3/i2d_DHparams.html ² https://stackoverflow.com/a/53563669. Amends 2cf63c7. [ChangeLog][QtNetwork][SSL] Fixed a memory leak in parsing of PEM-encoded Diffie-Hellman parameters. Pick-to: 6.6 6.5 6.2 5.15 Change-Id: I9ed4a26c4676db1c0d54a1945a4fb5014ce568cd Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> (cherry picked from commit 676087e)

There was a discrepancy that the multi-arg arg() overload would accept any number of digits in the placeholder, resolving up to value 999 (e.g., %000001 was interpreted as placeholder #1), but the single-arg arg() overload only supported exactly one or two digits. The single-arg behavior was documented, so use it. [ChangeLog][Important Behavior Changes] The QString::arg() overload taking multiple QString-like arguments is now fixed to interpret placeholders like the other arg() overloads: it will find at most two digits after the '%' character. That is, the sequence "%123" is now interpreted as placeholder #12 followed by character '3' (verbatim). Pick-to: 6.7 Fixes: QTBUG-118581 Change-Id: I455fe22ef4ad4b2f9b01fffd17c767a948d41138 Reviewed-by: Ahmad Samir <a.samirh78@gmail.com>

There was a discrepancy that the multi-arg arg() overload would accept any number of digits in the placeholder, resolving up to value 999 (e.g., %000001 was interpreted as placeholder #1), but the single-arg arg() overload only supported exactly one or two digits. The single-arg behavior was documented, so use it. [ChangeLog][Important Behavior Changes] The QString::arg() overload taking multiple QString-like arguments is now fixed to interpret placeholders like the other arg() overloads: it will find at most two digits after the '%' character. That is, the sequence "%123" is now interpreted as placeholder #12 followed by character '3' (verbatim). Fixes: QTBUG-118581 Change-Id: I455fe22ef4ad4b2f9b01fffd17c767a948d41138 Reviewed-by: Ahmad Samir <a.samirh78@gmail.com> (cherry picked from commit f0f2a9e) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>

Says ASAN: Direct leak of 524 byte(s) in 1 object(s) allocated from: #0 0x7f708f0a67cf in __interceptor_malloc ../../../../gcc/libsanitizer/asan/asan_malloc_linux.cpp:145 qt#1 0x7f707d94bf9e in CRYPTO_malloc crypto/mem.c:196 qt#2 0x7f707d7bd248 in asn1_item_flags_i2d crypto/asn1/tasn_enc.c:65 qt#3 0x7f707d7bd1b7 in ASN1_item_i2d crypto/asn1/tasn_enc.c:45 qt#4 0x7f707d85b7be in i2d_DHparams crypto/dh/dh_asn1.c:54 qt#5 0x7f7075a82223 in q_i2d_DHparams(dh_st*, unsigned char**) qsslsocket_openssl_symbols.cpp:435 qt#6 0x7f7075a82223 in QTlsBackendOpenSSL::dhParametersFromPem(QByteArray const&, QByteArray*) const qssldiffiehellmanparameters_openssl.cpp:139 qt#7 0x7f708ca9b588 in QSslDiffieHellmanParametersPrivate::initFromPem(QByteArray const&) qssldiffiehellmanparameters.cpp:285 qt#8 0x7f708ca9b588 in QSslDiffieHellmanParameters::fromEncoded(QByteArray const&, QSsl::EncodingFormat) qssldiffiehellmanparameters.cpp:94 qt#9 0x55fd8a545ebe in tst_QSslDiffieHellmanParameters::constructionPEM() tst_qssldiffiehellmanparameters.cpp:98 [...] The pointer returned in the out-parameter of a i2d_DHparams() call is supposed to be OPENSSL_free()ed by the user (this is not at all obvious from the docs¹, but an SO answer² indicates that's how it should be (as well as asan stopping from complaining with this patch applied)). ¹ https://www.openssl.org/docs/man3.1/man3/i2d_DHparams.html ² https://stackoverflow.com/a/53563669. Amends 2cf63c7. [ChangeLog][QtNetwork][SSL] Fixed a memory leak in parsing of PEM-encoded Diffie-Hellman parameters. Pick-to: 6.6 6.5 6.2 5.15 Change-Id: I9ed4a26c4676db1c0d54a1945a4fb5014ce568cd Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> (cherry picked from commit 676087e)

Amends e524724. Indirect leak of 24 byte(s) in 1 object(s) allocated from: #0 0x7f73b50fc1d8 in operator new(unsigned long) (/lib64/libasan.so.8+0xfc1d8) (BuildId: 1827a4c72065a9f25ba519b25166029eebbf519f) #1 0x7f73b4cc18d4 in std::__detail::_MakeUniq<QSignalSpyPrivate>::__single_object std::make_unique<QSignalSpyPrivate, QSignalSpy*>(QSignalSpy*&&) /usr/include/c++/13/bits/unique_ptr.h:1070 #2 0x7f73b4cbf0a4 in QSignalSpy::QSignalSpy(QSignalSpy::ObjectSignal) src/testlib/qsignalspy.cpp:259 #3 0x55c0e313cd7d in QSignalSpy::QSignalSpy<void (QAbstractItemModel::*)(QModelIndex const&, int, int, QAbstractItemModel::QPrivateSignal)>(QtPrivate::FunctionPointer<void (QAbstractItemModel::*)(QModelIndex const&, int, int, QAbstractItemModel::QPrivateSignal)>::Object const*, void (QAbstractItemModel::*)(QModelIndex const&, int, int, QAbstractItemModel::QPrivateSignal)) (build/tests/auto/gui/itemmodels/qfilesystemmodel/tst_qfilesystemmodel+0x83d7d) (BuildId: b2e416794e25fdb925a191cc4a5efe3cb04efb0e) #4 0x55c0e30eccac in tst_QFileSystemModel::prepareTestModelRoot(QFileSystemModel*, QString const&, QSignalSpy**, QSignalSpy**) tests/auto/gui/itemmodels/qfilesystemmodel/tst_qfilesystemmodel.cpp:392 #5 0x55c0e30edacf in tst_QFileSystemModel::rowCount() tests/auto/gui/itemmodels/qfilesystemmodel/tst_qfilesystemmodel.cpp:420 Pick-to: 6.8 6.7 6.5 6.2 Change-Id: Ia085f9235f3bec252290f4fbe5ea0958f91a5e5a Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>

Amends e524724. Indirect leak of 24 byte(s) in 1 object(s) allocated from: #0 0x7f73b50fc1d8 in operator new(unsigned long) (/lib64/libasan.so.8+0xfc1d8) (BuildId: 1827a4c72065a9f25ba519b25166029eebbf519f) #1 0x7f73b4cc18d4 in std::__detail::_MakeUniq<QSignalSpyPrivate>::__single_object std::make_unique<QSignalSpyPrivate, QSignalSpy*>(QSignalSpy*&&) /usr/include/c++/13/bits/unique_ptr.h:1070 #2 0x7f73b4cbf0a4 in QSignalSpy::QSignalSpy(QSignalSpy::ObjectSignal) src/testlib/qsignalspy.cpp:259 #3 0x55c0e313cd7d in QSignalSpy::QSignalSpy<void (QAbstractItemModel::*)(QModelIndex const&, int, int, QAbstractItemModel::QPrivateSignal)>(QtPrivate::FunctionPointer<void (QAbstractItemModel::*)(QModelIndex const&, int, int, QAbstractItemModel::QPrivateSignal)>::Object const*, void (QAbstractItemModel::*)(QModelIndex const&, int, int, QAbstractItemModel::QPrivateSignal)) (build/tests/auto/gui/itemmodels/qfilesystemmodel/tst_qfilesystemmodel+0x83d7d) (BuildId: b2e416794e25fdb925a191cc4a5efe3cb04efb0e) #4 0x55c0e30eccac in tst_QFileSystemModel::prepareTestModelRoot(QFileSystemModel*, QString const&, QSignalSpy**, QSignalSpy**) tests/auto/gui/itemmodels/qfilesystemmodel/tst_qfilesystemmodel.cpp:392 #5 0x55c0e30edacf in tst_QFileSystemModel::rowCount() tests/auto/gui/itemmodels/qfilesystemmodel/tst_qfilesystemmodel.cpp:420 Pick-to: 6.7 6.5 6.2 Change-Id: Ia085f9235f3bec252290f4fbe5ea0958f91a5e5a Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> (cherry picked from commit 5686af2) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>

Amends e524724. Indirect leak of 24 byte(s) in 1 object(s) allocated from: #0 0x7f73b50fc1d8 in operator new(unsigned long) (/lib64/libasan.so.8+0xfc1d8) (BuildId: 1827a4c72065a9f25ba519b25166029eebbf519f) #1 0x7f73b4cc18d4 in std::__detail::_MakeUniq<QSignalSpyPrivate>::__single_object std::make_unique<QSignalSpyPrivate, QSignalSpy*>(QSignalSpy*&&) /usr/include/c++/13/bits/unique_ptr.h:1070 #2 0x7f73b4cbf0a4 in QSignalSpy::QSignalSpy(QSignalSpy::ObjectSignal) src/testlib/qsignalspy.cpp:259 #3 0x55c0e313cd7d in QSignalSpy::QSignalSpy<void (QAbstractItemModel::*)(QModelIndex const&, int, int, QAbstractItemModel::QPrivateSignal)>(QtPrivate::FunctionPointer<void (QAbstractItemModel::*)(QModelIndex const&, int, int, QAbstractItemModel::QPrivateSignal)>::Object const*, void (QAbstractItemModel::*)(QModelIndex const&, int, int, QAbstractItemModel::QPrivateSignal)) (build/tests/auto/gui/itemmodels/qfilesystemmodel/tst_qfilesystemmodel+0x83d7d) (BuildId: b2e416794e25fdb925a191cc4a5efe3cb04efb0e) #4 0x55c0e30eccac in tst_QFileSystemModel::prepareTestModelRoot(QFileSystemModel*, QString const&, QSignalSpy**, QSignalSpy**) tests/auto/gui/itemmodels/qfilesystemmodel/tst_qfilesystemmodel.cpp:392 #5 0x55c0e30edacf in tst_QFileSystemModel::rowCount() tests/auto/gui/itemmodels/qfilesystemmodel/tst_qfilesystemmodel.cpp:420 Pick-to: 6.5 6.2 Change-Id: Ia085f9235f3bec252290f4fbe5ea0958f91a5e5a Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> (cherry picked from commit 5686af2) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> (cherry picked from commit 741c1d0)

TSAN has the same issue as ASAN when it comes to the SSE2 usage here. WARNING: ThreadSanitizer: heap-use-after-free (pid=621) Read of size 8 at 0x721000049f78 by main thread: #0 _mm_load_si128(long long __vector(2) const*) /usr/lib64/gcc/x86_64-suse-linux/13/include/emmintrin.h:700 (libQt6Core.so.6+0x2ba056) #1 qustrlen_sse2 qtbase/src/corelib/text/qstring.cpp:431 (libQt6Core.so.6+0x2ba056) [...] Previous write of size 8 at 0x721000049f78 by main thread: #0 realloc <null> (libtsan.so.2+0x5bdbd) #1 QArrayData::reallocateUnaligned(QArrayData*, void*, long long, long long, QArrayData::AllocationOption) qtbase/src/corelib/tools/qarraydata.cpp:244 (libQt6Core.so.6+0x309913) [...] (gcc 13.3.0) Pick-to: 6.7 6.8 Change-Id: Id0127d5fb498dcf78bb977e6ff1b6b380ae423c7 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>

TSAN has the same issue as ASAN when it comes to the SSE2 usage here. WARNING: ThreadSanitizer: heap-use-after-free (pid=621) Read of size 8 at 0x721000049f78 by main thread: #0 _mm_load_si128(long long __vector(2) const*) /usr/lib64/gcc/x86_64-suse-linux/13/include/emmintrin.h:700 (libQt6Core.so.6+0x2ba056) #1 qustrlen_sse2 qtbase/src/corelib/text/qstring.cpp:431 (libQt6Core.so.6+0x2ba056) [...] Previous write of size 8 at 0x721000049f78 by main thread: #0 realloc <null> (libtsan.so.2+0x5bdbd) #1 QArrayData::reallocateUnaligned(QArrayData*, void*, long long, long long, QArrayData::AllocationOption) qtbase/src/corelib/tools/qarraydata.cpp:244 (libQt6Core.so.6+0x309913) [...] (gcc 13.3.0) Pick-to: 6.7 Change-Id: Id0127d5fb498dcf78bb977e6ff1b6b380ae423c7 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> (cherry picked from commit 6003682) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>

TSAN has the same issue as ASAN when it comes to the SSE2 usage here. WARNING: ThreadSanitizer: heap-use-after-free (pid=621) Read of size 8 at 0x721000049f78 by main thread: #0 _mm_load_si128(long long __vector(2) const*) /usr/lib64/gcc/x86_64-suse-linux/13/include/emmintrin.h:700 (libQt6Core.so.6+0x2ba056) #1 qustrlen_sse2 qtbase/src/corelib/text/qstring.cpp:431 (libQt6Core.so.6+0x2ba056) [...] Previous write of size 8 at 0x721000049f78 by main thread: #0 realloc <null> (libtsan.so.2+0x5bdbd) #1 QArrayData::reallocateUnaligned(QArrayData*, void*, long long, long long, QArrayData::AllocationOption) qtbase/src/corelib/tools/qarraydata.cpp:244 (libQt6Core.so.6+0x309913) [...] (gcc 13.3.0) Change-Id: Id0127d5fb498dcf78bb977e6ff1b6b380ae423c7 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> (cherry picked from commit 6003682) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> (cherry picked from commit 72c97d1)

Says ASAN: Direct leak of 524 byte(s) in 1 object(s) allocated from: #0 0x7f708f0a67cf in __interceptor_malloc ../../../../gcc/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x7f707d94bf9e in CRYPTO_malloc crypto/mem.c:196 #2 0x7f707d7bd248 in asn1_item_flags_i2d crypto/asn1/tasn_enc.c:65 #3 0x7f707d7bd1b7 in ASN1_item_i2d crypto/asn1/tasn_enc.c:45 #4 0x7f707d85b7be in i2d_DHparams crypto/dh/dh_asn1.c:54 #5 0x7f7075a82223 in q_i2d_DHparams(dh_st*, unsigned char**) qsslsocket_openssl_symbols.cpp:435 #6 0x7f7075a82223 in QTlsBackendOpenSSL::dhParametersFromPem(QByteArray const&, QByteArray*) const qssldiffiehellmanparameters_openssl.cpp:139 #7 0x7f708ca9b588 in QSslDiffieHellmanParametersPrivate::initFromPem(QByteArray const&) qssldiffiehellmanparameters.cpp:285 #8 0x7f708ca9b588 in QSslDiffieHellmanParameters::fromEncoded(QByteArray const&, QSsl::EncodingFormat) qssldiffiehellmanparameters.cpp:94 #9 0x55fd8a545ebe in tst_QSslDiffieHellmanParameters::constructionPEM() tst_qssldiffiehellmanparameters.cpp:98 [...] The pointer returned in the out-parameter of a i2d_DHparams() call is supposed to be OPENSSL_free()ed by the user (this is not at all obvious from the docs¹, but an SO answer² indicates that's how it should be (as well as asan stopping from complaining with this patch applied)). ¹ https://www.openssl.org/docs/man3.1/man3/i2d_DHparams.html ² https://stackoverflow.com/a/53563669. Amends 2cf63c7. [ChangeLog][QtNetwork][SSL] Fixed a memory leak in parsing of PEM-encoded Diffie-Hellman parameters. Change-Id: I9ed4a26c4676db1c0d54a1945a4fb5014ce568cd Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> (cherry picked from commit 676087e)

CMake IMPORTED_LINK_DEPENDENT_LIBRARIES not on configuration basis

f8b3cc1

We don't need the CMake IMPORTED_LINK_DEPENDENT_LIBRARIES on a configuration basis as they point to other CMake imported targets (Qt5::Gui_EGL and Qt5::Gui_GLESv2).

qtprojectorg closed this Mar 4, 2015

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CMake IMPORTED_LINK_DEPENDENT_LIBRARIES not on configuration basis #1

CMake IMPORTED_LINK_DEPENDENT_LIBRARIES not on configuration basis #1

bjoernthiel commented May 23, 2014

jakepetroules commented Sep 11, 2014

CMake IMPORTED_LINK_DEPENDENT_LIBRARIES not on configuration basis #1

CMake IMPORTED_LINK_DEPENDENT_LIBRARIES not on configuration basis #1

Conversation

bjoernthiel commented May 23, 2014

jakepetroules commented Sep 11, 2014