Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-12370

Memory corruption in glyph cache

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • Not Evaluated
    • None
    • 4.6.3
    • (Inactive) GUI: QWS Integration (Qt4), GUI: Font handling
    • None
    • Running Qt embedded on Linux/ARM.
      Could not be reproduced on embedded Qt on x86.
    • 8af2f7b5085ee56d289584bddbccc8dead04b9d1

    Description

      After commit 1ebeb971d3382aec0fff927ce2d6ea7b0452584f in Qt (found by git bisecting between v4.6.2 and v4.6.3), the "o" glyph bitmap in the glyph cache gets corrupted.
      Revision 8af2f7b5085ee56d289584bddbccc8dead04b9d1 on the 4.6 branch seems to remedy the problem.

      Set a watchpoint on it using gdb and let it run over night, it triggered on the following stack trace:

      Watchpoint 1: *0x40E4FCD4

      Old value = 15794054
      New value = 2117337088
      0x0078cb64 in QFontEngineQPF::loadGlyph(unsigned int) ()
      (gdb)

      #0 0x0078cb64 in QFontEngineQPF::loadGlyph(unsigned int) ()
      #1 0x0078d11c in QFontEngineQPF::ensureGlyphsLoaded(QGlyphLayout const&) ()
      #2 0x0078d2b8 in QFontEngineQPF::boundingBox(unsigned int) ()
      #3 0x0069be30 in QFontEngine::getGlyphBearings(unsigned int, float*, float*)
      ()
      #4 0x0069bd34 in QFontEngineMulti::getGlyphBearings(unsigned int, float*,
      float*) ()
      #5 0x006d781c in QTextLine::layout_helper(int) ()
      #6 0x005d632c in qt_format_text(QFont const&, QRectF const&, int, QTextOption
      const*, QString const&, QRectF*, int, int*, int, QPainter*) ()
      #7 0x005d6dfc in qt_format_text(QFont const&, QRectF const&, int, QString
      const&, QRectF*, int, int*, int, QPainter*) ()
      #8 0x006a5a90 in QFontMetrics::boundingRect(QRect const&, int, QString const&,
      int, int*) const ()
      #9 0x0092429c in QLabelPrivate::sizeForWidth(int) const ()
      #10 0x0092469c in QLabel::heightForWidth(int) const ()
      #11 0x004c38a8 in QWidgetItem::heightForWidth(int) const ()
      #12 0x004c3ac8 in QWidgetItemV2::heightForWidth(int) const ()
      #13 0x0049c8d4 in QBoxLayoutPrivate::calcHfw(int) ()
      #14 0x0049cbd8 in QBoxLayout::heightForWidth(int) const ()
      #15 0x004bfb74 in QLayout::totalHeightForWidth(int) const ()
      #16 0x004c37e4 in QWidgetItem::heightForWidth(int) const ()
      #17 0x004c3ac8 in QWidgetItemV2::heightForWidth(int) const ()
      #18 0x0049c8d4 in QBoxLayoutPrivate::calcHfw(int) ()
      #19 0x0049cbd8 in QBoxLayout::heightForWidth(int) const ()
      #20 0x004bf99c in QLayout::totalSizeHint() const ()
      #21 0x004c0144 in QLayout::activate() ()
      #22 0x004f34a0 in QWidget::setVisible(bool) ()
      #23 0x009c1838 in QDialog::setVisible(bool) ()

      Attachments

        Issue Links

          is replaced by

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-11427 [REG] Segfault in qtextlayout.cpp

          • P1: Critical - Urgent and Important, will STOP the release if matched with set FixVersion field. This includes regressions from the last version that are not edge cases; Data loss; Build issues; All but the most unlikely crashes/lockups/hanging; Serious usability issues and embarrassing bugs & Bugs critical to a deliverable. This is the highest possible priority for requirements.
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              esabraha Eskil Abrahamsen Blomfeldt
              magne.zachrisen Magne Zachrisen
              Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes