Details
-
Bug
-
Resolution: Done
-
P1: Critical
-
4.7.2
-
None
-
Windows, VS2008 and VS2010
Description
The order of the following two lines is causing problem in msvc compiled Qt:
void QDeclarativeDataBlob::tryDone()
{
...
done();
notifyAllWaitingOnMe();
After done() is called, the object is deleted together with the m_waitingOnMe and m_waitingFor lists. In the subsequent call on notifyAllWaitingOnMe(), the m_waitingOnMe is accessed and causing crashes.
This doens't happen on GCC though.
We'd the above two lines to be swapped.
Crash trace:
QtCored4.dll!QListData::size() Line 94 + 0x15 bytes C++
QtDeclaratived4.dll!QList<QDeclarativeDataBlob * __ptr64>::count() Line 267 + 0x14 bytes C++
> QtDeclaratived4.dll!QDeclarativeDataBlob::notifyAllWaitingOnMe() Line 401 + 0x11 bytes C++
QtDeclaratived4.dll!QDeclarativeDataBlob::tryDone() Line 384 C++
QtDeclaratived4.dll!QDeclarativeDataBlob::notifyComplete(QDeclarativeDataBlob * blob) Line 432 C++
QtDeclaratived4.dll!QDeclarativeDataBlob::notifyAllWaitingOnMe() Line 407 C++
QtDeclaratived4.dll!QDeclarativeDataBlob::tryDone() Line 384 C++
QtDeclaratived4.dll!QDeclarativeDataLoader::setData(QDeclarativeDataBlob * blob, const QByteArray & data) Line 615 C++
QtDeclaratived4.dll!QDeclarativeDataLoader::networkReplyFinished() Line 560 + 0x17 bytes C++
QtDeclaratived4.dll!QDeclarativeDataLoader::qt_metacall(QMetaObject::Call _c, int _id, void * * _a) Line 74 + 0xa bytes C++
QtDeclaratived4.dll!QDeclarativeTypeLoader::qt_metacall(QMetaObject::Call _c, int _id, void * * _a) Line 126 + 0x18 bytes C++
QtCored4.dll!QMetaObject::metacall(QObject * object, QMetaObject::Call cl, int idx, void * * argv) Line 238 C++
QtCored4.dll!QMetaObject::activate(QObject * sender, const QMetaObject * m, int local_signal_index, void * * argv) Line 3278 + 0x49 bytes C++
QtNetworkd4.dll!QNetworkReply::finished() Line 153 C++
QtNetworkd4.dll!QNetworkReply::qt_metacall(QMetaObject::Call _c, int _id, void * * _a) Line 130 + 0xa bytes C++
QmlCored.dll!QmlCore::QmlNetworkReply::qt_metacall(QMetaObject::Call _c, int _id, void * * _a) Line 64 + 0x19 bytes C++
QtCored4.dll!QMetaObject::metacall(QObject * object, QMetaObject::Call cl, int idx, void * * argv) Line 238 C++
QtCored4.dll!QMetaCallEvent::placeMetaCall(QObject * object) Line 536 C++
QtCored4.dll!QObject::event(QEvent * e) Line 1217 + 0x1e bytes C++
QtGuid4.dll!QApplicationPrivate::notify_helper(QObject * receiver, QEvent * e) Line 4462 + 0x15 bytes C++
QtGuid4.dll!QApplication::notify(QObject * receiver, QEvent * e) Line 3862 + 0x1d bytes C++
QtCored4.dll!QCoreApplication::notifyInternal(QObject * receiver, QEvent * event) Line 731 + 0x26 bytes C++
QtCored4.dll!QCoreApplication::sendEvent(QObject * receiver, QEvent * event) Line 215 + 0x53 bytes C++