Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-38313

Windows: Exit crash of Quick2 applications on QFontEngine::clearGlyphCache()

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P1: Critical
    • 5.3.1
    • 5.3.0 Beta1
    • GUI: Font handling, Quick: SceneGraph
    • None
    • Windows 8.1, Mac OS X 10.9
    • 6e9b406fefe7fe3147587d573f1763c906682f5e

    Description

      We use QQuickView in QWindowContainer.
      And get crash on application close.
      (Seems it's use after free of QFontEngine)

      Backtrace:

      .  0  Id: 3e8.704 Suspend: 1 Teb: 7f28e000 Unfrozen
ChildEBP RetAddr  
008af3f8 523832b0 Qt5Guid!QGenericAtomicOps<QAtomicOpsBySize<4> >::load<int>(int * _q_value = 0x00000008)+0x6 [d:\opt\qt5\qtbase\src\corelib\thread\qgenericatomic.h @ 98]
008af408 52383171 Qt5Guid!QBasicAtomicInteger<int>::load(void)+0x10 [d:\opt\qt5\qtbase\src\corelib\thread\qbasicatomic.h @ 124]
008af41c 5243a956 Qt5Guid!QtPrivate::RefCount::isShared(void)+0x11 [d:\opt\qt5\qtbase\src\corelib\tools\qrefcount.h @ 97]
008af42c 524d1fcf Qt5Guid!QLinkedList<QFontEngine::GlyphCacheEntry>::detach(void)+0x16 [d:\opt\qt5\qtbase\src\corelib\tools\qlinkedlist.h @ 107]
008af438 524c9608 Qt5Guid!QLinkedList<QFontEngine::GlyphCacheEntry>::begin(void)+0xf [d:\opt\qt5\qtbase\src\corelib\tools\qlinkedlist.h @ 191]
008af454 58d480cf Qt5Guid!QFontEngine::clearGlyphCache(void * key = 0x0406ee90)+0x18 [d:\opt\qt5\qtbase\src\gui\text\qfontengine.cpp @ 948]
008af498 58d7d30b Qt5Quickd!QSGRenderContext::invalidate(void)+0xcf [d:\opt\qt5\qtdeclarative\src\quick\scenegraph\qsgcontext.cpp @ 496]
008af4b4 58dab98d Qt5Quickd!QSGWindowsRenderLoop::windowDestroyed(class QQuickWindow * window = 0x02fad5a0)+0x4b [d:\opt\qt5\qtdeclarative\src\quick\scenegraph\qsgwindowsrenderloop.cpp @ 275]
008af4ec 58ea0487 Qt5Quickd!QQuickWindow::~QQuickWindow(void)+0x8d [d:\opt\qt5\qtdeclarative\src\quick\items\qquickwindow.cpp @ 1089]
008af508 009cbe07 Qt5Quickd!QQuickView::~QQuickView(void)+0x77 [d:\opt\qt5\qtdeclarative\src\quick\items\qquickview.cpp @ 236]
008af524 009cbe7f demo!FormQuickView::~FormQuickView(void)+0x57
008af530 567fdb73 demo!FormQuickView::`scalar deleting destructor'(void)+0xf
008af550 567fe6cd Qt5Widgetsd!QWindowContainer::~QWindowContainer(void)+0x53 [d:\opt\qt5\qtbase\src\widgets\kernel\qwindowcontainer.cpp @ 216]
008af55c 51e3f059 Qt5Widgetsd!QWindowContainer::`vector deleting destructor'(void)+0x4d
008af580 567b547b Qt5Cored!QObjectPrivate::deleteChildren(void)+0xc9 [d:\opt\qt5\qtbase\src\corelib\kernel\qobject.cpp @ 1935]
008af64c 009bdf10 Qt5Widgetsd!QWidget::~QWidget(void)+0x72b [d:\opt\qt5\qtbase\src\widgets\kernel\qwidget.cpp @ 1492]
008af658 51e3f059 demo!QWidget::`scalar deleting destructor'(void)+0x10
008af67c 567b547b Qt5Cored!QObjectPrivate::deleteChildren(void)+0xc9 [d:\opt\qt5\qtbase\src\corelib\kernel\qobject.cpp @ 1935]
008af748 56948462 Qt5Widgetsd!QWidget::~QWidget(void)+0x72b [d:\opt\qt5\qtbase\src\widgets\kernel\qwidget.cpp @ 1492]
008af754 009bdae0 Qt5Widgetsd!QMainWindow::~QMainWindow(void)+0x22 [d:\opt\qt5\qtbase\src\widgets\widgets\qmainwindow.cpp @ 388]
008af760 009bdc4f demo!EditorWindow::~EditorWindow(void)+0x10
008af76c 009a8a24 demo!EditorWindow::`scalar deleting destructor'(void)+0xf
008af798 0091fc52 demo!DemoEditor::~DemoEditor(void)+0x64 [demoeditor.cpp @ 27]
008af8f4 00a241ba demo!main(int argc = 0n12, char ** argv = 0x00bc4840)+0x2c2 [main.cpp @ 230]
008af91c 00a235af demo!WinMain(struct HINSTANCE__ * instance = 0x00900000, struct HINSTANCE__ * prevInstance = 0x00000000, char * __formal = 0x00bb34c2 ""-qmljsdebugger=port:38831,block"", int cmdShow = 0n10)+0x7a [d:\opt\qt5\qtbase\src\winmain\qtmain_win.cpp @ 131]
008af980 00a2336d demo!__tmainCRTStartup(void)+0x23f [f:\dd\vctools\crt\crtw32\dllstuff\crtexe.c @ 618]
008af988 75e51793 demo!WinMainCRTStartup(void)+0xd [f:\dd\vctools\crt\crtw32\dllstuff\crtexe.c @ 466]
WARNING: Stack unwind information not available. Following frames may be wrong.
008af994 77cac206 KERNEL32!BaseThreadInitThunk+0x12
008af9d8 77cac1df ntdll!RtlCreateMemoryZone+0xc2
008af9e8 00000000 ntdll!RtlCreateMemoryZone+0x9b

      Attachments

        For Gerrit Dashboard: QTBUG-38313
        # Subject Branch Project Status CR V
        86155,2 Fix crash in QSGRenderContext::invalidate(). stable qt/qtdeclarative Status: MERGED +2 0

        Activity

          People

            ylopes Yoann Lopes
            nodir.temir Nodir Temirkhodjaev
            Votes:
            3 Vote for this issue
            Watchers:
            11 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes