Details
Description
Consider a short-lived process that produces some output.
Start this process via QProcess and call waitForFinished.
Then the following can happen:
- in QProcessPrivate::waitForFinished WaitForSingleObject returns WAIT_OBJECT_0
- drainOutputPipes is called and returns.
- The QWindowsPipeReader objects are still active, because the pipe has not been closed yet.
- _q_processDied() is called, which calls cleanup(), which calls QWindowsPipeReader::stop()
- QWindowsPipeReader::stop() sets readSequenceStarted to false, but doesn't cancel the I/O operation (should it rather?)
- waitForFinished() returns
- The QProcess object is destroyed with all its children.
- QWindowsPipeReader with readSequenceStarted==false but an active I/O operation is destroyed.
- The OVERLAPPED object and the read buffer in QWindowsPipeReader is destroyed.
- The active I/O operation modifies the (now destroyed) OVERLAPPED object and, potentially, the read buffer. BAM! The heap is a mess.
This issue originates from QTCREATORBUG-13713.
We can only reproduce it on Windows 7.
Attachments
Issue Links
- replaces
-
QTCREATORBUG-13713 Crash in ProfileEvaluator::expandEnvVars
- Closed
For Gerrit Dashboard: QTBUG-45601 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
110534,8 | let QWindowsPipeReader::stop() cancel the current I/O operation | 5.4 | qt/qtbase | Status: MERGED | -2 | 0 |