qt5.cr icon indicating copy to clipboard operation
qt5.cr copied to clipboard
verified publisher icon Papierkorb

SEGV in operator delete() after DeferredDelete event

Open byteit101 opened this issue 5 years ago • 1 comments

Setup

require "qt5"
qApp = Qt::Application.new
mwin = Qt::MainWindow.new
mwin.resize(1200,600)
class TestDelegate < Qt::StyledItemDelegate
	def initialize()
		super(nil)
	end
	def create_editor(parent, view, index)
		@avoidgc = edit = Qt::DateTimeEdit.new(parent)
		edit.display_format = "yyyy-MM-dd"
		edit.calendar_popup = true
		return edit
	end
end
centralwidget = Qt::Widget.new(mwin)
gridLayout = Qt::GridLayout.new(centralwidget)
tableWidget = Qt::TableWidget.new(centralwidget)
tableWidget.row_count = 3
tableWidget.column_count = 3

tableWidget.item_delegate = lavoidgc = TestDelegate.new
		
gridLayout.add_widget(tableWidget, 0, 0, 1, 1)
mwin.central_widget = centralwidget
mwin.show
Qt::Application.exec

Steps

  1. Use my PR with TableWidget: #38
  2. Compile & run the code
  3. Edit any cell
  4. Press enter/click off to accept the value
  5. Boom!

Output

free(): invalid pointer

Thread 1 "demo" received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50	../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  0x00007ffff65267bb in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007ffff6511535 in __GI_abort () at abort.c:79
#2  0x00007ffff6568508 in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7ffff667328d "%s\n") at ../sysdeps/posix/libc_fatal.c:181
#3  0x00007ffff656ec1a in malloc_printerr (str=str@entry=0x7ffff667143b "free(): invalid pointer") at malloc.c:5341
#4  0x00007ffff657042c in _int_free (av=<optimized out>, p=<optimized out>, have_lock=<optimized out>) at malloc.c:4165
#5  0x00005555558f25c4 in BgInherit_DateTimeEdit::~BgInherit_DateTimeEdit() (this=0x7ffff3680d80, __in_chrg=<optimized out>) at qt_binding_linux-gnu-x86_64-qt5.11.cpp:10895
#6  0x00007ffff7b73090 in QObject::event(QEvent*) (this=0x7ffff3680d80, e=<optimized out>) at kernel/qobject.cpp:1242
#7  0x00007ffff6e9a96b in QWidget::event(QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#8  0x00007ffff6ff0409 in QAbstractSpinBox::event(QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#9  0x00007ffff6f69c09 in QDateTimeEdit::event(QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#10 0x00005555558a3ccb in BgInherit_DateTimeEdit::event(QEvent*) (this=0x7ffff3680d80, event=0x55555613eb00) at qt_binding_linux-gnu-x86_64-qt5.11.cpp:10957
#11 0x00007ffff6e5c4c1 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#12 0x00007ffff6e63970 in QApplication::notify(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#13 0x00005555558b1a62 in BgInherit_Application::notify(QObject*, QEvent*) (this=0x7ffff367bf80, unnamed_arg_0=0x7ffff3680d80, unnamed_arg_1=0x55555613eb00) at qt_binding_linux-gnu-x86_64-qt5.11.cpp:19551
#14 0x00007ffff7b49489 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (receiver=0x7ffff3680d80, event=0x55555613eb00)
    at ../../include/QtCore/5.11.3/QtCore/private/../../../../../src/corelib/thread/qthread_p.h:307
#15 0x00007ffff7b4c46b in QCoreApplication::sendEvent(QObject*, QEvent*) (event=0x55555613eb00, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:234
#16 0x00007ffff7b4c46b in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (receiver=0x0, event_type=0, data=0x555555c53db0) at kernel/qcoreapplication.cpp:1744
#17 0x00007ffff7b9b103 in postEventSourceDispatch(GSource*, GSourceFunc, gpointer) (s=0x555555e7f2f0) at kernel/qeventdispatcher_glib.cpp:276
#18 0x00007ffff5cc1f2e in g_main_dispatch (context=0x7fffe8004ff0) at ../../../glib/gmain.c:3182
#19 0x00007ffff5cc1f2e in g_main_context_dispatch (context=context@entry=0x7fffe8004ff0) at ../../../glib/gmain.c:3847
#20 0x00007ffff5cc21c8 in g_main_context_iterate (context=context@entry=0x7fffe8004ff0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../../../glib/gmain.c:3920
#21 0x00007ffff5cc225c in g_main_context_iteration (context=0x7fffe8004ff0, may_block=may_block@entry=1) at ../../../glib/gmain.c:3981
#22 0x00007ffff7b9a727 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x555555e7f2d0, flags=...) at kernel/qeventdispatcher_glib.cpp:422
#23 0x00007fffeea70491 in  () at /usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5
#24 0x00007ffff7b4815b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=this@entry=0x7fffffffd750, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:140
#25 0x00007ffff7b50132 in QCoreApplication::exec() () at ../../include/QtCore/../../src/corelib/global/qflags.h:120
#26 0x0000555555808c94 in bg_QApplication_exec_STATIC_() () at qt_binding_linux-gnu-x86_64-qt5.11.cpp:19803
#27 0x00005555557bc516 in exec () at ./demo/lib/qt5/src/qt5/binding/binding_linux-gnu-x86_64-qt5.11.cr:25578
#28 0x0000555555739b4d in __crystal_main () at ./demo/src/main.cr:36
#29 0x00005555557e2f46 in main_user_code () at /usr/share/crystal/src/crystal/main.cr:105
#30 0x00005555557e2db5 in main () at /usr/share/crystal/src/crystal/main.cr:91
#31 0x0000555555744d16 in main () at /usr/share/crystal/src/crystal/main.cr:114

Note that frame 5 is in a call to operator delete(void*)@plt

(gdb) x/30i 0x00005555558f25b8
   0x5555558f25b8 <BgInherit_DateTimeEdit::~BgInherit_DateTimeEdit()+24>:	mov    -0x8(%rbp),%rax
   0x5555558f25bc <BgInherit_DateTimeEdit::~BgInherit_DateTimeEdit()+28>:	mov    %rax,%rdi
   0x5555558f25bf <BgInherit_DateTimeEdit::~BgInherit_DateTimeEdit()+31>:	callq  0x555555729e30 <_ZdlPv@plt>
=> 0x5555558f25c4 <BgInherit_DateTimeEdit::~BgInherit_DateTimeEdit()+36>:	leaveq 
   0x5555558f25c5 <BgInherit_DateTimeEdit::~BgInherit_DateTimeEdit()+37>:	retq

The QT event on frame 6 is 52 (DeferredDelete)

byteit101 avatar Oct 26 '20 01:10 byteit101

Note that changing the first two lines to

require "Qt4"
qApp = Qt::Application.new []

plus changing create_editor to createEditor and running under qtbindings and ruby 2.5 worked, so I'm fairly confident this is a qt5.cr issue

byteit101 avatar Oct 27 '20 00:10 byteit101