slint Crash in the qt_viewer quiting

Crash in the qt_viewer quiting

Open ogoffart opened this issue 2 years ago • 3 comments

Reproduced on Linux C++ build, opening the fancy demo

==355214== Invalid read of size 8
==355214==    at 0x5EBE919: std::default_delete<QWidget>::operator()(QWidget*) const (unique_ptr.h:85)
==355214==    by 0x5EBDCB9: std::unique_ptr<QWidget, std::default_delete<QWidget> >::~unique_ptr() (unique_ptr.h:361)
==355214==    by 0x5EBC983: __cpp_destructor_12665555240224438248 (qt_window.rs:1235)
==355214==    by 0x5E64DEA: <i_slint_backend_qt::qt_window::QWidgetPtr as core::ops::drop::Drop>::drop (lib.rs:366)
==355214==    by 0x5E63ABA: core::ptr::drop_in_place<i_slint_backend_qt::qt_window::QWidgetPtr> (mod.rs:188)
==355214==    by 0x5E63A73: core::ptr::drop_in_place<i_slint_backend_qt::qt_window::QtWindow> (mod.rs:188)
==355214==    by 0x5F2EB3F: core::ptr::drop_in_place<dyn i_slint_core::window::PlatformWindow> (mod.rs:188)
==355214==    by 0x5F33E25: <alloc::rc::Rc<T> as core::ops::drop::Drop>::drop (rc.rs:1511)
==355214==    by 0x5F2F30A: core::ptr::drop_in_place<alloc::rc::Rc<dyn i_slint_core::window::PlatformWindow>> (mod.rs:188)
==355214==    by 0x5F2CBC2: core::ptr::drop_in_place<core::option::Option<alloc::rc::Rc<dyn i_slint_core::window::PlatformWindow>>> (mod.rs:188)
==355214==    by 0x5F2D12A: core::ptr::drop_in_place<core::cell::UnsafeCell<core::option::Option<alloc::rc::Rc<dyn i_slint_core::window::PlatformWindow>>>> (mod.rs:188)
==355214==    by 0x5F2CD7A: core::ptr::drop_in_place<once_cell::unsync::OnceCell<alloc::rc::Rc<dyn i_slint_core::window::PlatformWindow>>> (mod.rs:188)
==355214==  Address 0xb2508e0 is 0 bytes inside a block of size 48 free'd
==355214==    at 0x4848B6F: operator delete(void*, unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==355214==    by 0x5EBE822: SlintWidget::~SlintWidget() (qt_window.rs:74)
==355214==    by 0x76B7589: QObjectPrivate::deleteChildren() (in /usr/lib/libQt6Core.so.6.3.0)
==355214==    by 0x6807790: QWidget::~QWidget() (in /usr/lib/libQt6Widgets.so.6.3.0)
==355214==    by 0x68A09FD: QFrame::~QFrame() (in /usr/lib/libQt6Widgets.so.6.3.0)
==355214==    by 0x76B7589: QObjectPrivate::deleteChildren() (in /usr/lib/libQt6Core.so.6.3.0)
==355214==    by 0x6807790: QWidget::~QWidget() (in /usr/lib/libQt6Widgets.so.6.3.0)
==355214==    by 0x10CDD6: main (in /home/rust/sixtyfps/cppbuild_2/examples/qt_viewer/qt_viewer)
==355214==  Block was alloc'd at
==355214==    at 0x4846013: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==355214==    by 0x5EBDB3B: std::_MakeUniq<SlintWidget>::__single_object std::make_unique<SlintWidget>() (unique_ptr.h:962)
==355214==    by 0x5EBB4D5: __cpp_closure_18363416283276074912_impl() (qt_window.rs:1250)
==355214==    by 0x5EBB54B: __cpp_closure_18363416283276074912 (qt_window.rs:1255)
==355214==    by 0x5E8DD42: i_slint_backend_qt::qt_window::QtWindow::new (qt_window.rs:1248)
==355214==    by 0x5E7C92D: <i_slint_backend_qt::Backend as i_slint_core::backend::Backend>::create_window::{{closure}} (lib.rs:147)
==355214==    by 0x5E79033: i_slint_core::window::Window::new (window.rs:210)
==355214==    by 0x5E944DE: <i_slint_backend_qt::Backend as i_slint_core::backend::Backend>::create_window (lib.rs:147)
==355214==    by 0x4C1C3AA: slint_interpreter::dynamic_component::ComponentDescription::create (dynamic_component.rs:377)
==355214==    by 0x4C9AB2E: slint_interpreter::api::ComponentDefinition::create (api.rs:566)
==355214==    by 0x4B959C7: slint_interpreter_component_instance_create (ffi.rs:573)
==355214==    by 0x10EB26: slint::interpreter::ComponentDefinition::create() const (in /home/rust/sixtyfps/cppbuild_2/examples/qt_viewer/qt_viewer)

May 03 '22 09:05 ogoffart

The qt_viewer reparent the QWidget to anothe QWidget window which is on the stack. and closing the qt_viewer dostroy that widget (and hence the slint QWidget (SlintWidget) before the window is closed.) We probbly should do some cleanup in the ~SlintWidget destructor to avoid that.

May 03 '22 09:05 ogoffart

So the crash is worked around in the qt_viewer by commit 590ef33

The question is: is that something we should support? (destroying deleting QWidget* before destroying the Slint handle?)

May 03 '22 09:05 ogoffart

If this causes problems in the little apps we have right now, this will surely bite us or our users later when they build bigger things.

May 03 '22 15:05 hunger

Let's just say it's undefined behavior

Nov 29 '22 12:11 ogoffart

slint slint copied to clipboard

Crash in the qt_viewer quiting

slint
slint copied to clipboard