Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-49061

QString static finalization SEGFAULT with use of QStringLiteral

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P3: Somewhat important
    • 5.8.0
    • 5.5.1
    • Core: Plugins
    • None
    • Qt 5.5
    • 494376f980e96339b6f1eff7c41336ca4d853065

    Description

      In LXQt we were facing a SEGFAULT in static finalization time (in QString destructor). Finaly we've got through to this scenario:

      • dynamicaly loaded library lib2 uses library lib1 by passing it QString& constructed by QStringLiteral
      • library lib1 stores the (copy of) passed QString in static container
      • after application termination the program crashes in static finalization of library lib1

      Test case is attached (together with cmake build instructions) -> the code is simple:

      buglib1.cpp
      #include <QString>

static QString static_storage;

void buglib1_call(QString const & str)
{
    static_storage = str;
}
      buglib2.cpp
      #include <QString>

extern void buglib1_call(QString const & str);

extern "C"
{
void buglib2_call()
{
    buglib1_call(QStringLiteral("test"));
}
}
      main.cpp
      #include <dlfcn.h>
#include <iostream>

typedef void func_t();
int main(int argc, char * argv[])
{
    void * h = dlopen("./libbuglib2.so", RTLD_LAZY);
    if (nullptr == h)
    {
        std::cerr << dlerror() << std::endl;
        return 1;
    }

    func_t * fun = reinterpret_cast<func_t *>(dlsym(h, "buglib2_call"));
    if (nullptr == fun)
    {
        std::cerr << dlerror() << std::endl;
        return 1;
    }

    (*fun)();

    dlclose(h);
    return 0;
}

      This is the backtrace of crash:

      #0  0x00007f44533fdf84 in QGenericAtomicOps<QBasicAtomicOps<4> >::load<int> (_q_value=@0x7f444ee18178: <error reading variable>) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qgenericatomic.h:90
#1  QBasicAtomicInteger<int>::load (this=0x7f444ee18178) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qbasicatomic.h:118
#2  0x00007f44533fdec9 in QtPrivate::RefCount::deref (this=0x7f444ee18178) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qrefcount.h:60
#3  0x00007f44533fde7f in QString::~QString (this=0x7f44535fe5e0 <static_storage>) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qstring.h:1053
#4  0x00007f445211ef4f in __cxa_finalize (d=0x7f44535fe5c8) at cxa_finalize.c:56
#5  0x00007f44533fddb3 in __do_global_dtors_aux () from /home/palco/work/oss/qstring_bug/build/libbuglib1.so
#6  0x00007ffc17b4f720 in ?? ()
#7  0x00007f445360e01a in _dl_fini () at dl-fini.c:252

      This seems to be a bug in the QString copy/move (over)optimization and/or the QPluginLoader (we are observing this behaviour in libraries loaded by QPluginLoader).

      Attachments

        1. plugin_report.tar
          10 kB
        2. report.tar
          10 kB

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-62625 App crashes on termination if a font is loaded by unloaded library

          • Not Evaluated - Not yet evaluated/prioritized
          • Closed
          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-49792 QStringLiteral iniside a Plugin crashes after the plugin was unloaded

          • Not Evaluated - Not yet evaluated/prioritized
          • Closed
          replaces

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-50829 Segfault during application's exit with static QIcon instances due to a QIconEngine plugin being unloaded too early

          • Not Evaluated - Not yet evaluated/prioritized
          • Closed

          Activity

            People

              thiago Thiago Macieira
              palinek Palo Kisa
              Votes:
              2 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: