Last active
June 21, 2021 13:24
-
-
Save Martchus/e526dc09c81bc48770af9ebb8844460b to your computer and use it in GitHub Desktop.
Qt Gui/Svg crash with GCC 11.1 and mingw-w64 9.0.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <QGuiApplication> | |
| #include <QSvgRenderer> | |
| #include <QPainter> | |
| #include <QPixmap> | |
| #include <QtPlugin> | |
| Q_IMPORT_PLUGIN(QWindowsIntegrationPlugin) | |
| // code which crashes with a build of Qt 5.15.2+kde+r196-1 or Qt 6.1.1 compiled using GCC 11.1 and mingw-w64 9.0.0: | |
| int main(int argc, char *argv[]) | |
| { | |
| const auto application = QGuiApplication(argc, const_cast<char **>(argv)); | |
| const auto data2 = QByteArray("<svg xmlns=\"http://www.w3.org/2000/svg\" viewBox=\"0 0 496 512\"><path fill=\"#000000\" d=\"M336.5 160C322 70.7 287.8 8 248 8s-74 62.7-88.5 152h177zM152 256c0 22.2 1.2 43.5 3.3 64h185.3c2.1-20.5 3.3-41.8 3.3-64s-1.2-43.5-3.3-64H155. 3c-2.1 20.5-3.3 41.8-3.3 64zm324.7-96c-28.6-67.9-86.5-120.4-158-141.6 24.4 33.8 41.2 84.7 50 141.6h108zM177.2 18.4C105.8 39.6 47.8 92.1 19.3 160h108c8.7-56.9 25.5-107.8 49.9-141.6zM487.4 192H372.7c2.1 21 3.3 42.5 3.3 64s-1.2 43-3.3 64h1 14.6c5.5-20.5 8.6-41.8 8.6-64s-3.1-43.5-8.5-64zM120 256c0-21.5 1.2-43 3.3-64H8.6C3.2 212.5 0 233.8 0 256s3.2 43.5 8.6 64h114.6c-2-21-3.2-42.5-3.2-64zm39.5 96c14.5 89.3 48.7 152 88.5 152s74-62.7 88.5-152h-177zm159.3 141.6c71.4-21.2 129.4 -73.7 158-141.6h-108c-8.8 56.9-25.6 107.8-50 141.6zM19.3 352c28.6 67.9 86.5 120.4 158 141.6-24.4-33.8-41.2-84.7-50-141.6h-108z\"/></svg>"); | |
| auto renderer = QSvgRenderer(data2); | |
| auto pm = QPixmap(QSize(64, 64)); | |
| pm.fill(QColor(Qt::transparent)); | |
| auto painter = QPainter(&pm); | |
| renderer.render(&painter); | |
| return 0; | |
| } | |
| // - When going back to a previous build of Qt compiled using GCC 10.2.0 and mingw-w64 8.0.0 (Qt 5.15.2+kde+r172-1 or Qt 6.1.0) the crash | |
| // is no longer reproducible. (The application itself can still be compiled with the latest GCC/mingw-w64.) | |
| // - FreeType2 and Harfbuzz haven't changed. (I'm noting that because the backtrace ends within FreeType2 functions.) | |
| // - The problem is only reproducible when targeting x86_64-w64-mingw32, not when targeting i686-w64-mingw32 or x86_64-pc-linux-gnu. | |
| // compiler invocation under GNU/Linux for using a static Qt build (similar flags were also used when compiling Qt itself): | |
| /* | |
| x86_64-w64-mingw32-g++ -isystem /usr/x86_64-w64-mingw32/static/include/qt6 -isystem /usr/x86_64-w64-mingw32/static/include/qt6/QtGui -isystem /usr/x86_64-w64-mingw32/static/include/qt6/QtGui/6.1.1 -isystem /usr/x86_64-w64-mingw32/static/include/qt6/QtSvg -isystem /usr/x86_64-w64-mingw32/static/include/qt6/QtSvg/6.1.1 -isystem /usr/x86_64-w64-mingw32/static/include/qt6/QtCore -D_FORTIFY_SOURCE=2 -D_FORTIFY_SOURCE=2 -D_FORTIFY_SOURCE=2 -O2 -pipe -fno-plt -fexceptions --param=ssp-buffer-size=4 -Wl,-O1,--sort-common,--as-needed -fstack-protector -static -static-libgcc -static-libstdc++ -mwindows -o svg-crash.exe -Wl,--major-image-version,0,--minor-image-version,0 main.cpp /usr/x86_64-w64-mingw32/static/lib/qt6/plugins/platforms/libqwindows.a /usr/x86_64-w64-mingw32/static/lib/objects-Release/QWindowsIntegrationPlugin_resources_1/.rcc/qrc_openglblacklists.cpp.obj /usr/x86_64-w64-mingw32/static/lib/objects-Release/QWindowsIntegrationPlugin_resources_2/.rcc/qrc_cursors.cpp.obj /usr/x86_64-w64-mingw32/static/lib/libQt6Svg.a /usr/x86_64-w64-mingw32/static/lib/libQt6Gui.a /usr/x86_64-w64-mingw32/static/lib/libQt6Core.a -lpng /usr/x86_64-w64-mingw32/static/lib/libQt6EntryPoint.a -liconv -lssl -lcrypto -lzstd -lz -lbcrypt -ldnsapi -liphlpapi -lcrypt32 -limm32 -loleaut32 -lwtsapi32 /usr/x86_64-w64-mingw32/static/lib/libQt6OpenGL.a -ljpeg -ldwmapi -luxtheme -ld3d11 -ldxgi -ldxguid -lglib-2.0 -lintl -lshlwapi -lm -lharfbuzz -lgraphite2 -lfreetype -lharfbuzz -lfreetype -lbz2 -ld2d1 -ldwrite -lmpr -luserenv -lnetapi32 -lole32 -luser32 -luuid -lversion -lws2_32 -lwinmm -lpcre2-16 -lmingw32 -lshell32 -lkernel32 -luser32 -lgdi32 -lwinspool -lcomdlg32 -ladvapi32 | |
| */ | |
| // - The GCC 10.2.0 and mingw-w64 8.0.0 build used the same flags so a change of the flags doesn't make a difference. | |
| // - Likely the problem is also reproducible when compiling under Windows. | |
| // backtrace (produced using gdb under Windows) | |
| /* | |
| $ /mingw64/bin/gdb.exe /z/svg-crash/svg-crash.exe | |
| GNU gdb (GDB) 10.2 | |
| Copyright (C) 2021 Free Software Foundation, Inc. | |
| License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> | |
| This is free software: you are free to change and redistribute it. | |
| There is NO WARRANTY, to the extent permitted by law. | |
| Type "show copying" and "show warranty" for details. | |
| This GDB was configured as "x86_64-w64-mingw32". | |
| Type "show configuration" for configuration details. | |
| For bug reporting instructions, please see: | |
| <https://www.gnu.org/software/gdb/bugs/>. | |
| Find the GDB manual and other documentation resources online at: | |
| <http://www.gnu.org/software/gdb/documentation/>. | |
| For help, type "help". | |
| Type "apropos word" to search for commands related to "word"... | |
| Reading symbols from //192.168.2.3/build/svg-crash/svg-crash.exe... | |
| (gdb) start | |
| Temporary breakpoint 1 at 0xe4c251 | |
| Starting program: \\192.168.2.3\build\svg-crash\svg-crash.exe | |
| [New Thread 10216.0x2bbc] | |
| [New Thread 10216.0x1bb8] | |
| [New Thread 10216.0x938] | |
| Thread 1 hit Temporary breakpoint 1, 0x0000000000e4c251 in main () | |
| (gdb) bt | |
| #0 0x0000000000e4c251 in main () | |
| (gdb) c | |
| Continuing. | |
| [New Thread 10216.0x2540] | |
| [New Thread 10216.0x257c] | |
| gdb: unknown target exception 0xc0000028 at 0x7ff829572346 | |
| Thread 1 received signal ?, Unknown signal. | |
| 0x00007ff829572346 in ntdll!RtlRaiseStatus () | |
| from C:\WINDOWS\SYSTEM32\ntdll.dll | |
| (gdb) bt | |
| #0 0x00007ff829572346 in ntdll!RtlRaiseStatus () | |
| from C:\WINDOWS\SYSTEM32\ntdll.dll | |
| #1 0x00007ff8294a0bb3 in ntdll!RtlUnwindEx () | |
| from C:\WINDOWS\SYSTEM32\ntdll.dll | |
| #2 0x00007ff828322eed in msvcrt!_setjmpex () | |
| from C:\WINDOWS\System32\msvcrt.dll | |
| #3 0x0000000000e3c110 in gray_record_cell () | |
| #4 0x0000000000e3d334 in gray_render_scanline () | |
| #5 0x0000000000e3c970 in gray_render_line () | |
| #6 0x0000000000e3b94f in gray_convert_glyph_inner.constprop () | |
| #7 0x0000000000e3b507 in gray_convert_glyph () | |
| #8 0x0000000000a5ec92 in QRasterPaintEnginePrivate::rasterize(QT_FT_Outline_*, void (*)(int, QT_FT_Span_ const*, void*), void*, QRasterBuffer*) () | |
| #9 0x0000000000951608 in QRasterPaintEngine::fill(QVectorPath const&, QBrush const&) () | |
| #10 0x000000000082edbd in QPaintEngineEx::draw(QVectorPath const&) () | |
| #11 0x0000000000b5dcb7 in QSvgPath::draw(QPainter*, QSvgExtraStates&) () | |
| #12 0x00000000008a37cb in QSvgTinyDocument::draw(QPainter*, QRectF const&) () | |
| #13 0x00000000008a35a6 in QSvgTinyDocument::draw(QPainter*) () | |
| #14 0x0000000000e4c2fe in main () | |
| (gdb) | |
| */ | |
| // backtrace (produced using WINE) | |
| /* | |
| U nhandled exception: 0xc0000029 in 6*4-bit code (0x000000007bc26e98). | |
| Register dump: | |
| rip:000000007bc26e98 rsp:0000000001e3c620 rbp:0000000001e3c780 eflags:00000202 ( - -- I - - - ) | |
| rax:000000000000004d rbx:0000000001e3c640 rcx:0000000001e3c640 rdx:0000000001e3d2c0 | |
| rsi:0000000001e3fc70 rdi:0000000001e3fc70 r8:0000000000000000 r9:0000000001e3c304 r10:0000000001e3c303 | |
| r11:0000000000000246 r12:000000007bc618f0 r13:0000000001e3d2c0 r14:0000000001e3c870 r15:0000000001e3fea0 | |
| Stack dump: | |
| 0x0000000001e3c620: 0000000001e3c640 0000000000000024 | |
| 0x0000000001e3c630: 00000000021a8c30 0000000001e3c780 | |
| 0x0000000001e3c640: 00000001c0000029 0000000001e3d2c0 | |
| 0x0000000001e3c650: 000000007bc26e98 0000000000000000 | |
| 0x0000000001e3c660: 0000000001e3d2c0 0000000001e3c870 | |
| 0x0000000001e3c670: 0000000001e3fea0 000000007bc51e56 | |
| 0x0000000001e3c680: 002d003400000002 0000000000400000 | |
| 0x0000000001e3c690: 0000000000e4c2fe 000000000110a0b8 | |
| 0x0000000001e3c6a0: 0000000001e3c870 0000000001e3c7b8 | |
| 0x0000000001e3c6b0: 0000000001e3c798 0000000000000000 | |
| 0x0000000001e3c6c0: 0000000000000000 0000000000020560 | |
| 0x0000000001e3c6d0: 0000000001e3fea0 000000007bc618f0 | |
| Backtrace: | |
| =>0 0x000000007bc26e98 EntryPoint+0xffffffffffffffff() in ntdll (0x0000000001e3c780) | |
| 1 0x000000007bc5351e EntryPoint+0xffffffffffffffff() in ntdll (0x0000000001e3c780) | |
| 2 0x000000007bc5357f EntryPoint+0xffffffffffffffff() in ntdll (0x0000000000000014) | |
| 3 0x00000001c8dc73ea EntryPoint+0xfffae4c9() in msvcrt (0x0000000000000014) | |
| 4 0x0000000000e3c110 EntryPoint+0xa3ac4f() in svg-crash (0x0000000000000014) | |
| 5 0x0000000000e3d334 EntryPoint+0xa3be73() in svg-crash (0x0000000000000014) | |
| 6 0x0000000000e3c970 EntryPoint+0xa3b4af() in svg-crash (0x0000000000000000) | |
| 7 0x0000000000e3b94f EntryPoint+0xa3a48e() in svg-crash (0x0000000001e3d5a0) | |
| 8 0x0000000000e3b507 EntryPoint+0xa3a046() in svg-crash (0xaaaaaaaaaaaaaaab) | |
| 9 0x0000000000a5ec92 EntryPoint+0x65d7d1() in svg-crash (0x0000000001e3d850) | |
| 10 0x0000000000951608 EntryPoint+0x550147() in svg-crash (0x0000000000000001) | |
| 11 0x000000000082edbd EntryPoint+0x42d8fc() in svg-crash (0x0000000000000001) | |
| 12 0x0000000000b5dcb7 EntryPoint+0x75c7f6() in svg-crash (0x0000000000000001) | |
| 13 0x00000000008a37cb EntryPoint+0x4a230a() in svg-crash (0x0000000000000001) | |
| 14 0x00000000008a35a6 EntryPoint+0x4a20e5() in svg-crash (0x0000000000000001) | |
| 15 0x0000000000e4c2fe EntryPoint+0xa4ae3d() in svg-crash (0x0000000000000001) | |
| 16 0x00000000004013c1 EntryPoint+0xffffffffffffffff() in svg-crash (0x0000000000000001) | |
| 17 0x00000000004014d6 EntryPoint+0x15() in svg-crash (0x0000000000000000) | |
| 18 0x000000007b62c759 EntryPoint+0xffffffffffffffff() in kernel32 (0x0000000000000000) | |
| 19 0x000000007bc56613 EntryPoint+0xffffffffffffffff() in ntdll (0x0000000000000000) | |
| 0x000000007bc26e98 EntryPoint+0xffffffffffffffff in ntdll: jmp 0x000000007bc26e90 EntryPoint+0xffffffffffffffff | |
| Modules: | |
| Module Address Debug info Name (58 modules) | |
| PE 400000- 1c31000 Dwarf svg-crash | |
| PE 7b000000- 7b0d3000 Deferred kernelbase | |
| PE 7b600000- 7b812000 Export kernel32 | |
| PE 7bc00000- 7bc94000 Export ntdll | |
| PE 180000000- 1800ec000 Deferred ucrtbase | |
| PE 1c8b40000- 1c8b60000 Deferred msacm32 | |
| PE 1c8db0000- 1c8e43000 Export msvcrt | |
| PE 1cd360000- 1cd368000 Deferred api-ms-win-core-file-l1-1-0 | |
| PE 1d14b0000- 1d14b7000 Deferred api-ms-win-core-util-l1-1-0 | |
| PE 1d8e40000- 1d8e48000 Deferred api-ms-win-core-file-l1-2-0 | |
| PE 1d97a0000- 1d97a7000 Deferred api-ms-win-core-fibers-l1-1-1 | |
| PE 212bb0000- 212bb8000 Deferred api-ms-win-core-processthreads-l1-1-1 | |
| PE 216730000- 216737000 Deferred api-ms-win-core-handle-l1-1-0 | |
| PE 21a7e0000- 21a854000 Deferred setupapi | |
| PE 21b8f0000- 21b8f8000 Deferred api-ms-win-core-namedpipe-l1-1-0 | |
| PE 226310000- 226317000 Deferred api-ms-win-core-string-l1-1-0 | |
| PE 231ae0000- 231b62000 Deferred rpcrt4 | |
| PE 23d820000- 23da4a000 Deferred user32 | |
| PE 256480000- 256487000 Deferred api-ms-win-core-datetime-l1-1-0 | |
| PE 25d740000- 25d74e000 Deferred dwmapi | |
| PE 263a00000- 263a07000 Deferred api-ms-win-core-sysinfo-l1-1-0 | |
| PE 26b4c0000- 26b63f000 Deferred gdi32 | |
| PE 2739c0000- 273af1000 Deferred oleaut32 | |
| PE 280ce0000- 280ce7000 Deferred api-ms-win-core-interlocked-l1-1-0 | |
| PE 28d6c0000- 28d6c7000 Deferred api-ms-win-core-memory-l1-1-0 | |
| PE 29cfc0000- 29cfd5000 Deferred dnsapi | |
| PE 2a4090000- 2a409e000 Deferred wtsapi32 | |
| PE 2b8510000- 2b8522000 Deferred wintab32 | |
| PE 2d5140000- 2d5148000 Deferred api-ms-win-core-file-l2-1-0 | |
| PE 2e1360000- 2e1367000 Deferred api-ms-win-core-processenvironment-l1-1-0 | |
| PE 2e3540000- 2e3591000 Deferred shlwapi | |
| PE 2e8f10000- 2e9024000 Deferred ole32 | |
| PE 2f1fa0000- 2f1fad000 Deferred version | |
| PE 2fa6b0000- 2fa6b7000 Deferred api-ms-win-core-console-l1-1-0 | |
| PE 3001a0000- 3001a8000 Deferred api-ms-win-core-processthreads-l1-1-0 | |
| PE 306e10000- 306e18000 Deferred api-ms-win-core-timezone-l1-1-0 | |
| PE 30c980000- 30c988000 Deferred api-ms-win-core-synch-l1-2-0 | |
| PE 3126f0000- 312709000 Deferred shcore | |
| PE 327020000- 327072000 Deferred combase | |
| PE 32a700000- 32a728000 Deferred sechost | |
| PE 330260000- 33029f000 Deferred advapi32 | |
| PE 33a7c0000- 33a7c7000 Deferred api-ms-win-core-profile-l1-1-0 | |
| PE 33f0c0000- 33f0c8000 Deferred api-ms-win-core-heap-l1-1-0 | |
| PE 351680000- 351688000 Deferred api-ms-win-core-localization-l1-2-1 | |
| PE 353520000- 353528000 Deferred api-ms-win-core-localization-l1-2-0 | |
| PE 361450000- 361457000 Deferred api-ms-win-core-synch-l1-1-0 | |
| PE 3673d0000- 3673f7000 Deferred netapi32 | |
| PE 376c50000- 376c57000 Deferred api-ms-win-core-errorhandling-l1-1-0 | |
| PE 388e20000- 388e2e000 Deferred userenv | |
| PE 390d90000- 390d97000 Deferred api-ms-win-core-libraryloader-l1-1-0 | |
| PE 39cce0000- 39cce7000 Deferred api-ms-win-core-rtlsupport-l1-1-0 | |
| PE 3a2900000- 3a2907000 Deferred api-ms-win-core-debug-l1-1-0 | |
| PE 3afd00000- 3afd18000 Deferred imm32 | |
| PE 3b8f00000- 3b8fb6000 Deferred winmm | |
| PE 7f6d36420000- 7f6d36424000 Deferred winex11 | |
| PE 7f6d36c20000- 7f6d374f7000 Deferred shell32 | |
| PE 7f6d37630000- 7f6d37636000 Deferred ws2_32 | |
| PE 7f6d38550000- 7f6d38554000 Deferred iphlpapi | |
| Threads: | |
| process tid prio (all id:s are in hex) | |
| 00000020 start.exe | |
| 00000024 0 | |
| 00000038 services.exe | |
| 0000003c 0 | |
| 00000040 0 | |
| 0000004c 0 | |
| 00000050 0 | |
| 00000070 0 | |
| 00000088 0 | |
| 00000094 0 | |
| 000000c0 0 | |
| 000000d0 0 | |
| 000000e4 0 | |
| 00000044 winedevice.exe | |
| 00000048 0 | |
| 00000054 0 | |
| 00000058 0 | |
| 0000005c 0 | |
| 00000060 plugplay.exe | |
| 00000064 0 | |
| 00000074 0 | |
| 00000078 0 | |
| 0000007c 0 | |
| 000000a4 0 | |
| 000000a8 0 | |
| 00000068 explorer.exe | |
| 0000006c 0 | |
| 000000a0 0 | |
| 000000b8 0 | |
| 00000080 winedevice.exe | |
| 00000084 0 | |
| 0000008c 0 | |
| 00000090 0 | |
| 000000ac 0 | |
| 000000b0 0 | |
| 000000b4 0 | |
| 000000c4 0 | |
| 000000c8 svchost.exe | |
| 000000cc 0 | |
| 000000d4 0 | |
| 000000d8 0 | |
| 000000dc rpcss.exe | |
| 000000e0 0 | |
| 000000e8 0 | |
| 000000ec 0 | |
| 000000f0 0 | |
| 000000f4 0 | |
| 000000f8 0 | |
| 000000fc 0 | |
| 00000100 conhost.exe | |
| 00000104 0 | |
| 00000108 (D) Q:\build\qtcreator\svg-crash\svg-crash.exe | |
| 0000010c 0 <== | |
| 00000118 0 | |
| System information: | |
| Wine build: wine-6.10 | |
| Platform: x86_64 | |
| Version: Windows XP | |
| Host system: Linux | |
| Host version: 5.12.10-zen1-1-zen | |
| */ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment