Bad object in juce::ComponentPeer::handleMovedOrResized


#1

Has anyone else seen this?

I have a rare but annoying crash in my application. It occurs very occasionally when the mouse gets moved. The actual failure occurs in juce::ComponentPeer::handleMovedOrResized at the line:

    const bool nowMinimised = isMinimised();

The __vfptr is 0xfeeefeee (ie. it looks like it is uninitialized). Things then collapse in a heap (scuse the pun) as the dereference is attempted.

The immediate root of the problem appears to come from juce::Win32ComponentPeer::windowProc.

    static LRESULT CALLBACK windowProc (HWND h, UINT message, WPARAM wParam, LPARAM lParam)
    {
        Win32ComponentPeer* const peer = getOwnerOfWindow (h);

        if (peer != 0)
        {
            jassert (isValidPeer (peer));
            return peer->peerWindowProc (h, message, wParam, lParam);
        }

        return DefWindowProcW (h, message, wParam, lParam);
    }

The value for ‘peer’ appears to be a valid pointer, albeit the contents are all 0xfeeefeee - uninitialized?

The ‘isValidPeer’ test does not catch this condition.

In a specific case, h = 0x001a13c6
peer = 0x025524b8
peer->hwnd = 0xfeeefeee

Any and all help appreciated.

Thanks in anticipation

  Don

#2

A value of 0xfeeefeee indicates memory that has been freed.


#3

…which is interesting. No windows/components are be being created or destroyed when this happens - but it may be a clue.

Cheers
Don


#4

That should be impossible - it looks like the peer is a dangling pointer, but once a peer has been deleted, isValidPeer() will definitely return false (there’s a static list of valid peers, and they get removed from the list during their destructor). Never seen it myself, but let me know if you can find any more clues or ways to make it happen.


#5

Roger. Wilco.

Don