Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-103775

Downstream crash when bad index passed to insert methods of QBoxLayout

    XMLWordPrintable

    Details

    • Commits:
      29176bf2f8 (qt/qtbase/dev) 29176bf2f8 (qt/tqtc-qtbase/dev) 8681466187 (qt/tqtc-qtbase/6.2) 020e6a2244 (qt/qtbase/6.4) 020e6a2244 (qt/tqtc-qtbase/6.4) e457aeec38 (qt/qtbase/dev) e457aeec38 (qt/tqtc-qtbase/dev) 8f0fa4c948 (qt/qtbase/6.4)

      Description

      In Qt 6, passing an invalid index (index > layout.count()) to QBoxLayout.insertWidget (or any of the other insert_Something_ methods) will result in a downstream crash. In Qt 5, the equivalent code doesn't crash and instead results in the widget being added to the end of layout. We've seen this crash using Qt 6.3 and 6.2.2 in C++ on Linux, Windows, and Mac, as well as in Python using either PySide 6 or PyQt 6.  I understand that passing an index larger than layout.count() is incorrect, but the fact that the crash occurs after the insertWidget call returns makes the crash particularly difficult to debug. Here's PySide code that will reproduce the crash:
      (Python is not required. The equivalent C++ code will also crash.)

      import PySide6
      from PySide6 import QtWidgets, QtCore
      
      print(f"{PySide6.__version__=}")
      print(f"{PySide6.QtCore.__version__=}")
      app = QtWidgets.QApplication([])
      widget = QtWidgets.QWidget()
      layout = QtWidgets.QHBoxLayout(widget)
      button = QtWidgets.QPushButton(widget)
      print("About to insert widget")
      wrong_index = 1
      layout.insertWidget(wrong_index, button)
      print("Successfully inserted widget")
      widget.show()
      print("About to exec")
      app.exec()
      print("Finished exec")
      

      This will print

      PySide6.__version__='6.3.0'
      PySide6.QtCore.__version__='6.3.0'
      About to insert widget
      Successfully inserted widget
      

      and the process will exit with error code -1073741819 (on Windows) without displaying button on the screen. Replacing wrong_index with a larger number (e.g. 9999) gives the same results. Replacing wrong_index with 0 allows the script to display the button and print out

      PySide6.__version__='6.3.0'
      PySide6.QtCore.__version__='6.3.0'
      About to insert widget
      Successfully inserted widget
      About to exec
      Finished exec
      

      The "Finished exec" isn't printed until I close the button window and the script exits with exit code 0. Keeping wrong_index at 1 (or 9999) but switching to Qt 5 also allows the script to display the button and print out

      PySide2.__version__='5.15.2'
      PySide2.QtCore.__version__='5.15.2'
      About to insert widget
      Successfully inserted widget
      About to exec
      Finished exec
      

      Again, the "Finished exec" isn't printed until I close the button window and the script exits with exit code 0.

        Attachments

          Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            Activity

              People

              Assignee:
              makummer Marcel Kummer
              Reporter:
              kevkeating Kevin Keating
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: