Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-106357

crash in QIntrusiveListNode::remove() when pinch-zooming in QtPDF on iOS

    XMLWordPrintable

Details

    • 88aff6f851 (qt/qtdeclarative/dev) 793e19da03 (qt/qtdeclarative/6.4) c5e7d26580 (qt/qtdeclarative/6.4.0) 793e19da03 (qt/tqtc-qtdeclarative/6.4) c5e7d26580 (qt/tqtc-qtdeclarative/6.4.0)

    Description

      1  QIntrusiveListNode::remove()                                                                                                                                                                                                                                                                                                                                                                                 qintrusivelist_p.h                                                                                                                                                             228  0x1043bc718 
      2  QIntrusiveList<QQuickPixmap, &(QQuickPixmap::dataListNode)>::remove(QQuickPixmap *)                                                                                                                                                                                                                                                                                                                          qintrusivelist_p.h                                                                                                                                                             164  0x103544f34 
      3  QQuickPixmap::loadImageFromDevice(QQmlEngine *, QIODevice *, QUrl const&, QRect const&, QSize const&, QQuickImageProviderOptions const&, int, int)::$_2::operator()() const                                                                                                                                                                                                                                  qquickpixmapcache.cpp                                                                                                                                                          1765 0x1035579c0 
      4  QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, QQuickPixmap::loadImageFromDevice(QQmlEngine *, QIODevice *, QUrl const&, QRect const&, QSize const&, QQuickImageProviderOptions const&, int, int)::$_2>::call(QQuickPixmap::loadImageFromDevice(QQmlEngine *, QIODevice *, QUrl const&, QRect const&, QSize const&, QQuickImageProviderOptions const&, int, int)::$_2&, void * *) qobjectdefs_impl.h                                                                                                                                                             127  0x10355797c 
      5  void QtPrivate::Functor<QQuickPixmap::loadImageFromDevice(QQmlEngine *, QIODevice *, QUrl const&, QRect const&, QSize const&, QQuickImageProviderOptions const&, int, int)::$_2, 0>::call<QtPrivate::List<>, void>(QQuickPixmap::loadImageFromDevice(QQmlEngine *, QIODevice *, QUrl const&, QRect const&, QSize const&, QQuickImageProviderOptions const&, int, int)::$_2&, void *, void * *)               qobjectdefs_impl.h                                                                                                                                                             241  0x103557928 
      6  QtPrivate::QFunctorSlotObject<QQuickPixmap::loadImageFromDevice(QQmlEngine *, QIODevice *, QUrl const&, QRect const&, QSize const&, QQuickImageProviderOptions const&, int, int)::$_2, 0, QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase *, QObject *, void * *, bool *)                                                                                                                     qobjectdefs_impl.h                                                                                                                                                             408  0x1035578c4 
      7  QtPrivate::QSlotObjectBase::call(QObject *, void * *)                                                                                                                                                                                                                                                                                                                                                        qobjectdefs_impl.h                                                                                                                                                             363  0x1021514c8 
      8  void doActivate<false>(QObject *, int, void * *)                                                                                                                                                                                                                                                                                                                                                             qobject.cpp                                                                                                                                                                    3972 0x10215a778 
      9  QMetaObject::activate(QObject *, QMetaObject const *, int, void * *)                                                                                                                                                                                                                                                                                                                                         qobject.cpp                                                                                                                                                                    4032 0x102159504 
      10 QQuickPixmapReply::finished()                                                                                                                                                                                                                                                                                                                                                                                qquickpixmapcache.moc                                                                                                                                                          175  0x1035441c8 
      11 QQuickPixmapReply::event(QEvent *)                                                                                                                                                                                                                                                                                                                                                                           qquickpixmapcache.cpp                                                                                                                                                          1250 0x103544484 
      12 QCoreApplicationPrivate::notify_helper(QObject *, QEvent *)                                                                                                                                                                                                                                                                                                                                                  qcoreapplication.cpp                                                                                                                                                           1193 0x1020dbbd0 
      13 doNotify(QObject *, QEvent *)                                                                                                                                                                                                                                                                                                                                                                                qcoreapplication.cpp                                                                                                                                                           1122 0x1020db5f4 
      14 QCoreApplication::notify(QObject *, QEvent *)                                                                                                                                                                                                                                                                                                                                                                qcoreapplication.cpp                                                                                                                                                           1105 0x1020db6e8 
      15 QGuiApplication::notify(QObject *, QEvent *)                                                                                                                                                                                                                                                                                                                                                                 qguiapplication.cpp                                                                                                                                                            1928 0x1038d6584 
      16 QCoreApplication::notifyInternal2(QObject *, QEvent *)                                                                                                                                                                                                                                                                                                                                                       qcoreapplication.cpp                                                                                                                                                           1026 0x1020db46c 
      17 QCoreApplication::sendEvent(QObject *, QEvent *)                                                                                                                                                                                                                                                                                                                                                             qcoreapplication.cpp                                                                                                                                                           1442 0x1020dc258 
      18 QCoreApplicationPrivate::sendPostedEvents(QObject *, int, QThreadData *)                                                                                                                                                                                                                                                                                                                                     qcoreapplication.cpp                                                                                                                                                           1804 0x1020dd240 
      19 QCoreApplication::sendPostedEvents(QObject *, int)                                                                                                                                                                                                                                                                                                                                                           qcoreapplication.cpp                                                                                                                                                           1663 0x1020dc068 
      20 QEventDispatcherCoreFoundation::processPostedEvents()                                                                                                                                                                                                                                                                                                                                                        qeventdispatcher_cf.mm                                                                                                                                                         395  0x102308d6c 
      21 QIOSEventDispatcher::processPostedEvents()                                                                                                                                                                                                                                                                                                                                                                   qioseventdispatcher.mm                                                                                                                                                         436  0x1028700e8 
      22 RunLoopSource<QEventDispatcherCoreFoundation>::process(void *)                                                                                                                                                                                                                                                                                                                                               qeventdispatcher_cf_p.h                                                                                                                                                        111  0x10230cdc8 
      23 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__                                                                                                                                                                                                                                                                                                                                                   (arm64e) /Users/rutledge/Library/Developer/Xcode/iOS DeviceSupport/15.4.1 (19E258) arm64e/Symbols/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation                 0x194623f04 
      24 __CFRunLoopDoSource0                                                                                                                                                                                                                                                                                                                                                                                         (arm64e) /Users/rutledge/Library/Developer/Xcode/iOS DeviceSupport/15.4.1 (19E258) arm64e/Symbols/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation                 0x194634c90 
      25 __CFRunLoopDoSources0                                                                                                                                                                                                                                                                                                                                                                                        (arm64e) /Users/rutledge/Library/Developer/Xcode/iOS DeviceSupport/15.4.1 (19E258) arm64e/Symbols/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation                 0x19456e184 
      26 __CFRunLoopRun                                                                                                                                                                                                                                                                                                                                                                                               (arm64e) /Users/rutledge/Library/Developer/Xcode/iOS DeviceSupport/15.4.1 (19E258) arm64e/Symbols/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation                 0x194573b4c 
      27 CFRunLoopRunSpecific                                                                                                                                                                                                                                                                                                                                                                                         (arm64e) /Users/rutledge/Library/Developer/Xcode/iOS DeviceSupport/15.4.1 (19E258) arm64e/Symbols/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation                 0x1945876b8 
      28 GSEventRunModal                                                                                                                                                                                                                                                                                                                                                                                              (arm64e) /Users/rutledge/Library/Developer/Xcode/iOS DeviceSupport/15.4.1 (19E258) arm64e/Symbols/System/Library/PrivateFrameworks/GraphicsServices.framework/GraphicsServices      0x1b0621374 
      29 -[UIApplication _run]                                                                                                                                                                                                                                                                                                                                                                                        (arm64e) /Users/rutledge/Library/Developer/Xcode/iOS DeviceSupport/15.4.1 (19E258) arm64e/Symbols/System/Library/PrivateFrameworks/UIKitCore.framework/UIKitCore                    0x196eece88 
      30 UIApplicationMain                                                                                                                                                                                                                                                                                                                                                                                            (arm64e) /Users/rutledge/Library/Developer/Xcode/iOS DeviceSupport/15.4.1 (19E258) arm64e/Symbols/System/Library/PrivateFrameworks/UIKitCore.framework/UIKitCore                    0x196c6e5ec 
      31 qt_main_wrapper                                                                                                                                                                                                                                                                                                                                                                                              qioseventdispatcher.mm                                                                                                                                                         206  0x10286e7b8 
      32 start                                                                                                                                                                                                                                                                                                                                                                                                        (arm64e) /Users/rutledge/Library/Developer/Xcode/iOS DeviceSupport/15.4.1 (19E258) arm64e/Symbols/usr/lib/dyld                                                                      0x10b48dce4 
      
      void QIntrusiveListNode::remove()
      {
          if (_prev) *_prev = _next;
          if (_next) _next->_prev = _prev; // <-- here
          _prev = nullptr;
          _next = nullptr;
      }
      

      But _next is not null.

      Called from

              if (oldD) {
                  QObject::connect(d->reply, &QQuickPixmapReply::finished, [oldD, this]() {
                      oldD->declarativePixmaps.remove(this);
                      oldD->release();
                  });
              }
      

      Maybe it's in a worker thread.

      Attachments

        For Gerrit Dashboard: QTBUG-106357
        # Subject Branch Project Status CR V

        Activity

          People

            srutledg Shawn Rutledge
            srutledg Shawn Rutledge
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes