Details
-
Bug
-
Resolution: Fixed
-
P1: Critical
-
None
-
6.7.2
-
None
-
All
Description
A crash can be triggered from QQuickShapeCurveRenderer::updateNode()
Backtrace:
(gdb) bt #0 0x00007fffeaab97a3 in qDeleteAll<QList<QSGCurveAbstractNode*>::const_iterator>(QList<QSGCurveAbstractNode*>::const_iterator, QList<QSGCurveAbstractNode*>::const_iterator) (end=..., begin=...) at /home/qt/work/install/include/QtCore/qalgorithms.h:27 #1 qDeleteAll<QList<QSGCurveAbstractNode*> >(QList<QSGCurveAbstractNode*> const&) (c=...) at /home/qt/work/install/include/QtCore/qalgorithms.h:35 #2 QQuickShapeCurveRenderer::updateNode() (this=0x55555d332fb0) at /home/qt/work/qt/qtdeclarative/src/quickshapes/qquickshapecurverenderer.cpp:420 #3 0x00007fffeaaa80c1 in QQuickShape::updatePaintNode(QSGNode*, QQuickItem::UpdatePaintNodeData*) (this=0x55555d5896c0, node=0x7fff64705e00) at /home/qt/work/qt/qtdeclarative/src/quickshapes/qquickshape.cpp:1184 #4 0x00007ffff7a90e60 in QQuickWindowPrivate::updateDirtyNode(QQuickItem*) (this=0x55555ca86200, item=0x55555d5896c0) at /home/qt/work/qt/qtdeclarative/src/quick/items/qquickwindow.cpp:2255 #5 0x00007ffff7a9177c in QQuickWindowPrivate::updateDirtyNodes() (this=this@entry=0x55555ca86200) at /home/qt/work/qt/qtdeclarative/src/quick/items/qquickwindow.cpp:1997 #6 0x00007ffff7a95214 in QQuickWindowPrivate::syncSceneGraph() (this=0x55555ca86200) at /home/qt/work/qt/qtdeclarative/src/quick/items/qquickwindow.cpp:573 #7 0x00007ffff7c7b031 in QSGRenderThread::sync(bool) (this=this@entry=0x7fffe40098d0, inExpose=inExpose@entry=false) at /home/qt/work/qt/qtdeclarative/src/quick/scenegraph/qsgthreadedrenderloop.cpp:552 #8 0x00007ffff7c7c5a4 in QSGRenderThread::syncAndRender() (this=0x7fffe40098d0) at /home/qt/work/qt/qtdeclarative/src/quick/scenegraph/qsgthreadedrenderloop.cpp:715 #9 0x00007ffff7c7d577 in QSGRenderThread::run() (this=0x7fffe40098d0) at /home/qt/work/qt/qtdeclarative/src/quick/scenegraph/qsgthreadedrenderloop.cpp:974 #10 0x00007ffff5efc66d in QThreadPrivate::start(void*) (arg=0x7fffe40098d0) at /home/qt/work/qt/qtbase/src/corelib/thread/qthread_unix.cpp:326 #11 0x00007ffff5494ac3 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442 #12 0x00007ffff5526850 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 (gdb) frame 2 #2 QQuickShapeCurveRenderer::updateNode (this=0x55555d332fb0) at /home/qt/work/qt/qtdeclarative/src/quickshapes/qquickshapecurverenderer.cpp:420 420 in /home/qt/work/qt/qtdeclarative/src/quickshapes/qquickshapecurverenderer.cpp (gdb) p m_paths $10 = {<QListSpecialMethods<QQuickShapeCurveRenderer::PathData>> = {<QListSpecialMethodsBase<QQuickShapeCurveRenderer::PathData>> = {<No data fields>}, <No data fields>}, d = {d = 0x55555c68d7a0, ptr = 0x55555c68d7b0, size = 1}} (gdb) p m_paths.d.ptr[0] $11 = {gradientType = QGradient::NoGradient, gradient = {stops = {<QListSpecialMethods<std::pair<double, QColor> >> = {<QListSpecialMethodsBase<std::pair<double, QColor> >> = {<No data fields>}, <No data fields>}, d = {d = 0x0, ptr = 0x0, size = 0}}, spread = QGradient::PadSpread, a = {xp = 0, yp = 0}, b = {xp = 0, yp = 0}, v0 = 8.0284999999999993, v1 = 11.945}, fillColor = {cspec = QColor::Rgb, ct = {argb = {alpha = 65535, red = 60652, green = 61166, blue = 63736, pad = 0}, ahsv = {alpha = 65535, hue = 60652, saturation = 61166, value = 63736, pad = 0}, acmyk = {alpha = 65535, cyan = 60652, magenta = 61166, yellow = 63736, black = 0}, ahsl = { alpha = 65535, hue = 60652, saturation = 61166, lightness = 63736, pad = 0}, argbExtended = {alphaF16 = 65535, redF16 = 60652, greenF16 = 61166, blueF16 = 63736, pad = 0}, array = {65535, 60652, 61166, 63736, 0}}}, fillRule = Qt::OddEvenFill, pen = {d = {d = 0x55555d32a890}}, validPenWidth = false, m_dirty = 0, pathHints = {i = 0}, originalPath = {d_ptr = {d = 0x55555d57ec80}}, path = {m_elements = {<QListSpecialMethods<QQuadPath::Element>> = {<QListSpecialMethodsBase<QQuadPath::Element>> = {<No data fields>}, <No data fields>}, d = {d = 0x55555cde3490, ptr = 0x55555cde34a0, size = 19}}, m_childElements = {<QListSpecialMethods<QQuadPath::Element>> = {<QListSpecialMethodsBase<QQuadPath::Element>> = {<No data fields>}, <No data fields>}, d = {d = 0x0, ptr = 0x0, size = 0}}, m_currentPoint = {v = {6.50001001, 6.44350004}}, m_subPathToStart = false, m_windingFill = false, m_hints = {i = 2}}, fillPath = { m_elements = {<QListSpecialMethods<QQuadPath::Element>> = {<QListSpecialMethodsBase<QQuadPath::Element>> = {<No data fields>}, <No data fields>}, d = {d = 0x55555cde1370, ptr = 0x55555cde1380, size = 19}}, m_childElements = {<QListSpecialMethods<QQuadPath::Element>> = {<QListSpecialMethodsBase<QQuadPath::Element>> = {<No data fields>}, <No data fields>}, d = {d = 0x0, ptr = 0x0, size = 0}}, m_currentPoint = {v = {6.50001001, 6.44350004}}, m_subPathToStart = false, m_windingFill = false, m_hints = {i = 98}}, strokePath = { m_elements = {<QListSpecialMethods<QQuadPath::Element>> = {<QListSpecialMethodsBase<QQuadPath::Element>> = {<No data fields>}, <No data fields>}, d = {d = 0x0, ptr = 0x0, size = 0}}, m_childElements = {<QListSpecialMethods<QQuadPath::Element>> = {<QListSpecialMethodsBase<QQuadPath::Element>> = {<No data fields>}, <No data fields>}, d = {d = 0x0, ptr = 0x0, size = 0}}, m_currentPoint = {v = {0, 0}}, m_subPathToStart = true, m_windingFill = false, m_hints = {i = 0}}, fillNodes = {<QListSpecialMethods<QSGCurveAbstractNode*>> = {<QListSpecialMethodsBase<QSGCurveAbstractNode*>> = {<No data fields>}, <No data fields>}, d = {d = 0x55555cdf6f70, ptr = 0x55555cdf6f80, size = 1}}, strokeNodes = {<QListSpecialMethods<QSGCurveAbstractNode*>> = {<QListSpecialMethodsBase<QSGCurveAbstractNode*>> = {<No data fields>}, <No data fields>}, d = {d = 0x0, ptr = 0x0, size = 0}}, currentRunner = 0x0}
QQuickShapeCurveRenderer::updateNode seems to assume there is always a strokeNode at line 372 while in this case there is a path without a stroke node.