Details
-
Bug
-
Resolution: Done
-
P1: Critical
-
4.7.1
-
None
-
ARM embedded (QWS) -- produced on ARM7 OMAP and ARM9 S3C chips
-
c30714122c58a3dc6fd8401427da60c4afc4127b 45bd1e737f2f76bbc9943995734c6ecb0a23935b
Description
Using Qt embedded on ARM, creating a QGraphicsEllipseItem with a rect that is very big (seems to be upwards of 1,000,000 units) and then calling contains() with a large-valued point causes a segmentation fault.
QGraphicsEllipseItem *el = new QGraphicsEllipseItem(); el->setRect(-5000.0, -5000.0, 1500000.0, 1500000.0); if (el->contains(QPointF(1100000.35, 1098000.2))) { std::cout << "contains the point\n"; } else { std::cout << "does not contain the point\n"; }
Note that the same code appears to work fine on x86 and produces correct results, but on ARM (have tried on an ARM7 OMAP, an ARM9 S3C series, and on the qemu emulations of both of these) it results in a longer than usual wait followed by a segfault. Also, changing the coordinate values to smaller numbers immediately results in correct and error-free behaviour.
I attached gdb to the crashing process:
Program terminated with signal 11, Segmentation fault. #0 QBezier::bounds (this=0x40000068) at painting/qbezier.cpp:231 #1 0x4231ca5c in qt_painterpath_isect_curve (bezier=..., pt=..., winding=0x4007f054) at painting/qpainterpath.cpp:1696 #2 0x4231cbd4 in qt_painterpath_isect_curve (bezier=..., pt=..., winding=0x4007f054) at painting/qpainterpath.cpp:1720 #3 0x4231cbe4 in qt_painterpath_isect_curve (bezier=..., pt=..., winding=0x4007f054) at painting/qpainterpath.cpp:1721 #4 0x4231cbd4 in qt_painterpath_isect_curve (bezier=..., pt=..., winding=0x4007f054) at painting/qpainterpath.cpp:1720
It continues like this for over 4,000 frames, alternating between lines 1721 and 1720 within qpainterpath.cpp
... #4064 0x4231cbd4 in qt_painterpath_isect_curve (bezier=..., pt=..., winding=0x4007f054) at painting/qpainterpath.cpp:1720 #4065 0x4231dce0 in QPainterPath::contains (this=<value optimized out>, pt=...) at painting/qpainterpath.cpp:1765 #4066 0x427dfd68 in QGraphicsItem::contains (this=0x1d880, point=...) at graphicsview/qgraphicsitem.cpp:4941