Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-19527

QtQuick2: BorderImage setting the borderImage top and bottom border properties to a combined total that exceeds the source image height triggers an exception

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P3: Somewhat important
    • 5.0.0
    • 5.0.0
    • QML: Declarative and Javascript Engine
    • None
    • Ubuntu x86_64-linux Qt 5 (12ffad0bb3f51a36c07c1cc6ed3a71ad3c0b5968)
      qtbase qtbase-staging
      qtquick2 qtdeclarative-staging
      configure -nokia-developer -qpa -no-webkit
    • I7cba15cc8ca4679d92f2e456ed95629702ea27a1

    Description

      To reproduce, use the attached example. Here is a crash dump:

      matthew@pindar:~/dev/qt5/qtbase$ qmlscene -platform xcb /home/matthew/dev/qt5/qtbase/tests/auto/scenegraph/suite/borderimage2/borderimage2.qml
      Qml debugging is enabled. Only use this in a safe environment!

      Information of screen 349:
      width.........: 3600
      height........: 1200
      depth.........: 24
      white pixel...: ffffff
      black pixel...: 0

      Running window manager: KWin
      created GL window: 102760450

          • glibc detected *** qmlscene: realloc(): invalid next size: 0x000000000080ff70 ***
            ======= Backtrace: =========
            /lib/x86_64-linux-gnu/libc.so.6(+0x76bb6)[0x7fcd6e207bb6]
            /lib/x86_64-linux-gnu/libc.so.6(+0x7b36b)[0x7fcd6e20c36b]
            /lib/x86_64-linux-gnu/libc.so.6(realloc+0xf9)[0x7fcd6e20db19]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtCore.so.5(_Z8qReallocPvm+0x23)[0x7fcd6f28925b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtCore.so.5(_ZN11QVectorData10reallocateEPS_iii+0x59)[0x7fcd6f2fedf1]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(+0x3f6c31)[0x7fcd723a9c31]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(+0x3f67eb)[0x7fcd723a97eb]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(+0x3f6529)[0x7fcd723a9529]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN17QSGMatrix4x4Stack4pushEv+0x36)[0x7fcd723a8f08]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater18enterTransformNodeEP16QSGTransformNode+0xb3)[0x7fcd723ae959]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor9visitNodeEP7QSGNode+0x71)[0x7fcd723abb81]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater9visitNodeEP7QSGNode+0xdd)[0x7fcd723aee2b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor13visitChildrenEP7QSGNode+0x57)[0x7fcd723abd6d]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater13visitChildrenEP7QSGNode+0x41)[0x7fcd723aed4b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor9visitNodeEP7QSGNode+0x202)[0x7fcd723abd12]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater9visitNodeEP7QSGNode+0xdd)[0x7fcd723aee2b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor13visitChildrenEP7QSGNode+0x57)[0x7fcd723abd6d]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater13visitChildrenEP7QSGNode+0x41)[0x7fcd723aed4b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor9visitNodeEP7QSGNode+0x8f)[0x7fcd723abb9f]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater9visitNodeEP7QSGNode+0xdd)[0x7fcd723aee2b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor13visitChildrenEP7QSGNode+0x57)[0x7fcd723abd6d]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater13visitChildrenEP7QSGNode+0x41)[0x7fcd723aed4b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor9visitNodeEP7QSGNode+0x202)[0x7fcd723abd12]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater9visitNodeEP7QSGNode+0xdd)[0x7fcd723aee2b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor13visitChildrenEP7QSGNode+0x57)[0x7fcd723abd6d]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater13visitChildrenEP7QSGNode+0x41)[0x7fcd723aed4b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor9visitNodeEP7QSGNode+0x8f)[0x7fcd723abb9f]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater9visitNodeEP7QSGNode+0xdd)[0x7fcd723aee2b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor13visitChildrenEP7QSGNode+0x57)[0x7fcd723abd6d]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater13visitChildrenEP7QSGNode+0x41)[0x7fcd723aed4b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor9visitNodeEP7QSGNode+0x202)[0x7fcd723abd12]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater9visitNodeEP7QSGNode+0xdd)[0x7fcd723aee2b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor13visitChildrenEP7QSGNode+0x57)[0x7fcd723abd6d]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater13visitChildrenEP7QSGNode+0x41)[0x7fcd723aed4b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor9visitNodeEP7QSGNode+0x8f)[0x7fcd723abb9f]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater9visitNodeEP7QSGNode+0xdd)[0x7fcd723aee2b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor13visitChildrenEP7QSGNode+0x57)[0x7fcd723abd6d]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater13visitChildrenEP7QSGNode+0x41)[0x7fcd723aed4b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeVisitor9visitNodeEP7QSGNode+0x202)[0x7fcd723abd12]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater9visitNodeEP7QSGNode+0xdd)[0x7fcd723aee2b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN14QSGNodeUpdater12updateStatesEP7QSGNode+0xaf)[0x7fcd723ae7d9]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN11QSGRenderer10preprocessEv+0x156)[0x7fcd723b0dfe]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN11QSGRenderer11renderSceneERK8Bindable+0x5b)[0x7fcd723b08cf]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN11QSGRenderer11renderSceneEv+0x2c)[0x7fcd723b0846]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN10QSGContext15renderNextFrameEv+0x4d)[0x7fcd723b9615]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(+0x4393b0)[0x7fcd723ec3b0]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN9QSGCanvas10paintEventEP11QPaintEvent+0xe5)[0x7fcd723ebb81]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN7QSGView10paintEventEP11QPaintEvent+0x59)[0x7fcd7247ec81]
            qmlscene[0x409d38]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtGui.so.5(_ZN7QWidget5eventEP6QEvent+0x8ec)[0x7fcd6fa7f0c8]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtOpenGL.so.5(_ZN9QGLWidget5eventEP6QEvent+0x23)[0x7fcd707db66d]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN9QSGCanvas5eventEP6QEvent+0x1e0)[0x7fcd723ef906]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtGui.so.5(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0x17c)[0x7fcd6fa1d70c]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtGui.so.5(_ZN12QApplication6notifyEP7QObjectP6QEvent+0x29a7)[0x7fcd6fa1d415]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtCore.so.5(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+0x9c)[0x7fcd6f3c03b6]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtGui.so.5(_ZN16QCoreApplication20sendSpontaneousEventEP7QObjectP6QEvent+0x51)[0x7fcd6fa1fc85]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtGui.so.5(_ZN14QWidgetPrivate10drawWidgetEP12QPaintDeviceRK7QRegionRK6QPointiP8QPainterP19QWidgetBackingStore+0x897)[0x7fcd6fa76f83]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtGui.so.5(_ZN14QWidgetPrivate11repaint_sysERK7QRegion+0x229)[0x7fcd6fc5cc6b]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtGui.so.5(_ZN14QWidgetPrivate16syncBackingStoreEv+0x37)[0x7fcd6fa6e173]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtGui.so.5(_ZN7QWidget5eventEP6QEvent+0xf02)[0x7fcd6fa7f6de]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtOpenGL.so.5(_ZN9QGLWidget5eventEP6QEvent+0x23)[0x7fcd707db66d]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtDeclarative.so.5(_ZN9QSGCanvas5eventEP6QEvent+0x1e0)[0x7fcd723ef906]
            /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtGui.so.5(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0x17c)[0x7fcd6fa1d70c]
            ======= Memory map: ========
            00400000-0040f000 r-xp 00000000 08:05 1990955 /home/matthew/dev/qt5/build-lighthouse/qtdeclarative/bin/qmlscene
            0060e000-0060f000 r--p 0000e000 08:05 1990955 /home/matthew/dev/qt5/build-lighthouse/qtdeclarative/bin/qmlscene
            0060f000-00610000 rw-p 0000f000 08:05 1990955 /home/matthew/dev/qt5/build-lighthouse/qtdeclarative/bin/qmlscene
            00660000-0083d000 rw-p 00000000 00:00 0 [heap]
            40204000-4027b000 rw-p 00000000 00:00 0
            7fcd60000000-7fcd60021000 rw-p 00000000 00:00 0
            7fcd60021000-7fcd64000000 ---p 00000000 00:00 0
            7fcd66577000-7fcd66777000 rw-s 03d24000 00:05 13792 /dev/nvidia0
            7fcd66777000-7fcd66877000 rw-s 828ff000 00:05 13792 /dev/nvidia0
            7fcd66877000-7fcd668b7000 rw-s 59fa9000 00:05 13792 /dev/nvidia0
            7fcd668b7000-7fcd668d7000 rw-s 64efd000 00:05 13792 /dev/nvidia0
            7fcd668d7000-7fcd66917000 rw-s 03d58000 00:05 13792 /dev/nvidia0
            7fcd66917000-7fcd66990000 rw-p 00000000 00:00 0
            7fcd66990000-7fcd669f0000 r-xp 00000000 08:01 5597612 /usr/lib/x86_64-linux-gnu/libtiff.so.4.3.3
            7fcd669f0000-7fcd66bf0000 ---p 00060000 08:01 5597612 /usr/lib/x86_64-linux-gnu/libtiff.so.4.3.3
            7fcd66bf0000-7fcd66bf2000 r--p 00060000 08:01 5597612 /usr/lib/x86_64-linux-gnu/libtiff.so.4.3.3
            7fcd66bf2000-7fcd66bf3000 rw-p 00062000 08:01 5597612 /usr/lib/x86_64-linux-gnu/libtiff.so.4.3.3
            7fcd66bf3000-7fcd66bfc000 r-xp 00000000 08:05 1583832 /home/matthew/dev/qt5/build-lighthouse/qtbase/plugins/imageformats/libqtiff.so
            7fcd66bfc000-7fcd66dfc000 ---p 00009000 08:05 1583832 /home/matthew/dev/qt5/build-lighthouse/qtbase/plugins/imageformats/libqtiff.so
            7fcd66dfc000-7fcd66dfd000 r--p 00009000 08:05 1583832 /home/matthew/dev/qt5/build-lighthouse/qtbase/plugins/imageformats/libqtiff.so
            7fcd66dfd000-7fcd66dfe000 rw-p 0000a000 08:05 1583832 /home/matthew/dev/qt5/build-lighthouse/qtbase/plugins/imageformats/libqtiff.so
            7fcd66dfe000-7fcd66e53000 r-xp 00000000 08:05 1583738 /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtXml.so.5.0.0
            7fcd66e53000-7fcd67053000 ---p 00055000 08:05 1583738 /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtXml.so.5.0.0
            7fcd67053000-7fcd67055000 r--p 00055000 08:05 1583738 /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtXml.so.5.0.0
            7fcd67055000-7fcd67056000 rw-p 00057000 08:05 1583738 /home/matthew/dev/qt5/build-lighthouse/qtbase/lib/libQtXml.so.5.0.0Aborted

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            bodson Yann Bodson (Inactive)
            cattell Matthew Cattell (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes