Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-45093

NULL dereference in QWidgetPrivate::drawWidget

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P1: Critical
    • None
    • 5.4.1
    • Widgets: Main Window
    • None
    • Linux 64 bit, opensuse precompiled libs.

    Description

      When changing the display setup (e.g. turning off external monitor), my Qt5 app (psi-plus) crashes like this:
      #0 operator& (f=Qt::WindowType_Mask, this=<error reading variable: Cannot access memory at address 0x28>) at ../../src/corelib/global/qflags.h:136
      #1 windowType (this=<optimized out>) at kernel/qwidget.h:744
      #2 isWindow (this=0x0) at kernel/qwidget.h:752
      #3 QWidgetPrivate::drawWidget (this=this@entry=0x3386860, pdev=pdev@entry=0x32f0f50, rgn=..., offset=..., flags=flags@entry=4, sharedPainter=sharedPainter@entry=0x0, backingStore=backingStore@entry=0x3475c40)
      at kernel/qwidget.cpp:5541
      #4 0x00007fc88660903c in QWidgetPrivate::paintSiblingsRecursive (this=this@entry=0x332f090, pdev=pdev@entry=0x32f0f50, siblings=..., index=<optimized out>, rgn=..., offset=..., flags=flags@entry=4,
      sharedPainter=sharedPainter@entry=0x0, backingStore=backingStore@entry=0x3475c40) at kernel/qwidget.cpp:5732
      #5 0x00007fc886607ff6 in QWidgetPrivate::drawWidget (this=0x332f090, pdev=0x32f0f50, rgn=..., offset=..., flags=flags@entry=5, sharedPainter=sharedPainter@entry=0x0, backingStore=backingStore@entry=0x3475c40)
      at kernel/qwidget.cpp:5589
      #6 0x00007fc8865db6cf in QWidgetBackingStore::doSync (this=this@entry=0x3475c40) at kernel/qwidgetbackingstore.cpp:1230
      #7 0x00007fc8865db934 in QWidgetBackingStore::sync (this=0x3475c40) at kernel/qwidgetbackingstore.cpp:1036
      #8 0x00007fc8865fad7f in QWidgetPrivate::syncBackingStore (this=this@entry=0x332f090) at kernel/qwidget.cpp:1886
      #9 0x00007fc88660df54 in QWidget::event (this=0x33cca70, event=0x7fff65784fd0) at kernel/qwidget.cpp:8961
      #10 0x00007fc8865ceb5c in QApplicationPrivate::notify_helper (this=this@entry=0x2136eb0, receiver=receiver@entry=0x33cca70, e=e@entry=0x7fff65784fd0) at kernel/qapplication.cpp:3720
      #11 0x00007fc8865d3a26 in QApplication::notify (this=0x7fff65785fc0, receiver=0x33cca70, e=0x7fff65784fd0) at kernel/qapplication.cpp:3503
      #12 0x00000000006947b1 in PsiApplication::notify (this=0x7fff65785fc0, receiver=0x33cca70, event=0x7fff65784fd0) at psiapplication.cpp:399
      #13 0x00007fc882985f45 in QCoreApplication::notifyInternal (this=0x7fff65785fc0, receiver=receiver@entry=0x33cca70, event=event@entry=0x7fff65784fd0) at kernel/qcoreapplication.cpp:935
      #14 0x00007fc8865dc9df in sendEvent (event=0x7fff65784fd0, receiver=0x33cca70) at ../../src/corelib/kernel/qcoreapplication.h:228
      #15 QWidgetBackingStore::sendUpdateRequest (this=<optimized out>, widget=0x33cca70, updateTime=<optimized out>) at kernel/qwidgetbackingstore.cpp:456
      #16 0x00007fc8865dd4f5 in QWidgetBackingStore::markDirty (this=0x3475c40, rect=..., widget=<optimized out>, updateTime=updateTime@entry=QWidgetBackingStore::UpdateNow,
      bufferState=bufferState@entry=QWidgetBackingStore::BufferInvalid) at kernel/qwidgetbackingstore.cpp:639
      #17 0x00007fc88662502c in QWidgetWindow::repaintWindow (this=0x33e2cc0) at kernel/qwidgetwindow.cpp:656
      #18 0x00007fc8829b57c1 in QMetaObject::activate (sender=sender@entry=0x33e2cc0, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fff65785240) at kernel/qobject.cpp:3716
      #19 0x00007fc8829b5de7 in QMetaObject::activate (sender=sender@entry=0x33e2cc0, m=m@entry=0x7fc883ee2d20 <QWindow::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fff65785240)
      at kernel/qobject.cpp:3582
      #20 0x00007fc8838d41ef in QWindow::screenChanged (this=this@entry=0x33e2cc0, _t1=_t1@entry=0x0) at .moc/moc_qwindow.cpp:626
      #21 0x00007fc8838d4815 in QWindowPrivate::emitScreenChangedRecursion (this=this@entry=0x33e28d0, newScreen=newScreen@entry=0x0) at kernel/qwindow.cpp:366
      #22 0x00007fc8838d7aa3 in QWindowPrivate::setTopLevelScreen (this=0x33e28d0, newScreen=0x0, recreate=<optimized out>) at kernel/qwindow.cpp:387
      #23 0x00007fc8838d7c31 in QWindow::screenDestroyed (this=0x33e2cc0, object=0x34c3550) at kernel/qwindow.cpp:1713
      #24 0x00007fc8829b523f in call (a=0x7fff65785490, r=0x33e2cc0, this=0x33823f0) at ../../src/corelib/kernel/qobject_impl.h:124
      #25 QMetaObject::activate (sender=sender@entry=0x34c3550, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fff65785490) at kernel/qobject.cpp:3702
      #26 0x00007fc8829b5de7 in QMetaObject::activate (sender=sender@entry=0x34c3550, m=m@entry=0x7fc882dbde80 <QObject::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fff65785490)
      at kernel/qobject.cpp:3582
      #27 0x00007fc8829b5e7f in QObject::destroyed (this=this@entry=0x34c3550, _t1=_t1@entry=0x34c3550) at .moc/moc_qobject.cpp:206
      #28 0x00007fc8829be078 in QObject::~QObject (this=0x34c3550, __in_chrg=<optimized out>) at kernel/qobject.cpp:903
      #29 0x00007fc8838f6559 in QScreen::~QScreen (this=0x34c3550, __in_chrg=<optimized out>) at kernel/qscreen.cpp:77
      #30 0x00007fc8838bf2aa in QPlatformScreen::~QPlatformScreen (this=0x34e9cd0, __in_chrg=<optimized out>) at kernel/qplatformscreen.cpp:57
      #31 0x00007fc8721d8fa9 in QXcbScreen::~QXcbScreen (this=0x34e9cd0, __in_chrg=<optimized out>) at qxcbscreen.cpp:222
      #32 0x00007fc8721cc319 in QXcbConnection::updateScreens (this=this@entry=0x2144000) at qxcbconnection.cpp:286
      #33 0x00007fc8721cceda in QXcbConnection::handleXcbEvent (this=this@entry=0x2144000, event=event@entry=0x7fc8680064a0) at qxcbconnection.cpp:961
      #34 0x00007fc8721ce09b in QXcbConnection::processXcbEvents (this=0x2144000) at qxcbconnection.cpp:1303
      #35 0x00007fc8829b65c6 in QObject::event (this=0x2144000, e=<optimized out>) at kernel/qobject.cpp:1245
      #36 0x00007fc8865ceb5c in QApplicationPrivate::notify_helper (this=this@entry=0x2136eb0, receiver=receiver@entry=0x2144000, e=e@entry=0x7fc868003d70) at kernel/qapplication.cpp:3720
      #37 0x00007fc8865d3a26 in QApplication::notify (this=0x7fff65785fc0, receiver=0x2144000, e=0x7fc868003d70) at kernel/qapplication.cpp:3503
      #38 0x00000000006947b1 in PsiApplication::notify (this=0x7fff65785fc0, receiver=0x2144000, event=0x7fc868003d70) at psiapplication.cpp:399
      #39 0x00007fc882985f45 in QCoreApplication::notifyInternal (this=0x7fff65785fc0, receiver=0x2144000, event=event@entry=0x7fc868003d70) at kernel/qcoreapplication.cpp:935
      #40 0x00007fc882987ddf in sendEvent (event=0x7fc868003d70, receiver=<optimized out>) at kernel/qcoreapplication.h:228
      #41 QCoreApplicationPrivate::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=0x2135720) at kernel/qcoreapplication.cpp:1552
      #42 0x00007fc882988418 in QCoreApplication::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0) at kernel/qcoreapplication.cpp:1410
      #43 0x00007fc8829dde13 in postEventSourceDispatch (s=0x217c9b0) at kernel/qeventdispatcher_glib.cpp:271
      #44 0x00007fc88054ba04 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0
      #45 0x00007fc88054bc48 in ?? () from /usr/lib64/libglib-2.0.so.0
      #46 0x00007fc88054bcec in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0
      #47 0x00007fc8829dd28c in QEventDispatcherGlib::processEvents (this=0x216b350, flags=...) at kernel/qeventdispatcher_glib.cpp:418
      #48 0x00007fc882983e9b in QEventLoop::exec (this=this@entry=0x7fff65785ef0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:204
      #49 0x00007fc88298b526 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1188
      #50 0x00000000008dfddb in main (argc=1, argv=0x7fff657861a8) at main.cpp:624

      That perhaps means, that q->nativeParentWidget() returns NULL in kernel/qwidget.cpp:5541:

      5536 //actually send the paint event
      5537 sendPaintEvent(toBePainted);
      5538 }
      5539
      5540 // Native widgets need to be marked dirty on screen so painting will be done in correct context
      5541 if (backingStore && !onScreen && !asRoot && (q->internalWinId() || !q->nativeParentWidget()->isWindow()))
      5542 backingStore->markDirtyOnScreen(toBePainted, q, offset);
      5543
      5544 //restore
      5545 if (paintEngine) {

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-42985 Qt GUI application disappear or crash when no screens are available

          • P1: Critical - Urgent and Important, will STOP the release if matched with set FixVersion field. This includes regressions from the last version that are not edge cases; Data loss; Build issues; All but the most unlikely crashes/lockups/hanging; Serious usability issues and embarrassing bugs & Bugs critical to a deliverable. This is the highest possible priority for requirements.
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              srutledg Shawn Rutledge
              jirislaby Jiri Slaby
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes