Details
-
Bug
-
Resolution: Fixed
-
P1: Critical
-
None
-
5.12.4, 5.15.2
-
None
Description
We get regular crash reports from outside when our application is run with the software renderer enabled.
Could it happen that QSGSoftwareInternalImageNode::m_texture can somehow become an invalid pointer? It doesn't look like it's nullptr because that would be handled just fine.
Last change in this method was for QTBUG-64562.
const QPixmap &QSGSoftwareInternalImageNode::pixmap() const { // >> crashes in this qobject_cast // Either this is invalid (don't think so) or m_texture is if (QSGSoftwarePixmapTexture *pt = qobject_cast<QSGSoftwarePixmapTexture*>(m_texture)) return pt->pixmap(); if (QSGSoftwareLayer *layer = qobject_cast<QSGSoftwareLayer*>(m_texture)) return layer->pixmap(); Q_ASSERT(m_texture == nullptr); static const QPixmap nullPixmap; return nullPixmap; }
Thread 0 (crashed) 0 0x0 eip = 0x00000000 esp = 0x01cfca6c ebp = 0x0f9a8468 ebx = 0x0fadf2a8 esi = 0x60db4234 edi = 0x0f543e68 eax = 0x0f543e08 ecx = 0x0f543e68 edx = 0x0fadf2c0 efl = 0x00010202 Found by: given as instruction pointer in context 1 Qt5Core.dll!QMetaObject::cast(QObject *) [qmetaobject.cpp : 363 + 0xa] eip = 0x5f727d72 esp = 0x01cfca70 ebp = 0x0f9a8468 Found by: stack scanning 2 Qt5Quick.dll!QSGSoftwareInternalImageNode::pixmap() [qsgsoftwareinternalimagenode.cpp : 497 + 0x11] eip = 0x60c3c4c4 esp = 0x01cfca7c ebp = 0x0f9a8468 Found by: call frame info 3 Qt5Quick.dll!QSGSoftwareRenderableNode::update() [qsgsoftwarerenderablenode.cpp : 155 + 0x8] eip = 0x60c432c7 esp = 0x01cfca88 ebp = 0x0f9a8468 Found by: call frame info 4 Qt5Quick.dll!QSGSoftwareRenderableNode::setTransform(QTransform const &) [qsgsoftwarerenderablenode.cpp : 368 + 0x7] eip = 0x60c43079 esp = 0x01cfcb3c ebp = 0x0f9a8468 Found by: call frame info 5 Qt5Quick.dll!QSGSoftwareRenderableNodeUpdater::visit(QSGInternalImageNode *) [qsgsoftwarerenderablenodeupdater.cpp : 140 + 0x41] eip = 0x60c44ee3 esp = 0x01cfcb48 ebp = 0x0f9a8468 Found by: call frame info 6 Qt5Quick.dll!QSGInternalImageNode::accept(QSGNodeVisitorEx *) [qsgadaptationlayer_p.h : 170 + 0x12] eip = 0x60be4042 esp = 0x01cfcbcc ebp = 0x0f9a8468 Found by: call frame info 7 Qt5Quick.dll!QSGNodeVisitorEx::visitChildren(QSGNode *) [qsgadaptationlayer.cpp : 494 + 0x8] eip = 0x60c15c04 esp = 0x01cfcbdc ebp = 0x0f9a8468 Found by: call frame info 8 Qt5Quick.dll!QSGNodeVisitorEx::visitChildren(QSGNode *) [qsgadaptationlayer.cpp : 487 + 0x8] eip = 0x60c15be9 esp = 0x01cfcbec ebp = 0x0f9a8468 Found by: call frame info 9 Qt5Quick.dll!QSGNodeVisitorEx::visitChildren(QSGNode *) [qsgadaptationlayer.cpp : 480 + 0x8] eip = 0x60c15bc6 esp = 0x01cfcbfc ebp = 0x0f9a8468 Found by: call frame info 10 Qt5Quick.dll!QSGNodeVisitorEx::visitChildren(QSGNode *) [qsgadaptationlayer.cpp : 473 + 0x8] eip = 0x60c15ba3 esp = 0x01cfcc0c ebp = 0x0f9a8468 Found by: call frame info 11 Qt5Quick.dll!QSGNodeVisitorEx::visitChildren(QSGNode *) [qsgadaptationlayer.cpp : 480 + 0x8] eip = 0x60c15bc6 esp = 0x01cfcc1c ebp = 0x0f9a8468 Found by: call frame info 12 Qt5Quick.dll!QSGNodeVisitorEx::visitChildren(QSGNode *) [qsgadaptationlayer.cpp : 480 + 0x8] eip = 0x60c15bc6 esp = 0x01cfcc2c ebp = 0x0f9a8468 Found by: call frame info 13 Qt5Quick.dll!QSGSoftwareRenderableNodeUpdater::updateNodes(QSGNode *,bool) [qsgsoftwarerenderablenodeupdater.cpp : 251 + 0x8] eip = 0x60c448c8 esp = 0x01cfcc3c ebp = 0x0f9a8468 Found by: call frame info 14 Qt5Quick.dll!QSGAbstractSoftwareRenderer::nodeMatrixUpdated(QSGNode *) [qsgabstractsoftwarerenderer.cpp : 323 + 0x11] eip = 0x60c3a7af esp = 0x01cfccc0 ebp = 0x0f9a8468 Found by: call frame info 15 Qt5Quick.dll!QSGAbstractSoftwareRenderer::nodeChanged(QSGNode *,QFlags<QSGNode::DirtyStateBit>) [qsgabstractsoftwarerenderer.cpp : 104 + 0x8] eip = 0x60c3a49f esp = 0x01cfcce4 ebp = 0x0f9a8468 Found by: call frame info 16 Qt5Quick.dll!QSGRootNode::notifyNodeChange(QSGNode *,QFlags<QSGNode::DirtyStateBit>) [qsgnode.cpp : 1280 + 0x15] eip = 0x60bfb705 esp = 0x01cfccf4 ebp = 0x0f9a8468 Found by: call frame info 17 Qt5Quick.dll!QSGNode::markDirty(QFlags<QSGNode::DirtyStateBit>) [qsgnode.cpp : 674 + 0xc] eip = 0x60bfb6bb esp = 0x01cfcd0c ebp = 0x0f9a8468 Found by: call frame info 18 Qt5Quick.dll!QSGTransformNode::setMatrix(QMatrix4x4 const &) [qsgnode.cpp : 1203 + 0x33] eip = 0x60bfbb67 esp = 0x01cfcd24 ebp = 0x0f9a8468 Found by: call frame info 19 Qt5Quick.dll!QQuickWindowPrivate::updateDirtyNode(QQuickItem *) [qquickwindow.cpp : 3348 + 0x37] eip = 0x60c7a6d2 esp = 0x01cfcd2c ebp = 0x0f9a8468 Found by: call frame info 20 Qt5Quick.dll!QQuickWindowPrivate::updateDirtyNodes() [qquickwindow.cpp : 3269 + 0xa] eip = 0x60c7b1a8 esp = 0x01cfce0c ebp = 0x0f9a8468 Found by: call frame info 21 Qt5Quick.dll!QQuickWindowPrivate::syncSceneGraph() [qquickwindow.cpp : 437 + 0x7] eip = 0x60c79e70 esp = 0x01cfce54 ebp = 0x0f9a8468 Found by: call frame info 22 Qt5Quick.dll!QSGSoftwareRenderLoop::renderWindow(QQuickWindow *,bool) [qsgsoftwarerenderloop.cpp : 153 + 0x7] eip = 0x60c4621b esp = 0x01cfce68 ebp = 0x0f9a8468 Found by: call frame info 23 Qt5Quick.dll!QSGSoftwareRenderLoop::exposureChanged(QQuickWindow *) [qsgsoftwarerenderloop.cpp : 215 + 0x10] eip = 0x60c45cce esp = 0x01cfcf38 ebp = 0x01cfd630 Found by: call frame info 24 Qt5Gui.dll!QWindow::event(QEvent *) [qwindow.cpp : 2315 + 0x8] eip = 0x5fadc105 esp = 0x01cfcf48 ebp = 0x01cfd630 Found by: call frame info 25 Qt5Quick.dll!QQuickWindow::event(QEvent *) [qquickwindow.cpp : 1687 + 0x9] eip = 0x60c742be esp = 0x01cfcf70 ebp = 0x01cfd630 Found by: call frame info 26 ctimon.exe!MainWindow::event(QEvent *) [mainwindow.cpp : 966 + 0x9] eip = 0x01350272 esp = 0x01cfcfb0 ebp = 0x01cfd630 Found by: call frame info 27 Qt5Widgets.dll!QApplication::notify(QObject *,QEvent *) [qapplication.cpp : 3692 + 0xb] eip = 0x5fff38fe esp = 0x01cfd008 ebp = 0x01cfcfb8 Found by: call frame info with scanning