We need to delete the style returned from QStyleFactory::create()
ourselves, so put them into a QScopedPointer.
The alternative would have been to create this once, as a member
of tst_QWidget, but this is the minimal approach that ensures
behavior just as the old code, but without the leak.
Change-Id: I527f1031c57be6f05942f4acc057e7dae1af2571
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
As found by UBSan:
qstandardgestures.cpp:511:67: runtime error: downcast of address 0x7ffc9beb1b90 which does not point to an object of type 'QTouchEvent'
0x7ffc9beb1b90: note: object is of type 'QPlatformSurfaceEvent'
fc 7f 00 00 08 93 b1 6f f5 2a 00 00 00 00 00 00 00 00 00 00 d9 00 ec 9b 00 00 00 00 49 01 c1 5e
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QPlatformSurfaceEvent'
#0 0x2af55edfa66a in QTapAndHoldGestureRecognizer::recognize(QGesture*, QObject*, QEvent*) qstandardgestures.cpp:511
#1 0x2af55ee3d9bb in QGestureManager::filterEventThroughContexts(QMultiMap<QObject*, Qt::GestureType> const&, QEvent*) qgesturemanager.cpp:276
#2 0x2af55ee4565b in QGestureManager::filterEvent(QWidget*, QEvent*) qgesturemanager.cpp:512
#3 0x2af55ee53945 in QGestureManager::filterEvent(QObject*, QEvent*) qgesturemanager.cpp:556
#4 0x2af55ea1b83a in QApplication::notify(QObject*, QEvent*) qapplication.cpp:3053
#5 0x2af573949d0f in QCoreApplication::notifyInternal2(QObject*, QEvent*) qcoreapplication.cpp:988
#6 0x2af56982ff94 in QCoreApplication::sendEvent(QObject*, QEvent*) qcoreapplication.h:231
#7 0x2af56982ff94 in QWindowPrivate::create(bool) qwindow.cpp:435
#8 0x2af55ecd10fe in QWidgetPrivate::create_sys(unsigned long long, bool, bool) qwidget.cpp:1471
#9 0x2af55ecc770e in QWidget::create(unsigned long long, bool, bool) qwidget.cpp:1333
#10 0x2af55ed80618 in QWidget::setVisible(bool) qwidget.cpp:8156
#11 0x4feec4 in tst_QWidget::touchEventsForGesturePendingWidgets() tst_qwidget.cpp:9824
qstandardgestures.cpp:512:67: runtime error: downcast of address 0x7ffc9beb1b90 which does not point to an object of type 'QMouseEvent'
0x7ffc9beb1b90: note: object is of type 'QPlatformSurfaceEvent'
fc 7f 00 00 08 93 b1 6f f5 2a 00 00 00 00 00 00 00 00 00 00 d9 00 ec 9b 00 00 00 00 49 01 c1 5e
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QPlatformSurfaceEvent'
#0 0x2af55edfaa19 in QTapAndHoldGestureRecognizer::recognize(QGesture*, QObject*, QEvent*) qstandardgestures.cpp:512
[... skipping common lines ...]
qstandardgestures.cpp:514:95: runtime error: downcast of address 0x
0x7ffc9beb1b90: note: object is of type 'QPlatformSurfaceEvent'
fc 7f 00 00 08 93 b1 6f f5 2a 00 00 00 00 00 00 00 00 00 00 d9 00 ec 9b 00 00 00 0
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QPlatformSurfaceEvent'
#0 0x2af55edfa966 in QTapAndHoldGestureRecognizer::recognize(QGesture*, QObject*, QEvent*) qstandardgestures.cpp:514
[... skipping common lines ...]
The problem is that the casts are done outside the switch that
determines the event's type, so for any given event object, at least
any two of the casts are invalid.
This could actually be a real problem, because it's trivial for a
compiler to prove that these three lines unconditionally invoke UB, so
it has all the right in the world to decide to drop the complete rest
of the function, using this line of reasoning:
1. The only way for these three casts not to be UB is if event ==
nullptr.
2. If event == nullptr, then event->type() invokes UB, so event cannot
be nullptr.
3. The only way both can be true is if this code path is never
taken. I can thus assume that
object == state && event->type() == QEvent::Timer
is always true, drop the check and execute the if block
unconditionally (I need to call QEvent::type(), to satisfy the
as-if-rule, but I needn't check its return value).
Fix by moving the casts where they belong: into each case of the
switch, where the type of the event has been checked to match the
target type of the cast.
Change-Id: I3aee8e213dc19d2f51636bcc5221cc92b3142e58
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Found by UBSan:
qwidget.cpp:5228:62: runtime error: downcast of address 0x61b00003d480 which does not point to an object of type 'QWidget'
0x61b00003d480: note: object is of type 'QMainWindowLayout'
bc 00 00 75 90 2e 2a 78 4f 2b 00 00 40 c1 02 00 f0 60 00 00 78 2f 2a 78 4f 2b 00 00 00 00 00 00
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QMainWindowLayout'
#0 0x2b4f70efb1c2 in sendResizeEvents qwidget.cpp:5228
#1 0x2b4f70f65f7f in QWidget::grab(QRect const&) qwidget.cpp:5252
#2 0x6b1746 in tst_QWidget::render_task188133() tst_qwidget.cpp:6615
Fix by performing the cast only after the test for isWidgetType() has
succeeded.
Change-Id: I061a60ef35bcb5fbefb9bc7b84706c9dd5afd207
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Found by UBSan:
tst_qapplication.cpp:1754:48: runtime error: member access within address 0x7ffda11f2220 which does not point to an object of type 'SpontaneousEvent'
0x7ffda11f2220: note: object is of type 'QMouseEvent'
The code attempted to model the layout of a QEvent with another class
that allows public access to the memory location that (hopefully)
corresponds to QEvent::spont, gaining access by casting a QEvent
object to that specifically-crafted class.
Fix by the using the existing QSpontaneKeyEvent::setSpontaneous()
call, which, despite its name, works for all QEvent subclasses, and
which has already been fixed to not invoke UB (in bc087db).
Change-Id: I7db8b8a8a823f7d61ab17375142d19dc3874fea5
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
The Q_AUTOTEST_EXPORT is defined in all cases. So usage as #if
defined(Q_AUTOTEST_EXPORT) was wrong.
Change-Id: Ia1c1526ad08fdfa35ca773d7c62f8bbba39a6d38
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Adds two formats that does not have optimized code-paths in qdrawhelper
to ensure the generic path has coverage.
This has already uncovered one bug fixed before this patch could go in.
Change-Id: I0e0a1a873555b27f6438f69a76982b8e06263dcf
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
The check for Q_... macros used a regex that didn't allow digits; it
thus failed to match Q_DECLARE_SHARED_NOT_MOVABLE_UNTIL_QT6().
Change-Id: I3f9339349aa21e2fea04a7f53d9d8e0903e4c65b
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
QDateTimeEdit ignores the time-spec of its date-time value, using its
own time-spec instead; mostly, this works because it first conforms
the value to its own time-spec. However, during construction, before
doing this, it set up its display data, which could leave it with a
different time (rather than a different representation of the given
time) than it was asked to use.
Moved the updateTimeSpec() calls to immediately after setting value in
QDateTimeEditPrivate::init() to ensure correct handling. Added test.
Task-number: QTBUG-54781
Change-Id: I3b07c10997abb858fc0b40558bff96e3fdabbd83
Reviewed-by: Jesus Fernandez <jesus.fernandez@qt.io>
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
The Windows Intel drivers reject shader sources without
a version directive in 3.2+ compatibility profiles. This
is odd but can be worked around by adding #version 110
(which should be the default...)
Change-Id: I1ccac41b80121e6423d4f8964d03dda52a433296
Task-number: QTBUG-55733
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
Reviewed-by: Andy Nichols <andy.nichols@qt.io>
1. QSslSocketBackendPrivate::transmit was ignoring 'readBufferMaxSize';
as a result, we can have a user trying to set read buffer's size
to a small value (and more important - reading slowly in a small
chunks from this socket), but SSL itself socket reading 'too fast',
potentially growing its internal buffer to a huge size. This also
results in auto-tests failing - whenever we're trying to limit read
rate in some test.
2. Update qsslsocket auto-test.
Task-number: QTBUG-43388
Task-number: QTBUG-55170
Change-Id: Iedece26df0ac5b3b7cad62cc8c98aedc28e7ca5b
Reviewed-by: Richard J. Moore <rich@kde.org>
In setMinAndMaxSize(), QLayout::removeItem() doesn't actually delete
the removed item. We have to do that ourselves (RAII not necessary,
since the spacer is owned by the layout until we remove it).
In distributeMultiCell(), allocate the QStyle subclass on the stack so
the compiler cleans it up properly on all exit paths (was:
unconditional leak).
Change-Id: I24f8f11af2bfc5abf78f9aab0139dcfe0187402b
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
In sizeConstraints(), QLayout::takeAt(), as the name suggests, doesn't
actually delete the item. We have to do that ourselves.
Likewise, in replaceWidget(), QLayout::replaceWidget() also doesn't
delete the affected item, but returns it. That's spectacularly bad API
design, but the leak is easy to fix: just delete the return value.
Change-Id: I8dcbc59898949eabce766cda2c0edae2e1f2799e
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Found by UBSan:
qlayout.cpp:612:50: runtime error: downcast of address 0x7ffcd4c39a70 which does not point to an object of type 'QWidget'
0x7ffcd4c39a70: note: object is of type 'QObject'
00 00 00 00 b0 43 4c 7b f5 2a 00 00 70 c9 28 02 00 00 00 00 08 93 9a 77 f5 2a 00 00 00 00 c3 d4
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QObject'
#0 0x2af56f189960 in QLayout::widgetEvent(QEvent*) qlayout.cpp:612
#1 0x2af56f037660 in QApplicationPrivate::notify_helper(QObject*, QEvent*) qapplication.cpp:3732
#2 0x2af56f06ae5b in QApplication::notify(QObject*, QEvent*) qapplication.cpp:3704
#3 0x2af57989e383 in QCoreApplication::notifyInternal2(QObject*, QEvent*) qcoreapplication.cpp:988
#4 0x2af5799c1696 in QCoreApplication::sendEvent(QObject*, QEvent*) qcoreapplication.h:231
#5 0x2af5799c1696 in QObjectPrivate::setParent_helper(QObject*) qobject.cpp:2043
#6 0x2af5799c4823 in QObject::~QObject() qobject.cpp:1095
#7 0x2af56f2d205d in QWidget::~QWidget() qwidget.cpp:1549
#8 0x2af56f9c1366 in QFrame::~QFrame() qframe.cpp:262
#9 0x2af56f9e76cb in QLabel::~QLabel() qlabel.cpp:247
#10 0x458077 in tst_QStyleSheetStyle::emptyStyleSheet() tst_qstylesheetstyle.cpp:1400
Fix by not casting at all (or, to be precise, casting implicitly up
instead of explicitly down).
Change-Id: Ic19fd29e0cabd1aee5b1c93ca4c0fc70bc7a5927
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Found by UBSan:
qstackedlayout.cpp:261:98: runtime error: downcast of address 0x60400003cd10 which does not point to an object of type 'QtFriendlyLayoutWidget'
0x60400003cd10: note: object is of type 'QWidget'
0e 00 80 76 70 0b 06 3f d6 2a 00 00 00 99 00 00 50 61 00 00 20 0d 06 3f d6 2a 00 00 00 00 be be
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QWidget'
#0 0x2ad637b8f58f in qt_wasDeleted qstackedlayout.cpp:261
#1 0x2ad637b8f58f in QStackedLayout::takeAt(int) qstackedlayout.cpp:285
#2 0x2ad637b4afcb in QLayout::removeWidget(QWidget*) qlayout.cpp:1369
#3 0x413534 in tst_QStackedLayout::testCase() tst_qstackedlayout.cpp:155
Caused by using a struct to get access to QWidgetPrivate::wasDeleted
using a cast. That cast is invalid, of course, so simply use
QWidgetPrivate::get().
Caveat: we need a const version of that function, but that didn't
exist, yet, so added one.
Change-Id: I27d449b90be7e2072646d950c676b500ef698349
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
A check "just in case" -- we don't want leaks nor crashes
due to double deletions, and so on.
Change-Id: I24f1a486f0d438595bbe352ab780b07c5d53acbd
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
Following f6cb8b1af8, take
advantage of the nullptr return case of QGraphicsItem
::toGraphicsObject() by not looking up nullptr in the
QList and the two QHashes. They don't contain nullptrs.
Change-Id: Ic1cfbb4c60061577a09348ef78fdc573f95ad9a8
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Found by UBSan:
qcolordialog.cpp:86:5: runtime error: downcast of address 0x7ffdf50c1ec0 which does not point to an object of type 'QColorDialog'
0x7ffdf50c1ec0: note: object is of type 'QDialog'
fd 7f 00 00 d8 6e c7 23 b7 2a 00 00 50 c1 af 01 00 00 00 00 b0 70 c7 23 b7 2a 00 00 00 00 1a 1e
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QDialog'
#0 0x2ab720e4ec97 in QColorDialogPrivate::q_func() const qcolordialog.cpp:86
#1 0x2ab720e4ec97 in QColorDialogPrivate::canBeNativeDialog() const qcolordialog.cpp:1865
#2 0x2ab720e84ed6 in QDialog::setVisible(bool) qdialog.cpp:696
#3 0x2ab720e6c1fa in QDialog::~QDialog() qdialog.cpp:357
#4 0x2ab720e2b276 in QColorDialog::~QColorDialog() qcolordialog.cpp:2187
#5 0x2ab720e5e2c6 in QColorDialog::getColor(QColor const&, QWidget*, QString const&, QFlags<QColorDialog::ColorDialogOption>) qcolordialog.cpp:2148
#6 0x2ab720e5e473 in QColorDialog::getRgba(unsigned int, bool*, QWidget*) qcolordialog.cpp:2176
#7 0x407180 in tst_QColorDialog::testGetRgba() tst_qcolordialog.cpp:118
qfiledialog_p.h:112:5: runtime error: downcast of address 0x7ffd6858cc60 which does not point to an object of type 'QFileDialog'
0x7ffd6858cc60: note: object is of type 'QDialog'
a1 2b 00 00 d8 1e 5e 0c a1 2b 00 00 b0 af 01 20 a1 2b 00 00 b0 20 5e 0c a1 2b 00 00 00 00 46 00
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QDialog'
#0 0x2ba10980a9e7 in QFileDialogPrivate::q_func() const qfiledialog_p.h:112
#1 0x2ba10980a9e7 in QFileDialogPrivate::canBeNativeDialog() const qfiledialog.cpp:695
#2 0x2ba1097efe36 in QDialog::setVisible(bool) qdialog.cpp:696
#3 0x2ba1097d715a in QDialog::~QDialog() qdialog.cpp:357
#4 0x2ba109854c4b in QFileDialog::~QFileDialog() qfiledialog.cpp:380
#5 0x4179dc in tst_QFiledialog::init() tst_qfiledialog.cpp:175
Fix by replacing Q_Q with the the equivalent expression for QDialog.
We can't re-use QDialogPrivate::q_func() here, since that is private,
and probably should stay like that.
Also fix an invalid member call in
QColorDialogPrivate::canBeNativeDialog():
qcolordialog.cpp:2050:5: runtime error: member call on address 0x7ffdf50c1ec0 which does not point to an object of type 'QColorDialog'
0x7ffdf50c1ec0: note: object is of type 'QDialog'
fd 7f 00 00 d8 6e c7 23 b7 2a 00 00 50 c1 af 01 00 00 00 00 b0 70 c7 23 b7 2a 00 00 00 00 1a 1e
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QDialog'
#0 0x2ab720e4e5ea in QColorDialog::options() const qcolordialog.cpp:2050
#1 0x2ab720e4e8c8 in QColorDialogPrivate::canBeNativeDialog() const qcolordialog.cpp:1870
#2 0x2ab720e84ed6 in QDialog::setVisible(bool) qdialog.cpp:696
#3 0x2ab720e6c1fa in QDialog::~QDialog() qdialog.cpp:357
#4 0x2ab720e2b276 in QColorDialog::~QColorDialog() qcolordialog.cpp:2187
#5 0x2ab720e5e2c6 in QColorDialog::getColor(QColor const&, QWidget*, QString const&, QFlags<QColorDialog::ColorDialogOption>) qcolordialog.cpp:2148
#6 0x2ab720e5e473 in QColorDialog::getRgba(unsigned int, bool*, QWidget*) qcolordialog.cpp:2176
#7 0x407180 in tst_QColorDialog::testGetRgba() tst_qcolordialog.cpp:118
by accessing the data member directly instead of through the Public API.
Fix the same code in QFileDialog, even though the autotest coverage is
too limited for UBSan to point that one out explicitly.
This commit amends abe8b4ab9b, in which
it should have been included in the first place...
Change-Id: Iff0538eba61d2381359f0b61f35918d643f7aa0c
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Found by UBSan, which was so shocked that it crashed:
#6 <signal handler called>
#7 __dynamic_cast () at ../../../../gcc/libstdc++-v3/libsupc++/dyncast.cc:50
#8 0x00002b9278fa1c3b in __ubsan::checkDynamicType(void*, void*, unsigned long) () from /opt/gcc/trunk/lib64/libubsan.so.0
#9 0x00002b9278fa10c3 in HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long, unsigned long, __ubsan::ReportOptions) () from /opt/gcc/trunk/lib64/libubsan.so.0
#10 0x00002b9278fa1783 in __ubsan_handle_dynamic_type_cache_miss () from /opt/gcc/trunk/lib64/libubsan.so.0
#11 0x00002b926c08ab8d in QApplication::notify(QObject*, QEvent*) () at /home/marc/Qt/qt5/qtbase/src/widgets/kernel/qapplication.cpp:3120
(full backtrace originates in tst_QWidget::testDeletionInEventHandlers(),
testing key events).
Fix is simple: just perform the cast before delivering the event.
Change-Id: Ic26e36f47ef57e980c0dba00900927ff39fe6392
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
We checked if we had seen the interface by looking into seenInterfaces
and seenIndexes, but we never updated those variables with what we saw
in this block.
This fixes the reporting of PPP interfaces as well as TUN/TAP virtual
interfaces.
Change-Id: I33dc971f005a4848bb8ffffd1476830b8482b808
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Writing to solid overwrites part of the gradient input messing up later
lines. In particular repeating gradients tended to be broken.
Tested by lancelot (once the baseline is correct).
Change-Id: I64222048ba67b0424b44822f09ddc947973145a6
Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
The test function tries to create a file inside the application bundle.
Change-Id: Ia429b42b102d5e98f20694058fa2633e3c7de30a
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Windows of type Qt::ToolTip should not prevent closing the
application when checking for the last window.
Task-number: QTBUG-55523
Change-Id: I47c51abe79bf6c857aba229960de95e1a23efb10
Reviewed-by: J-P Nurmi <jpnurmi@qt.io>
Hide the tooltip when a window is requested to close in addition
to focus/activation change. This fixes the tooltip blocking
the shutdown of a Qt Quick Controls application.
Task-number: QTBUG-55523
Change-Id: I09d10fc162ce125075b03c534412b488974d12b9
Reviewed-by: J-P Nurmi <jpnurmi@qt.io>
In change db2764db34, we introduced
the requirement of having specific OpenType tables available
to certain fonts. Before, we would not require OpenType support
to use a font for Myanmar text, for instance, since this was
not listed as one of the languages requiring OpenType support.
This patch simply brings back the limitation that fonts are only
disqualified by missing tables if the language is one of the
ones we know to require OpenType.
Change-Id: I6f1ee2c8a068f9e183a36e24967f331dae96c14b
Task-number: QTBUG-55569
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Found by UBSan:
tst_qgraphicsitem.cpp:5066:29: runtime error: downcast of address 0x2afcb006c7f0 which does not point to an object of type 'GeometryChanger'
0x2afcb006c7f0: note: object is of type 'QGraphicsRectItem'
00 00 00 00 d8 64 ca 98 fc 2a 00 00 40 a9 0b b0 fc 2a 00 00 75 65 29 00 00 00 00 00 35 00 00 00
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QGraphicsRectItem'
#0 0x4c5f1c in tst_QGraphicsItem::prepareGeometryChange() tst_qgraphicsitem.cpp:5066
Fix by actually instantiating a GeometryChanger, which incidentally is
the pattern used by paint() a few lines below, too.
While at it, allocate the item on the stack (as is done in paint())
and create a local QRectF variable to avoid repeating the same magic
numbers over and over again.
Change-Id: If5a3d56511000a17703d78d7dd1f0ea072b8bc11
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Found by UBSan:
qgraphicsscene.cpp:1000:40: runtime error: downcast of address 0x2af0d4072b00 which does not point to an object of type 'QGraphicsWidget'
0x2af0d4072b00: note: object is of type 'QGraphicsObject'
00 00 00 00 30 f5 26 bd f0 2a 00 00 90 e1 05 d4 f0 2a 00 00 a8 e3 26 bd f0 2a 00 00 d0 33 0f d4
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QGraphicsObject'
#0 0x2af0badf1305 in QGraphicsScenePrivate::ungrabMouse(QGraphicsItem*, bool) qgraphicsscene.cpp:1000
#1 0x2af0bae0fc24 in QGraphicsScenePrivate::removeItemHelper(QGraphicsItem*) qgraphicsscene.cpp:692
#2 0x2af0bacd21f6 in QGraphicsItem::~QGraphicsItem() qgraphicsitem.cpp:1555
#3 0x2af0bacd4c48 in QGraphicsObject::~QGraphicsObject() qgraphicsitem.cpp:7766
#4 0x2af0baf7e99c in QGraphicsWidget::~QGraphicsWidget() qgraphicswidget.cpp:231
#5 0x2af0baf7f8c0 in QGraphicsWidget::~QGraphicsWidget() qgraphicswidget.cpp:282
#6 0x2af0badcee34 in QGraphicsScene::clear() qgraphicsscene.cpp:2388
#7 0x2af0badcf3fc in QGraphicsScene::~QGraphicsScene() qgraphicsscene.cpp:1682
#8 0x4b26f0 in tst_QGraphicsWidget::popupMouseGrabber() tst_qgraphicswidget.cpp:47
Fix by using the existing graphics widget pointer,
determined a line above to be equivalent to 'item',
for the removePopup() function call instead of
casting 'item' itself.
The rest of removePopup() appears to be well-behaved
and doesn't trigger any more UBSan errors, so it was
indeed just the cast which was undefined, no member
calls.
Change-Id: Ia54da90262a7a02f527914a90b0208be0ffc0f0b
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
The variable 'item' may or may not contain a QGraphicsObject
pointer. Using static_cast on an 'item' that isn't, is UB.
Found by UBSan (which failed to print a message, but the
function names gave it away):
[...]
#6 <signal handler called>
#7 0x00002b18813bec05 in __ubsan::checkDynamicType(void*, void*, unsigned long) () from /opt/gcc/trunk/lib64/libubsan.so.0
#8 0x00002b18813be0c3 in HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long, unsigned long, __ubsan::ReportOptions) () from /opt/gcc/trunk/lib64/libubsan.so.0
#9 0x00002b18813be783 in __ubsan_handle_dynamic_type_cache_miss () from /opt/gcc/trunk/lib64/libubsan.so.0
#10 0x00002b1875e71d4d in QGraphicsScenePrivate::removeItemHelper(QGraphicsItem*) () at /home/marc/Qt/qt5/qtbase/src/widgets/graphicsview/qgraphicsscene.cpp:720
#11 0x00002b1875e731ef in QGraphicsScene::removeItem(QGraphicsItem*) () at /home/marc/Qt/qt5/qtbase/src/widgets/graphicsview/qgraphicsscene.cpp:2929
#12 0x00002b1875e6d05f in QGraphicsScenePrivate::removeItemHelper(QGraphicsItem*) () at /home/marc/Qt/qt5/qtbase/src/widgets/graphicsview/qgraphicsscene.cpp:604
#13 0x00002b1875e731ef in QGraphicsScene::removeItem(QGraphicsItem*) () at /home/marc/Qt/qt5/qtbase/src/widgets/graphicsview/qgraphicsscene.cpp:2929
#14 0x00002b1875e73e68 in QGraphicsScene::addItem(QGraphicsItem*) () at /home/marc/Qt/qt5/qtbase/src/widgets/graphicsview/qgraphicsscene.cpp:2505
#15 0x000000000043d34d in tst_QGraphicsWidget::fontPropagationSceneChange() () at /home/marc/Qt/qt5/qtbase/tests/auto/widgets/graphicsview/qgraphicswidget/tst_qgraphicswidget.cpp:941
[...]
Fix by using QGraphicsItem::toGraphicsObject().
Yes, it's that simple...
Change-Id: If04d1b62603cfd808cc7b64946da536c221a0c11
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Found by UBSan:
qfontdialog_p.h:77:5: runtime error: downcast of address 0x7ffc3ceadc90 which does not point to an object of type 'QFontDialog'
0x7ffc3ceadc90: note: object is of type 'QDialog'
fc 7f 00 00 38 5f a8 27 fc 2a 00 00 60 e2 14 02 00 00 00 00 10 61 a8 27 fc 2a 00 00 00 00 00 00
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QDialog'
#0 0x2afc24d29490 in QFontDialogPrivate::q_func() const qfontdialog_p.h:77
#1 0x2afc24d29490 in QFontDialogPrivate::canBeNativeDialog() const qfontdialog.cpp:1033
#2 0x2afc24c93f56 in QDialog::setVisible(bool) qdialog.cpp:696
#3 0x2afc24c7b27a in QDialog::~QDialog() qdialog.cpp:357
#4 0x2afc24d286a6 in QFontDialog::~QFontDialog() qfontdialog.cpp:339
#5 0x2afc24d481a2 in QFontDialogPrivate::getFont(bool*, QFont const&, QWidget*, QString const&, QFlags<QFontDialog::FontDialogOption>) qfontdialog.cpp:402
#6 0x2afc24d483f1 in QFontDialog::getFont(bool*, QWidget*) qfontdialog.cpp:396
#7 0x407652 in tst_QFontDialog::testGetFont() tst_qfontdialog.cpp:120
qcolordialog.cpp:86:5: runtime error: downcast of address 0x7ffdf50c1ec0 which does not point to an object of type 'QColorDialog'
0x7ffdf50c1ec0: note: object is of type 'QDialog'
fd 7f 00 00 d8 6e c7 23 b7 2a 00 00 50 c1 af 01 00 00 00 00 b0 70 c7 23 b7 2a 00 00 00 00 1a 1e
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QDialog'
#0 0x2ab720e4ec97 in QColorDialogPrivate::q_func() const qcolordialog.cpp:86
#1 0x2ab720e4ec97 in QColorDialogPrivate::canBeNativeDialog() const qcolordialog.cpp:1865
#2 0x2ab720e84ed6 in QDialog::setVisible(bool) qdialog.cpp:696
#3 0x2ab720e6c1fa in QDialog::~QDialog() qdialog.cpp:357
#4 0x2ab720e2b276 in QColorDialog::~QColorDialog() qcolordialog.cpp:2187
#5 0x2ab720e5e2c6 in QColorDialog::getColor(QColor const&, QWidget*, QString const&, QFlags<QColorDialog::ColorDialogOption>) qcolordialog.cpp:2148
#6 0x2ab720e5e473 in QColorDialog::getRgba(unsigned int, bool*, QWidget*) qcolordialog.cpp:2176
#7 0x407180 in tst_QColorDialog::testGetRgba() tst_qcolordialog.cpp:118
qfiledialog_p.h:112:5: runtime error: downcast of address 0x7ffd6858cc60 which does not point to an object of type 'QFileDialog'
0x7ffd6858cc60: note: object is of type 'QDialog'
a1 2b 00 00 d8 1e 5e 0c a1 2b 00 00 b0 af 01 20 a1 2b 00 00 b0 20 5e 0c a1 2b 00 00 00 00 46 00
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QDialog'
#0 0x2ba10980a9e7 in QFileDialogPrivate::q_func() const qfiledialog_p.h:112
#1 0x2ba10980a9e7 in QFileDialogPrivate::canBeNativeDialog() const qfiledialog.cpp:695
#2 0x2ba1097efe36 in QDialog::setVisible(bool) qdialog.cpp:696
#3 0x2ba1097d715a in QDialog::~QDialog() qdialog.cpp:357
#4 0x2ba109854c4b in QFileDialog::~QFileDialog() qfiledialog.cpp:380
#5 0x4179dc in tst_QFiledialog::init() tst_qfiledialog.cpp:175
Fix by replacing Q_Q with the the equivalent expression for QDialog.
We can't re-use QDialogPrivate::q_func() here, since that is private,
and probably should stay like that.
Also fix an invalid member call in
QColorDialogPrivate::canBeNativeDialog():
qcolordialog.cpp:2050:5: runtime error: member call on address 0x7ffdf50c1ec0 which does not point to an object of type 'QColorDialog'
0x7ffdf50c1ec0: note: object is of type 'QDialog'
fd 7f 00 00 d8 6e c7 23 b7 2a 00 00 50 c1 af 01 00 00 00 00 b0 70 c7 23 b7 2a 00 00 00 00 1a 1e
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QDialog'
#0 0x2ab720e4e5ea in QColorDialog::options() const qcolordialog.cpp:2050
#1 0x2ab720e4e8c8 in QColorDialogPrivate::canBeNativeDialog() const qcolordialog.cpp:1870
#2 0x2ab720e84ed6 in QDialog::setVisible(bool) qdialog.cpp:696
#3 0x2ab720e6c1fa in QDialog::~QDialog() qdialog.cpp:357
#4 0x2ab720e2b276 in QColorDialog::~QColorDialog() qcolordialog.cpp:2187
#5 0x2ab720e5e2c6 in QColorDialog::getColor(QColor const&, QWidget*, QString const&, QFlags<QColorDialog::ColorDialogOption>) qcolordialog.cpp:2148
#6 0x2ab720e5e473 in QColorDialog::getRgba(unsigned int, bool*, QWidget*) qcolordialog.cpp:2176
#7 0x407180 in tst_QColorDialog::testGetRgba() tst_qcolordialog.cpp:118
by accessing the data member directly instead of through the Public API.
Fix the same code in QFileDialog, even though the autotest coverage is
too limited for UBSan to point that one out explicitly.
Change-Id: Idd278744961435e417d91fb2f89b6d91a94e0c71
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Text is copied from corresponding QFontMetrics methods.
Change-Id: Ife79e0d1b06ca3f691f2fd8bd796b41aeaa76954
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>
This version now prefers non-free provisioning teams, since the latter
seem to be problematic in more cases.
Task-number: QTBUG-55915
Change-Id: Ie40ddae5e333acdd5327ed46992fb4fb300dee25
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@theqtcompany.com>
Reviewed-by: Gabriel de Dietrich <gabriel.dedietrich@qt.io>
This makes use of the new -quiet option in xcodebuild 8 to reduce the
noisiness of output when make is invokved in silent mode.
Change-Id: I3730dddcc1d9dae329b5ff254448533cdd573a30
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@theqtcompany.com>
Reviewed-by: Mike Krus <mike.krus@kdab.com>
Reviewed-by: Gabriel de Dietrich <gabriel.dedietrich@qt.io>
tokens[i] was left uninitialized. This could cause a crash when moc produces a
qWarning.
Task-number: QTBUG-56045
Change-Id: I6fba933005edd29756f0d6b1cfe53243254ac7b2
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This patch adds a sample native event filter that can be easily
integrated in a project.
Task-number: QTBUG-53209
Change-Id: Iedf6df33a3de5b01dc7871cca5e7897a5b485733
Reviewed-by: Topi Reiniö <topi.reinio@theqtcompany.com>
It should be possible to show a menu by calling showPopup, even if
visible is set to false. After all, it's only logical that visibility
is false before showing it. And whether or not the menu is
enabled should not matter as well.
Change-Id: I9a2b453c8c6e88c47812c652d99e4b4a9c7524a7
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@theqtcompany.com>
The synthesized properties were defined as (read only)
methods in the UIViewController API in iOS9, and we
extended them into readwrite properties in our own
sub class to enable some local bookkeeping in addition
to normal overriding.
But in iOS10, Apple has changed the methods into being
readonly properties instead. The difference then is
that automatic property synthesizing
will ignore our local readwrite declarations, and use
the declarations in the super class instead. And this
will lead to a runtime crash on iOS10 since no
setter methods are generated.
This patch will instead explicit synthesize the affected
properties to ensure that both getters and setters will be
generated.
Change-Id: Iac330e991b8a0fe335e383e1f7d9ff30c0ce1559
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@theqtcompany.com>
In the iOS 10 SDK, method signatures has been annotated with
NS_ASSUME_NONNULL macros and 'nullable' keywords. This means
that certain methods should not be called with argumens
that can be null, or in this case, set to 0 explicitly. The
result will be compiler warnings.
This patch will rewrite the explicit call we do to touchesCancelled
so that we send an empty set instead of 0.
Change-Id: I50aa80b91312397d17e0e380815adff87cee852b
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@theqtcompany.com>
Allows us to detect cases where the requested vsync combination was
not possible to fulfill.
Change-Id: Ie8f3665129f7a1ab7fcefb94b2298d54520b753a
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
The FPS is now calculated and output on the command line in a single
place. The animated fps counter has been replaced with a vertical line
which should make it easier to observe tearing issues when vsync is
disabled.
Change-Id: Id356fc1958c048d85aba48edfed59124454038d4
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
QSurfaceFormat is recreated from scratch, and by not reading back the
swap interval the QCocoaGLContext seemed to be vsynced even if it
actually was not.
Change-Id: I72ddaae9a4c695fe4c74d7b4b70ca9db84bcc084
Reviewed-by: Laszlo Agocs <laszlo.agocs@qt.io>
The animated FPS counter should be enough to observe smooth animations,
so we use the color of the window to visualize frame latency.
Change-Id: I1171a1c4bdc261ca8655771290c6735357821781
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
As the d-pointer, QBrush uses a QScopedPointer with a
custom deleter that checks for QBrushData::style and
casts the QBrushData pointer down to corresponding
subclasses before calling delete on them.
In QBrush::detach(), however, any of the three brush
data classes were held in a QScopedPointer _without_
the custom deleter, invoking UB when that scoped
pointer would ever get to be the one that deleted
the payload instead of handing it over to the objects
d-pointer.
Found by making dtors protected following a Coverity
report wrongly marked as 'dismissed' (these static
checks are not included in this patch, since they
are binary-incompatible), to find out where Coverity
could possibly see a problem.
Also replace the d.reset(x.take()) that allowed this
mismatch to compile with d.swap(x), which nicely
ensures that x and d are of the same type.
Coverity-Id: 11772
Change-Id: I85e2c205df9291bd7508b6c90f7b03fbe8c3bcd2
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>