Protection against short reads was already half implemented,
blockSize was being sent by the server but never used by the client.
Also, blockSize was bumped to quint32: If you're in a position where
short reads can happen then quint16 is probably not enough to hold the
size of your data. On Linux I could only reproduce short reads for
messages > 500K.
Change-Id: I191a3d781da1d8a119debbdafae641c8340a1da2
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
... and avoid detach()ing potentially large data for just
preserving the QPlatformPixmap::pixelType().
A QBitmap differs from a QPixmap (its base class, urgh)
by always having a data != nullptr and a Bitmap pixel
type, yet load() was unconditionally setting 'data' to
nullptr on failure, turning a QBitmap into a non-QBitmap.
Fix by move-assigning a null QBitmap instead of resetting
'data'.
Add some tests.
Change-Id: Ida58b3b24d96472a5f9d0f18f81cc763edcf3c16
Reviewed-by: Anton Kudryavtsev <a.kudryavtsev@netris.ru>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
Found by UBSan:
qgraphicswidget_p.h:72:5: runtime error: downcast of address 0x2ab6a8021400 which does not point to an object of type 'QGraphicsWidget'
0x2ab6a8021400: note: object is of type 'QGraphicsObject'
00 00 00 00 70 93 5c 91 b6 2a 00 00 f0 c0 01 a8 b6 2a 00 00 e8 81 5c 91 b6 2a 00 00 10 bf 01 a8
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QGraphicsObject'
#0 0x2ab68f2fdd7c in QGraphicsWidgetPrivate::q_func() qgraphicswidget_p.h:72
#1 0x2ab68f2fdd7c in QGraphicsWidgetPrivate::fixFocusChainBeforeReparenting(QGraphicsWidget*, QGraphicsScene*, QGraphicsScene*) qgraphicswidget_p.cpp:775
#2 0x2ab68f020d2a in QGraphicsItemPrivate::setParentItemHelper(QGraphicsItem*, QVariant const*, QVariant const*) qgraphicsitem.cpp:1181
#3 0x2ab68f024f73 in QGraphicsItem::setParentItem(QGraphicsItem*) qgraphicsitem.cpp:1781
#4 0x2ab68f168401 in QGraphicsScenePrivate::removeItemHelper(QGraphicsItem*) qgraphicsscene.cpp:620
#5 0x2ab68f02c166 in QGraphicsItem::~QGraphicsItem() qgraphicsitem.cpp:1555
#6 0x2ab68f02ebb8 in QGraphicsObject::~QGraphicsObject() qgraphicsitem.cpp:7766
#7 0x2ab68f2d8888 in QGraphicsWidget::~QGraphicsWidget() qgraphicswidget.cpp:231
#8 0x4bce62 in SubQGraphicsWidget::~SubQGraphicsWidget() /tst_qgraphicswidget.cpp:175
#9 0x4bce62 in SubQGraphicsWidget::~SubQGraphicsWidget() /tst_qgraphicswidget.cpp:175
#10 0x2ab68f02c9ec in QGraphicsItem::~QGraphicsItem() qgraphicsitem.cpp:1550
#11 0x2ab68f02ebb8 in QGraphicsObject::~QGraphicsObject() qgraphicsitem.cpp:7766
#12 0x2ab68f2d8888 in QGraphicsWidget::~QGraphicsWidget() qgraphicswidget.cpp:231
#13 0x4bce62 in SubQGraphicsWidget::~SubQGraphicsWidget() /tst_qgraphicswidget.cpp:175
#14 0x4bce62 in SubQGraphicsWidget::~SubQGraphicsWidget() /tst_qgraphicswidget.cpp:175
#15 0x2ab68f128da4 in QGraphicsScene::clear() qgraphicsscene.cpp:2388
#16 0x2ab68f12936c in QGraphicsScene::~QGraphicsScene() qgraphicsscene.cpp:1682
#17 0x44d44c in tst_QGraphicsWidget::focusWidget() /tst_qgraphicswidget.cpp:435
qgraphicswidget_p.cpp:805:24: runtime error: member call on address 0x2ab6a8021400 which does not point to an object of type 'QGraphicsWidget'
0x2ab6a8021400: note: object is of type 'QGraphicsObject'
00 00 00 00 70 93 5c 91 b6 2a 00 00 f0 c0 01 a8 b6 2a 00 00 e8 81 5c 91 b6 2a 00 00 10 bf 01 a8
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QGraphicsObject'
#0 0x2ab68f2fdc68 in QGraphicsWidgetPrivate::fixFocusChainBeforeReparenting(QGraphicsWidget*, QGraphicsScene*, QGraphicsScene*) qgraphicswidget_p.cpp:805
#1 0x2ab68f020d2a in QGraphicsItemPrivate::setParentItemHelper(QGraphicsItem*, QVariant const*, QVariant const*) qgraphicsitem.cpp:1181
[... identical lines omitted ...]
qgraphicswidget_p.cpp:806:23: runtime error: member call on address 0x2ab6a8021400 which does not point to an object of type 'QGraphicsWidget'
0x2ab6a8021400: note: object is of type 'QGraphicsObject'
00 00 00 00 70 93 5c 91 b6 2a 00 00 f0 c0 01 a8 b6 2a 00 00 e8 81 5c 91 b6 2a 00 00 10 bf 01 a8
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QGraphicsObject'
#0 0x2ab68f2fdb6b in QGraphicsWidgetPrivate::fixFocusChainBeforeReparenting(QGraphicsWidget*, QGraphicsScene*, QGraphicsScene*) qgraphicswidget_p.cpp:806
#1 0x2ab68f020d2a in QGraphicsItemPrivate::setParentItemHelper(QGraphicsItem*, QVariant const*, QVariant const*) qgraphicsitem.cpp:1181
[... identical lines omitted ...]
qgraphicswidget_p.cpp:827:26: runtime error: member call on address 0x2ab6a8021400 which does not point to an object of type 'QGraphicsWidget'
0x2ab6a8021400: note: object is of type 'QGraphicsObject'
00 00 00 00 70 93 5c 91 b6 2a 00 00 f0 c0 01 a8 b6 2a 00 00 e8 81 5c 91 b6 2a 00 00 10 bf 01 a8
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QGraphicsObject'
#0 0x2ab68f2fdf91 in QGraphicsWidgetPrivate::fixFocusChainBeforeReparenting(QGraphicsWidget*, QGraphicsScene*, QGraphicsScene*) qgraphicswidget_p.cpp:827
#1 0x2ab68f020d2a in QGraphicsItemPrivate::setParentItemHelper(QGraphicsItem*, QVariant const*, QVariant const*) qgraphicsitem.cpp:1181
[... identical lines omitted ...]
Fix by moving the setParentItem(nullptr) call up the call stack
into ~QGraphicsWidget(), ensuring that the object is still a
QGraphicsWidget when these calls are made.
Change-Id: I264779e33098e9752de9a312a146fb203578a3cc
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
Unlike layouts and spacer items, a QWidget is-not-a QLayoutItem.
QWidgetItem simply wraps the QWidget, so in QFormLayout::setWidget(),
we allocate a widget item for the widget passed, and hand that down
to Private::setItem() for adding to the various data structures.
Private::setItem() has a bunch of guard clauses, though, that return
without deleting the item.
A test triggered this code path and made asan complain.
This is just one part of a larger problem: QFormLayout::setLayout()
normally takes ownership of the layout passed, because QLayouts own
their QLayoutItems, and QLayout is-a QLayoutItem. But setLayout()
fails to live up to the owner role when it fails to add a layout,
and there's no easy way for the API user to check for success.
A fix for this breaks tst_qformlayout, and while those checks that
break deserve to be broken, I'll refrain from proposing the larger
fix for 5.6 LTS, but will propose it for 5.8 or 5.9 instead.
This fix here only fixes the leak in setWidget() by adding a bool
return to Private::setItem() informing Private::setWidget() of the
need to manually delete the item it allocated for the widget.
Change-Id: I81409c260f9bee2e95c9a98542d8c60bc19a1332
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
QtDBus is compiled with exceptions disabled, but checkers
don't know that, and it's not 100% certain it will stay
that way until eternity.
So do the simple change and hold the new'ed pointer in a
QScopedPointer until handing it off to create().
Coverity-Id: 154477
Change-Id: I91a763ca4e93585c97cb9e794312b53046971161
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
If using IM to compose text in QTextEdit, the placeholder text
will show underneath until the text is committed.
This patch will additionally check if the user is currently
composing preedit text before deciding whether or not to draw the
placeholder text.
Task-number: QTBUG-55758
Change-Id: If7943c6c94fb96d46514a81caa118829e6e6a0f9
Reviewed-by: Liang Qi <liang.qi@qt.io>
In some cases, when QNetworkReply::encrypted is emitted,
QNetworkReply::sslConfiguration is not yet initialized, in particular
certificate chain is empty, which breaks the documented usage of
'encrypted' to perform additional checks on certificate chain.
It looks to be caused by the fact that QHttpNetworkReply is originally
associated with 0th QHttpNetworkConnectionChannel, and this association
is not updated if HTTP pipelining is not used. Therefore, a reply on
channel >0 might arrive before reply on channel 0, and then using ssl
configuration from channel 0, which not made it through handshake, is
not usable.
Task-number: QTBUG-49554
Change-Id: Ie5d4b5a0c503d5bdc44761ce8581f6ffe4e3bac2
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
The slot is invoked from QObject::destroyed(), which is emitted
from ~QObject. By that time the object is no longer a QShortcut,
so the static_cast it invalid.
Found by UBSan:
tst_qshortcut.cpp:1210:53: runtime error: downcast of address 0x6020000289d0 which does not point to an object of type 'QShortcut'
0x6020000289d0: note: object is of type 'QObject'
10 00 80 17 c0 ce 63 df 93 2b 00 00 b0 02 00 00 d0 60 00 00 02 00 00 00 ff ff ff 04 04 00 00 00
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QObject'
#0 0x42b3bb in tst_QShortcut::shortcutDestroyed(QObject*) tst_qshortcut.cpp:1210
#1 0x446cc9 in tst_QShortcut::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) .moc/tst_qshortcut.moc:186
#2 0x2b93dba52c86 in QMetaObject::activate(QObject*, int, int, void**) qobject.cpp:3787
#3 0x2b93dba55400 in QObject::destroyed(QObject*) .moc/moc_qobject.cpp:213
#4 0x2b93dba8d80d in QObject::~QObject() qobject.cpp:967
#5 0x2b93c6b6e032 in QShortcut::~QShortcut() qshortcut.cpp:476
#6 0x2b93c6b6e370 in QShortcut::~QShortcut() qshortcut.cpp:481
#7 0x42a5de in void qDeleteAll<QList<QShortcut*>::const_iterator>(QList<QShortcut*>::const_iterator, QList<QShortcut*>::const_iterator) qalgorithms.h:317
#8 0x42a5de in void qDeleteAll<QList<QShortcut*> >(QList<QShortcut*> const&) qalgorithms.h:325
#9 0x42a5de in tst_QShortcut::clearAllShortcuts() tst_qshortcut.cpp:1136
Fix by replacing QVector::replaceAll() with the erase-remove idiom,
which does not require the cast, because it can perform mixed-type
lookups.
Change-Id: I4251c1895fa4398023f489dbfd7108d90c1a6c94
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
To keep the change minimal, keep 'sw' as a pointer variable,
but back it by a stack-allocated QStackedWidget instead of a
heap-allocated one that's never deleted.
Change-Id: I9e2a8c07979b861eb7e7040c144d8e75c90d0bc9
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
In case a project uses C++/CX extensions via /ZW compile flag including
qfunctions_winrt.h resulted in a compile error about duplicate
definition of Started due to namespace usages.
Change-Id: I8913522eafbabae77dd7d17187f202e555b0275f
Reviewed-by: Oliver Wolff <oliver.wolff@qt.io>
Since QCocoaEventDispatcher::processEvents() resets the interrupt
state, this may prevent a higher level event loop from returning.
For example, calling QMenu::exec() and, as a result of an action
being triggered, the application calls QCoreApplication::processEvents()
after QMenu::hideEvent(). In this case, the menu event loop can be
stuck until we run another event loop.
Task-number: QTBUG-53947
Change-Id: If7efe1c3c07f7222c695195cbb4f41715e49b02e
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
Reviewed-by: Wayne Arnold <wayne.arnold@autodesk.com>
Reviewed-by: Morten Johan Sørvig <morten.sorvig@qt.io>
In setData(), the old code both called Private::addNode(),
which creates a QFileSystemNode and adds it to the parent's
QHash of children, and also re-purposed the old node by
taking it out of the children hash, adjusting the fileName
member of the node and putting it back into the children
hash under the new name, where it would overwrite the node
just added under the same (new) name in addNode(). Since
the hash stores naked pointers, no-one deletes the node
that was put into the hash first.
Fix by dropping the addNode() call completely.
Change-Id: I0c37917fd0ffd74716393786c69b5bb172aa372e
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
The QFileInfo 'info' is only used in code conditional on
QT_NO_FILESYSTEMWATCHER, so move the definiton into the
conditionally-compiled block, too.
Turn it into an rvalue while at it.
Change-Id: I9983bfdcd0b32d0abecf7c588973a60df9de8cbc
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
The old code is broken because it was passing signal.outputArgs as inputArgs
variable of writeArgList, fix can not be passing signal.outputArgs as outputArgs
of writeArgList since that ignores the first of the list, so i added a new function
that does the right thing
Change-Id: If54484e04880d5dcebfedb9d478ee0e9faf37baa
Task-number: QTBUG-21577
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
In tst_QCompleter, two completers were leaked because they
had no parent and setCompleter() calls don't reparent.
Fixed by giving them parents.
In tst_QUndo*, fix lots of leaked QActions by storing them
in a QScopedPointer. There were some half-hearted attempts
to clean them up with manual deletes, but I ported these to
scoped pointers, too, to make the code more robust in the
face of failures.
This fixes the remaining errors in GCC 6.1 Linux ASan runs of
tests/auto/widgets/util.
Change-Id: Icc5248cc9cf4514540915924df1c4d9e09c071fa
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
QXcbClipboard failed to delete the various QMimeData instances
it owns.
For m_xClipboard, where the two QXcbClipboardMime instances are
never the same, fix the leak by using a scoped instead of a
naked pointer.
For m_clientClipboard, where the two QMimeData could be identical
objects, keep the naked pointers, but delete the objects manually
in the QXcbClipboard destructor, paying attention to the case
where they're the same object.
Change-Id: I5ce0e3e8fcec068aeb344ca806cdf2667378e946
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
The order in which exclusive builds are added affects the order of
values in SUBTARGETS. xcodebuild.mk parses the value of SUBTARGETS in
the Makefile and selects the first entry, which would always be
release-iphonesimulator regardless of the build type. This obviously
caused -sdk iphoneos builds to fail.
This patch switches the order of in which exclusive builds are added so
that the entries which are not present in a particular build type are
always added last.
Change-Id: I306d6f7430c1dff3d741a8c5182b7af81d000e7f
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
(Backport of 5.7/8586ccc).
The original patch was implemented to handle crashes after e78ca787ae.
But the former was pushed to 5.7, and the latter to 5.6. So we need to
backport it, otherwise the same crashes will still happen in 5.6
(e.g when transferring focus from a text edit to a (picker) menu).
Change-Id: I13037735dc316bceadb571e67f38a310c8a1bfae
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@theqtcompany.com>
On iPad, a shortcuts bar with extra controls are shown
on top of the keyboard with opertions like cut and copy.
This is unwanted when using the keyboard to show menus.
This patch will add extra private information to IM
platform data when using menus, so that we hide the
shorcuts menu when showing the custom input panel.
Task-number: QTBUG-49893
Change-Id: Iaa8e1ff18acebec8be69699b3fd9470c69ab34d7
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@theqtcompany.com>
The generated data files for the binary compatibility test
updated for QtBase.
Change-Id: Idae703c83f55ff17cada4419db742ea12b22bf86
Reviewed-by: Sergio Ahumada <sahumada@texla.cl>
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@qt.io>
The usual:
- delete styles
Either by using QScopedPointer.
This fixes the remaining errors in GCC 6.1 Linux ASan runs of
tests/auto/widgets/styles.
Change-Id: Ifba59085c057d474bf964cbb93010c408d773a61
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
GCC warned:
tst_qabstractslider.cpp:858:89: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
Qt::Orientation orientation = *reinterpret_cast<Qt::Orientation*>(&sliderOrientation);
^
tst_qabstractslider.cpp:867:72: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
orientation = *reinterpret_cast<Qt::Orientation*>(&wheelOrientation);
^
The solution, of course, would be to use a static_cast here, but
why go via int in the first place? Qt::Orientation can perfectly
well be used in QFETCH, as proven by tst_qmainwindow, among other
things.
Change-Id: I97916a50405e16d114837bc52580ce6666d74b17
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
so far, we "downgraded" only explicit error() output, but other errors
may happen as well while doing semi-exact evaluation of .prf files - at
least hypothetically.
amends 08d0cb6f8e.
Change-Id: I32819a569dbed2dbdb37c5c23bf4a5a18d3c64ea
Reviewed-by: Joerg Bornemann <joerg.bornemann@theqtcompany.com>
(cherry picked from qttools/ea1a5c3534f089c0e704808a0fb029eda8f753b4)
Reviewed-by: Jake Petroules <jake.petroules@qt.io>
that required factoring out the docs installation to a separate project,
as COPIES doesn't work in subdirs projects. it's cleaner this way
anyway.
Change-Id: I594f3ecdae67417511034ab993904c962b86b282
Reviewed-by: Topi Reiniö <topi.reinio@theqtcompany.com>
Identifiers that match _[A-Z_]* are reserved for use by std
implementations. Qt is not an implementation of the standard,
so it mustn't use such identifiers.
Use plain names for macro arguments and the qt_test_ prefix
for C++ variables declared in expansions of those macros.
Change-Id: I22be167e36676199a5b084df3f4c5ef86c89f000
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
QWidget does not inherit QLayoutItem (unlike QLayout and QSpacerItem, which do),
so don't claim that in the docs.
Added a note.
Added cross-references between layout(), widget() and spacerItem().
Change-Id: I518b6842ef76fd1b72226b790dab75f429fae556
Reviewed-by: Mitch Curtis <mitch.curtis@qt.io>
Reviewed-by: Topi Reiniö <topi.reinio@theqtcompany.com>
After e109b8a0f3, it is possible
that the cache will be flushed as a result of inserting a new
font rather than just when the timer event triggers. When doing
superscript and subscript text layouts, we would first get
a regular font engine, then a scaled one, and then reference
the regular font engine *after* getting the scaled one. If the
regular font engine was deleted as a result of inserting the scaled
one, we would get a dangling pointer and crash.
The situation was improved by 49926bb9ef.
You would now to switch between 256 different fonts in the layout
in order to trigger it. The test in the commit will trigger the
crash even with this change.
[ChangeLog][Qt Gui][Text] Fixed a crash that could happen if you
were doing many different text layouts with different fonts
and superscript or subscript alignment.
Task-number: QTBUG-53911
Change-Id: Ia33108252e030eff25924ef1b7c10b9d59b5bc8c
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
QXcbCursor had a "cache" of cursor handles. Unfortunately, as QXcbCursor has its
lifetime tied to the screen, this cache grew unbounded whenever the cursor was
set: this could be witnessed worst when repeatedly setting the current cursor to
a different pixmap each time.
We fix this by keeping the cursor cache only for the "regular" shaped cursors
that are often shared between windows, working on the assumption that custom
cursors are generally specific only to a given window. This makes the lifetime
of the bitmap cursors much more clear: they are tied to that window, and when
the window is destroyed (or changes cursor), so too is the bitmap cursor
destroyed (if set).
Reported-by: Will Thompson <wjt@endlessm.com>
Change-Id: Ia558d858ff49e89cd5220344567203eb0267a133
Reviewed-by: Uli Schlachter <psychon@znc.in>
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
This essentially emulates Xcode behavior for QMAKE_BUNDLE_DATA.
This is mostly for our own internal use. No documentation is provided.
Variables introduced:
- QMAKE_ASSET_CATALOGS
- QMAKE_ASSET_CATALOGS_APP_ICON
- QMAKE_ASSET_CATALOGS_BUILD_PATH
- QMAKE_ASSET_CATALOGS_INSTALL_PATH
Change-Id: I9577415d637f022d05f301c5a0d799483cd2a963
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
To match correctly (only) .h files, a regex needs to end in \.h$
Some of them missed the \, one missed the $.
(The last also had a legitimate .* before its misunescaped .)
One pair matched _p.h and _pch.h, which could be combined.
Change-Id: I7539a28eb7017cd0f1b36c72e05108e03a68a952
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
We need to delete the style returned from QStyleFactory::create()
ourselves, so put them into a QScopedPointer.
The alternative would have been to create this once, as a member
of tst_QWidget, but this is the minimal approach that ensures
behavior just as the old code, but without the leak.
Change-Id: I527f1031c57be6f05942f4acc057e7dae1af2571
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
As found by UBSan:
qstandardgestures.cpp:511:67: runtime error: downcast of address 0x7ffc9beb1b90 which does not point to an object of type 'QTouchEvent'
0x7ffc9beb1b90: note: object is of type 'QPlatformSurfaceEvent'
fc 7f 00 00 08 93 b1 6f f5 2a 00 00 00 00 00 00 00 00 00 00 d9 00 ec 9b 00 00 00 00 49 01 c1 5e
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QPlatformSurfaceEvent'
#0 0x2af55edfa66a in QTapAndHoldGestureRecognizer::recognize(QGesture*, QObject*, QEvent*) qstandardgestures.cpp:511
#1 0x2af55ee3d9bb in QGestureManager::filterEventThroughContexts(QMultiMap<QObject*, Qt::GestureType> const&, QEvent*) qgesturemanager.cpp:276
#2 0x2af55ee4565b in QGestureManager::filterEvent(QWidget*, QEvent*) qgesturemanager.cpp:512
#3 0x2af55ee53945 in QGestureManager::filterEvent(QObject*, QEvent*) qgesturemanager.cpp:556
#4 0x2af55ea1b83a in QApplication::notify(QObject*, QEvent*) qapplication.cpp:3053
#5 0x2af573949d0f in QCoreApplication::notifyInternal2(QObject*, QEvent*) qcoreapplication.cpp:988
#6 0x2af56982ff94 in QCoreApplication::sendEvent(QObject*, QEvent*) qcoreapplication.h:231
#7 0x2af56982ff94 in QWindowPrivate::create(bool) qwindow.cpp:435
#8 0x2af55ecd10fe in QWidgetPrivate::create_sys(unsigned long long, bool, bool) qwidget.cpp:1471
#9 0x2af55ecc770e in QWidget::create(unsigned long long, bool, bool) qwidget.cpp:1333
#10 0x2af55ed80618 in QWidget::setVisible(bool) qwidget.cpp:8156
#11 0x4feec4 in tst_QWidget::touchEventsForGesturePendingWidgets() tst_qwidget.cpp:9824
qstandardgestures.cpp:512:67: runtime error: downcast of address 0x7ffc9beb1b90 which does not point to an object of type 'QMouseEvent'
0x7ffc9beb1b90: note: object is of type 'QPlatformSurfaceEvent'
fc 7f 00 00 08 93 b1 6f f5 2a 00 00 00 00 00 00 00 00 00 00 d9 00 ec 9b 00 00 00 00 49 01 c1 5e
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QPlatformSurfaceEvent'
#0 0x2af55edfaa19 in QTapAndHoldGestureRecognizer::recognize(QGesture*, QObject*, QEvent*) qstandardgestures.cpp:512
[... skipping common lines ...]
qstandardgestures.cpp:514:95: runtime error: downcast of address 0x
0x7ffc9beb1b90: note: object is of type 'QPlatformSurfaceEvent'
fc 7f 00 00 08 93 b1 6f f5 2a 00 00 00 00 00 00 00 00 00 00 d9 00 ec 9b 00 00 00 0
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QPlatformSurfaceEvent'
#0 0x2af55edfa966 in QTapAndHoldGestureRecognizer::recognize(QGesture*, QObject*, QEvent*) qstandardgestures.cpp:514
[... skipping common lines ...]
The problem is that the casts are done outside the switch that
determines the event's type, so for any given event object, at least
any two of the casts are invalid.
This could actually be a real problem, because it's trivial for a
compiler to prove that these three lines unconditionally invoke UB, so
it has all the right in the world to decide to drop the complete rest
of the function, using this line of reasoning:
1. The only way for these three casts not to be UB is if event ==
nullptr.
2. If event == nullptr, then event->type() invokes UB, so event cannot
be nullptr.
3. The only way both can be true is if this code path is never
taken. I can thus assume that
object == state && event->type() == QEvent::Timer
is always true, drop the check and execute the if block
unconditionally (I need to call QEvent::type(), to satisfy the
as-if-rule, but I needn't check its return value).
Fix by moving the casts where they belong: into each case of the
switch, where the type of the event has been checked to match the
target type of the cast.
Change-Id: I3aee8e213dc19d2f51636bcc5221cc92b3142e58
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Found by UBSan:
qwidget.cpp:5228:62: runtime error: downcast of address 0x61b00003d480 which does not point to an object of type 'QWidget'
0x61b00003d480: note: object is of type 'QMainWindowLayout'
bc 00 00 75 90 2e 2a 78 4f 2b 00 00 40 c1 02 00 f0 60 00 00 78 2f 2a 78 4f 2b 00 00 00 00 00 00
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'QMainWindowLayout'
#0 0x2b4f70efb1c2 in sendResizeEvents qwidget.cpp:5228
#1 0x2b4f70f65f7f in QWidget::grab(QRect const&) qwidget.cpp:5252
#2 0x6b1746 in tst_QWidget::render_task188133() tst_qwidget.cpp:6615
Fix by performing the cast only after the test for isWidgetType() has
succeeded.
Change-Id: I061a60ef35bcb5fbefb9bc7b84706c9dd5afd207
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Found by UBSan:
tst_qapplication.cpp:1754:48: runtime error: member access within address 0x7ffda11f2220 which does not point to an object of type 'SpontaneousEvent'
0x7ffda11f2220: note: object is of type 'QMouseEvent'
The code attempted to model the layout of a QEvent with another class
that allows public access to the memory location that (hopefully)
corresponds to QEvent::spont, gaining access by casting a QEvent
object to that specifically-crafted class.
Fix by the using the existing QSpontaneKeyEvent::setSpontaneous()
call, which, despite its name, works for all QEvent subclasses, and
which has already been fixed to not invoke UB (in bc087db).
Change-Id: I7db8b8a8a823f7d61ab17375142d19dc3874fea5
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
The Q_AUTOTEST_EXPORT is defined in all cases. So usage as #if
defined(Q_AUTOTEST_EXPORT) was wrong.
Change-Id: Ia1c1526ad08fdfa35ca773d7c62f8bbba39a6d38
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Adds two formats that does not have optimized code-paths in qdrawhelper
to ensure the generic path has coverage.
This has already uncovered one bug fixed before this patch could go in.
Change-Id: I0e0a1a873555b27f6438f69a76982b8e06263dcf
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
The check for Q_... macros used a regex that didn't allow digits; it
thus failed to match Q_DECLARE_SHARED_NOT_MOVABLE_UNTIL_QT6().
Change-Id: I3f9339349aa21e2fea04a7f53d9d8e0903e4c65b
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
QDateTimeEdit ignores the time-spec of its date-time value, using its
own time-spec instead; mostly, this works because it first conforms
the value to its own time-spec. However, during construction, before
doing this, it set up its display data, which could leave it with a
different time (rather than a different representation of the given
time) than it was asked to use.
Moved the updateTimeSpec() calls to immediately after setting value in
QDateTimeEditPrivate::init() to ensure correct handling. Added test.
Task-number: QTBUG-54781
Change-Id: I3b07c10997abb858fc0b40558bff96e3fdabbd83
Reviewed-by: Jesus Fernandez <jesus.fernandez@qt.io>
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
The Windows Intel drivers reject shader sources without
a version directive in 3.2+ compatibility profiles. This
is odd but can be worked around by adding #version 110
(which should be the default...)
Change-Id: I1ccac41b80121e6423d4f8964d03dda52a433296
Task-number: QTBUG-55733
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
Reviewed-by: Andy Nichols <andy.nichols@qt.io>
1. QSslSocketBackendPrivate::transmit was ignoring 'readBufferMaxSize';
as a result, we can have a user trying to set read buffer's size
to a small value (and more important - reading slowly in a small
chunks from this socket), but SSL itself socket reading 'too fast',
potentially growing its internal buffer to a huge size. This also
results in auto-tests failing - whenever we're trying to limit read
rate in some test.
2. Update qsslsocket auto-test.
Task-number: QTBUG-43388
Task-number: QTBUG-55170
Change-Id: Iedece26df0ac5b3b7cad62cc8c98aedc28e7ca5b
Reviewed-by: Richard J. Moore <rich@kde.org>
In setMinAndMaxSize(), QLayout::removeItem() doesn't actually delete
the removed item. We have to do that ourselves (RAII not necessary,
since the spacer is owned by the layout until we remove it).
In distributeMultiCell(), allocate the QStyle subclass on the stack so
the compiler cleans it up properly on all exit paths (was:
unconditional leak).
Change-Id: I24f8f11af2bfc5abf78f9aab0139dcfe0187402b
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
In sizeConstraints(), QLayout::takeAt(), as the name suggests, doesn't
actually delete the item. We have to do that ourselves.
Likewise, in replaceWidget(), QLayout::replaceWidget() also doesn't
delete the affected item, but returns it. That's spectacularly bad API
design, but the leak is easy to fix: just delete the return value.
Change-Id: I8dcbc59898949eabce766cda2c0edae2e1f2799e
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
