Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-110616

QQuickLayout crashes

    XMLWordPrintable

Details

    • Linux/X11, macOS
    • 24f5695d35f0ef7a8f48502de3d4810d21fb3d3f

    Description

      On macOS and Linux (X11 XCB only!) QQuickLayout crashes under some circumstances. Please try to run the attached minimal example derived from the real world use case.

      The reason for the crash is a dangling pointer in the layout's item list.

      In the example I've marked several locations [1]-[5] in the code that "solve" the crash when commenting out. The DummyModel uses a delayed initialization [1] (QQmlParserStatus), without this I was not able to reproduce the crash.

      Things I've found out so far:

      • QGridLayoutEngine::deleteItems is called to late
      • QQuickGridLayoutBase::itemDestroyed is not invoked because prior to this the listener is removed in QQuickLayout::itemChange(ItemChildRemovedChange) => the corresponding layout item is not removed from the list and its referenced, untracked QQuickItem might become a dangling pointer (which is the case here). Any subsequent access to the QQuickItem is potentially invalid.

      I was not able to reproduce this on Windows or on Wayland, so there might be some race condition related to event handling.

      The crash does not occur in 6.3.x.

      Attachments

        Activity

          People

            santhoshkumar Santhosh Kumar Selvaraj
            njeisecke Nils Jeisecke
            Votes:
            7 Vote for this issue
            Watchers:
            10 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 days
                2d