PDA

View Full Version : Qt 5.12.2 QTableView segfault on vnc dual screen Centos 7



pwa
28th April 2019, 17:04
The problem is a segfault that occurs in a QTableView widget instance when it is scrolled (mouse wheel but could be another event that causes scrolling) and has somehow failed to paint after calling setVisible(true) (the underlying desktop is still in its viewport), with the following conditions:

1. The Qt application is being used on a vnc session over ssh on a dual monitor setup (2x Dell 19" (1280x1024) side by side).

2. The segfault only occurs when the QTableView hasn't been painted.

3. The segfault/non painting of the dialog only occurs when it is positioned on the right monitor over vnc (there is no segfault when the Qt application is run on the local computer with the dual monitor setup or on the left monitor over vnc as it always paints).

4. The segfault/non painting of the dialog on the right vnc monitor only occurs after the vnc desktop client has gone from full screen off to full screen back on again (F8 Menu in the vnc desktop client).

5. This segfault/non painting on the dual monitor vnc setup arised after upgrading the Qt version from 4.8.4 to Qt 5. The segfault occurs with both 5.11 and 5.12.2 over vnc but not with 4.8.4 over vnc.

6. The segfault/non painting does not occur when the vnc desktop client is run from a laptop with 1280x800 resolution.


class TableDialog : public QDialog
{
Q_OBJECT
public:
TableDialog(QWidget* parent=0);
~TableDialog();

signals:
...

public slots:
...

protected:
QTableView* tableView_;
};


TableDialog::TableDialog(QWidget* parent):
QDialog(parent)
{
setWindowFlags(Qt::Window);
tableView_=new QTableView(this);

tableView_->setFrameStyle(QFrame::NoFrame);
tableView_->setFocusPolicy(Qt::NoFocus);

QVBoxLayout* vBoxLayout=new QVBoxLayout(this);
vBoxLayout->addWidget(tableView_);
vBoxLayout->setSpacing(0);
vBoxLayout->setMargin(0);
setLayout(vBoxLayout);

tableView_->setAlternatingRowColors(true);
tableView_->verticalHeader()->hide();

tableView_->horizontalHeader()->setSectionsMovable(true);
tableView_->horizontalHeader()->setDragEnabled(true);
tableView_->horizontalHeader()->setDragDropMode(QAbstractItemView::InternalMove);
}

Details:
vnc client and server running on Centos 7 machines.
TigerVNC Viewer 64-bit v1.8.0


(gdb) bt
#0 0x00007fa4766027e3 in ?? () from lib3/libQt5Widgets.so.5
#1 0x00007fa4766052d2 in QWidgetPrivate::scrollRect(QRect const&, int, int) () from lib3/libQt5Widgets.so.5
#2 0x00007fa47662057b in QWidgetPrivate::scroll_sys(int, int) () from lib3/libQt5Widgets.so.5
#3 0x00007fa4766206f6 in QWidget::scroll(int, int) () from lib3/libQt5Widgets.so.5
#4 0x00007fa476870c73 in QTableView::scrollContentsBy(int, int) () from lib3/libQt5Widgets.so.5
#5 0x00007fa4766cfc01 in QAbstractScrollAreaPrivate::_q_vslide(int) () from lib3/libQt5Widgets.so.5
#6 0x00007fa475bb99ba in QMetaObject::activate(QObject*, int, int, void**) () from lib3/libQt5Core.so.5
#7 0x00007fa4766d4dfe in QAbstractSlider::valueChanged(int) () from lib3/libQt5Widgets.so.5
#8 0x00007fa4766d5437 in QAbstractSlider::setValue(int) () from lib3/libQt5Widgets.so.5
#9 0x00007fa4766d6015 in ?? () from lib3/libQt5Widgets.so.5
#10 0x00007fa4767714ac in QScrollBar::wheelEvent(QWheelEvent*) () from lib3/libQt5Widgets.so.5
#11 0x00007fa47662f6f8 in QWidget::event(QEvent*) () from lib3/libQt5Widgets.so.5
#12 0x00007fa476773165 in QScrollBar::event(QEvent*) () from lib3/libQt5Widgets.so.5
#13 0x00007fa4765f3adc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from lib3/libQt5Widgets.so.5
#14 0x00007fa4765fc5ef in QApplication::notify(QObject*, QEvent*) () from lib3/libQt5Widgets.so.5
#15 0x00007fa475b8af98 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from lib3/libQt5Core.so.5
#16 0x00007fa47662f6f8 in QWidget::event(QEvent*) () from lib3/libQt5Widgets.so.5
#17 0x00007fa4766cd86e in QFrame::event(QEvent*) () from lib3/libQt5Widgets.so.5
#18 0x00007fa476830f1c in QAbstractItemView::viewportEvent(QEvent*) () from lib3/libQt5Widgets.so.5
#19 0x00007fa475b8ad2d in QCoreApplicationPrivate::sendThroughObjectEventFil ters(QObject*, QEvent*) () from lib3/libQt5Core.so.5
#20 0x00007fa4765f3ab5 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from lib3/libQt5Widgets.so.5
#21 0x00007fa4765fc5ef in QApplication::notify(QObject*, QEvent*) () from lib3/libQt5Widgets.so.5
#22 0x00007fa475b8af98 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from lib3/libQt5Core.so.5
#23 0x00007fa47664b04d in ?? () from lib3/libQt5Widgets.so.5
#24 0x00007fa47664c704 in ?? () from lib3/libQt5Widgets.so.5
#25 0x00007fa4765f3adc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from lib3/libQt5Widgets.so.5
#26 0x00007fa4765faae0 in QApplication::notify(QObject*, QEvent*) () from lib3/libQt5Widgets.so.5
#27 0x00007fa475b8af98 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from lib3/libQt5Core.so.5
#28 0x00007fa476012703 in QGuiApplicationPrivate::processWheelEvent(QWindowS ystemInterfacePrivate::WheelEvent*) ()
from lib3/libQt5Gui.so.5
#29 0x00007fa476017345 in QGuiApplicationPrivate::processWindowSystemEvent(Q WindowSystemInterfacePrivate::WindowSystemEvent*) ()
---Type <return> to continue, or q <return> to quit---


valgrind
==12651== Memcheck, a memory error detector
==12651== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==12651== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==12651== Command: ./Main
==12651==
==12651== Invalid read of size 8
==12651== at 0x57077E3: ??? (in lib3/libQt5Widgets.so.5)
==12651== by 0x570A2D1: QWidgetPrivate::scrollRect(QRect const&, int, int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x572557A: QWidgetPrivate::scroll_sys(int, int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x57256F5: QWidget::scroll(int, int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x5975C72: QTableView::scrollContentsBy(int, int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x57D4C00: QAbstractScrollAreaPrivate::_q_vslide(int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x63F99B9: QMetaObject::activate(QObject*, int, int, void**) (in lib3/libQt5Core.so.5)
==12651== by 0x57D9DFD: QAbstractSlider::valueChanged(int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x57DA436: QAbstractSlider::setValue(int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x57DB014: ??? (in lib3/libQt5Widgets.so.5)
==12651== by 0x58764AB: QScrollBar::wheelEvent(QWheelEvent*) (in lib3/libQt5Widgets.so.5)
==12651== by 0x57346F7: QWidget::event(QEvent*) (in lib3/libQt5Widgets.so.5)
==12651== Address 0x8 is not stack'd, malloc'd or (recently) free'd
==12651==
==12651==
==12651== Process terminating with default action of signal 11 (SIGSEGV): dumping core
==12651== Access not within mapped region at address 0x8
==12651== at 0x57077E3: ??? (in lib3/libQt5Widgets.so.5)
==12651== by 0x570A2D1: QWidgetPrivate::scrollRect(QRect const&, int, int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x572557A: QWidgetPrivate::scroll_sys(int, int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x57256F5: QWidget::scroll(int, int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x5975C72: QTableView::scrollContentsBy(int, int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x57D4C00: QAbstractScrollAreaPrivate::_q_vslide(int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x63F99B9: QMetaObject::activate(QObject*, int, int, void**) (in lib3/libQt5Core.so.5)
==12651== by 0x57D9DFD: QAbstractSlider::valueChanged(int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x57DA436: QAbstractSlider::setValue(int) (in lib3/libQt5Widgets.so.5)
==12651== by 0x57DB014: ??? (in lib3/libQt5Widgets.so.5)
==12651== by 0x58764AB: QScrollBar::wheelEvent(QWheelEvent*) (in lib3/libQt5Widgets.so.5)
==12651== by 0x57346F7: QWidget::event(QEvent*) (in lib3/libQt5Widgets.so.5)
==12651== If you believe this happened as a result of a stack
==12651== overflow in your program's main thread (unlikely but
==12651== possible), you can try to increase the size of the
==12651== main thread stack using the --main-stacksize= flag.
==12651== The main thread stack size used in this run was 8388608.
==12651==
==12651== HEAP SUMMARY:
==12651== in use at exit: 10,031,411 bytes in 126,115 blocks
==12651== total heap usage: 649,315 allocs, 523,200 frees, 830,917,619 bytes allocated
==12651==
==12651== LEAK SUMMARY:
==12651== definitely lost: 109 bytes in 1 blocks
==12651== indirectly lost: 0 bytes in 0 blocks
==12651== possibly lost: 4,352 bytes in 7 blocks
==12651== still reachable: 10,026,950 bytes in 126,107 blocks
==12651== of which reachable via heuristic:
==12651== stdstring : 293,800 bytes in 9,294 blocks
==12651== newarray : 40 bytes in 1 blocks
==12651== multipleinheritance: 18,576 bytes in 25 blocks
==12651== suppressed: 0 bytes in 0 blocks
==12651== Rerun with --leak-check=full to see details of leaked memory
==12651==
==12651== For counts of detected and suppressed errors, rerun with: -v
==12651== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)



Many thanks,

Piers