Bug 282952 - KWidgetItemDelegate crashes when applied to QListView without model
Summary: KWidgetItemDelegate crashes when applied to QListView without model
Alias: None
Product: kdelibs
Classification: Frameworks and Libraries
Component: kdeui (show other bugs)
Version: 4.6
Platform: Gentoo Packages Linux
: NOR crash
Target Milestone: ---
Assignee: kdelibs bugs
Depends on:
Reported: 2011-09-28 07:23 UTC by Thomas Fischer
Modified: 2011-09-28 11:16 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In: 4.7.2

Example code to reproduce crash (1.70 KB, application/x-bzip-compressed-tar)
2011-09-28 07:24 UTC, Thomas Fischer

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Fischer 2011-09-28 07:23:30 UTC
Version:           4.6 (using KDE 4.6.5) 
OS:                Linux

KWidgetItemDelegate crashes when applied to QListView without model. Using QAbstractItemDelegate instead (which is the direct ancestor class) in the same code does not cause a crash.

Function KWidgetItemDelegatePrivate::initializeModel in kdelibs-4.6.5/kdeui/itemviews/kwidgetitemdelegate.cpp does not check if the model is valid (!=NULL) before calling model->rowCount(parent).
The same code exist still in git/trunk (line offset has shifted).

Reproducible: Always

Steps to Reproduce:
Use attached example code. Enable/disable define of USE_KWIDETITEMDELEGATE in testwidget.cpp, line 1.

Actual Results:  
Crash when using KWidgetItemDelegate, no crash with QAbstractItemDelegate

Expected Results:  
Both KWidgetItemDelegate and QAbstractItemDelegate should behave identical

Application: kwidgetitemdelegatetest (kwidgetitemdelegatetest), signal: Segmentation fault
[KCrash Handler]
#7  0xb765f94b in KWidgetItemDelegatePrivate::initializeModel (this=0x82c3b70, parent=...) at /var/tmp/portage/kde-base/kdelibs-4.6.5-r1/work/kdelibs-4.6.5/kdeui/itemviews/kwidgetitemdelegate.cpp:138
#8  0xb765fbd4 in KWidgetItemDelegatePrivate::qt_metacall (this=0x82c3b70, _c=QMetaObject::InvokeMetaMethod, _id=5, _a=0x82dde80) at /var/tmp/portage/kde-base/kdelibs-4.6.5-r1/work/kdelibs-4.6.5_build/kdeui/kwidgetitemdelegate_p.moc:76
#9  0xb7070093 in QMetaObject::metacall (object=0x82c3b70, cl=QMetaObject::InvokeMetaMethod, idx=5, argv=0x82dde80) at kernel/qmetaobject.cpp:237
#10 0xb707ac7f in QMetaCallEvent::placeMetaCall (this=0x82d7208, object=0x82c3b70) at kernel/qobject.cpp:535
#11 0xb707ba2c in QObject::event (this=0x82c3b70, e=0xbfe97eb8) at kernel/qobject.cpp:1217
#12 0xb64f990f in QApplicationPrivate::notify_helper (this=0x823dfb8, receiver=0x82c3b70, e=0x82d7208) at kernel/qapplication.cpp:4462
#13 0xb6501822 in QApplication::notify (this=0xbfe98878, receiver=0x82c3b70, e=0x82d7208) at kernel/qapplication.cpp:3862
#14 0xb7682845 in KApplication::notify (this=0xbfe98878, receiver=0x82c3b70, event=0x82d7208) at /var/tmp/portage/kde-base/kdelibs-4.6.5-r1/work/kdelibs-4.6.5/kdeui/kernel/kapplication.cpp:311
#15 0xb7068b25 in QCoreApplication::notifyInternal (this=0xbfe98878, receiver=0x82c3b70, event=0x82d7208) at kernel/qcoreapplication.cpp:731
#16 0xb706a0e0 in sendEvent (receiver=0x0, event_type=0, data=0x8226f38) at kernel/qcoreapplication.h:215
#17 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x8226f38) at kernel/qcoreapplication.cpp:1372
#18 0xb706a38a in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1265
#19 0xb7098fa3 in sendPostedEvents (s=0x8240100) at kernel/qcoreapplication.h:220
#20 postEventSourceDispatch (s=0x8240100) at kernel/qeventdispatcher_glib.cpp:277
#21 0xb5c0c990 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#22 0xb5c10a88 in ?? () from /usr/lib/libglib-2.0.so.0
#23 0xb5c10c3d in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#24 0xb7098ba6 in QEventDispatcherGlib::processEvents (this=0x823ac78, flags=...) at kernel/qeventdispatcher_glib.cpp:422
#25 0xb65bea7c in QGuiEventDispatcherGlib::processEvents (this=0x823ac78, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#26 0xb70675ff in QEventLoop::processEvents (this=0xbfe987c4, flags=) at kernel/qeventloop.cpp:149
#27 0xb7067a25 in QEventLoop::exec (this=0xbfe987c4, flags=...) at kernel/qeventloop.cpp:201
#28 0xb706a432 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1008
#29 0xb64f8096 in QApplication::exec () at kernel/qapplication.cpp:3736
#30 0x0804bfe9 in main (argc=-1215997144, argv=0x82dc3f8) at /home/fish/playground/KWidgetItemDelegate/main.cpp:20
Comment 1 Thomas Fischer 2011-09-28 07:24:59 UTC
Created attachment 64028 [details]
Example code to reproduce crash
Comment 2 Christoph Feck 2011-09-28 10:59:45 UTC
Hm, the test code does not set a model on the view. While this test case triggers a crash, I would like to know if there is a real situation where you get it. I mean, without a model, the view is useless.
Comment 3 Thomas Fischer 2011-09-28 11:07:26 UTC
(In reply to comment #2)
> Hm, the test code does not set a model on the view. While this test case
> triggers a crash, I would like to know if there is a real situation where you
> get it. I mean, without a model, the view is useless.

I came up with this problem when programming the delegate before the model and testing if the program would compile and run.
Even if it makes no sense to call setItemDelegate on a view that has no model yet, crashing is not the right answer, especially as QAbstractItemDelegate doesn't it either.

I would recommend to insert a Q_ASSERT_X macro or checking for model==NULL and return silently or with some kWarning message.
Comment 4 Christoph Feck 2011-09-28 11:16:07 UTC
Git commit d1570cc40cdefd5623dba1324b05494c812132b7 by Christoph Feck.
Committed on 28/09/2011 at 13:06.
Pushed by cfeck into branch 'KDE/4.7'.

Fix crash when no model has been set (yet)

In the case a view is shown before its model has been set,
QAbstractItemView internally uses an "empty" model. Instead of
connecting to the empty model, we check for the null pointer.

BUG: 282952
FIXED-IN: 4.7.2

M  +3    -0    kdeui/itemviews/kwidgetitemdelegate.cpp