Crash on startup when session contains 2+ open files that no longer exist

[eevee]

Just upgraded and Tiled is now struggling to open. Unfortunately that makes it a little difficult to determine the exact cause, but here's what I know!

There's an "Error Opening File" dialog, which never successfully draws (so I don't know what it's trying to say or which file it's trying to load) before a segfault with this stack trace:

#0  0x00007ffff6b557d9 in QToolBarAreaLayoutItem::skip (this=0x555555fbffc0) at widgets/qtoolbararealayout.cpp:94
#1  QToolBarAreaLayout::apply (this=0x5555559bc0e0, animate=false) at widgets/qtoolbararealayout.cpp:895
#2  0x00007ffff6ad5468 in QMainWindowLayoutState::apply (animated=<optimized out>, this=0x5555559bc0c8) at widgets/qmainwindowlayout.cpp:682
#3  QMainWindowLayout::applyState (this=<optimized out>, newState=..., animate=<optimized out>) at widgets/qmainwindowlayout.cpp:2758
#4  0x00007ffff6991a6b in QLayoutPrivate::doResize (this=this@entry=0x5555559d8510) at kernel/qlayout.cpp:594
#5  0x00007ffff699293d in QLayout::activate (this=<optimized out>) at kernel/qlayout.cpp:1117
#6  0x00007ffff69ae695 in QWidgetPrivate::setVisible (this=0x555555dfde70, visible=<optimized out>) at kernel/qwidget.cpp:8100
#7  0x00007ffff6b51286 in QToolBarLayout::setGeometry (this=0x555555df7050, rect=...) at widgets/qtoolbarlayout.cpp:429
#8  0x00007ffff6991a6b in QLayoutPrivate::doResize (this=this@entry=0x555555dfb100) at kernel/qlayout.cpp:594
#9  0x00007ffff699293d in QLayout::activate (this=<optimized out>) at kernel/qlayout.cpp:1117
#10 0x00007ffff6978bd0 in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x555555df9690, e=0x7fffffffc920) at kernel/qapplication.cpp:3626
#11 0x00007ffff5c8d978 in QCoreApplication::notifyInternal2 (receiver=0x555555df9690, event=0x7fffffffc920) at kernel/qcoreapplication.cpp:1064
#12 0x00007ffff69ac084 in QWidgetPrivate::setGeometry_sys (this=this@entry=0x555555dfdc70, x=525, y=0, w=<optimized out>, h=51, isMove=<optimized out>, isMove@entry=true) at kernel/qwidget.cpp:7139
#13 0x00007ffff69ac95c in QWidget::setGeometry (this=0x555555df9690, r=...) at kernel/qwidget.cpp:7027
#14 0x00007ffff69b8663 in QWidget::qt_metacall (this=0x555555df9690, _c=QMetaObject::WriteProperty, _id=3, _a=0x7fffffffca60) at .moc/moc_qwidget.cpp:611
#15 0x00007ffff6b4d02c in QToolBar::qt_metacall (this=0x555555df9690, _c=QMetaObject::WriteProperty, _id=<optimized out>, _a=0x7fffffffca60) at .moc/moc_qtoolbar.cpp:298
#16 0x00007ffff5ad0785 in QPropertyAnimationPrivate::updateProperty (newValue=..., this=0x555559d97270) at animation/qpropertyanimation.cpp:133
#17 QPropertyAnimationPrivate::updateProperty (newValue=..., this=0x555559d97270) at animation/qpropertyanimation.cpp:117
#18 QPropertyAnimation::updateCurrentValue (this=<optimized out>, value=...) at animation/qpropertyanimation.cpp:240
#19 0x00007ffff5ad30c6 in QVariantAnimationPrivate::setCurrentValueForProgress (progress=<optimized out>, this=0x555559d97270) at animation/qvariantanimation.cpp:287
#20 QVariantAnimationPrivate::recalculateCurrentInterval (this=0x555559d97270, force=<optimized out>) at animation/qvariantanimation.cpp:270
#21 0x00007ffff5ad4d60 in QVariantAnimationPrivate::setDefaultStartEndValue (value=..., this=0x555559d97270) at animation/qvariantanimation.cpp:334
#22 QPropertyAnimation::updateState (this=0x55555c29bc90, newState=<optimized out>, oldState=QAbstractAnimation::Stopped) at animation/qpropertyanimation.cpp:279
#23 0x00007ffff5ad00a7 in QAbstractAnimationPrivate::setState (this=0x555559d97270, newState=QAbstractAnimation::Running) at animation/qabstractanimation.cpp:990
#24 0x00007ffff6a5e2aa in QWidgetAnimator::animate (this=0x5555559bc600, widget=<optimized out>, _final_geometry=..., animate=<optimized out>) at widgets/qwidgetanimator.cpp:113
#25 0x00007ffff6b558b1 in QToolBarAreaLayout::apply (this=0x5555559bc0e0, animate=false) at widgets/qtoolbararealayout.cpp:935
#26 0x00007ffff6ad5468 in QMainWindowLayoutState::apply (animated=<optimized out>, this=0x5555559bc0c8) at widgets/qmainwindowlayout.cpp:682
#27 QMainWindowLayout::applyState (this=<optimized out>, newState=..., animate=<optimized out>) at widgets/qmainwindowlayout.cpp:2758
#28 0x00007ffff6991a6b in QLayoutPrivate::doResize (this=this@entry=0x5555559d8510) at kernel/qlayout.cpp:594
#29 0x00007ffff699293d in QLayout::activate (this=<optimized out>) at kernel/qlayout.cpp:1117
#30 0x00007ffff6978bd0 in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x555555ad3ca0, e=0x555555df54a0) at kernel/qapplication.cpp:3626
#31 0x00007ffff5c8d978 in QCoreApplication::notifyInternal2 (receiver=0x555555ad3ca0, event=0x555555df54a0) at kernel/qcoreapplication.cpp:1064
#32 0x00007ffff5c8e483 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x55555558da20) at kernel/qcoreapplication.cpp:1821
#33 0x00007ffff5cd4478 in postEventSourceDispatch (s=0x555555768190) at kernel/qeventdispatcher_glib.cpp:277
#34 0x00007ffff4918c6b in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#35 0x00007ffff496f001 in ?? () from /usr/lib/libglib-2.0.so.0
#36 0x00007ffff4916392 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#37 0x00007ffff5cd825c in QEventDispatcherGlib::processEvents (this=0x55555576d900, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#38 0x00007ffff5c8611c in QEventLoop::exec (this=this@entry=0x7fffffffd2e0, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#39 0x00007ffff6b7354b in QDialog::exec (this=0x7fffffffd370) at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#40 0x00007ffff6bb06c7 in showNewMessageBox (parent=<optimized out>, icon=<optimized out>, title=..., text=..., buttons=..., defaultButton=QMessageBox::NoButton) at dialogs/qmessagebox.cpp:1647
#41 0x00007ffff7824d5e in Tiled::MainWindow::openFile(QString const&, Tiled::FileFormat*) () from /usr/lib/libtilededitor.so
#42 0x00007ffff782764d in Tiled::MainWindow::restoreSession() () from /usr/lib/libtilededitor.so
#43 0x00007ffff78248f9 in Tiled::MainWindow::initializeSession() () from /usr/lib/libtilededitor.so
#44 0x0000555555560f66 in ?? ()
#45 0x00007ffff543c2d0 in __libc_start_call_main (main=main@entry=0x55555555fbaa, argc=argc@entry=1, argv=argv@entry=0x7fffffffdab8) at ../sysdeps/nptl/libc_start_call_main.h:58
#46 0x00007ffff543c38a in __libc_start_main_impl (main=0x55555555fbaa, argc=1, argv=0x7fffffffdab8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffdaa8) at ../csu/libc-start.c:381
#47 0x000055555555ab35 in ?? ()

It segfaults because this->widgetItem, a pointer, is 0xffffff. Weird.

This is obviously way deep in some Qt guts, and all Tiled is doing is calling a very high-level Qt function to show a dialog box, so I cannot imagine why this is happening. I somewhat doubt it's Tiled's fault at all, but I also can't find any trace of this being a known Qt bug, so I'm hoping you have an idea here.

In the meantime, I'm going to nuke my session and then at least narrow down which file is failing to load.

Arch Linux x64, using the pacman build, Tiled 1.9.1(-1), Qt 5.15.5

[eevee]

Oh, very interesting.

If the session contains one open file that no longer exists, Tiled opens successfully, and complains successfully that the file doesn't exist (although the actual error is "Unrecognized file format", which is a bit misleading).

If the session contains two, different open files that no longer exist, Tiled crashes immediately.

Is Qt unhappy about trying to spawn two modal dialogs at once?

[eevee]

And now that I've fixed my session, I ran into another startup crash, except it's coming from QCoreApplicationPrivate::sendPostedEvents with no Tiled code in the stack at all, so I have no idea what's wrong. Completely clearing my open file list fixed that, though.

[bjorn]

Hmm, I tested this on Fedora against Qt 5.15.2 and it simply showed two "file not found" popups, one after the other:

(though it would be nice to not duplicate the file name there)

From the backtrace it seems there is more going on than just two missing files. There's animation involved, and the trace shows twice a call to QMainWindowLayout::applyState (which is not necessarily back into the same QMainWindowLayout, because Tiled uses a nested QMainWindow).

Looks like it's going to be hard to figure out how to avoid this issue. :-/

[bjorn]

It segfaults because this->widgetItem, a pointer, is 0xffffff. Weird.

Could you try to run this in valgrind? It might have some information about the accessed memory.

[eevee]

I seem to be experiencing some distro-related problems with valgrind at the moment, but I'll get back to you once it's cooperating.

Odd that we get different errors, too, but that seems unlikely to be related.

The good news is, I've discovered a new wrinkle!

Adding this to the middle of my openFiles, where none of these files exist (although maps/ and maps/wilds/ do), crashes:

        "maps/wilds/green-2.tmx.json",
        "maps/wilds/green-3.tmx.json",
        "maps/wilds/green-4.tmx.json",

As does either of these:

        "maps/wildsgreen-2.tmx.json",
        "maps/wilds/green-3.tmx.json",
        "maps/wilds/green-4.tmx.json",

        "maps/wilds/green-2.tmx.json",
        "maps/wildsgreen-3.tmx.json",
        "maps/wilds/green-4.tmx.json",

However, this does NOT crash — it simply shows me three modal error dialogs, one after the other.

        "maps/wilds/green-2.tmx.json",
        "maps/wilds/green-3.tmx.json",
        "maps/wildsgreen-4.tmx.json",