Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-48727

[REG 5.5->5.6] Canvas crashes in QV4::Object::copyArrayData in Qt 5.6

    XMLWordPrintable

Details

    • af390399c8017f69cfc9cdd4ef74144e6810fbe2

    Description

      In the attachment test program, that creates chart using QChart.js (QML binding for Chart.js). To reproduce crash, compile it without shadow build (or adjust import paths), run and resize application window. After several seconds of resizing it should crash.
      It does not crashess on Qt 5.5 and 5.4.2.

      Stack trace:

      0 __memcpy_sse2_unaligned 0x7ffff5487d9e
      1 QV4::Object::copyArrayData qv4object.cpp 1110 0x7ffff6d6726c
      2 QV4::ArrayPrototype::method_concat qv4arrayobject.cpp 148 0x7ffff6d3a734
      3 QV4::BuiltinFunction::call qv4functionobject.cpp 633 0x7ffff6d50f57
      4 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      5 QV4::Runtime::callProperty qv4runtime.cpp 999 0x7ffff6dd90e3
      6 QV4::Moth::VME::run qv4vme_moth.cpp 579 0x7ffff6dc28eb
      7 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      8 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      9 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      10 QV4::Runtime::callActivationProperty qv4runtime.cpp 948 0x7ffff6dd8808
      11 QV4::Moth::VME::run qv4vme_moth.cpp 626 0x7ffff6dc307d
      12 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      13 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      14 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      15 QV4::Runtime::callActivationProperty qv4runtime.cpp 948 0x7ffff6dd8808
      16 QV4::Moth::VME::run qv4vme_moth.cpp 626 0x7ffff6dc307d
      17 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      18 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      19 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      20 QV4::Runtime::callProperty qv4runtime.cpp 999 0x7ffff6dd90e3
      21 QV4::Moth::VME::run qv4vme_moth.cpp 579 0x7ffff6dc28eb
      22 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      23 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      24 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      25 QV4::FunctionPrototype::method_apply qv4functionobject.cpp 373 0x7ffff6d4f44d
      26 QV4::BuiltinFunction::call qv4functionobject.cpp 633 0x7ffff6d50f57
      27 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      28 QV4::Runtime::callProperty qv4runtime.cpp 999 0x7ffff6dd90e3
      29 QV4::Moth::VME::run qv4vme_moth.cpp 579 0x7ffff6dc28eb
      30 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      31 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      32 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      33 QV4::Runtime::callProperty qv4runtime.cpp 999 0x7ffff6dd90e3
      34 QV4::Moth::VME::run qv4vme_moth.cpp 579 0x7ffff6dc28eb
      35 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      36 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      37 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      38 QV4::FunctionPrototype::method_apply qv4functionobject.cpp 373 0x7ffff6d4f44d
      39 QV4::BuiltinFunction::call qv4functionobject.cpp 633 0x7ffff6d50f57
      40 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      41 QV4::Runtime::callProperty qv4runtime.cpp 999 0x7ffff6dd90e3
      42 QV4::Moth::VME::run qv4vme_moth.cpp 579 0x7ffff6dc28eb
      43 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      44 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      45 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      46 QV4::Runtime::callProperty qv4runtime.cpp 999 0x7ffff6dd90e3
      47 QV4::Moth::VME::run qv4vme_moth.cpp 579 0x7ffff6dc28eb
      48 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      49 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      50 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      51 QV4::Runtime::callProperty qv4runtime.cpp 999 0x7ffff6dd90e3
      52 QV4::Moth::VME::run qv4vme_moth.cpp 579 0x7ffff6dc28eb
      53 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      54 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      55 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      56 QV4::FunctionPrototype::method_call qv4functionobject.cpp 390 0x7ffff6d4f5ef
      57 QV4::BuiltinFunction::call qv4functionobject.cpp 633 0x7ffff6d50f57
      58 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      59 QV4::Runtime::callProperty qv4runtime.cpp 999 0x7ffff6dd90e3
      60 QV4::Moth::VME::run qv4vme_moth.cpp 579 0x7ffff6dc28eb
      61 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      62 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      63 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      64 QV4::FunctionPrototype::method_apply qv4functionobject.cpp 373 0x7ffff6d4f44d
      65 QV4::BuiltinFunction::call qv4functionobject.cpp 633 0x7ffff6d50f57
      66 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      67 QV4::Runtime::callProperty qv4runtime.cpp 999 0x7ffff6dd90e3
      68 QV4::Moth::VME::run qv4vme_moth.cpp 579 0x7ffff6dc28eb
      69 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      70 QV4::ScriptFunction::construct qv4functionobject.cpp 439 0x7ffff6d4fae9
      71 QV4::Object::construct qv4object_p.h 322 0x7ffff6c8fd8e
      72 QV4::Runtime::constructActivationProperty qv4runtime.cpp 1065 0x7ffff6dd966c
      73 QV4::Moth::VME::run qv4vme_moth.cpp 760 0x7ffff6dc4557
      74 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      75 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      76 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      77 QV4::Runtime::callProperty qv4runtime.cpp 999 0x7ffff6dd90e3
      78 QV4::Moth::VME::run qv4vme_moth.cpp 579 0x7ffff6dc28eb
      79 QV4::Moth::VME::exec qv4vme_moth.cpp 960 0x7ffff6dc63ec
      80 QV4::ScriptFunction::call qv4functionobject.cpp 466 0x7ffff6d4fdfd
      81 QV4::Object::call qv4object_p.h 324 0x7ffff6c8fdc0
      82 QQmlJavaScriptExpression::evaluate qqmljavascriptexpression.cpp 189 0x7ffff6e8d112
      83 QQmlBoundSignalExpression::evaluate qqmlboundsignal.cpp 237 0x7ffff6e2013c
      84 QQmlBoundSignal_callback qqmlboundsignal.cpp 332 0x7ffff6e20585
      85 QQmlNotifier::emitNotify qqmlnotifier.cpp 94 0x7ffff6e6bb85
      86 QQmlData::signalEmitted qqmlengine.cpp 772 0x7ffff6df6e75
      87 QMetaObject::activate qobject.cpp 3616 0x7ffff680ead0
      88 QMetaObject::activate qobject.cpp 3595 0x7ffff680e8ce
      89 QQuickCanvasItem::paint moc_qquickcanvasitem_p.cpp 435 0x7ffff7c3e8bb
      90 QQuickCanvasItem::updatePolish qquickcanvasitem.cpp 704 0x7ffff7bb437e
      91 QQuickWindowPrivate::polishItems qquickwindow.cpp 263 0x7ffff7a78183
      92 QSGGuiThreadRenderLoop::renderWindow qsgrenderloop.cpp 379 0x7ffff7a3c5b8
      93 QSGGuiThreadRenderLoop::exposureChanged qsgrenderloop.cpp 438 0x7ffff7a3caf0
      94 QQuickWindow::exposeEvent qquickwindow.cpp 206 0x7ffff7a77ee4
      95 QWindow::event qwindow.cpp 2065 0x7ffff722fa97
      96 QQuickWindow::event qquickwindow.cpp 1416 0x7ffff7a7cd5d
      97 QCoreApplicationPrivate::notify_helper qcoreapplication.cpp 1136 0x7ffff67ce964
      98 doNotify qcoreapplication.cpp 1077 0x7ffff67ce5e7
      99 QCoreApplication::notify qcoreapplication.cpp 1063 0x7ffff67ce55a
      100 QGuiApplication::notify qguiapplication.cpp 1570 0x7ffff721ea2c
      101 QCoreApplication::notifyInternal2 qcoreapplication.cpp 1002 0x7ffff67ce4ea
      102 QCoreApplication::sendSpontaneousEvent qcoreapplication.h 230 0x7ffff72263da
      103 QGuiApplicationPrivate::processExposeEvent qguiapplication.cpp 2676 0x7ffff72232bc
      104 QGuiApplicationPrivate::processWindowSystemEvent qguiapplication.cpp 1677 0x7ffff721ecff
      105 QWindowSystemInterface::sendWindowSystemEvents qwindowsysteminterface.cpp 636 0x7ffff7203490
      106 userEventSourceDispatch qeventdispatcher_glib.cpp 70 0x7fffe8b7b5e6
      107 g_main_context_dispatch 0x7ffff3a63017
      108 g_main_context_iterate.isra 0x7ffff3a63248
      109 g_main_context_iteration 0x7ffff3a632ec
      110 QEventDispatcherGlib::processEvents qeventdispatcher_glib.cpp 417 0x7ffff6847823
      111 QPAEventDispatcherGlib::processEvents qeventdispatcher_glib.cpp 115 0x7fffe8b7b816
      112 QEventLoop::processEvents qeventloop.cpp 128 0x7ffff67cad8e
      113 QEventLoop::exec qeventloop.cpp 204 0x7ffff67cb08a
      114 QCoreApplication::exec qcoreapplication.cpp 1272 0x7ffff67cec34
      115 QGuiApplication::exec qguiapplication.cpp 1561 0x7ffff721e9dc
      116 main main.cpp 12 0x400fa0

      Attachments

        For Gerrit Dashboard: QTBUG-48727
        # Subject Branch Project Status CR V
        127584,2 Fix a crash when copying array data 5.6 qt/qtdeclarative Status: MERGED +2 0

        Activity

          People

            laknoll Lars Knoll
            krnekit Nikita Krupenko
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes