Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-50134

crash in QObjectWrapper after gc sweep

    XMLWordPrintable

Details

    • 9c4621217f47b8427e284423d4e5c5e4dba00bfc

    Description

      Commit 839d2d3e23 (https://codereview.qt-project.org/#/c/141311/) introduces a regression, some of my QML apps now crashes. Here's a backtrace:

      Program received signal SIGSEGV, Segmentation fault.
engine (this=0x73a01c28)
    at ../../include/QtQml/5.6.0/QtQml/private/../../../../../../gitsrc/src/qml/jsruntime/qv4object_p.h:228
228	    inline ExecutionEngine *engine() const { return internalClass()->engine; }
(gdb) bt
#0  engine (this=0x73a01c28)
    at ../../include/QtQml/5.6.0/QtQml/private/../../../../../../gitsrc/src/qml/jsruntime/qv4object_p.h:228
#1  QV4::QObjectWrapper::getQmlProperty (this=0x73a01c28, 
    qmlContext=qmlContext@entry=0x85a2830, name=name@entry=0x73a01be0, 
    revisionMode=revisionMode@entry=QV4::QObjectWrapper::CheckRevision, 
    hasProperty=hasProperty@entry=0x7feb3330, 
    includeImports=includeImports@entry=false)
    at ../../../gitsrc/src/qml/jsruntime/qv4qobjectwrapper.cpp:266
#2  0x76b4c14c in QV4::QObjectWrapper::getQmlProperty (
    engine=engine@entry=0x8506b40, qmlContext=qmlContext@entry=0x85a2830, 
    object=0x865d528, name=name@entry=0x73a01be0, 
    revisionMode=revisionMode@entry=QV4::QObjectWrapper::CheckRevision, 
    hasProperty=hasProperty@entry=0x7feb3330)
    at ../../../gitsrc/src/qml/jsruntime/qv4qobjectwrapper.cpp:403
#3  0x76c2fdcc in QV4::QmlContextWrapper::get (m=0x73a01c18, name=0x73a01be0, 
    hasProperty=0x7feb33d0)
    at ../../../gitsrc/src/qml/qml/qqmlcontextwrapper.cpp:214
#4  0x76aa602e in get (hasProperty=0x7feb33d0, name=0x73a01be0, 
    this=<optimized out>) at ../../../gitsrc/src/qml/jsruntime/qv4object_p.h:298
#5  QV4::ExecutionContext::getProperty (this=0x73a01ab8, name=0x73a01be0)
    at ../../../gitsrc/src/qml/jsruntime/qv4context.cpp:464
#6  0x76b6a58c in QV4::Runtime::getActivationProperty (
    engine=engine@entry=0x8506b40, nameIndex=150)
    at ../../../gitsrc/src/qml/jsruntime/qv4runtime.cpp:692
#7  0x76b4eba4 in QV4::Moth::VME::run (this=this@entry=0x7feb3667, 
    engine=engine@entry=0x8506b40, code=0x72e55094 "\312\016\265vLp\241v\001", 
    code@entry=0x72e55038 "\346\364\264v#", 
    storeJumpTable=storeJumpTable@entry=0x0)
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:453
#8  0x76b52c73 in QV4::Moth::VME::exec (engine=0x8506b40, 
    code=0x72e55038 "\346\364\264v#")
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:968
#9  0x76ade06e in QV4::SimpleScriptFunction::call (that=0x73a01aa8, 
    callData=0x73a01a58)
    at ../../../gitsrc/src/qml/jsruntime/qv4functionobject.cpp:576
#10 0x76b6e686 in call (d=0x73a01a58, this=<optimized out>)
    at ../../../gitsrc/src/qml/jsruntime/qv4object_p.h:324
#11 QV4::Runtime::callProperty (engine=0x8506b40, nameIndex=38, 
    callData=0x73a01a58) at ../../../gitsrc/src/qml/jsruntime/qv4runtime.cpp:999
#12 0x76b4f6c9 in QV4::Moth::VME::run (this=this@entry=0x7feb39d7, 
    engine=engine@entry=0x8506b40, code=<optimized out>, 
    code@entry=0x72e58f48 "\346\364\264v5", 
    storeJumpTable=storeJumpTable@entry=0x0)
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:579
#13 0x76b52c73 in QV4::Moth::VME::exec (engine=0x8506b40, 
    code=0x72e58f48 "\346\364\264v5")
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:968
#14 0x76ade06e in QV4::SimpleScriptFunction::call (that=0x739c0bb8, 
    callData=0x73a01858)
    at ../../../gitsrc/src/qml/jsruntime/qv4functionobject.cpp:576
#15 0x76b6ec5e in call (d=0x73a01858, this=<optimized out>)
    at ../../../gitsrc/src/qml/jsruntime/qv4object_p.h:324
#16 QV4::Runtime::callValue (engine=0x8506b40, func=..., callData=0x73a01858)
    at ../../../gitsrc/src/qml/jsruntime/qv4runtime.cpp:1035
#17 0x76b4f5f6 in QV4::Moth::VME::run (this=this@entry=0x7feb3ce7, 
    engine=engine@entry=0x8506b40, code=<optimized out>, 
    code@entry=0x7429c0d8 "\346\364\264vP", 
    storeJumpTable=storeJumpTable@entry=0x0)
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:569
#18 0x76b52c73 in QV4::Moth::VME::exec (engine=0x8506b40, 
    code=0x7429c0d8 "\346\364\264vP")
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:968
#19 0x76add288 in QV4::ScriptFunction::call (that=0x73a015f0, 
    callData=0x73a015a0)
    at ../../../gitsrc/src/qml/jsruntime/qv4functionobject.cpp:466
#20 0x76b6e686 in call (d=0x73a015a0, this=<optimized out>)
    at ../../../gitsrc/src/qml/jsruntime/qv4object_p.h:324
#21 QV4::Runtime::callProperty (engine=0x8506b40, nameIndex=17, 
    callData=0x73a015a0) at ../../../gitsrc/src/qml/jsruntime/qv4runtime.cpp:999
#22 0x76b4f6c9 in QV4::Moth::VME::run (this=this@entry=0x7feb4037, 
    engine=engine@entry=0x8506b40, code=<optimized out>, 
    code@entry=0x7429b7d8 "\346\364\264v\033", 
    storeJumpTable=storeJumpTable@entry=0x0)
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:579
#23 0x76b52c73 in QV4::Moth::VME::exec (engine=0x8506b40, 
    code=0x7429b7d8 "\346\364\264v\033")
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:968
#24 0x76ade06e in QV4::SimpleScriptFunction::call (that=0x73a014e8, 
    callData=0x73a01498)
    at ../../../gitsrc/src/qml/jsruntime/qv4functionobject.cpp:576
#25 0x76b6e686 in call (d=0x73a01498, this=<optimized out>)
    at ../../../gitsrc/src/qml/jsruntime/qv4object_p.h:324
#26 QV4::Runtime::callProperty (engine=0x8506b40, nameIndex=16, 
    callData=0x73a01498) at ../../../gitsrc/src/qml/jsruntime/qv4runtime.cpp:999
#27 0x76b4f6c9 in QV4::Moth::VME::run (this=this@entry=0x7feb43a7, 
    engine=engine@entry=0x8506b40, code=<optimized out>, 
    code@entry=0x7429d7b0 "\346\364\264v\022", 
    storeJumpTable=storeJumpTable@entry=0x0)
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:579
#28 0x76b52c73 in QV4::Moth::VME::exec (engine=0x8506b40, 
    code=0x7429d7b0 "\346\364\264v\022")
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:968
#29 0x76ade06e in QV4::SimpleScriptFunction::call (that=0x73a01428, 
    callData=0x73a013d8)
    at ../../../gitsrc/src/qml/jsruntime/qv4functionobject.cpp:576
#30 0x76b6e686 in call (d=0x73a013d8, this=<optimized out>)
    at ../../../gitsrc/src/qml/jsruntime/qv4object_p.h:324
#31 QV4::Runtime::callProperty (engine=0x8506b40, nameIndex=16, 
    callData=0x73a013d8) at ../../../gitsrc/src/qml/jsruntime/qv4runtime.cpp:999
#32 0x76b4f6c9 in QV4::Moth::VME::run (this=this@entry=0x7feb4717, 
    engine=engine@entry=0x8506b40, code=<optimized out>, 
    code@entry=0x7425c570 "\346\364\264v\024", 
    storeJumpTable=storeJumpTable@entry=0x0)
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:579
#33 0x76b52c73 in QV4::Moth::VME::exec (engine=0x8506b40, 
    code=0x7425c570 "\346\364\264v\024")
    at ../../../gitsrc/src/qml/jsruntime/qv4vme_moth.cpp:968
#34 0x76add288 in QV4::ScriptFunction::call (that=0x74300878, 
    callData=0x73a01318)
    at ../../../gitsrc/src/qml/jsruntime/qv4functionobject.cpp:466
#35 0x76a278f9 in call (d=0x73a01318, this=0x74300878)
    at ../../include/QtQml/5.6.0/QtQml/private/../../../../../../gitsrc/src/qml/jsruntime/qv4object_p.h:324
#36 QJSValue::call (this=0x86ebeb4, args=...)
    at ../../../gitsrc/src/qml/jsapi/qjsvalue.cpp:660
#37 0x7311a7ff in Shell::_cb_method_clientListGet(fbxbus_msg*, void*) ()
   from /srv/nfs/fbx6hd_qt5/usr/lib/fbx/qml/fbx/os/shell/libshellplugin.so
#38 0x75facf18 in fbxbus_callback_dispatch ()
   from /srv/nfs/fbx6hd_qt5/lib/libfbxbus.so
#39 0x75fa9ec1 in fbxbus_transport_read_cb ()
   from /srv/nfs/fbx6hd_qt5/lib/libfbxbus.so
#40 0x75fb6168 in dispatch_event.part ()
   from /srv/nfs/fbx6hd_qt5/lib/libfbxevent.so
#41 0x75fb69ac in fbxevent_timed_wait ()
   from /srv/nfs/fbx6hd_qt5/lib/libfbxevent.so
#42 0x75fb6ab3 in fbxevent_wait () from /srv/nfs/fbx6hd_qt5/lib/libfbxevent.so
#43 0x777266e6 in QFbxbus::handleSocket(int) ()
   from /srv/nfs/fbx6hd_qt5/lib/libqfbxbus.so
#44 0x777267be in QFbxbus::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) () from /srv/nfs/fbx6hd_qt5/lib/libqfbxbus.so
#45 0x76606c2f in QMetaObject::activate(QObject*, int, int, void**) ()
   from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#46 0x7660770c in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#47 0x7668fcc6 in QSocketNotifier::activated(int, QSocketNotifier::QPrivateSignal) () from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#48 0x766151c8 in QSocketNotifier::event(QEvent*) ()
   from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#49 0x765d56e4 in QCoreApplicationPrivate::notify_helper(QObject*, QEvent*) ()
   from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#50 0x765d5775 in QCoreApplication::notify(QObject*, QEvent*) [clone .localalias.93] () from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#51 0x76e66147 in QGuiApplication::notify(QObject*, QEvent*) ()
   from /srv/nfs/fbx6hd_qt5/lib/libQt5Gui.so.5
#52 0x765d58d9 in QCoreApplication::notifyInternal2(QObject*, QEvent*) ()
   from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#53 0x76633abc in socketNotifierSourceDispatch(_GSource*, int (*)(void*), void*)
    () from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#54 0x758a205c in g_main_context_dispatch ()
   from /srv/nfs/fbx6hd_qt5/lib/libglib-2.0.so.0
#55 0x758a22b3 in g_main_context_iterate.isra ()
   from /srv/nfs/fbx6hd_qt5/lib/libglib-2.0.so.0
#56 0x758a236a in g_main_context_iteration ()
   from /srv/nfs/fbx6hd_qt5/lib/libglib-2.0.so.0
#57 0x766331c8 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#58 0x7573c149 in QPAEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /srv/nfs/fbx6hd_qt5/lib/libQt5WaylandClient.so.5
#59 0x765d260a in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#60 0x765d302c in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) ()
   from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#61 0x765dd15e in QCoreApplication::exec() ()
   from /srv/nfs/fbx6hd_qt5/lib/libQt5Core.so.5
#62 0x76e5ff05 in QGuiApplication::exec() ()
   from /srv/nfs/fbx6hd_qt5/lib/libQt5Gui.so.5
#63 0x0804e6cb in main ()

      Attachments

        Issue Links

          is required for

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-50063 ComboBox crashes on click in QV4::ExecutionEngine::assertObjectBelongsToEngine

          • P1: Critical - Urgent and Important, will STOP the release if matched with set FixVersion field. This includes regressions from the last version that are not edge cases; Data loss; Build issues; All but the most unlikely crashes/lockups/hanging; Serious usability issues and embarrassing bugs & Bugs critical to a deliverable. This is the highest possible priority for requirements.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-50057 tst_combobox crash

          • P2: Important - Urgent, should be fixed, but will not stop the release.
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              jianliang79 liang jian
              rawoul Arnaud Vrac
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes