Details
-
Bug
-
Resolution: Invalid
-
P1: Critical
-
None
-
5.10.1, 5.11.3, 5.12.0
Description
Somehow related to QTBUG-72746, trace and self contained sample included.
Under certain circumstances, calling QQuickView::setSource at runtime crashes.
12:05:23: Debugging starts QML debugging is enabled. Only use this in a safe environment. QML Debugger: Waiting for connection on port 38685... qrc:/MainView.qml:35:5: QML Dialog: Binding loop detected for property "implicitWidth" qrc:/MainView.qml:35:5: QML Dialog: Binding loop detected for property "implicitWidth" ================================================================= ==5415==ERROR: AddressSanitizer: heap-use-after-free on address 0x6030001b8d40 at pc 0x7ffff4eeb039 bp 0x7ffffffe7f70 sp 0x7ffffffe7f60 READ of size 8 at 0x6030001b8d40 thread T0 #0 0x7ffff4eeb038 in QQuickItemPrivate::itemChange(QQuickItem::ItemChange, QQuickItem::ItemChangeData const&) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickitem.cpp:6235 #1 0x7ffff4efac97 in QQuickItemPrivate::addChild(QQuickItem*) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickitem.cpp:2974 #2 0x7ffff4efee06 in QQuickItem::setParentItem(QQuickItem*) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickitem.cpp:2765 #3 0x7ffff5194658 in QQuickViewPrivate::setRootObject(QObject*) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickview.cpp:504 #4 0x7ffff5197d75 in QQuickView::continueExecute() /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickview.cpp:489 #5 0x7ffff5198f27 in QQuickViewPrivate::execute() /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickview.cpp:107 #6 0x7ffff51990e0 in QQuickView::setSource(QUrl const&) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickview.cpp:242 #7 0x555555557ce3 in App::loadAnother() (/home/mitch/Downloads/quick_segfault-qt5_12_debug-Debug/quick_segfault+0x3ce3) #8 0x55555555801a in App::qt_metacall(QMetaObject::Call, int, void**) (/home/mitch/Downloads/quick_segfault-qt5_12_debug-Debug/quick_segfault+0x401a) #9 0x7ffff1b95859 in QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qmetaobject.cpp:303 #10 0x7ffff2fd4929 in QQmlObjectOrGadget::metacall(QMetaObject::Call, int, void**) const /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlpropertycache.cpp:1761 #11 0x7ffff2a576ae in CallMethod /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:1231 #12 0x7ffff2a583c7 in CallPrecise /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:1479 #13 0x7ffff2a5a432 in QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:2017 #14 0x7ffff2a5b002 in QV4::QObjectMethod::virtualCall(QV4::FunctionObject const*, QV4::Value const*, QV4::Value const*, int) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:1954 #15 0x7ffff27cc561 in QV4::FunctionObject::call(QV4::Value const*, QV4::Value const*, int) const /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4functionobject_p.h:202 #16 0x7ffff2dc50e2 in QV4::Runtime::method_callProperty(QV4::ExecutionEngine*, QV4::Value*, int, QV4::Value*, int) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4runtime.cpp:1391 #17 0x7ffff2aecd34 in QV4::Moth::VME::interpret(QV4::CppStackFrame*, QV4::ExecutionEngine*, char const*) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4vme_moth.cpp:719 #18 0x7ffff2b0aad6 in QV4::Moth::VME::exec(QV4::CppStackFrame*, QV4::ExecutionEngine*) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4vme_moth.cpp:441 #19 0x7ffff2823ab3 in QV4::Function::call(QV4::Value const*, QV4::Value const*, int, QV4::ExecutionContext const*) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4function.cpp:68 #20 0x7ffff308e9bb in QQmlJavaScriptExpression::evaluate(QV4::CallData*, bool*) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmljavascriptexpression.cpp:216 #21 0x7ffff2eff21a in QQmlBoundSignalExpression::evaluate(void**) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlboundsignal.cpp:225 #22 0x7ffff2effe62 in QQmlBoundSignal_callback(QQmlNotifierEndpoint*, void**) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlboundsignal.cpp:358 #23 0x7ffff2ffc84e in QQmlNotifier::emitNotify(QQmlNotifierEndpoint*, void**) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlnotifier.cpp:106 #24 0x7ffff2e793fe in QQmlData::signalEmitted(QAbstractDeclarativeData*, QObject*, int, void**) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlengine.cpp:883 #25 0x7ffff1c22738 in QMetaObject::activate(QObject*, int, int, void**) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qobject.cpp:3658 #26 0x7ffff1c24379 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qobject.cpp:3642 #27 0x7fffd585a04f in QQuickAbstractButton::clicked() .moc/moc_qquickabstractbutton_p.cpp:629 #28 0x7fffd56b1f9f in QQuickAbstractButtonPrivate::trigger() /home/mitch/dev/qt5.12/qtquickcontrols2/src/quicktemplates2/qquickabstractbutton.cpp:328 #29 0x7fffd56b863a in QQuickAbstractButtonPrivate::handleRelease(QPointF const&) /home/mitch/dev/qt5.12/qtquickcontrols2/src/quicktemplates2/qquickabstractbutton.cpp:179 #30 0x7fffd5722ff7 in QQuickControl::mouseReleaseEvent(QMouseEvent*) /home/mitch/dev/qt5.12/qtquickcontrols2/src/quicktemplates2/qquickcontrol.cpp:2109 #31 0x7ffff4ef6205 in QQuickItem::event(QEvent*) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickitem.cpp:8075 #32 0x7fffd56b8b29 in QQuickAbstractButton::event(QEvent*) /home/mitch/dev/qt5.12/qtquickcontrols2/src/quicktemplates2/qquickabstractbutton.cpp:1014 #33 0x7ffff59db6a7 in QApplicationPrivate::notify_helper(QObject*, QEvent*) /home/mitch/dev/qt5.12/qtbase/src/widgets/kernel/qapplication.cpp:3753 #34 0x7ffff59fb3ee in QApplication::notify(QObject*, QEvent*) /home/mitch/dev/qt5.12/qtbase/src/widgets/kernel/qapplication.cpp:3110 #35 0x7ffff1b72c10 in QCoreApplication::notifyInternal2(QObject*, QEvent*) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qcoreapplication.cpp:1060 #36 0x7ffff1b73522 in QCoreApplication::sendEvent(QObject*, QEvent*) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qcoreapplication.cpp:1450 #37 0x7ffff4f6ade5 in QQuickWindowPrivate::deliverMouseEvent(QQuickPointerMouseEvent*) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickwindow.cpp:1784 #38 0x7ffff4f6edf6 in QQuickWindowPrivate::deliverPointerEvent(QQuickPointerEvent*) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickwindow.cpp:2347 #39 0x7ffff4f7381f in QQuickWindowPrivate::handleMouseEvent(QMouseEvent*) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickwindow.cpp:2180 #40 0x7ffff4f74780 in QQuickWindow::mouseReleaseEvent(QMouseEvent*) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickwindow.cpp:2160 #41 0x7ffff5199fd6 in QQuickView::mouseReleaseEvent(QMouseEvent*) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickview.cpp:620 #42 0x7ffff39c0f90 in QWindow::event(QEvent*) /home/mitch/dev/qt5.12/qtbase/src/gui/kernel/qwindow.cpp:2248 #43 0x7ffff4f77c54 in QQuickWindow::event(QEvent*) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickwindow.cpp:1673 #44 0x7ffff59db6a7 in QApplicationPrivate::notify_helper(QObject*, QEvent*) /home/mitch/dev/qt5.12/qtbase/src/widgets/kernel/qapplication.cpp:3753 #45 0x7ffff59fb3ee in QApplication::notify(QObject*, QEvent*) /home/mitch/dev/qt5.12/qtbase/src/widgets/kernel/qapplication.cpp:3110 #46 0x7ffff1b72c10 in QCoreApplication::notifyInternal2(QObject*, QEvent*) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qcoreapplication.cpp:1060 #47 0x7ffff1b73568 in QCoreApplication::sendSpontaneousEvent(QObject*, QEvent*) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qcoreapplication.cpp:1462 #48 0x7ffff398bb76 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) /home/mitch/dev/qt5.12/qtbase/src/gui/kernel/qguiapplication.cpp:2102 #49 0x7ffff3991701 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) /home/mitch/dev/qt5.12/qtbase/src/gui/kernel/qguiapplication.cpp:1837 #50 0x7ffff38edd67 in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) /home/mitch/dev/qt5.12/qtbase/src/gui/kernel/qwindowsysteminterface.cpp:1071 #51 0x7fffe7e05f81 in xcbSourceDispatch /home/mitch/dev/qt5.12/qtbase/src/plugins/platforms/xcb/qxcbeventdispatcher.cpp:105 #52 0x7fffee37a386 in g_main_context_dispatch (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4c386) #53 0x7fffee37a5bf (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4c5bf) #54 0x7fffee37a64b in g_main_context_iteration (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4c64b) #55 0x7ffff1ccbf7e in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:422 #56 0x7fffe7e0694f in QXcbGlibEventDispatcher::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) /home/mitch/dev/qt5.12/qtbase/src/plugins/platforms/xcb/qxcbeventdispatcher.cpp:143 #57 0x7ffff1b6b7b5 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qeventloop.cpp:138 #58 0x7ffff1b6cbca in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qeventloop.cpp:225 #59 0x7ffff1b8b02a in QCoreApplication::exec() /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qcoreapplication.cpp:1363 #60 0x7ffff396290f in QGuiApplication::exec() /home/mitch/dev/qt5.12/qtbase/src/gui/kernel/qguiapplication.cpp:1779 #61 0x7ffff59db46e in QApplication::exec() /home/mitch/dev/qt5.12/qtbase/src/widgets/kernel/qapplication.cpp:2910 #62 0x555555557157 in main (/home/mitch/Downloads/quick_segfault-qt5_12_debug-Debug/quick_segfault+0x3157) #63 0x7ffff0a5db96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96) #64 0x555555557419 in _start (/home/mitch/Downloads/quick_segfault-qt5_12_debug-Debug/quick_segfault+0x3419) 0x6030001b8d40 is located 0 bytes inside of 32-byte region [0x6030001b8d40,0x6030001b8d60) freed by thread T0 here: #0 0x7ffff6efb9d8 in operator delete(void*, unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe19d8) #1 0x7fffd57bb88d in QQuickPopupPositioner::~QQuickPopupPositioner() /home/mitch/dev/qt5.12/qtquickcontrols2/src/quicktemplates2/qquickpopuppositioner.cpp:66 #2 0x7fffd57ad926 in QQuickPopup::~QQuickPopup() /home/mitch/dev/qt5.12/qtquickcontrols2/src/quicktemplates2/qquickpopup.cpp:817 #3 0x7fffd5388e7c in QQuickDialog::~QQuickDialog() /home/mitch/dev/qt5.12-debug/qtbase/include/QtQuickTemplates2/5.12.0/QtQuickTemplates2/private/../../../../../../../qt5.12/qtquickcontrols2/src/quicktemplates2/qquickdialog_p.h:59 #4 0x7fffd5388e7c in QQmlPrivate::QQmlElement<QQuickDialog>::~QQmlElement() /home/mitch/dev/qt5.12-debug/qtbase/include/QtQml/../../../../qt5.12/qtdeclarative/src/qml/qml/qqmlprivate.h:103 #5 0x7fffd5388e7c in QQmlPrivate::QQmlElement<QQuickDialog>::~QQmlElement() /home/mitch/dev/qt5.12-debug/qtbase/include/QtQml/../../../../qt5.12/qtdeclarative/src/qml/qml/qqmlprivate.h:103 #6 0x7ffff1c37880 in QObjectPrivate::deleteChildren() /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qobject.cpp:2006 #7 0x7ffff1c3c43f in QObject::~QObject() /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qobject.cpp:1032 #8 0x7ffff4f03a3f in QQuickItem::~QQuickItem() /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickitem.cpp:2383 #9 0x7ffff4f986c6 in QQuickRectangle::~QQuickRectangle() /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickrectangle_p.h:156 #10 0x7ffff4f986c6 in QQmlPrivate::QQmlElement<QQuickRectangle>::~QQmlElement() /home/mitch/dev/qt5.12-debug/qtbase/include/QtQml/../../../../qt5.12/qtdeclarative/src/qml/qml/qqmlprivate.h:103 #11 0x7ffff4f986c6 in QQmlPrivate::QQmlElement<QQuickRectangle>::~QQmlElement() /home/mitch/dev/qt5.12-debug/qtbase/include/QtQml/../../../../qt5.12/qtdeclarative/src/qml/qml/qqmlprivate.h:103 #12 0x7ffff51980b8 in QQuickViewPrivate::execute() /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickview.cpp:96 #13 0x7ffff51990e0 in QQuickView::setSource(QUrl const&) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickview.cpp:242 #14 0x555555557ce3 in App::loadAnother() (/home/mitch/Downloads/quick_segfault-qt5_12_debug-Debug/quick_segfault+0x3ce3) #15 0x55555555801a in App::qt_metacall(QMetaObject::Call, int, void**) (/home/mitch/Downloads/quick_segfault-qt5_12_debug-Debug/quick_segfault+0x401a) #16 0x7ffff1b95859 in QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qmetaobject.cpp:303 #17 0x7ffff2fd4929 in QQmlObjectOrGadget::metacall(QMetaObject::Call, int, void**) const /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlpropertycache.cpp:1761 #18 0x7ffff2a576ae in CallMethod /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:1231 #19 0x7ffff2a583c7 in CallPrecise /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:1479 #20 0x7ffff2a5a432 in QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:2017 #21 0x7ffff2a5b002 in QV4::QObjectMethod::virtualCall(QV4::FunctionObject const*, QV4::Value const*, QV4::Value const*, int) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:1954 #22 0x7ffff27cc561 in QV4::FunctionObject::call(QV4::Value const*, QV4::Value const*, int) const /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4functionobject_p.h:202 #23 0x7ffff2dc50e2 in QV4::Runtime::method_callProperty(QV4::ExecutionEngine*, QV4::Value*, int, QV4::Value*, int) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4runtime.cpp:1391 #24 0x7ffff2aecd34 in QV4::Moth::VME::interpret(QV4::CppStackFrame*, QV4::ExecutionEngine*, char const*) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4vme_moth.cpp:719 #25 0x7ffff2b0aad6 in QV4::Moth::VME::exec(QV4::CppStackFrame*, QV4::ExecutionEngine*) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4vme_moth.cpp:441 #26 0x7ffff2823ab3 in QV4::Function::call(QV4::Value const*, QV4::Value const*, int, QV4::ExecutionContext const*) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/jsruntime/qv4function.cpp:68 #27 0x7ffff308e9bb in QQmlJavaScriptExpression::evaluate(QV4::CallData*, bool*) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmljavascriptexpression.cpp:216 #28 0x7ffff2eff21a in QQmlBoundSignalExpression::evaluate(void**) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlboundsignal.cpp:225 #29 0x7ffff2effe62 in QQmlBoundSignal_callback(QQmlNotifierEndpoint*, void**) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlboundsignal.cpp:358 #30 0x7ffff2ffc84e in QQmlNotifier::emitNotify(QQmlNotifierEndpoint*, void**) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlnotifier.cpp:106 #31 0x7ffff2e793fe in QQmlData::signalEmitted(QAbstractDeclarativeData*, QObject*, int, void**) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlengine.cpp:883 #32 0x7ffff1c22738 in QMetaObject::activate(QObject*, int, int, void**) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qobject.cpp:3658 #33 0x7ffff1c24379 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) /home/mitch/dev/qt5.12/qtbase/src/corelib/kernel/qobject.cpp:3642 previously allocated by thread T0 here: #0 0x7ffff6efa458 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe0458) #1 0x7fffd579d26b in QQuickPopupPrivate::getPositioner() /home/mitch/dev/qt5.12/qtquickcontrols2/src/quicktemplates2/qquickpopup.cpp:610 #2 0x7fffd57a16a5 in QQuickPopupPrivate::reposition() /home/mitch/dev/qt5.12/qtquickcontrols2/src/quicktemplates2/qquickpopup.cpp:655 #3 0x7fffd57a17ea in QQuickPopup::geometryChanged(QRectF const&, QRectF const&) /home/mitch/dev/qt5.12/qtquickcontrols2/src/quicktemplates2/qquickpopup.cpp:2549 #4 0x7fffd57b5c2c in QQuickPopupItem::geometryChanged(QRectF const&, QRectF const&) /home/mitch/dev/qt5.12/qtquickcontrols2/src/quicktemplates2/qquickpopupitem.cpp:332 #5 0x7ffff4ec801f in QQuickItem::setImplicitWidth(double) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickitem.cpp:6784 #6 0x7fffd57a4cdc in QQuickPopup::setImplicitWidth(double) /home/mitch/dev/qt5.12/qtquickcontrols2/src/quicktemplates2/qquickpopup.cpp:1011 #7 0x7fffd57b0db8 in QQuickPopup::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) .moc/moc_qquickpopup_p.cpp:1229 #8 0x7ffff30b780d in QQmlPropertyData::writeProperty(QObject*, void*, QFlags<QQmlPropertyData::WriteFlag>) const /home/mitch/dev/qt5.12-debug/qtbase/include/QtQml/5.12.0/QtQml/private/../../../../../../../qt5.12/qtdeclarative/src/qml/qml/qqmlpropertycache_p.h:346 #9 0x7ffff30b780d in bool GenericBinding<6>::doStore<double>(double, QQmlPropertyData const*, QFlags<QQmlPropertyData::WriteFlag>) const /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlbinding.cpp:334 #10 0x7ffff30b780d in GenericBinding<6>::write(QV4::Value const&, bool, QFlags<QQmlPropertyData::WriteFlag>) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlbinding.cpp:307 #11 0x7ffff30bb47f in QQmlNonbindingBinding::doUpdate(QQmlJavaScriptExpression::DeleteWatcher const&, QFlags<QQmlPropertyData::WriteFlag>, QV4::Scope&) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlbinding.cpp:249 #12 0x7ffff30ae7bd in QQmlBinding::update(QFlags<QQmlPropertyData::WriteFlag>) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlbinding.cpp:185 #13 0x7ffff30b17cc in QQmlBinding::setEnabled(bool, QFlags<QQmlPropertyData::WriteFlag>) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlbinding.cpp:550 #14 0x7ffff30fa130 in QQmlObjectCreator::finalize(QQmlInstantiationInterrupt&) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlobjectcreator.cpp:1347 #15 0x7ffff2ecd7e5 in QQmlComponentPrivate::complete(QQmlEnginePrivate*, QQmlComponentPrivate::ConstructionState*) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:923 #16 0x7ffff2ecdbd6 in QQmlComponentPrivate::completeCreate() /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:959 #17 0x7ffff2ecdd2a in QQmlComponent::completeCreate() /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:951 #18 0x7ffff2ecd115 in QQmlComponent::create(QQmlContext*) /home/mitch/dev/qt5.12/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:785 #19 0x7ffff5196e0e in QQuickView::continueExecute() /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickview.cpp:477 #20 0x7ffff5198f27 in QQuickViewPrivate::execute() /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickview.cpp:107 #21 0x7ffff51990e0 in QQuickView::setSource(QUrl const&) /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickview.cpp:242 #22 0x555555557104 in main (/home/mitch/Downloads/quick_segfault-qt5_12_debug-Debug/quick_segfault+0x3104) #23 0x7ffff0a5db96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96) SUMMARY: AddressSanitizer: heap-use-after-free /home/mitch/dev/qt5.12/qtdeclarative/src/quick/items/qquickitem.cpp:6235 in QQuickItemPrivate::itemChange(QQuickItem::ItemChange, QQuickItem::ItemChangeData const&) Shadow bytes around the buggy address: 0x0c068002f150: fd fa fa fa 00 00 00 fa fa fa 00 00 00 00 fa fa 0x0c068002f160: 00 00 00 00 fa fa fd fd fd fd fa fa 00 00 00 fa 0x0c068002f170: fa fa 00 00 00 fa fa fa 00 00 00 fa fa fa 00 00 0x0c068002f180: 00 fa fa fa 00 00 00 fa fa fa 00 00 00 fa fa fa 0x0c068002f190: fd fd fd fa fa fa 00 00 00 fa fa fa 00 00 00 00 =>0x0c068002f1a0: fa fa fd fd fd fd fa fa[fd]fd fd fd fa fa fd fd 0x0c068002f1b0: fd fd fa fa fd fd fd fd fa fa fd fd fd fd fa fa 0x0c068002f1c0: fd fd fd fa fa fa fd fd fd fa fa fa fd fd fd fa 0x0c068002f1d0: fa fa fd fd fd fa fa fa fd fd fd fa fa fa fd fd 0x0c068002f1e0: fd fa fa fa fd fd fd fd fa fa fd fd fd fd fa fa 0x0c068002f1f0: fd fd fd fd fa fa fd fd fd fa fa fa fd fd fd fd Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==5415==ABORTING 12:05:35: Debugging has finished
Just hit the top-left button to reproduce.