Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-106256

qml crash when binding alias to property

    XMLWordPrintable

Details

    • Linux/X11, macOS
    • e0a00a6919 (qt/qtdeclarative/dev) 089c6a3cfd (qt/qtdeclarative/6.4) 089c6a3cfd (qt/tqtc-qtdeclarative/6.4) e0a00a6919 (qt/tqtc-qtdeclarative/dev) 8dd38f4261 (qt/tqtc-qtdeclarative/5.15) 8dd38f4261 (qt/tqtc-qtdeclarative/5.15.11)

    Description

      Following qml snippets leads to a segmentation fault in the qml utility

      //crash1.qml
import QtQuick
Item {
    id: root    Component {
        id: accessibleNormal
        Item {}
    }    
    property alias accessibleNormalUrl: accessibleNormal.url
    property url urlClone: root.accessibleNormalUrl // crashes qml utility
}

       

      //crash2.qml
import QtQuick
Item {
    id: root    
    Component {
        id: accessibleNormal
        ComponentType {
            id: inaccessibleNormal
        }
    }    
    property alias accessibleNormalProgress: accessibleNormal.progress

    Component.onCompleted: {
       // console.log(accessibleNormal.progress);  // commenting this line out makes qml crash
       console.log(accessibleNormalProgress);
    }
}

       

       

      Backtrace for the first is

      Process 3717 launched: '/Users/sami/projects/qt-star-build/qtbase/bin/qml' (arm64)
bProcess 3717 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xc)
    frame #0: 0x00000001022dad70 libQt6Qml_debug.6.dylib`QQmlPropertyCache::propertyCount(this=0x0000000000000000) const at qqmlpropertycache_p.h:437:12
   434
   435 	int QQmlPropertyCache::propertyCount() const
   436 	{
-> 437 	    return propertyIndexCacheStart + propertyIndexCache.count();
   438 	}
   439
   440 	int QQmlPropertyCache::propertyOffset() const
Target 0: (qml) stopped.
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xc)
  * frame #0: 0x00000001022dad70 libQt6Qml_debug.6.dylib`QQmlPropertyCache::propertyCount(this=0x0000000000000000) const at qqmlpropertycache_p.h:437:12
    frame #1: 0x00000001022ce238 libQt6Qml_debug.6.dylib`QQmlPropertyCache::property(this=0x0000000000000000, index=3) const at qqmlpropertycache_p.h:335:31
    frame #2: 0x00000001026e99ec libQt6Qml_debug.6.dylib`QQmlVMEMetaObjectEndpoint::tryConnect(this=0x00006000017333d0) at qqmlvmemetaobject.cpp:212:70
    frame #3: 0x00000001026eefb4 libQt6Qml_debug.6.dylib`QQmlVMEMetaObject::connectAlias(this=0x0000600003004bd0, aliasId=0) at qqmlvmemetaobject.cpp:1331:15
    frame #4: 0x00000001026efd4c libQt6Qml_debug.6.dylib`QQmlVMEMetaObject::connectAliasSignal(this=0x0000600003004bd0, index=33, indexInSignalRange=true) at qqmlvmemetaobject.cpp:1341:5
    frame #5: 0x00000001025a0eb8 libQt6Qml_debug.6.dylib`flush_vme_signal(object=0x0000600003b00380, index=33, indexInSignalRange=true) at qqmlproperty.cpp:1891:18
    frame #6: 0x00000001025a0ef4 libQt6Qml_debug.6.dylib`QQmlPropertyPrivate::flushSignal(sender=0x0000600003b00380, signal_index=33) at qqmlproperty.cpp:1921:5
    frame #7: 0x000000010254be68 libQt6Qml_debug.6.dylib`QQmlNotifierEndpoint::connect(this=0x0000000118090048, source=0x0000600003b00380, sourceSignal=33, engine=0x000000016fdff1a0, doNotify=true) at qqmlnotifier.cpp:104:5
    frame #8: 0x00000001024f93a4 libQt6Qml_debug.6.dylib`QQmlPropertyCapture::captureNonBindableProperty(this=0x000000016fdfcfc8, o=0x0000600003b00380, n=33, c=44, doNotify=true) at qqmljavascriptexpression.cpp:417:16
    frame #9: 0x00000001024f8ee4 libQt6Qml_debug.6.dylib`QQmlPropertyCapture::captureProperty(this=0x000000016fdfcfc8, o=0x0000600003b00380, c=44, n=33, doNotify=true) at qqmljavascriptexpression.cpp:331:5
    frame #10: 0x00000001022c9880 libQt6Qml_debug.6.dylib`QV4::QObjectWrapper::getProperty(engine=0x000000010035c740, object=0x0000600003b00380, property=0x00006000026080f0) at qv4qobjectwrapper.cpp:252:34
    frame #11: 0x000000010228e888 libQt6Qml_debug.6.dylib`unsigned long long QV4::QObjectWrapper::lookupGetterImpl<QV4::Lookup::getterQObject(QV4::Lookup*, QV4::ExecutionEngine*, QV4::Value const&)::$_0>(lookup=0x00006000026096b0, engine=0x000000010035c740, object=0x000000010f204528, useOriginalProperty=false, revertLookup=(unnamed class) @ 0x000000016fdf98b0)::$_0) at qv4qobjectwrapper_p.h:237:12
    frame #12: 0x000000010228e6a8 libQt6Qml_debug.6.dylib`QV4::Lookup::getterQObject(lookup=0x00006000026096b0, engine=0x000000010035c740, object=0x000000010f204528) at qv4lookup.cpp:378:12
    frame #13: 0x00000001022cf664 libQt6Qml_debug.6.dylib`QV4::QObjectWrapper::virtualResolveLookupGetter(object=0x000000010f204528, engine=0x000000010035c740, lookup=0x00006000026096b0) at qv4qobjectwrapper.cpp:926:12
    frame #14: 0x000000010228ce44 libQt6Qml_debug.6.dylib`QV4::Object::resolveLookupGetter(this=0x000000010f204528, engine=0x000000010035c740, lookup=0x00006000026096b0) const at qv4object_p.h:343:14
    frame #15: 0x000000010228cdfc libQt6Qml_debug.6.dylib`QV4::Lookup::resolveGetter(this=0x00006000026096b0, engine=0x000000010035c740, object=0x000000010f204528) at qv4lookup.cpp:36:20
    frame #16: 0x000000010228d924 libQt6Qml_debug.6.dylib`QV4::Lookup::getterGeneric(l=0x00006000026096b0, engine=0x000000010035c740, object=0x000000010f204528) at qv4lookup.cpp:107:19
    frame #17: 0x000000010237ff74 libQt6Qml_debug.6.dylib`QV4::Moth::VME::interpret(frame=0x000000016fdfcea0, engine=0x000000010035c740, code="\U00000018\U00000006\U00000002") at qv4vme_moth.cpp:729:15
    frame #18: 0x000000010237de94 libQt6Qml_debug.6.dylib`QV4::Moth::VME::exec(frame=0x000000016fdfcea0, engine=0x000000010035c740) at qv4vme_moth.cpp:542:18
    frame #19: 0x00000001022619a8 libQt6Qml_debug.6.dylib`QV4::Function::call(this=0x00006000021137a0, thisObject=0x000000010f204500, argv=0x000000010f204518, argc=0, context=0x000000010cf80038) at qv4function.cpp:62:28
    frame #20: 0x00000001024f84cc libQt6Qml_debug.6.dylib`QQmlJavaScriptExpression::evaluate(this=0x0000600003004c60, callData=0x000000010f2044e8, isUndefined=0x000000016fdfd193) at qqmljavascriptexpression.cpp:238:48
    frame #21: 0x00000001023f6564 libQt6Qml_debug.6.dylib`QQmlBinding::evaluate(this=0x0000600003004c60, isUndefined=0x000000016fdfd193) at qqmlbinding.cpp:187:38
    frame #22: 0x00000001023ff750 libQt6Qml_debug.6.dylib`QQmlNonbindingBinding::doUpdate(this=0x0000600003004c60, watcher=0x000000016fdfd2f0, flags=(i = 3), scope=0x000000016fdfd2d8) at qqmlbinding.cpp:247:44
    frame #23: 0x00000001023f6108 libQt6Qml_debug.6.dylib`QQmlBinding::update(this=0x0000600003004c60, flags=(i = 3)) at qqmlbinding.cpp:163:5
    frame #24: 0x00000001023f80ec libQt6Qml_debug.6.dylib`QQmlBinding::setEnabled(this=0x0000600003004c60, e=true, flags=(i = 3)) at qqmlbinding.cpp:704:9
    frame #25: 0x0000000102556ce4 libQt6Qml_debug.6.dylib`QQmlObjectCreator::finalize(this=0x0000000100717530, interrupt=0x000000016fdfd568) at qqmlobjectcreator.cpp:1382:12
    frame #26: 0x000000010242e908 libQt6Qml_debug.6.dylib`QQmlComponentPrivate::complete(enginePriv=0x0000000100366a40, state=0x0000600003d00198) at qqmlcomponent.cpp:1045:25
    frame #27: 0x000000010242cd98 libQt6Qml_debug.6.dylib`QQmlComponentPrivate::completeCreate(this=0x0000600003d000f0) at qqmlcomponent.cpp:1139:9
    frame #28: 0x0000000102430548 libQt6Qml_debug.6.dylib`QQmlComponent::completeCreate(this=0x0000600000010580) at qqmlcomponent.cpp:1126:8
    frame #29: 0x000000010242e774 libQt6Qml_debug.6.dylib`QQmlComponentPrivate::createWithProperties(this=0x0000600003d000f0, parent=0x0000000000000000, properties=0x000000016fdfd770, context=0x0000000000000000, behavior=CreateDefault) at qqmlcomponent.cpp:879:8
    frame #30: 0x000000010242e658 libQt6Qml_debug.6.dylib`QQmlComponent::create(this=0x0000600000010580, context=0x0000000000000000) at qqmlcomponent.cpp:830:15
    frame #31: 0x00000001023f0fb4 libQt6Qml_debug.6.dylib`QQmlApplicationEnginePrivate::finishLoad(this=0x0000000100366a40, c=0x0000600000010580) at qqmlapplicationengine.cpp:122:54
    frame #32: 0x00000001023f0df4 libQt6Qml_debug.6.dylib`QQmlApplicationEnginePrivate::startLoad(this=0x0000000100366a40, url=0x000000016fdfe240, data=0x000000016fdfdb30, dataFlag=false) at qqmlapplicationengine.cpp:105:9
    frame #33: 0x00000001023f1674 libQt6Qml_debug.6.dylib`QQmlApplicationEngine::load(this=0x000000016fdff1a0, url=0x000000016fdfe240) at qqmlapplicationengine.cpp:287:8
    frame #34: 0x000000010000b96c qml`main(argc=2, argv=0x000000016fdff6b8) at main.cpp:619:11
    frame #35: 0x000000010005d08c dyld`start + 520

      The second has a similar backtrace

      (lldb) target create "/Users/sami/projects/qt-star-build/qtbase/bin/qml"
Current executable set to '/Users/sami/projects/qt-star-build/qtbase/bin/qml' (arm64).
(lldb) settings set -- target.run-args  "test3.qml"
(lldb) r
Process 3967 launched: '/Users/sami/projects/qt-star-build/qtbase/bin/qml' (arm64)
Process 3967 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xc)
    frame #0: 0x00000001022dad70 libQt6Qml_debug.6.dylib`QQmlPropertyCache::propertyCount(this=0x0000000000000000) const at qqmlpropertycache_p.h:437:12
   434
   435 	int QQmlPropertyCache::propertyCount() const
   436 	{
-> 437 	    return propertyIndexCacheStart + propertyIndexCache.count();
   438 	}
   439
   440 	int QQmlPropertyCache::propertyOffset() const
Target 0: (qml) stopped.
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xc)
  * frame #0: 0x00000001022dad70 libQt6Qml_debug.6.dylib`QQmlPropertyCache::propertyCount(this=0x0000000000000000) const at qqmlpropertycache_p.h:437:12
    frame #1: 0x00000001022ce238 libQt6Qml_debug.6.dylib`QQmlPropertyCache::property(this=0x0000000000000000, index=1) const at qqmlpropertycache_p.h:335:31
    frame #2: 0x00000001026e99ec libQt6Qml_debug.6.dylib`QQmlVMEMetaObjectEndpoint::tryConnect(this=0x0000600001738910) at qqmlvmemetaobject.cpp:212:70
    frame #3: 0x00000001026eefb4 libQt6Qml_debug.6.dylib`QQmlVMEMetaObject::connectAlias(this=0x00006000030026d0, aliasId=0) at qqmlvmemetaobject.cpp:1331:15
    frame #4: 0x00000001026ed574 libQt6Qml_debug.6.dylib`QQmlVMEMetaObject::metaCall(this=0x00006000030026d0, o=0x0000600003b09dc0, c=ReadProperty, _id=43, a=0x000000016fdf72e8) at qqmlvmemetaobject.cpp:957:17
    frame #5: 0x00000001022d44d4 libQt6Qml_debug.6.dylib`void QQmlPropertyData::doMetacall<(QMetaObject::Call)1>(this=0x0000600001738790, object=0x0000600003b09dc0, idx=43, argv=0x000000016fdf72e8) const at qqmlpropertydata_p.h:321:32
    frame #6: 0x00000001022d438c libQt6Qml_debug.6.dylib`QQmlPropertyData::readPropertyWithArgs(this=0x0000600001738790, target=0x0000600003b09dc0, args=0x000000016fdf72e8) const at qqmlpropertydata_p.h:331:13
    frame #7: 0x00000001022d4278 libQt6Qml_debug.6.dylib`QQmlPropertyData::readProperty(this=0x0000600001738790, target=0x0000600003b09dc0, property=0x000000016fdf7508) const at qqmlpropertydata_p.h:312:9
    frame #8: 0x00000001022ca308 libQt6Qml_debug.6.dylib`QV4::loadProperty(v4=0x0000000100441830, object=0x0000600003b09dc0, property=0x0000600001738790) at qv4qobjectwrapper.cpp:145:18
    frame #9: 0x00000001022c9900 libQt6Qml_debug.6.dylib`QV4::QObjectWrapper::getProperty(engine=0x0000000100441830, object=0x0000600003b09dc0, property=0x0000600001738790) at qv4qobjectwrapper.cpp:259:16
    frame #10: 0x00000001022cb218 libQt6Qml_debug.6.dylib`QV4::QObjectWrapper::getQmlProperty(engine=0x0000000100441830, qmlContext=0x000000016fdf7ac8, object=0x0000600003b09dc0, name=0x000000010e9045a0, revisionMode=CheckRevision, hasProperty=0x000000016fdf799f, property=0x000000016fdf7990) at qv4qobjectwrapper.cpp:385:16
    frame #11: 0x00000001022be7c0 libQt6Qml_debug.6.dylib`QV4::QQmlContextWrapper::getPropertyAndBase(resource=0x000000010e904590, id=(val = 4840808512), receiver=0x0000000000000000, hasProperty=0x000000016fdf7c33, base=0x0000000000000000, lookup=0x0000600003002670) at qv4qmlcontext.cpp:300:22
    frame #12: 0x00000001022c0218 libQt6Qml_debug.6.dylib`QV4::QQmlContextWrapper::resolveQmlContextPropertyLookupGetter(l=0x0000600003002670, engine=0x0000000100441830, base=0x0000000000000000) at qv4qmlcontext.cpp:481:18
    frame #13: 0x000000010237f468 libQt6Qml_debug.6.dylib`QV4::Moth::VME::interpret(frame=0x000000016fdfb100, engine=0x0000000100441830, code="\U00000018\n\xac\U00000002\a\U00000001\n\U00000018\U00000006\xd6\U00000016\U00000006\U00000002") at qv4vme_moth.cpp:664:15
    frame #14: 0x000000010237de94 libQt6Qml_debug.6.dylib`QV4::Moth::VME::exec(frame=0x000000016fdfb100, engine=0x0000000100441830) at qv4vme_moth.cpp:542:18
    frame #15: 0x00000001022619a8 libQt6Qml_debug.6.dylib`QV4::Function::call(this=0x0000600002125c70, thisObject=0x000000010e9044f0, argv=0x000000010e9044f0, argc=0, context=0x00000001077b0038) at qv4function.cpp:62:28
    frame #16: 0x0000000102263860 libQt6Qml_debug.6.dylib`QV4::Function::call(this=0x000000016fdfb2c8, thisObject=0x000000010e9044f0, argv=0x000000010e9044f0, argc=0)::$_0::operator()(QV4::Value const*, QV4::Value const*, int) const at qv4function.cpp:31:20
    frame #17: 0x00000001022615c8 libQt6Qml_debug.6.dylib`bool QV4::convertAndCall<QV4::Function::call(QObject*, void**, QMetaType const*, int, QV4::ExecutionContext*)::$_0>(engine=0x0000000100441830, thisObject=0x0000600003b09dc0, a=0x000000016fdfb500, types=0x000000016fdfb4f8, argc=0, call=(unnamed class) @ 0x000000016fdfb2c8)::$_0) at qv4jscall_p.h:197:33
    frame #18: 0x00000001022613e0 libQt6Qml_debug.6.dylib`QV4::Function::call(this=0x0000600002125c70, thisObject=0x0000600003b09dc0, a=0x000000016fdfb500, types=0x000000016fdfb4f8, argc=0, context=0x00000001077b0038) at qv4function.cpp:28:16
    frame #19: 0x00000001024f8858 libQt6Qml_debug.6.dylib`QQmlJavaScriptExpression::evaluate(this=0x0000600002918620, a=0x000000016fdfb500, types=0x000000016fdfb4f8, argc=0) at qqmljavascriptexpression.cpp:270:46
    frame #20: 0x0000000102418b98 libQt6Qml_debug.6.dylib`QQmlBoundSignalExpression::evaluate(this=0x0000600002918620, a=0x0000000000000000) at qqmlboundsignal.cpp:199:35
    frame #21: 0x0000000102419344 libQt6Qml_debug.6.dylib`QQmlBoundSignal_callback(e=0x00006000017388c0, a=0x0000000000000000) at qqmlboundsignal.cpp:314:26
    frame #22: 0x000000010254b8b8 libQt6Qml_debug.6.dylib`QQmlNotifier::emitNotify(endpoint=0x0000000000000000, a=0x0000000000000000) at qqmlnotifier.cpp:70:13
    frame #23: 0x00000001024605d0 libQt6Qml_debug.6.dylib`QQmlData::signalEmitted((null)=0x0000600003702b80, object=0x000060000024caa0, index=3, a=0x0000000000000000) at qqmlengine.cpp:344:17
    frame #24: 0x0000000109cee238 libQt6Core_debug.6.dylib`void doActivate<false>(sender=0x000060000024caa0, signal_index=3, argv=0x0000000000000000) at qobject.cpp:3864:9
    frame #25: 0x0000000109ced66c libQt6Core_debug.6.dylib`QMetaObject::activate(sender=0x000060000024caa0, m=0x0000000102892990, local_signal_index=0, argv=0x0000000000000000) at qobject.cpp:4032:9
    frame #26: 0x0000000102433d2c libQt6Qml_debug.6.dylib`QQmlComponentAttached::completed(this=0x000060000024caa0) at moc_qqmlcomponentattached_p.cpp:174:5
    frame #27: 0x0000000102557228 libQt6Qml_debug.6.dylib`QQmlObjectCreator::finalize(this=0x000000010033b8e0, interrupt=0x000000016fdfd568) at qqmlobjectcreator.cpp:1446:21
    frame #28: 0x000000010242e908 libQt6Qml_debug.6.dylib`QQmlComponentPrivate::complete(enginePriv=0x000000010043ffd0, state=0x0000600003d04378) at qqmlcomponent.cpp:1045:25
    frame #29: 0x000000010242cd98 libQt6Qml_debug.6.dylib`QQmlComponentPrivate::completeCreate(this=0x0000600003d042d0) at qqmlcomponent.cpp:1139:9
    frame #30: 0x0000000102430548 libQt6Qml_debug.6.dylib`QQmlComponent::completeCreate(this=0x00006000000094a0) at qqmlcomponent.cpp:1126:8
    frame #31: 0x000000010242e774 libQt6Qml_debug.6.dylib`QQmlComponentPrivate::createWithProperties(this=0x0000600003d042d0, parent=0x0000000000000000, properties=0x000000016fdfd770, context=0x0000000000000000, behavior=CreateDefault) at qqmlcomponent.cpp:879:8
    frame #32: 0x000000010242e658 libQt6Qml_debug.6.dylib`QQmlComponent::create(this=0x00006000000094a0, context=0x0000000000000000) at qqmlcomponent.cpp:830:15
    frame #33: 0x00000001023f0fb4 libQt6Qml_debug.6.dylib`QQmlApplicationEnginePrivate::finishLoad(this=0x000000010043ffd0, c=0x00006000000094a0) at qqmlapplicationengine.cpp:122:54
    frame #34: 0x00000001023f0df4 libQt6Qml_debug.6.dylib`QQmlApplicationEnginePrivate::startLoad(this=0x000000010043ffd0, url=0x000000016fdfe240, data=0x000000016fdfdb30, dataFlag=false) at qqmlapplicationengine.cpp:105:9
    frame #35: 0x00000001023f1674 libQt6Qml_debug.6.dylib`QQmlApplicationEngine::load(this=0x000000016fdff1a0, url=0x000000016fdfe240) at qqmlapplicationengine.cpp:287:8
    frame #36: 0x000000010000b96c qml`main(argc=2, argv=0x000000016fdff6b8) at main.cpp:619:11
    frame #37: 0x000000010005d08c dyld`start + 520

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            sami.shalayel Sami Shalayel
            sami.shalayel Sami Shalayel
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: