Details
-
Bug
-
Resolution: Fixed
-
P1: Critical
-
6.6.1
-
None
-
4d13ed6a5 (dev), 40d1286a1 (6.7), 1b35bf6f4 (6.6)
Description
Consider:
import QtQuick Item { property list<var> data: [] Item {} }
This overrides the default 'data' property of QQuickItem with a different type. 6.5 produces an error for this:
qrc:/qt/qml/graphics/Main.qml:5:5: Cannot assign object to list property "data"
6.6 and dev crash:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==147768==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fc5c5e50287 bp 0x7fc5ba1f87f0 sp 0x7fc5ba1f87e0 T3)
==147768==The signal is caused by a READ memory access.
==147768==Hint: address points to the zero page.
#0 0x7fc5c5e50287 in QMetaObject::SuperData::operator QMetaObject const*() const /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qobjectdefs.h:589
#1 0x7fc5c5e502a3 in QMetaObject::superClass() const /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qobjectdefs.h:679
#2 0x7fc5c62c960a in QQmlMetaTypeData::propertyCache(QMetaObject const*, QTypeRevision) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmlmetatypedata.cpp:119
#3 0x7fc5c625d42c in QQmlMetaType::rawPropertyCacheForType(QMetaType) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmlmetatype.cpp:1463
#4 0x7fc5c643da18 in QQmlPropertyValidator::canCoerce(QMetaType, QQmlPropertyCache::ConstPtr) const /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmlpropertyvalidator.cpp:632
#5 0x7fc5c643eeb4 in QQmlPropertyValidator::validateObjectBinding(QQmlPropertyData const*, QString const&, QV4::CompiledData::Binding const*) const /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmlpropertyvalidator.cpp:718
#6 0x7fc5c643659f in QQmlPropertyValidator::validateObject(int, QV4::CompiledData::Binding const*, bool) const /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmlpropertyvalidator.cpp:287
#7 0x7fc5c64315c7 in QQmlPropertyValidator::validate() /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmlpropertyvalidator.cpp:46
#8 0x7fc5c64dab81 in QQmlTypeData::done() /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmltypedata.cpp:519
#9 0x7fc5c61441e6 in QQmlDataBlob::tryDone() /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmldatablob.cpp:485
#10 0x7fc5c652fa44 in QQmlTypeLoader::setData(QQmlRefPointer<QQmlDataBlob> const&, QQmlDataBlob::SourceCodeData const&) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:415
#11 0x7fc5c652f72d in QQmlTypeLoader::setData(QQmlRefPointer<QQmlDataBlob> const&, QString const&) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:395
#12 0x7fc5c652e2a5 in QQmlTypeLoader::loadThread(QQmlRefPointer<QQmlDataBlob> const&) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:260
#13 0x7fc5c6572b25 in QQmlTypeLoaderThread::loadThread(QQmlRefPointer<QQmlDataBlob> const&) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmltypeloaderthread.cpp:107
#14 0x7fc5c65763b8 in void std::__invoke_impl<void, void (QQmlTypeLoaderThread::*&)(QQmlRefPointer<QQmlDataBlob> const&), QQmlTypeLoaderThread*, QQmlRefPointer<QQmlDataBlob> >(std::__invoke_memfun_deref, void (QQmlTypeLoaderThread::*&)(QQmlRefPointer<QQmlDataBlob> const&), QQmlTypeLoaderThread*&&, QQmlRefPointer<QQmlDataBlob>&&) /usr/include/c++/12/bits/invoke.h:74
#15 0x7fc5c6575551 in std::__invoke_result<void (QQmlTypeLoaderThread::*&)(QQmlRefPointer<QQmlDataBlob> const&), QQmlTypeLoaderThread*, QQmlRefPointer<QQmlDataBlob> >::type std::__invoke<void (QQmlTypeLoaderThread::*&)(QQmlRefPointer<QQmlDataBlob> const&), QQmlTypeLoaderThread*, QQmlRefPointer<QQmlDataBlob> >(void (QQmlTypeLoaderThread::*&)(QQmlRefPointer<QQmlDataBlob> const&), QQmlTypeLoaderThread*&&, QQmlRefPointer<QQmlDataBlob>&&) /usr/include/c++/12/bits/invoke.h:96
#16 0x7fc5c6573a83 in decltype(auto) std::__apply_impl<void (QQmlTypeLoaderThread::*&)(QQmlRefPointer<QQmlDataBlob> const&), std::tuple<QQmlTypeLoaderThread*, QQmlRefPointer<QQmlDataBlob> >, 0ul, 1ul>(void (QQmlTypeLoaderThread::*&)(QQmlRefPointer<QQmlDataBlob> const&), std::tuple<QQmlTypeLoaderThread*, QQmlRefPointer<QQmlDataBlob> >&&, std::integer_sequence<unsigned long, 0ul, 1ul>) /usr/include/c++/12/tuple:1852
#17 0x7fc5c6573ac4 in decltype(auto) std::apply<void (QQmlTypeLoaderThread::*&)(QQmlRefPointer<QQmlDataBlob> const&), std::tuple<QQmlTypeLoaderThread*, QQmlRefPointer<QQmlDataBlob> > >(void (QQmlTypeLoaderThread::*&)(QQmlRefPointer<QQmlDataBlob> const&), std::tuple<QQmlTypeLoaderThread*, QQmlRefPointer<QQmlDataBlob> >&&) /usr/include/c++/12/tuple:1863
#18 0x7fc5c6573967 in QQmlThread::createMessageFromMethod<void (QQmlTypeLoaderThread::*)(QQmlRefPointer<QQmlDataBlob> const&), QQmlRefPointer<QQmlDataBlob> const&>(void (QQmlTypeLoaderThread::*&&)(QQmlRefPointer<QQmlDataBlob> const&), QQmlRefPointer<QQmlDataBlob> const&)::I::call(QQmlThread*) /home/ulf/qt6dev/qtbase/include/QtQml/6.7.0/QtQml/private/../../../../../../../qt6dev-src/qtdeclarative/src/qml/qml/ftw/qqmlthread_p.h:106
#19 0x7fc5c6042967 in QQmlThreadPrivate::threadEvent() /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/ftw/qqmlthread.cpp:148
#20 0x7fc5c604259b in QQmlThreadPrivate::event(QEvent*) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/ftw/qqmlthread.cpp:105
#21 0x7fc5c16199ab in QCoreApplicationPrivate::notify_helper(QObject*, QEvent*) /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qcoreapplication.cpp:1308
#22 0x7fc5c161912a in doNotify /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qcoreapplication.cpp:1235
#23 0x7fc5c1618fe5 in QCoreApplication::notify(QObject*, QEvent*) /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qcoreapplication.cpp:1218
#24 0x7fc5c2da73e0 in QGuiApplication::notify(QObject*, QEvent*) /home/ulf/qt6dev-src/qtbase/src/gui/kernel/qguiapplication.cpp:1994
#25 0x7fc5c1618e05 in QCoreApplication::notifyInternal2(QObject*, QEvent*) /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qcoreapplication.cpp:1134
#26 0x7fc5c161a624 in QCoreApplication::sendEvent(QObject*, QEvent*) /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qcoreapplication.cpp:1575
#27 0x7fc5c161d0c3 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qcoreapplication.cpp:1946
#28 0x7fc5c161bbd5 in QCoreApplication::sendPostedEvents(QObject*, int) /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qcoreapplication.cpp:1803
#29 0x7fc5c1fd4612 in postEventSourceDispatch /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:244
#30 0x7fc5c0d1c7a8 in g_main_context_dispatch (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x547a8)
#31 0x7fc5c0d1ca37 (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x54a37)
#32 0x7fc5c0d1cacb in g_main_context_iteration (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x54acb)
#33 0x7fc5c1fd5baf in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:394
#34 0x7fc5c164b546 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qeventloop.cpp:100
#35 0x7fc5c164beb0 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qeventloop.cpp:182
#36 0x7fc5c19dec24 in QThread::exec() /home/ulf/qt6dev-src/qtbase/src/corelib/thread/qthread.cpp:579
#37 0x7fc5c19df883 in QThread::run() /home/ulf/qt6dev-src/qtbase/src/corelib/thread/qthread.cpp:700
#38 0x7fc5c1c0477e in operator() /home/ulf/qt6dev-src/qtbase/src/corelib/thread/qthread_unix.cpp:326
#39 0x7fc5c1c0775c in terminate_on_exception<QThreadPrivate::start(void*)::<lambda()> > /home/ulf/qt6dev-src/qtbase/src/corelib/thread/qthread_unix.cpp:262
#40 0x7fc5c1c04944 in QThreadPrivate::start(void*) /home/ulf/qt6dev-src/qtbase/src/corelib/thread/qthread_unix.cpp:285
#41 0x7fc5c10a8043 in start_thread nptl/pthread_create.c:442
#42 0x7fc5c112861b in clone3 ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/ulf/qt6dev-src/qtbase/src/corelib/kernel/qobjectdefs.h:589 in QMetaObject::SuperData::operator QMetaObject const*() const
Thread T3 (QQmlThread) created by T0 here:
#0 0x7fc5c9849726 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cpp:207
#1 0x7fc5c1c0676e in QThread::start(QThread::Priority) /home/ulf/qt6dev-src/qtbase/src/corelib/thread/qthread_unix.cpp:723
#2 0x7fc5c6042c5f in QQmlThread::startup() /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/ftw/qqmlthread.cpp:187
#3 0x7fc5c6571917 in QQmlTypeLoaderThread::QQmlTypeLoaderThread(QQmlTypeLoader*) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmltypeloaderthread.cpp:18
#4 0x7fc5c65381ea in QQmlTypeLoader::QQmlTypeLoader(QQmlEngine*) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmltypeloader.cpp:903
#5 0x7fc5c6088368 in QQmlEnginePrivate::QQmlEnginePrivate(QQmlEngine*) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmlengine_p.h:104
#6 0x7fc5c6082332 in QQmlApplicationEnginePrivate::QQmlApplicationEnginePrivate(QQmlEngine*) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmlapplicationengine.cpp:17
#7 0x7fc5c608513a in QQmlApplicationEngine::QQmlApplicationEngine(QObject*) /home/ulf/qt6dev-src/qtdeclarative/src/qml/qml/qqmlapplicationengine.cpp:259
#8 0x5578a57248c5 in main /home/ulf/graphics/main.cpp:8
#9 0x7fc5c10461c9 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
==147768==ABORTING
It should definitely not crash, but the error message is also kind of wrong. It would be possible to assign an Item to var, but shadowing the default property this way is a rather stupid thing to do.
Attachments
Issue Links
- relates to
-
-
- Open
-