Details
-
Bug
-
Resolution: Fixed
-
Not Evaluated
-
None
-
6.7
-
None
-
macOS
Description
typeid operator returns an invalid reference on an object from QtWebEngine. This behavior is unexpected according to the definition of typeid.
Here is a sandbox reproducing the issue:
#include <QTimer> #include <QGuiApplication> #include <QtWebEngineQuick/QtWebEngineQuick> #include <QtWebEngineCore/QtWebEngineCore> int main(int argc, char *argv[]) { QCoreApplication::setAttribute(Qt::AA_ShareOpenGLContexts); QQuickWindow::setGraphicsApi(QSGRendererInterface::OpenGLRhi); QGuiApplication app(argc, argv); class EventFilter : public QObject{ public: using QObject::QObject; QSet<const QMetaObject*> visited; bool eventFilter(QObject* obj, QEvent*) override { const QMetaObject* mo = obj->metaObject(); if(!visited.contains(mo)){ visited.insert(mo); const std::type_info& typeInfo = typeid(*obj); // here, typeInfo.name() could lead to a crash const std::type_info* typeInfoPtr = &typeInfo; if(mo && typeInfoPtr) qWarning("metaobject: %s, typeid: %p (%s)", mo->className(), typeInfoPtr, typeInfoPtr->name()); else if(mo) qWarning("metaobject: %s, typeid: nullptr", mo->className()); else qWarning("metaobject: nullptr, typeid: nullptr"); } return false; } } eventFilter; app.installEventFilter(&eventFilter); QQmlApplicationEngine engine; QObject::connect( &engine, &QQmlApplicationEngine::objectCreationFailed, &app, []() { QCoreApplication::exit(-1); }, Qt::QueuedConnection); engine.loadData(R"( import QtQuick import QtQuick.Controls import QtQuick.Layouts import QtWebEngineApplicationWindow { visible: true width: 500 height: 400 WebEngineView { id: webView anchors.fill: parent url: http://www.qt.io } } )"); QTimer::singleShot(2000, &app, QCoreApplication::quit); return app.exec(); }
This code produces the output:
metaobject: QtWebEngineCore::RenderWidgetHostViewQtDelegateItem, typeid: nullptr
Successive operations on typeInfo result in a crash.
Is this a bug within Qt or Cromium or in macOS' typeid operator implementation?