Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-129241

Crash at QV4::Value::as<T>

    XMLWordPrintable

Details

    • Linux/Wayland
    • d148d8d78419effdc28b6bf74704379aa9a5950a

    Description

      I'm not sure what exactly causes the crash but the newly introduced `as` operator seems suspicious. The crash seems to happen when a list item is added.

      libQt6Qml.so.6.8.0+0x24fabdQV4::Value::as<T> (qv4value_p.h:140)
libQt6Qml.so.6.8.0+0x24fabdQV4::Value::as<T> (qv4value_p.h:151)
libQt6Qml.so.6.8.0+0x24fabdQV4::(anonymous namespace)::markWeakValues (qv4mm.cpp:749)
libQt6Qml.so.6.8.0+0x24fabcQV4::Value::as<T> (qv4value_p.h:140)
libQt6Qml.so.6.8.0+0x24fabcQV4::Value::as<T> (qv4value_p.h:151)
libQt6Qml.so.6.8.0+0x24fabcQV4::(anonymous namespace)::markWeakValues (qv4mm.cpp:749)
libQt6Qml.so.6.8.0+0x24fabcQV4::Value::as<T> (qv4value_p.h:140)
libQt6Qml.so.6.8.0+0x24fabcQV4::Value::as<T> (qv4value_p.h:151)
libQt6Qml.so.6.8.0+0x24fabcQV4::(anonymous namespace)::markWeakValues (qv4mm.cpp:749)
libQt6Qml.so.6.8.0+0x24dc6cQV4::GCStateMachine::transition (qv4mm.cpp:1487)
libQt6Qml.so.6.8.0+0x24dc6cQV4::GCStateMachine::transition (qv4mm.cpp:1469)
libQt6Qml.so.6.8.0+0x24dc6cQV4::GCStateMachine::transition (qv4mm.cpp:1487)
libQt6Qml.so.6.8.0+0x24dc6cQV4::GCStateMachine::transition (qv4mm.cpp:1469)
libQt6Qml.so.6.8.0+0x25d6e6QV4::GCStateMachine::step (qv4mm_p.h:79)
libQt6Qml.so.6.8.0+0x25d6e6QV4::MemoryManager::runGC (qv4mm.cpp:1272)
libQt6Qml.so.6.8.0+0x25d6e6QV4::GCStateMachine::step (qv4mm_p.h:79)
libQt6Qml.so.6.8.0+0x25d6e6QV4::MemoryManager::runGC (qv4mm.cpp:1272)
libQt6Qml.so.6.8.0+0x25498dQV4::MemoryManager::runGC (qv4mm.cpp:1260)
libQt6Qml.so.6.8.0+0x25498dQV4::MemoryManager::allocate (qv4mm_p.h:386)
libQt6Qml.so.6.8.0+0x25498dQV4::MemoryManager::allocData (qv4mm.cpp:1009)
libQt6Qml.so.6.8.0+0x25498dQV4::MemoryManager::runGC (qv4mm.cpp:1260)
libQt6Qml.so.6.8.0+0x25498dQV4::MemoryManager::allocate (qv4mm_p.h:386)
libQt6Qml.so.6.8.0+0x25498dQV4::MemoryManager::allocData (qv4mm.cpp:1009)
libQt6Qml.so.6.8.0+0x25498dQV4::MemoryManager::runGC (qv4mm.cpp:1260)
libQt6Qml.so.6.8.0+0x25498dQV4::MemoryManager::allocate (qv4mm_p.h:386)
libQt6Qml.so.6.8.0+0x25498dQV4::MemoryManager::allocData (qv4mm.cpp:1009)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:248)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:258)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:268)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocate<T> (qv4mm_p.h:301)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::QmlContext::create (qv4qmlcontext.cpp:842)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:248)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:258)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:268)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocate<T> (qv4mm_p.h:301)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::QmlContext::create (qv4qmlcontext.cpp:842)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:248)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:258)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:268)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocate<T> (qv4mm_p.h:301)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::QmlContext::create (qv4qmlcontext.cpp:842)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:248)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:258)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:268)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocate<T> (qv4mm_p.h:301)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::QmlContext::create (qv4qmlcontext.cpp:842)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:248)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:258)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocateObject<T> (qv4mm_p.h:268)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::MemoryManager::allocate<T> (qv4mm_p.h:301)
libQt6Qml.so.6.8.0+0x1ce3cbQV4::QmlContext::create (qv4qmlcontext.cpp:842)
libQt6Qml.so.6.8.0+0x286b91QQmlBoundSignalExpression::QQmlBoundSignalExpression (qqmlboundsignal.cpp:98)
libQt6QmlMeta.so.6.8.0+0x01a67fQQmlConnections::connectSignalsToMethods (qqmlconnections.cpp:423)
libQt6Qml.so.6.8.0+0x3049f2QQmlObjectCreator::finalize (qqmlobjectcreator.cpp:1579)
libQt6Qml.so.6.8.0+0x2d9446QQmlIncubatorPrivate::incubate (qqmlincubator.cpp:352)
libQt6Qml.so.6.8.0+0x2d9e77QQmlEnginePrivate::incubate (qqmlincubator.cpp:53)
libQt6QmlModels.so.6.8.0+0x06e669QQmlDelegateModelPrivate::object (qqmldelegatemodel.cpp:1272)
libQt6Quick.so.6.8.0+0x4dcd3dQQuickRepeater::modelUpdated (qquickrepeater.cpp:486)
libQt6Quick.so.6.8.0+0x4ddcd3QQuickRepeater::qt_metacall (moc_qquickrepeater_p.cpp:298)
libQt6Core.so.6.8.0+0x1b21f3doActivate<T> (qobject.cpp:4146)
libQt6QmlModels.so.6.8.0+0x076397{virtual override thunk} ($HOME/.cache/debuginfod_client/c077b720a78de164d0d5db4a5c9a229d5f611690/source##usr##src##debug##qt6-declarative##qtdeclarative##src##qmlmodels##qqmldelegatemodel_p_p.h:304)
libQt6QmlModels.so.6.8.0+0x07981aQQmlDelegateModelGroupPrivate::emitModelUpdated (qqmldelegatemodel.cpp:2883)
libQt6QmlModels.so.6.8.0+0x07981aQQmlDelegateModelPrivate::emitChanges (qqmldelegatemodel.cpp:1881)
libQt6QmlModels.so.6.8.0+0x07981aQQmlDelegateModelGroupPrivate::emitModelUpdated (qqmldelegatemodel.cpp:2883)
libQt6QmlModels.so.6.8.0+0x07981aQQmlDelegateModelPrivate::emitChanges (qqmldelegatemodel.cpp:1881)
libQt6QmlModels.so.6.8.0+0x074163QQmlDelegateModel::_q_itemsInserted (qqmldelegatemodel.cpp:1613)
libQt6Core.so.6.8.0+0x1b2168QtPrivate::QSlotObjectBase::call (qobjectdefs_impl.h:487)
libQt6Core.so.6.8.0+0x1b2168doActivate<T> (qobject.cpp:4120)
libQt6Core.so.6.8.0+0x1b2168QtPrivate::QSlotObjectBase::call (qobjectdefs_impl.h:487)
libQt6Core.so.6.8.0+0x1b2168doActivate<T> (qobject.cpp:4120)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::rowsInserted (moc_qabstractitemmodel.cpp:1057)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::endInsertRows (qabstractitemmodel.cpp:2915)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::rowsInserted (moc_qabstractitemmodel.cpp:1057)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::endInsertRows (qabstractitemmodel.cpp:2915)
libQt6Core.so.6.8.0+0x393664QSortFilterProxyModelPrivate::insert_source_items (qsortfilterproxymodel.cpp:932)
libQt6Core.so.6.8.0+0x3945faQSortFilterProxyModelPrivate::source_items_inserted (qsortfilterproxymodel.cpp:1043)
libQt6Core.so.6.8.0+0x3a169dQSortFilterProxyModelPrivate::_q_sourceRowsInserted (qsortfilterproxymodel.cpp:1685)
libQt6Core.so.6.8.0+0x1b2168QtPrivate::QSlotObjectBase::call (qobjectdefs_impl.h:487)
libQt6Core.so.6.8.0+0x1b2168doActivate<T> (qobject.cpp:4120)
libQt6Core.so.6.8.0+0x1b2168QtPrivate::QSlotObjectBase::call (qobjectdefs_impl.h:487)
libQt6Core.so.6.8.0+0x1b2168doActivate<T> (qobject.cpp:4120)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::rowsInserted (moc_qabstractitemmodel.cpp:1057)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::endInsertRows (qabstractitemmodel.cpp:2915)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::rowsInserted (moc_qabstractitemmodel.cpp:1057)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::endInsertRows (qabstractitemmodel.cpp:2915)
libtaskmanager.so.6.1.90+0x04f22fTaskManager::TaskGroupingProxyModel::Private::sourceRowsInserted (taskgroupingproxymodel.cpp:125)
libQt6Core.so.6.8.0+0x1b2168QtPrivate::QSlotObjectBase::call (qobjectdefs_impl.h:487)
libQt6Core.so.6.8.0+0x1b2168doActivate<T> (qobject.cpp:4120)
libQt6Core.so.6.8.0+0x1b2168QtPrivate::QSlotObjectBase::call (qobjectdefs_impl.h:487)
libQt6Core.so.6.8.0+0x1b2168doActivate<T> (qobject.cpp:4120)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::rowsInserted (moc_qabstractitemmodel.cpp:1057)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::endInsertRows (qabstractitemmodel.cpp:2915)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::rowsInserted (moc_qabstractitemmodel.cpp:1057)
libQt6Core.so.6.8.0+0x360fcfQAbstractItemModel::endInsertRows (qabstractitemmodel.cpp:2915)
libQt6Core.so.6.8.0+0x393664QSortFilterProxyModelPrivate::insert_source_items (qsortfilterproxymodel.cpp:932)
libQt6Core.so.6.8.0+0x39a7acQSortFilterProxyModelPrivate::handle_filter_changed (qsortfilterproxymodel.cpp:1360)
libQt6Core.so.6.8.0+0x39ba10QSortFilterProxyModelPrivate::filter_changed (qsortfilterproxymodel.cpp:1289)
libQt6Core.so.6.8.0+0x39bc14QSortFilterProxyModel::invalidateFilter (qsortfilterproxymodel.cpp:3097)
libtaskmanager.so.6.1.90+0x04c418TaskManager::TaskFilterProxyModel::setVirtualDesktop (taskfilterproxymodel.cpp:80)
libtaskmanager.so.6.1.90+0x04c418TaskManager::TaskFilterProxyModel::setVirtualDesktop (taskfilterproxymodel.cpp:74)
libtaskmanager.so.6.1.90+0x04c418TaskManager::TaskFilterProxyModel::setVirtualDesktop (taskfilterproxymodel.cpp:80)
libtaskmanager.so.6.1.90+0x04c418TaskManager::TaskFilterProxyModel::setVirtualDesktop (taskfilterproxymodel.cpp:74)
libQt6Qml.so.6.8.0+0x263102QQmlPropertyData::writeProperty (qqmlpropertydata_p.h:385)
libQt6Qml.so.6.8.0+0x320347QQmlPropertyPrivate::write (qqmlproperty.cpp:1548)
libQt6Qml.so.6.8.0+0x27940cQQmlBinding::slowWrite (qqmlbinding.cpp:543)
libQt6Qml.so.6.8.0+0x27fca4GenericBinding<T>::write (qqmlbinding.cpp:268)
libQt6Qml.so.6.8.0+0x27c6ecQQmlBinding::doUpdate (qqmlbinding.cpp:704)
libQt6Qml.so.6.8.0+0x27e42dQQmlBinding::update (qqmlbinding.cpp:164)
libQt6Qml.so.6.8.0+0x2fc6dbQQmlNotifier::emitNotify (qqmlnotifier.cpp:70)
libQt6Core.so.6.8.0+0x1b1e69doActivate<T> (qobject.cpp:4010)
libQt6Core.so.6.8.0+0x1b2168QtPrivate::QSlotObjectBase::call (qobjectdefs_impl.h:487)
libQt6Core.so.6.8.0+0x1b2168doActivate<T> (qobject.cpp:4120)
libQt6Core.so.6.8.0+0x1b2168QtPrivate::QSlotObjectBase::call (qobjectdefs_impl.h:487)
libQt6Core.so.6.8.0+0x1b2168doActivate<T> (qobject.cpp:4120)
libQt6Core.so.6.8.0+0x1b2168QtPrivate::QSlotObjectBase::call (qobjectdefs_impl.h:487)
libQt6Core.so.6.8.0+0x1b2168doActivate<T> (qobject.cpp:4120)
libQt6Core.so.6.8.0+0x1b2168QtPrivate::QSlotObjectBase::call (qobjectdefs_impl.h:487)
libQt6Core.so.6.8.0+0x1b2168doActivate<T> (qobject.cpp:4120)
libffi.so.8.1.4+0x007595ffi_call_unix64 (unix64.S:104)
libffi.so.8.1.4+0x00400dffi_call_int.lto_priv.0.cold (ffi64.c:673)
libffi.so.8.1.4+0x006bd2ffi_call (ffi64.c:710)
libwayland-client.so.0.23.1+0x0048afwl_closure_invoke.constprop.0 (connection.c:1228)
libwayland-client.so.0.23.1+0x005138dispatch_event (wayland-client.c:1674)
libwayland-client.so.0.23.1+0x005552dispatch_queue (wayland-client.c:1820)
libwayland-client.so.0.23.1+0x005552wl_display_dispatch_queue_pending (wayland-client.c:2062)
libwayland-client.so.0.23.1+0x005552dispatch_queue (wayland-client.c:1820)
libwayland-client.so.0.23.1+0x005552wl_display_dispatch_queue_pending (wayland-client.c:2062)
libQt6WaylandClient.so.6.8.0+0x061325QtWaylandClient::QWaylandDisplay::flushRequests (qwaylanddisplay.cpp:227)
libQt6Core.so.6.8.0+0x1a33d9QObject::event (qobject.cpp:1419)
libQt6Widgets.so.6.8.0+0x0fd559QApplicationPrivate::notify_helper (qapplication.cpp:3294)
libQt6Core.so.6.8.0+0x1587e7QCoreApplication::notifyInternal2 (qcoreapplication.cpp:1172)
libQt6Core.so.6.8.0+0x159274QCoreApplication::sendEvent (qcoreapplication.cpp:1616)
libQt6Core.so.6.8.0+0x159274QCoreApplicationPrivate::sendPostedEvents (qcoreapplication.cpp:1972)
libQt6Core.so.6.8.0+0x159274QCoreApplication::sendEvent (qcoreapplication.cpp:1616)
libQt6Core.so.6.8.0+0x159274QCoreApplicationPrivate::sendPostedEvents (qcoreapplication.cpp:1972)
libQt6Core.so.6.8.0+0x3bcbfbQCoreApplication::sendPostedEvents (qcoreapplication.cpp:1804)
libQt6Core.so.6.8.0+0x3bcbfbpostEventSourceDispatch (qeventdispatcher_glib.cpp:246)
libQt6Core.so.6.8.0+0x3bcbfbQCoreApplication::sendPostedEvents (qcoreapplication.cpp:1804)
libQt6Core.so.6.8.0+0x3bcbfbpostEventSourceDispatch (qeventdispatcher_glib.cpp:246)
libglib-2.0.so.0.8200.1+0x05d558g_main_dispatch.lto_priv.0 (gmain.c:3357)
libglib-2.0.so.0.8200.1+0x0c0156g_main_context_dispatch_unlocked (gmain.c:4208)
libglib-2.0.so.0.8200.1+0x0c0156g_main_context_iterate_unlocked.isra.0 (gmain.c:4273)
libglib-2.0.so.0.8200.1+0x0c0156g_main_context_dispatch_unlocked (gmain.c:4208)
libglib-2.0.so.0.8200.1+0x0c0156g_main_context_iterate_unlocked.isra.0 (gmain.c:4273)
libglib-2.0.so.0.8200.1+0x05ca54g_main_context_iteration (gmain.c:4338)
libQt6Core.so.6.8.0+0x3baabcQEventDispatcherGlib::processEvents (qeventdispatcher_glib.cpp:396)
libQt6Core.so.6.8.0+0x1625a5QEventLoop::processEvents (qeventloop.cpp:100)
libQt6Core.so.6.8.0+0x1625a5QEventLoop::exec (qeventloop.cpp:191)
libQt6Core.so.6.8.0+0x1625a5QEventLoop::processEvents (qeventloop.cpp:100)
libQt6Core.so.6.8.0+0x1625a5QEventLoop::exec (qeventloop.cpp:191)
libQt6Core.so.6.8.0+0x159c6eQCoreApplication::exec (qcoreapplication.cpp:1517)
libQt6Widgets.so.6.8.0+0x0f9989QApplication::exec (qapplication.cpp:2562)
plasmashell+0x02814emain (main.cpp:188)

      Attachments

        Issue Links

          relates to

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. QTBUG-119274 Introduce an incremental garbage collector for QML

          • P1: Critical - Urgent and Important, will STOP the release if matched with set FixVersion field. This includes regressions from the last version that are not edge cases; Data loss; Build issues; All but the most unlikely crashes/lockups/hanging; Serious usability issues and embarrassing bugs & Bugs critical to a deliverable. This is the highest possible priority for requirements.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-119885 Function signatures are insufficiently enforced

          • P1: Critical - Urgent and Important, will STOP the release if matched with set FixVersion field. This includes regressions from the last version that are not edge cases; Data loss; Build issues; All but the most unlikely crashes/lockups/hanging; Serious usability issues and embarrassing bugs & Bugs critical to a deliverable. This is the highest possible priority for requirements.
          • Closed

          Task - A task that needs to be done. QTBUG-121910 Investigate using white allocations while gc is running

          • P1: Critical - Urgent and Important, will STOP the release if matched with set FixVersion field. This includes regressions from the last version that are not edge cases; Data loss; Build issues; All but the most unlikely crashes/lockups/hanging; Serious usability issues and embarrassing bugs & Bugs critical to a deliverable. This is the highest possible priority for requirements.
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              fabiankosmale Fabian Kosmale
              fusionfuture Yuanzheng Wang
              Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes