Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-136248

Crash in QQmlPrivate::callQObjectMethod

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • P1: Critical
    • 6.9.1, 6.9, 6.10.0 Beta3
    • 6.9
    • QML: Compiler
    • None
    • Fedora 42
    • e0817c48d (dev), a104cd47c (6.9), e042dd1ee (tqtc/lts-6.8), 06cd8c984 (dev), c2df729cd (tqtc/lts-6.5), 842210ac6 (6.9), 2a1792e9f (dev), 0269d084a (6.9)

    Description

      Consider the following QML code:

      import QtQuick
import Qt.labs.platform as Labs

Window {
    id: root
    Labs.MenuBar {
        Labs.Menu {
            id: fileMenu
            property list<QtObject> _menuItems: [
                Labs.MenuItem {
                }
            ]
            Component.onCompleted: {
                for (let j in _menuItems) {
                    fileMenu.addItem(_menuItems[j])
                }
            }
        }
    }
}

      When building it with qmlcachegen the app crashes with

      #0  QMetaObject::methodOffset (this=this@entry=0x0) at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qmetaobject.cpp:482

#1  0x00007ffff59af558 in QMetaObject::method (this=<optimized out>, index=20) at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qmetaobject.cpp:1190

#2  0x00007ffff7130049 in QQmlPropertyData::metaMethod (this=<optimized out>) at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlpropertydata_p.h:324

#3  QQmlPrivate::callQObjectMethod (engine=0x4b2400, lookup=<optimized out>, thisObject=<optimized out>, args=<optimized out>, argc=1)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqml.cpp:2069

#4  0x00000000004087b5 in QmlCacheGeneratedCode::_bla_Main_qml::aotBuiltFunctions::{lambda(QQmlPrivate::AOTCompiledContext const*, void**)#1}::operator()(QQmlPrivate::A
OTCompiledContext const*, void**) const::{lambda()#1}::operator()() const (__closure=0x7fffffffab20) at /home/nico/footest/build/.rcc/qmlcache/foo_Main_qml.cpp:385

#5  0x0000000000408e63 in QmlCacheGeneratedCode::_bla_Main_qml::aotBuiltFunctions::{lambda(QQmlPrivate::AOTCompiledContext const*, void**)#1}::operator()(QQmlPrivate::A
OTCompiledContext const*, void**) const (__closure=0x0, aotContext=0x7fffffffad50, argv=0x7fffffffb0f0) at /home/nico/footest/build/.rcc/qmlcache/foo_Main_qml.cpp:393

#6  0x0000000000408f5b in QmlCacheGeneratedCode::_bla_Main_qml::aotBuiltFunctions::{lambda(QQmlPrivate::AOTCompiledContext const*, void**)#1}::_FUN(QQmlPrivate::AOTComp
iledContext const*, void**) () at /home/nico/footest/build/.rcc/qmlcache/foo_Main_qml.cpp:429

#7  0x00007ffff70fd93e in operator() (argc=<optimized out>, __closure=0x7fffffffae20, argv=0x7fffffffb0f0)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4vme_moth.cpp:446

#8  QV4::coerceAndCall<AOTCompiledMetaMethod, QV4::Moth::VME::exec(QV4::MetaTypesStackFrame*, QV4::ExecutionEngine*)::<lambda(void**, int)> >(QV4::ExecutionEngine *, co
nst AOTCompiledMetaMethod *, void **, const QMetaType *, int, struct {...})

    (engine=engine@entry=0x4b2400, typedFunction=typedFunction@entry=0x7fffffffae58, argv=<optimized out>, types=<optimized out>, argc=<optimized out>, call=...)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4jscall_p.h:559

#9  0x00007ffff71048f8 in QV4::Moth::VME::exec (frame=frame@entry=0x7fffffffaef0, engine=engine@entry=0x4b2400)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4stackframe_p.h:151

#10 0x00007ffff702b211 in QV4::Function::call

    (this=0x93bce0, thisObject=0x4cb820, a=a@entry=0x7fffffffb0f0, types=types@entry=0x7fffffffb100, argc=argc@entry=0, context=<optimized out>)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/jsruntime/qv4function.cpp:36

#11 0x00007ffff71bc050 in QQmlJavaScriptExpression::evaluate (this=<optimized out>, a=a@entry=0x7fffffffb0f0, types=types@entry=0x7fffffffb100, argc=argc@entry=0)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmljavascriptexpression.cpp:270

#12 0x00007ffff714f2eb in QQmlBoundSignalExpression::evaluate (this=<optimized out>, a=a@entry=0x0)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlboundsignal.cpp:200

#13 0x00007ffff714fd80 in QQmlBoundSignal_callback (e=0x9400f0, a=0x0) at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlboundsignal.cpp:315

#14 0x00007ffff71ec331 in QQmlNotifier::emitNotify (endpoint=<optimized out>, a=0x0) at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlnotifier.cpp:70

#15 0x00007ffff5a0b070 in doActivate<false> (sender=0x941c30, signal_index=3, argv=argv@entry=0x0)

    at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:4036

#16 0x00007ffff5a01c99 in QMetaObject::activate

    (sender=sender@entry=0x941c30, m=m@entry=0x7ffff7488120 <QQmlComponentAttached::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x
0) at /home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:4206

#17 0x00007ffff7161384 in QQmlComponentAttached::completed (this=this@entry=0x941c30)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/Qml_autogen/include/moc_qqmlcomponentattached_p.cpp:122

#18 0x00007ffff71ef8bc in QQmlObjectCreator::finalize (this=<optimized out>, interrupt=...)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlobjectcreator.cpp:1633

#19 0x00007ffff7162fc5 in QQmlComponentPrivate::complete (enginePriv=0x5e7bb0, state=state@entry=0x93a298)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/ftw/qbipointer_p.h:133

#20 0x00007ffff716a000 in QQmlComponentPrivate::completeCreate (this=0x93a1e0) at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:1325

#21 0x00007ffff716abd4 in QQmlComponent::completeCreate (this=0x93a1c0) at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:1291

#22 QQmlComponentPrivate::createWithProperties

    (this=0x93a1e0, parent=parent@entry=0x0, properties=..., context=<optimized out>, behavior=behavior@entry=QQmlComponentPrivate::CreateDefault, createFromQml=createF
romQml@entry=false) at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:987

#23 0x00007ffff716af00 in QQmlComponent::create (this=<optimized out>, context=<optimized out>)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlcomponent.cpp:932

#24 0x00007ffff713f053 in QQmlApplicationEnginePrivate::finishLoad (this=0x5e7bb0, c=0x93a1c0)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlapplicationengine.cpp:158

#25 0x00007ffff713f284 in QQmlApplicationEnginePrivate::ensureLoadingFinishes (this=<optimized out>, c=<optimized out>)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlapplicationengine.cpp:185

#26 0x00007ffff713f9cc in QQmlApplicationEnginePrivate::startLoad (this=0x5e7bb0, uri=..., typeName=...)

    at /home/nico/workspace/qt6/qtdeclarative/src/qml/qml/qqmlapplicationengine.cpp:144

#27 0x0000000000403110 in main (argc=1, argv=0x7fffffffd158) at /home/nico/footest/main.cpp:10

      When running with QV4_FORCE_INTERPRETER=1 it does not crash.

      Qt is built from 6.9 branch (qtdeclarative 5931b4cd08ae40bbc559ef9b4663c1cc840eb8b7)

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            ulherman Ulf Hermann
            nicolasfella Nicolas Fella
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: