Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: P1: Critical
Fix Version/s: 6.10
Affects Version/s: 5.15.15, 6.6.2, 6.8.2
Component/s: QML: Declarative and Javascript Engine
Labels:
None

Platform/s:

Linux/Wayland

Description

The following code, when run, will cause a segfault:

#include <QCoreApplication>
#include <QJSEngine>
#include <QDebug>

int main(int argc, char **argv) {
    QCoreApplication app(argc, argv);
    QJSEngine myEngine;
    QJSValue fun = myEngine.globalObject().property("eval");
    QJSValue ret = fun.call({ "99" });
    qDebug() << ret.toString();

    return 0;
}

The following GDB session shows backtrace, as well as showing what variable is null.

(gdb) r
Starting program: /home/peat/Development/QtRN/QtRN/toy/toy-qt6 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".Program received signal SIGSEGV, Segmentation fault.
QV4::EvalFunction::evalCall (argc=<optimized out>, directCall=false, argv=0x7ffff2bbf4f0, this=0x7ffff7fba040)
    at /usr/src/qt6-declarative-6.6.2+dfsg-4/src/qml/jsruntime/qv4globalobject.cpp:307
warning: 307    /usr/src/qt6-declarative-6.6.2+dfsg-4/src/qml/jsruntime/qv4globalobject.cpp: No such file or directory
(gdb) bt
#0  QV4::EvalFunction::evalCall (argc=<optimized out>, directCall=false, argv=0x7ffff2bbf4f0, this=0x7ffff7fba040)
    at /usr/src/qt6-declarative-6.6.2+dfsg-4/src/qml/jsruntime/qv4globalobject.cpp:307
#1  QV4::EvalFunction::evalCall (this=0x7ffff7fba040, argv=0x7ffff2bbf4f0, argc=1, directCall=false)
    at /usr/src/qt6-declarative-6.6.2+dfsg-4/src/qml/jsruntime/qv4globalobject.cpp:301
#2  0x00007ffff7b609e4 in QV4::FunctionObject::call (argc=1, argv=0x7ffff2bbf4f0, thisObject=0x7ffff2bbf4e8, this=0x7ffff7fba040)
    at /usr/src/qt6-declarative-6.6.2+dfsg-4/src/qml/jsruntime/qv4functionobject_p.h:171
#3  QV4::FunctionObject::call (data=<optimized out>, this=0x7ffff7fba040)
    at /usr/src/qt6-declarative-6.6.2+dfsg-4/src/qml/jsruntime/qv4jscall_p.h:93
#4  QJSValue::call (this=<optimized out>, args=...) at /usr/src/qt6-declarative-6.6.2+dfsg-4/src/qml/jsapi/qjsvalue.cpp:707
#5  0x0000555555555543 in main () 
(gdb) print v4->currentStackFrame
$1 = (QV4::CppStackFrame *) 0x0

I currently workaround this by monkey-patching `eval` in global object to be an ordinary function which subsequently call real `eval`, like this:

myEngine.evaluate(QStringLiteral(
    "(function () {"
    "   const realEval = eval;"
    "   eval = function (s) { return realEval(s); };"
    "})()"
));

This affects both Qt 5 and Qt 6.

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Qt Qml Team User

Reporter:: Ratchanan Srirattanamet

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 08 May '25 19:49

Updated:: 09 May '25 07:02

Gerrit Reviews

There are no open Gerrit changes