Loading...

Details

Type: Bug
Resolution: Duplicate
Priority: P1: Critical
Fix Version/s: None
Affects Version/s: 5.5.0 Alpha
Component/s: QML: Declarative and Javascript Engine
Labels:
None
Environment:
Linux/X11

Description

I've been trying to figure out a crash we're getting when running KDE/Plasma on Qt 5.5. I haven't been able to come up with a reproducible test case.

It's a deterministic problem (it can be reproduced by anyone running plasma Qt 5.5) and I'd like to help solve it, I just don't really know where to look further.

I asked in IRC, I was suggested to run it in valgrind with:

QV4_MM_AGGRESSIVE_GC=1
CONFIG += valgrind in qtdeclarative/src/qml

Here's the findings.

[1] valgrind messages (which appear far before the crash)
[2] gdb backtrace

I hope this helps
[1]

==17211== Conditional jump or move depends on uninitialised value(s)
==17211==    at 0x7C8A56C: QV4::Value::asManaged() const (qv4value_p.h:405)
==17211==    by 0x7DD849B: QV4::MemoryManager::collectFromJSStack() const (qv4mm.cpp:611)
==17211==    by 0x7DD7059: QV4::MemoryManager::mark() (qv4mm.cpp:341)
==17211==    by 0x7DD7BBA: QV4::MemoryManager::runGC() (qv4mm.cpp:494)
==17211==    by 0x7DD6664: QV4::MemoryManager::allocData(unsigned long) (qv4mm.cpp:226)
==17211==    by 0x7DC21CE: QV4::String::Data* QV4::MemoryManager::allocManaged<QV4::String>(unsigned long) (qv4mm_p.h:89)
==17211==    by 0x7DBD5E7: QV4::String::Data* QV4::MemoryManager::alloc<QV4::String, QString>(QString) (qv4mm_p.h:107)
==17211==    by 0x7DB2013: QV4::ExecutionEngine::newString(QString const&) (qv4engine.cpp:530)
==17211==    by 0x7E82948: QV4::RuntimeHelpers::stringFromNumber(QV4::ExecutionEngine*, double) (qv4runtime.cpp:380)
==17211==    by 0x7E82F35: QV4::RuntimeHelpers::convertToString(QV4::ExecutionEngine*, QV4::Value const&) (qv4runtime.cpp:472)
==17211==    by 0x7E8B51A: QV4::Value::toString(QV4::ExecutionEngine*) const (qv4value.cpp:274)
==17211==    by 0x7E03513: unsigned long long QV4::value_convert<QV4::String>(QV4::ExecutionEngine*, QV4::Value const&) (qv4value_inl_p.h:282)
==17211==    by 0x7E036A5: QV4::Scoped<QV4::String>::Scoped(QV4::Scope const&, unsigned long long const&, QV4::Scoped<QV4::String>::_Convert) (qv4scopedvalue_p.h:298)
==17211==    by 0x7E026EC: QV4::GlobalFunctions::method_parseFloat(QV4::CallContext*) (qv4globalobject.cpp:514)
==17211==    by 0x7DFDDAB: QV4::BuiltinFunction::call(QV4::Managed*, QV4::CallData*) (qv4functionobject.cpp:589)
==17211==    by 0x7D35965: QV4::Object::call(QV4::CallData*) (qv4object_p.h:302)
==17211==    by 0x7E85C86: QV4::Runtime::callActivationProperty(QV4::ExecutionEngine*, int, QV4::CallData*) (qv4runtime.cpp:947)
==17211==    by 0x191A10BD: ???
==17211==    by 0x7DFD9EC: QV4::SimpleScriptFunction::call(QV4::Managed*, QV4::CallData*) (qv4functionobject.cpp:539)
==17211==    by 0x7D35965: QV4::Object::call(QV4::CallData*) (qv4object_p.h:302)
==17211==    by 0x7E85C86: QV4::Runtime::callActivationProperty(QV4::ExecutionEngine*, int, QV4::CallData*) (qv4runtime.cpp:947)
==17211==    by 0x191A0A47: ???
==17211==    by 0x7DFD9EC: QV4::SimpleScriptFunction::call(QV4::Managed*, QV4::CallData*) (qv4functionobject.cpp:539)
==17211==    by 0x7D35965: QV4::Object::call(QV4::CallData*) (qv4object_p.h:302)
==17211==    by 0x7F3DB5F: QQmlJavaScriptExpression::evaluate(QQmlContextData*, QV4::Value const&, QV4::CallData*, bool*) (qqmljavascriptexpression.cpp:157)
==17211== 
==17211== Conditional jump or move depends on uninitialised value(s)
==17211==    at 0x7C5B6E4: QV4::Value::managed() const (qv4value_p.h:309)
==17211==    by 0x7C8A579: QV4::Value::asManaged() const (qv4value_p.h:406)
==17211==    by 0x7DD849B: QV4::MemoryManager::collectFromJSStack() const (qv4mm.cpp:611)
==17211==    by 0x7DD7059: QV4::MemoryManager::mark() (qv4mm.cpp:341)
==17211==    by 0x7DD7BBA: QV4::MemoryManager::runGC() (qv4mm.cpp:494)
==17211==    by 0x7DD6664: QV4::MemoryManager::allocData(unsigned long) (qv4mm.cpp:226)
==17211==    by 0x7DC21CE: QV4::String::Data* QV4::MemoryManager::allocManaged<QV4::String>(unsigned long) (qv4mm_p.h:89)
==17211==    by 0x7DBD5E7: QV4::String::Data* QV4::MemoryManager::alloc<QV4::String, QString>(QString) (qv4mm_p.h:107)
==17211==    by 0x7DB2013: QV4::ExecutionEngine::newString(QString const&) (qv4engine.cpp:530)
==17211==    by 0x7E82948: QV4::RuntimeHelpers::stringFromNumber(QV4::ExecutionEngine*, double) (qv4runtime.cpp:380)
==17211==    by 0x7E82F35: QV4::RuntimeHelpers::convertToString(QV4::ExecutionEngine*, QV4::Value const&) (qv4runtime.cpp:472)
==17211==    by 0x7E8B51A: QV4::Value::toString(QV4::ExecutionEngine*) const (qv4value.cpp:274)
==17211==    by 0x7E03513: unsigned long long QV4::value_convert<QV4::String>(QV4::ExecutionEngine*, QV4::Value const&) (qv4value_inl_p.h:282)
==17211==    by 0x7E036A5: QV4::Scoped<QV4::String>::Scoped(QV4::Scope const&, unsigned long long const&, QV4::Scoped<QV4::String>::_Convert) (qv4scopedvalue_p.h:298)
==17211==    by 0x7E026EC: QV4::GlobalFunctions::method_parseFloat(QV4::CallContext*) (qv4globalobject.cpp:514)
==17211==    by 0x7DFDDAB: QV4::BuiltinFunction::call(QV4::Managed*, QV4::CallData*) (qv4functionobject.cpp:589)
==17211==    by 0x7D35965: QV4::Object::call(QV4::CallData*) (qv4object_p.h:302)
==17211==    by 0x7E85C86: QV4::Runtime::callActivationProperty(QV4::ExecutionEngine*, int, QV4::CallData*) (qv4runtime.cpp:947)
==17211==    by 0x191A10BD: ???
==17211==    by 0x7DFD9EC: QV4::SimpleScriptFunction::call(QV4::Managed*, QV4::CallData*) (qv4functionobject.cpp:539)
==17211==    by 0x7D35965: QV4::Object::call(QV4::CallData*) (qv4object_p.h:302)
==17211==    by 0x7E85C86: QV4::Runtime::callActivationProperty(QV4::ExecutionEngine*, int, QV4::CallData*) (qv4runtime.cpp:947)
==17211==    by 0x191A0A47: ???
==17211==    by 0x7DFD9EC: QV4::SimpleScriptFunction::call(QV4::Managed*, QV4::CallData*) (qv4functionobject.cpp:539)
==17211==    by 0x7D35965: QV4::Object::call(QV4::CallData*) (qv4object_p.h:302)

[2]

#0 QV4::Heap::Base::isMarked() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4value_p.h:68
#1 QV4::Managed::markBit() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4managed_p.h:223
#2 QV4::MemoryManager::sweep() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4mm.cpp:394
#3 QV4::MemoryManager::runGC() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4mm.cpp:495
#4 QV4::MemoryManager::allocData() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4mm.cpp:226
#5 QV4::MemoryManager::allocManaged<QV4::QObjectWrapper>() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4mm_p.h:89
#6 QV4::MemoryManager::alloc<QV4::QObjectWrapper, QV4::ExecutionEngine*, QObject*>() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4mm_p.h:116
#7 QV4::QObjectWrapper::create() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:674
#8 QV4::QObjectWrapper::wrap() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:616
#9 LoadProperty<ReadAccessor::Indirect>() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:159
#10 QV4::QObjectWrapper::getProperty() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:392
#11 QV4::QObjectWrapper::getProperty() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4qobjectwrapper.cpp:639
#12 QV4::Runtime::getQmlQObjectProperty() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4runtime.cpp:1366
#13 ??() at 
#14 ??() at 
#15 QV4::Value::cast<QV4::SimpleScriptFunction>() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4value_p.h:364
#16 QV4::SimpleScriptFunction::call() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4functionobject.cpp:539
#17 QV4::Object::call() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/jsruntime/qv4object_p.h:302
#18 QQmlJavaScriptExpression::evaluate() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/qml/qqmljavascriptexpression.cpp:157
#19 QQmlJavaScriptExpression::evaluate() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/qml/qqmljavascriptexpression.cpp:115
#20 QQmlBinding::update() at /home/kde-devel/frameworks/qt55/qtdeclarative/src/qml/qml/qqmlbinding.cpp:215

Attachments

Issue Links

is duplicated by

QTBUG-44895 Segfault in qv4value_inl_p.h:52 isString due to commit e7b66a60584b3fcb1436a7dbe8396b71cb69fe1b

Closed

relates to

QTBUG-45051 Qt 5.5 Alpha does crash the Qt Quick Designer

Closed

QTBUG-44895 Segfault in qv4value_inl_p.h:52 isString due to commit e7b66a60584b3fcb1436a7dbe8396b71cb69fe1b

Closed

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Crash on QV4MemoryManagement::runGC

Details

Description

Attachments

Issue Links

Gerrit Reviews

Activity

People

Dates

Gerrit Reviews