Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-54408

Segmentation fault in QDBusConnectionPrivate::closeConnection()

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • Not Evaluated
    • None
    • 5.6.1
    • D-Bus
    • None

    Description

      With one of my applications (unfortunately I can't provide a minimal example) I reproducibly get this code on shutdown:

      #0  0x00007ffff5264517 in QObject::disconnect(QObject const*, char const*, QObject const*, char const*) (sender=0x7fff8c06e7f0, signal=signal@entry=0x0, receiver=receiver@entry=0x7fffd4014c80, method=method@entry=0x0) at kernel/qobject.cpp:2949
      #1  0x00007fffe2e1a330 in QDBusConnectionPrivate::closeConnection() (member=0x0, receiver=0x7fffd4014c80, this=<optimized out>)
          at ../../include/QtCore/../../src/corelib/kernel/qobject.h:361
      #2  0x00007fffe2e1a330 in QDBusConnectionPrivate::closeConnection() (this=this@entry=0x7fffd4014c80) at qdbusintegrator.cpp:1128
      #3  0x00007fffe2e075f6 in QDBusConnectionManager::run() (this=0x7fffe2e7ad40 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>)
          at qdbusconnection.cpp:199
      #4  0x00007ffff505f808 in QThreadPrivate::start(void*) (arg=0x7fffe2e7ad40 <(anonymous namespace)::Q_QGS__q_manager::innerFunction()::holder>)
          at thread/qthread_unix.cpp:341
      #5  0x00007ffff7bc5464 in start_thread (arg=0x7fffe0b8a700) at pthread_create.c:334
      #6  0x00007ffff6db8e5d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
      

      All line numbers match the 5.6.1 tag in Git. The relevant piece of code in qdbusintegrator.cpp is:

      while (oit != allObjects.constEnd()) {
          (*oit)->disconnect(this);
          ++oit;
      }
      

      It looks like one of allObjects has no meta object or extraData, so its metaObject() fails:

      (gdb) p *sender
      $20 = {_vptr.QObject = 0x7fffdabe7220, static staticMetaObject = {d = {superdata = 0x0, stringdata = 0x7ffff53a4160 <qt_meta_stringdata_QObject>, 
            data = 0x7ffff53a4040 <qt_meta_data_QObject>, 
            static_metacall = 0x7ffff5268370 <QObject::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, 
            extradata = 0x0}}, d_ptr = {d = 0x7fff8c048f50}, static staticQtMetaObject = {d = {superdata = 0x0, 
            stringdata = 0x7ffff53ebcc0 <qt_meta_stringdata_Qt>, data = 0x7ffff53e9240 <qt_meta_data_Qt>, static_metacall = 0x0, relatedMetaObjects = 0x0, 
            extradata = 0x0}}}
      (gdb) p *receiver
      $21 = {_vptr.QObject = 0x7fffe2e79a38 <vtable for QDBusConnectionPrivate+16>, static staticMetaObject = {d = {superdata = 0x0, 
            stringdata = 0x7ffff53a4160 <qt_meta_stringdata_QObject>, data = 0x7ffff53a4040 <qt_meta_data_QObject>, 
            static_metacall = 0x7ffff5268370 <QObject::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)>, relatedMetaObjects = 0x0, 
            extradata = 0x0}}, d_ptr = {d = 0x7fffd4014c00}, static staticQtMetaObject = {d = {superdata = 0x0, 
            stringdata = 0x7ffff53ebcc0 <qt_meta_stringdata_Qt>, data = 0x7ffff53e9240 <qt_meta_data_Qt>, static_metacall = 0x0, relatedMetaObjects = 0x0, 
            extradata = 0x0}}}
      (gdb) p sender->metaObject()
      Cannot access memory at address 0x7fffdabe7220
      (gdb) p receiver->metaObject()
      $22 = (const QMetaObject *) 0x7fffe2e79aa0 <QDBusConnectionPrivate::staticMetaObject>
      

      Attachments

        1. valgrind.log.gz
          16 kB
          Dmitry Shachnev

        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              thiago Thiago Macieira
              mandriver Dmitry Shachnev
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes