Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-62987

Application sometimes crash in QML profiler

    XMLWordPrintable

Details

    • 4578a92744d447222f5e22851433d5dbecc51855 cf3b1bbd9ee048a28b58a55d76504b1c01e34811

    Description

      I have experienced crashes during QML profiling of a complex application:

      • run application with -qmljsdebugger=port:3768,block
      • attach QML profiler (other ways to start also trigger the issue): qmlprofiler -o trace.qtd --record on --interactive -a <ip>
      • wait for application to finish loading
      • press r<enter> in qmlprofiler to stop recording
      • profiled application sometimes crashes

      GDB trace:

      #0  0x00007fffed1a55ac in std::__atomic_base<int>::load (__m=std::memory_order_relaxed, this=0x0) at /usr/include/c++/5/bits/atomic_base.h:396
#1  QAtomicOps<int>::load<int> (_q_value=...) at /home/abusenius/qt5/qtbase/include/QtCore/../../src/corelib/arch/qatomic_cxx11.h:96
#2  0x00007fffed1a5110 in QBasicAtomicInteger<int>::load (this=0x0) at /home/abusenius/qt5/qtbase/include/QtCore/../../src/corelib/thread/qbasicatomic.h:119
#3  0x00007fffed1a4e34 in QtPrivate::RefCount::ref (this=0x0) at /home/abusenius/qt5/qtbase/include/QtCore/../../src/corelib/tools/qrefcount.h:49
#4  0x00007fffed1a6bd0 in QString::QString (this=0x18a05038, other=...) at /home/abusenius/qt5/qtbase/include/QtCore/../../src/corelib/tools/qstring.h:890
#5  0x00007fffed1a7041 in QQmlProfilerData::QQmlProfilerData (this=0x18a05028) at /home/abusenius/qt5/qtbase/include/QtQml/5.6.3/QtQml/private/../../../../../../qtdeclarative/src/qml/debugger/qqmlprofiler_p.h:74
#6  0x00007fffed1a7290 in QVector<QQmlProfilerData>::reallocData (this=0xfd32e8, asize=262697, aalloc=419429, options=...) at /home/abusenius/qt5/qtbase/include/QtCore/../../src/corelib/tools/qvector.h:553
#7  0x00007fffed1a7ff9 in QVector<QQmlProfilerData>::detach (this=0xfd32e8) at /home/abusenius/qt5/qtbase/include/QtCore/../../src/corelib/tools/qvector.h:384
#8  0x00007fffed1a7854 in QVector<QQmlProfilerData>::data (this=0xfd32e8) at /home/abusenius/qt5/qtbase/include/QtCore/../../src/corelib/tools/qvector.h:123
#9  0x00007fffed1a6df8 in QVector<QQmlProfilerData>::operator[] (this=0xfd32e8, i=0) at /home/abusenius/qt5/qtbase/include/QtCore/../../src/corelib/tools/qvector.h:432
#10 0x00007fffed1a6974 in QQmlProfilerAdapter::sendMessages (this=0xfd32c0, until=0, messages=...) at qqmlprofileradapter.cpp:104
#11 0x00007fffed1a9dd7 in QQmlProfilerServiceImpl::sendMessages (this=0xefb380) at qqmlprofilerservice.cpp:324
#12 0x00007fffed1a86b9 in QQmlProfilerServiceImpl::dataReady (this=0xefb380, profiler=0xfd32c0) at qqmlprofilerservice.cpp:87
#13 0x00007fffed1a6a80 in QQmlProfilerAdapter::receiveData (this=0xfd32c0, new_data=...) at qqmlprofileradapter.cpp:120
#14 0x00007fffed1b232f in QQmlProfilerAdapter::qt_static_metacall (_o=0xfd32c0, _c=QMetaObject::InvokeMetaMethod, _id=0, _a=0x7fffffffd0a0) at .moc/moc_qqmlprofileradapter.cpp:74
#15 0x00007ffff5c9636c in QMetaObject::activate (sender=0x104e0f0, signalOffset=3, local_signal_index=0, argv=0x7fffffffd0a0) at kernel/qobject.cpp:3730
#16 0x00007ffff5c95b52 in QMetaObject::activate (sender=0x104e0f0, m=0x7ffff66c4980 <QQmlProfiler::staticMetaObject>, local_signal_index=0, argv=0x7fffffffd0a0) at kernel/qobject.cpp:3595
#17 0x00007ffff64c200a in QQmlProfiler::dataReady (this=0x104e0f0, _t1=...) at .moc/moc_qqmlprofiler_p.cpp:167
#18 0x00007ffff647a54f in QQmlProfiler::reportData (this=0x104e0f0) at debugger/qqmlprofiler.cpp:59
#19 0x00007ffff647a528 in QQmlProfiler::stopProfiling (this=0x104e0f0) at debugger/qqmlprofiler.cpp:54
#20 0x00007ffff64c1d8d in QQmlProfiler::qt_static_metacall (_o=0x104e0f0, _c=QMetaObject::InvokeMetaMethod, _id=2, _a=0x9a05dd8) at .moc/moc_qqmlprofiler_p.cpp:96
#21 0x00007ffff5c8e2b1 in QMetaCallEvent::placeMetaCall (this=0xc3bc820, object=0x104e0f0) at kernel/qobject.cpp:495
#22 0x00007ffff5c8f477 in QObject::event (this=0x104e0f0, e=0xc3bc820) at kernel/qobject.cpp:1256
#23 0x00007ffff5c51420 in QCoreApplicationPrivate::notify_helper (receiver=0x104e0f0, event=0xc3bc820) at kernel/qcoreapplication.cpp:1149
#24 0x00007ffff5c5104a in doNotify (receiver=0x104e0f0, event=0xc3bc820) at kernel/qcoreapplication.cpp:1090
#25 0x00007ffff5c50fae in QCoreApplication::notify (this=0x7fffffffd7f0, receiver=0x104e0f0, event=0xc3bc820) at kernel/qcoreapplication.cpp:1076
#26 0x00007ffff67d6a5a in QGuiApplication::notify (this=0x7fffffffd7f0, object=0x104e0f0, event=0xc3bc820) at kernel/qguiapplication.cpp:1626
#27 0x00007ffff5c50f2b in QCoreApplication::notifyInternal2 (receiver=0x104e0f0, event=0xc3bc820) at kernel/qcoreapplication.cpp:1015
#28 0x00007ffff5c55214 in QCoreApplication::sendEvent (receiver=0x104e0f0, event=0xc3bc820) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:225
#29 0x00007ffff5c523cb in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0xe74460) at kernel/qcoreapplication.cpp:1650
#30 0x00007ffff5cd27ca in QEventDispatcherUNIX::processEvents (this=0xe68a40, flags=...) at kernel/qeventdispatcher_unix.cpp:579
#31 0x00007ffff0722646 in QUnixEventDispatcherQPA::processEvents (this=0xe68a40, flags=...) at eventdispatchers/qunixeventdispatcher.cpp:62
#32 0x00007ffff5c4d5e2 in QEventLoop::processEvents (this=0x7fffffffd6b0, flags=...) at kernel/qeventloop.cpp:128
#33 0x00007ffff5c4d919 in QEventLoop::exec (this=0x7fffffffd6b0, flags=...) at kernel/qeventloop.cpp:206
#34 0x00007ffff5c51721 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1285
#35 0x00007ffff67d6a0a in QGuiApplication::exec () at kernel/qguiapplication.cpp:1617
#36 0x0000000000415c76 in main (argc=3, argv=0x7fffffffda68)

      Valgrind's memcheck does not show any errors, I've been not able to reproduce the crash in valgrind.

      Hellgrind reports the following related issues:

      ==19782== Possible data race during write of size 8 at 0x2E516568 by thread #1
==19782== Locks held: none
==19782==    at 0x68A903D: QQmlProfilerData::QQmlProfilerData(QQmlProfilerData&&) (qqmlprofiler_p.h:74)
==19782==    by 0x68A91BF: QVector<QQmlProfilerData>::append(QQmlProfilerData&&) (qvector.h:663)
==19782==    by 0x692F1F3: QQmlProfiler::startBinding(QQmlSourceLocation const&) (qqmlprofiler_p.h:119)
==19782==    by 0x692F294: QQmlBindingProfiler::QQmlBindingProfiler(QQmlProfiler*, QV4::FunctionObject const*) (qqmlprofiler_p.h:194)
==19782==    by 0x692D0A4: QQmlBinding::update(QFlags<QQmlPropertyPrivate::WriteFlag>) (qqmlbinding.cpp:165)
==19782==    by 0x692E982: QQmlBinding::setEnabled(bool, QFlags<QQmlPropertyPrivate::WriteFlag>) (qqmlbinding.cpp:412)
==19782==    by 0x69403A9: QQmlObjectCreator::finalize(QQmlInstantiationInterrupt&) (qqmlobjectcreator.cpp:1219)
==19782==    by 0x68A00CE: QQmlIncubatorPrivate::incubate(QQmlInstantiationInterrupt&) (qqmlincubator.cpp:348)
==19782==    by 0x68A0401: QQmlIncubationController::incubateFor(int) (qqmlincubator.cpp:395)
==19782==    by 0x5A0387C: QQuickWindowIncubationController::incubate() (qquickwindow.cpp:136)
==19782==    by 0x5A037B5: QQuickWindowIncubationController::timerEvent(QTimerEvent*) (qquickwindow.cpp:119)
==19782==    by 0x6F003C4: QObject::event(QEvent*) (qobject.cpp:1237)
==19782==
==19782== This conflicts with a previous write of size 8 by thread #4
==19782== Locks held: none
==19782==    at 0x4C398AF: memset (in /usr/lib/valgrind/vgpreload_helgrind-amd64-linux.so)
==19782==    by 0x6642199: QV4::Compiler::JSUnitGenerator::generateUnit(QV4::Compiler::JSUnitGenerator::GeneratorOption) (qv4compiler.cpp:223)
==19782==    by 0x663EF14: QV4::CompiledData::CompilationUnit::createUnitData(QmlIR::Document*) (qv4compileddata.cpp:191)
==19782==    by 0x66BB214: QmlIR::QmlUnitGenerator::generate(QmlIR::Document&) (qqmlirbuilder.cpp:1299)
==19782==    by 0x66C640E: QQmlTypeCompiler::compile() (qqmltypecompiler.cpp:226)
==19782==    by 0x68CB4D4: QQmlTypeData::compile() (qqmltypeloader.cpp:2323)
==19782==    by 0x68CA2A7: QQmlTypeData::done() (qqmltypeloader.cpp:2153)
==19782==    by 0x68C3491: QQmlDataBlob::tryDone() (qqmltypeloader.cpp:604)
==19782==  Address 0x2e516568 is in a rw- anonymous segment

      ==19782==  Lock at 0xF268C90 was first observed
==19782==    at 0x4C34926: ??? (in /usr/lib/valgrind/vgpreload_helgrind-amd64-linux.so)
==19782==    by 0x10555F47: QQmlConfigurableDebugService<QQmlProfilerService>::QQmlConfigurableDebugService(float, QObject*) (qqmlconfigurabledebugservice.h:60)
==19782==    by 0x10553208: QQmlProfilerServiceImpl::QQmlProfilerServiceImpl(QObject*) (qqmlprofilerservice.cpp:50)
==19782==    by 0x105596BC: QQmlProfilerServiceFactory::create(QString const&) (qqmlprofilerservicefactory.cpp:43)
==19782==    by 0x695C546: QQmlDebugService* qLoadPlugin<QQmlDebugService, QQmlDebugServiceFactory>(QFactoryLoader const*, QString const&) (qfactoryloader_p.h:92)
==19782==    by 0x695B632: loadQQmlDebugService(QString const&) (qqmldebugconnector.cpp:52)
==19782==    by 0x695BFCD: QQmlDebugConnector::instance() (qqmldebugconnector.cpp:136)
==19782==    by 0x687DBB6: QQmlEnginePrivate::init() (qqmlengine.cpp:870)
==19782==    by 0x687DD14: QQmlEngine::QQmlEngine(QObject*) (qqmlengine.cpp:924)
==19782==    by 0x415402: main (main.cpp:244)
==19782==  Address 0xf268c90 is in a rw- anonymous segment
==19782==
==19782== Possible data race during read of size 8 at 0x54454CB0 by thread #1
==19782== Locks held: 1, at address 0xF268C90
==19782==    at 0x10554D43: QQmlProfilerServiceImpl::sendMessages() (qqmlprofilerservice.cpp:321)
==19782==    by 0x105536B8: QQmlProfilerServiceImpl::dataReady(QQmlAbstractProfilerAdapter*) (qqmlprofilerservice.cpp:87)
==19782==    by 0x10551A7F: QQmlProfilerAdapter::receiveData(QVector<QQmlProfilerData> const&) (qqmlprofileradapter.cpp:120)
==19782==    by 0x1055D32E: QQmlProfilerAdapter::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (moc_qqmlprofileradapter.cpp:74)
==19782==    by 0x6F0736B: QMetaObject::activate(QObject*, int, int, void**) (qobject.cpp:3730)
==19782==    by 0x6F06B51: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3595)
==19782==    by 0x69A6009: QQmlProfiler::dataReady(QVector<QQmlProfilerData> const&) (moc_qqmlprofiler_p.cpp:167)
==19782==    by 0x695E54E: QQmlProfiler::reportData() (qqmlprofiler.cpp:59)
==19782==    by 0x695E527: QQmlProfiler::stopProfiling() (qqmlprofiler.cpp:54)
==19782==    by 0x69A5D8C: QQmlProfiler::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (moc_qqmlprofiler_p.cpp:96)
==19782==    by 0x6EFF2B0: QMetaCallEvent::placeMetaCall(QObject*) (qobject.cpp:495)
==19782==    by 0x6F00476: QObject::event(QEvent*) (qobject.cpp:1256)
==19782==  Address 0x54454cb0 is in a rw- anonymous segment

      The first hellgrind race might be the reason for this=0x0 in frame 2 of the trace.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            ulherman Ulf Hermann
            alexbusenius Alex Busenius
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes