Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-82675

canvas autotest with renderStrategy:Canvas.Threaded triggers memory corruption in V4

    XMLWordPrintable

Details

    Description

      We've been seeing odd errors while trying to stage https://codereview.qt-project.org/c/qt/qtdeclarative/+/275129. It seemed OK on my machine, but after trying several times with the debugger I reproduced the crash. 

      malloc(): unsorted double linked list corrupted

      (really!?? but I googled and found https://stackoverflow.com/questions/18035080/malloc-crashes-saying-corrupted-double-linked-list )

      The stack trace looks like this:

      1   raise                                                                                                                                                                                                                                                           0x7ffff5583f25 
2   abort                                                                                                                                                                                                                                                           0x7ffff556d897 
3   __libc_message                                                                                                                                                                                                                                                  0x7ffff55c7258 
4   malloc_printerr                                                                                                                                                                                                                                                 0x7ffff55ce77a 
5   _int_malloc                                                                                                                                                                                                                                                     0x7ffff55d190c 
6   malloc                                                                                                                          0x7ffff55d2fc9 
7   QFiniteStack<QExplicitlySharedDataPointer<QQmlAbstractBinding>>::allocate qfinitestack_p.h             165  0x7ffff6a04ba4 
8   QQmlObjectCreator::QQmlObjectCreator                                      qqmlobjectcreator.cpp        90   0x7ffff69fac31 
9   QQmlComponentPrivate::beginCreate                                         qqmlcomponent.cpp            916  0x7ffff69740ad 
10  QQmlComponent::beginCreate                                                qqmlcomponent.cpp            869  0x7ffff6973dd6 
11  QQmlComponent::createObject                                               qqmlcomponent.cpp            1360 0x7ffff69754be 
12  QQmlComponent::qt_static_metacall                                         moc_qqmlcomponent.cpp        150  0x7ffff6976bc1 
13  QQmlComponent::qt_metacall                                                moc_qqmlcomponent.cpp        218  0x7ffff6976e75 
14  QMetaObject::metacall                                                     qmetaobject.cpp              316  0x7ffff5f09599 
15  QQmlObjectOrGadget::metacall                                              qqmlobjectorgadget.cpp       51   0x7ffff69c04c0 
16  QV4::QObjectMethod::callInternal                                          qv4qobjectwrapper.cpp        2121 0x7ffff682aa16 
17  QV4::QObjectMethod::virtualCall                                           qv4qobjectwrapper.cpp        2064 0x7ffff682a4ec 
18  QV4::FunctionObject::call                                                 qv4functionobject_p.h        202  0x7ffff6763af7 
19  QV4::Moth::VME::interpret                                                 qv4vme_moth.cpp              754  0x7ffff68575c7 
20  QV4::Moth::VME::exec                                                      qv4vme_moth.cpp              463  0x7ffff6853373 
21  QV4::ArrowFunction::virtualCall                                           qv4functionobject.cpp        528  0x7ffff67cd7b9 
22  QV4::FunctionObject::call                                                 qv4functionobject_p.h        202  0x7ffff6763af7 
23  QV4::Runtime::CallQmlContextPropertyLookup::call                          qv4runtime.cpp               1366 0x7ffff6877d90 
24  QV4::Moth::VME::interpret                                                 qv4vme_moth.cpp              784  0x7ffff685822d 
25  QV4::Moth::VME::exec                                                      qv4vme_moth.cpp              463  0x7ffff6853373 
26  QV4::ArrowFunction::virtualCall                                           qv4functionobject.cpp        528  0x7ffff67cd7b9 
27  QV4::FunctionObject::call                                                 qv4functionobject_p.h        202  0x7ffff6763af7 
28  QV4::Runtime::CallElement::call                                           qv4runtime.cpp               1478 0x7ffff68788bb 
29  QV4::Moth::VME::interpret                                                 qv4vme_moth.cpp              760  0x7ffff6857903 
30  QV4::Moth::VME::exec                                                      qv4vme_moth.cpp              463  0x7ffff6853373 
31  QV4::ArrowFunction::virtualCall                                           qv4functionobject.cpp        528  0x7ffff67cd7b9 
32  QV4::FunctionObject::call                                                 qv4functionobject_p.h        202  0x7ffff6763af7 
33  QV4::Runtime::CallQmlContextPropertyLookup::call                          qv4runtime.cpp               1366 0x7ffff6877d90 
34  QV4::Moth::VME::interpret                                                 qv4vme_moth.cpp              784  0x7ffff685822d 
35  QV4::Moth::VME::exec                                                      qv4vme_moth.cpp              463  0x7ffff6853373 
36  QV4::ArrowFunction::virtualCall                                           qv4functionobject.cpp        528  0x7ffff67cd7b9 
37  QV4::FunctionObject::call                                                 qv4functionobject_p.h        202  0x7ffff6763af7 
38  QV4::Runtime::CallQmlContextPropertyLookup::call                          qv4runtime.cpp               1366 0x7ffff6877d90 
39  QV4::Moth::VME::interpret                                                 qv4vme_moth.cpp              784  0x7ffff685822d 
40  QV4::Moth::VME::exec                                                      qv4vme_moth.cpp              463  0x7ffff6853373 
41  QV4::ArrowFunction::virtualCall                                           qv4functionobject.cpp        528  0x7ffff67cd7b9 
42  QV4::FunctionObject::call                                                 qv4functionobject_p.h        202  0x7ffff6763af7 
43  QV4::Runtime::CallQmlContextPropertyLookup::call                          qv4runtime.cpp               1366 0x7ffff6877d90 
44  QV4::Moth::VME::interpret                                                 qv4vme_moth.cpp              784  0x7ffff685822d 
45  QV4::Moth::VME::exec                                                      qv4vme_moth.cpp              463  0x7ffff6853373 
46  QV4::Function::call                                                       qv4function.cpp              69   0x7ffff67c9758 
47  QQmlJavaScriptExpression::evaluate                                        qqmljavascriptexpression.cpp 211  0x7ffff69dfe3a 
48  QQmlBoundSignalExpression::evaluate                                       qqmlboundsignal.cpp          223  0x7ffff69811a1 
49  QQmlBoundSignal_callback                                                  qqmlboundsignal.cpp          356  0x7ffff69817fe 
50  QQmlNotifier::emitNotify                                                  qqmlnotifier.cpp             104  0x7ffff69bfa06 
51  QQmlData::signalEmitted                                                   qqmlengine.cpp               858  0x7ffff6956700 
52  doActivate<false>                                                         qobject.cpp                  3762 0x7ffff5f52738 
53  QMetaObject::activate                                                     qobject.cpp                  3943 0x7ffff5f4c6d1 
54  QQmlVMEMetaObject::activate                                               qqmlvmemetaobject.cpp        1212 0x7ffff6951faa 
55  QQmlVMEMetaObject::metaCall                                               qqmlvmemetaobject.cpp        782  0x7ffff694ffda 
56  QQmlVMEMetaObject::metaCall                                               qqmlvmemetaobject.cpp        945  0x7ffff6950b0e 
57  QQmlVMEMetaObject::metaCall                                               qqmlvmemetaobject.cpp        945  0x7ffff6950b0e 
58  QMetaObject::metacall                                                     qmetaobject.cpp              314  0x7ffff5f09575 
59  QQmlPropertyData::writeProperty                                           qqmlpropertydata_p.h         290  0x7ffff697078c 
60  GenericBinding<1>::doStore<bool>                                          qqmlbinding.cpp              334  0x7ffff69edfb9 
61  GenericBinding<1>::write                                                  qqmlbinding.cpp              295  0x7ffff69edfb9 
62  QQmlNonbindingBinding::doUpdate                                           qqmlbinding.cpp              250  0x7ffff69ea96d 
63  QQmlBinding::update                                                       qqmlbinding.cpp              186  0x7ffff69e8685 
64  QQmlBinding::expressionChanged                                            qqmlbinding.cpp              532  0x7ffff69e96d5 
65  QQmlJavaScriptExpressionGuard_callback                                    qqmljavascriptexpression.cpp 417  0x7ffff69e0f39 
66  QQmlNotifier::emitNotify                                                  qqmlnotifier.cpp             104  0x7ffff69bfa06 
67  QQmlData::signalEmitted                                                   qqmlengine.cpp               858  0x7ffff6956700 
68  doActivate<false>                                                         qobject.cpp                  3762 0x7ffff5f52738 
69  QMetaObject::activate                                                     qobject.cpp                  3943 0x7ffff5f4c6d1 
70  QQmlVMEMetaObject::activate                                               qqmlvmemetaobject.cpp        1212 0x7ffff6951faa 
71  QQmlVMEMetaObject::metaCall                                               qqmlvmemetaobject.cpp        782  0x7ffff694ffda 
72  QQmlVMEMetaObject::metaCall                                               qqmlvmemetaobject.cpp        945  0x7ffff6950b0e 
73  QQmlVMEMetaObject::metaCall                                               qqmlvmemetaobject.cpp        945  0x7ffff6950b0e 
74  QMetaObject::metacall                                                     qmetaobject.cpp              314  0x7ffff5f09575 
75  QQmlPropertyData::writeProperty                                           qqmlpropertydata_p.h         290  0x7ffff697078c 
76  GenericBinding<1>::doStore<bool>                                          qqmlbinding.cpp              334  0x7ffff69edfb9 
77  GenericBinding<1>::write                                                  qqmlbinding.cpp              295  0x7ffff69edfb9 
78  QQmlNonbindingBinding::doUpdate                                           qqmlbinding.cpp              250  0x7ffff69ea96d 
79  QQmlBinding::update                                                       qqmlbinding.cpp              186  0x7ffff69e8685 
80  QQmlBinding::expressionChanged                                            qqmlbinding.cpp              532  0x7ffff69e96d5 
81  QQmlJavaScriptExpressionGuard_callback                                    qqmljavascriptexpression.cpp 417  0x7ffff69e0f39 
82  QQmlNotifier::emitNotify                                                  qqmlnotifier.cpp             104  0x7ffff69bfa06 
83  QQmlData::signalEmitted                                                   qqmlengine.cpp               858  0x7ffff6956700 
84  doActivate<false>                                                         qobject.cpp                  3762 0x7ffff5f52738 
85  QMetaObject::activate                                                     qobject.cpp                  3930 0x7ffff5f4c65f 
86  QTestRootObject::windowShownChanged                                       quicktest.moc                203  0x7ffff7f95bfd 
87  QTestRootObject::setWindowShown                                           quicktest.cpp                165  0x7ffff7f9940d 
88  <lambda()>::operator()(void) const                                        quicktest.cpp                659  0x7ffff7f93902 
89  QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, ...   qobjectdefs_impl.h           146  0x7ffff7f95efa 
90  QtPrivate::Functor<quick_test_main_with_setup(int, ...)                   qobjectdefs_impl.h           256  0x7ffff7f95ecc 
91  QtPrivate::QFunctorSlotObject<quick_test_main_with_setup(int, ...) 			qobjectdefs_impl.h           439  0x7ffff7f95e9a 
92  QtPrivate::QSlotObjectBase::call                                          qobjectdefs_impl.h           394  0x7ffff5f11453 
93  QMetaCallEvent::placeMetaCall                                             qobject.cpp                  619  0x7ffff5f44c95 
94  QObject::event                                                            qobject.cpp                  1339 0x7ffff5f45d81 
95  QThread::event                                                            qthread.cpp                  980  0x7ffff5c8f8ec 
96  QCoreApplicationPrivate::notify_helper                                    qcoreapplication.cpp         1236 0x7ffff5effa0c 
97  doNotify                                                                  qcoreapplication.cpp         1165 0x7ffff5eff61d 
98  QCoreApplication::notify                                                  qcoreapplication.cpp         1151 0x7ffff5eff580 
99  QGuiApplication::notify                                                   qguiapplication.cpp          1872 0x7ffff6e4ff21 
100 QCoreApplication::notifyInternal2                                         qcoreapplication.cpp         1075 0x7ffff5eff4a1 
101 QCoreApplication::sendEvent                                               qcoreapplication.cpp         1470 0x7ffff5effeae 
102 QCoreApplicationPrivate::sendPostedEvents                                 qcoreapplication.cpp         1815 0x7ffff5f00ad0 
103 QCoreApplication::sendPostedEvents                                        qcoreapplication.cpp         1674 0x7ffff5f0041c 
104 postEventSourceDispatch                                                   qeventdispatcher_glib.cpp    277  0x7ffff5f95626 
105 g_main_context_dispatch                                                                                     0x7ffff28cf39e 
106 ??                                                                                                          0x7ffff28d11b1 
107 g_main_context_iteration                                                                                    0x7ffff28d11f1 
108 QEventDispatcherGlib::processEvents                                       qeventdispatcher_glib.cpp    423  0x7ffff5f95d81 
109 QXcbGlibEventDispatcher::processEvents                                    qxcbeventdispatcher.cpp      143  0x7ffff1eccd2c 
110 QEventLoop::processEvents                                                 qeventloop.cpp               138  0x7ffff5efbb8d 
111 QEventLoop::exec                                                          qeventloop.cpp               225  0x7ffff5efbec7 
112 quick_test_main_with_setup                                                quicktest.cpp                667  0x7ffff7f95483 
113 main                                                                      tst_qquickcanvasitem.cpp     54   0x555555559c11

      Attachments

        Issue Links

          resulted from

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-41043 tst_qquickcanvasitem tends to fail on CI

          • P4: Low - Would be nice to fix, but it's not very important.
          • Open
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              qt.team.quick.subscriptions Qt Quick and Widgets Team
              srutledg Shawn Rutledge
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:

                Gerrit Reviews

                  There are no open Gerrit changes