Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-23214

[Crash] Property alias to QObject defined in C++ namespace crashes during QML compilation.

    XMLWordPrintable

Details

    Description

      This Qml will result in a crash if MyQObject (from Tomte 2.0, name and version arbitrarily chosen) is defined in a C++ namespace.

      import QtQuick 1.0
      import Tomte 2.0
      
      Rectangle {
      
          property alias julgran: nisse
      
          MyQObject {
              id: nisse
              text: "Tjohej"
          }
      }
      

      The meta object is somehow flagged as an Enum of Flag, which causes QMetaObject::property(int index) to try to descope the type. In this process it calls QMetaObject_findMetaObject(const QMetaObject *self, const char *name). In this function the first if statement will evaluate to true if you DON'T use namespaces, and false if you do. Now the next if statement (corelib/kernel/qmetaobject.cpp:673):

      if (self->d.extradata) {
            ...
      

      It turns out extraData is uninitialized, so execution will enter the body of the if statement and eventually dereference extraData (corelib/kernel/qmetaobject.cpp:684):

      const QMetaObjectExtraData *extra = (const QMetaObjectExtraData*)(self->d.extradata);
      e = extra->objects;
      

      Crash.

      While the rest of the members of QMetaData::d are initialized in QMetaObjectBuilder::fromRelocatableData(), extraData is not.

      So I guess this is really two bugs:

      1. The class gets flagged as a Flag or Enum. (And this happens also when not using namespace.)
      2. A pointer is not initialized, and then dereferenced.

      In the attached test case, myNamespace::MyQObject and MyQObjectNoNS are identical except for the namespace difference. The test succeeds when MyQObjectNoNS is used instead.

      Attachments

        Issue Links

          Activity

            People

              thiago Thiago Macieira
              oskaralexandersson Oskar Alexandersson
              Votes:
              1 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: