Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-95393

QQuickView::grab segfaults at times

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • P2: Important
    • 6.2.0 Beta3, 6.3.0 Alpha
    • 5.15, 6.2.0 Beta1
    • Quick: SceneGraph
    • None
    • $ uname -a
      Linux xps13den3e 5.10.0-7-amd64 #1 SMP Debian 5.10.40-1 (2021-05-28) x86_64 GNU/Linux

      $ cat /etc/issue
      Debian GNU/Linux 11 \n \l

      Qt 6.2.0 beta 1 installed from the on-line installer.
    • Linux/X11
    • b6ac70b9219ad9a2036b61686f2890b830b425c2 (qt/qtdeclarative/dev) a9fe872b7a43d5083832b1fa62f36ed0f99c7c8b (qt/qtdeclarative/6.2)

    Description

      When invoking the shoot function from the places in the following code, one instance fails and the other one work. Both are triggered from the Component.onCompleted, but one via a Timer with the triggeredOnStart property set to true, and should (in my mind) work.

      import QtQuick 6.2
      Rectangle {
        width: 200; height: 200; color: 'red'
        Timer {
          id: delay
          interval: 10000/4
          repeat: false
          triggeredOnStart: true
          onTriggered: shorty.shoot("fail.png")
      {{   }}}
        Component.onCompleted: {
          shorty.shoot('works.png')
          delay.start()
      {{   }}}
      }

      The shorty.shoot function simply invokes QQuickView::grab as shown here: https://github.com/qmlbook/shorty/blob/master/src/shorty.cpp#L42.

      The resulting debug session and backtrace looks like this:

      $ gdb shorty)
      GNU gdb (Debian 10.1-1.7) 10.1.90.20210103-git)
      Copyright (C) 2021 Free Software Foundation, Inc.)
      License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>)
      This is free software: you are free to change and redistribute it.)
      There is NO WARRANTY, to the extent permitted by law.)
      Type "show copying" and "show warranty" for details.)
      This GDB was configured as "x86_64-linux-gnu".)
      Type "show configuration" for configuration details.)
      For bug reporting instructions, please see
      <https://www.gnu.org/software/gdb/bugs/>.)
      Find the GDB manual and other documentation resources online at
      {{ <http://www.gnu.org/software/gdb/documentation/>.)}}
      {{ )}}
      For help, type "help".)
      Type "apropos word" to search for commands related to "word"...)
      Reading symbols from shorty...)
      (No debugging symbols found in shorty))
      (gdb) set args ../../example/bugreport.qml )
      (gdb) run)
      Starting program: /home/e8johan/work/qt6book/shorty/b/src/shorty ../../example/bugreport.qml )
      [Thread debugging using libthread_db enabled])
      Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".)
      [New Thread 0x7ffff2134700 (LWP 800251)])
      [New Thread 0x7ffff1714700 (LWP 800252)])
      [New Thread 0x7fffe93bf700 (LWP 800254)])
      [New Thread 0x7fffe8bbe700 (LWP 800255)])
      [New Thread 0x7fffdef01700 (LWP 800256)])
      [New Thread 0x7fffde700700 (LWP 800257)])
      [New Thread 0x7fffddeff700 (LWP 800258)])
      Shoot: "works.png")
      Shoot: "fail.png")
      {{ )}}
      Thread 1 "shorty" received signal SIGSEGV, Segmentation fault.)
      QSGThreadedRenderLoop::grab (this=0x555555631970, window=0x7fffffffda80) at src/quick/scenegraph/qsgthreadedrenderloop.cpp:1664)
      1664 src/quick/scenegraph/qsgthreadedrenderloop.cpp: No such file or directory.)
      (gdb) bt)
      #0 QSGThreadedRenderLoop::grab (this=0x555555631970, window=0x7fffffffda80) at src/quick/scenegraph/qsgthreadedrenderloop.cpp:1664)
      #1 0x00007ffff7c118c7 in QQuickWindow::grabWindow (this=0x7fffffffda80) at src/quick/items/qquickwindow.cpp:2521)
      #2 0x00005555555586e9 in Shorty::shoot(QString const&) ())
      #3 0x0000555555557586 in Shorty::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) ())
      #4 0x00005555555576e4 in Shorty::qt_metacall(QMetaObject::Call, int, void**) ())
      #5 0x00007ffff77e97dd in QQmlObjectOrGadget::metacall (this=0x7fffffffb710, type=QMetaObject::InvokeMetaMethod, index=<optimized out>, argv=<optimized out>) at src/qml/qml/qqmlobjectorgadget.cpp:50)
      #6 0x00007ffff76e00c2 in CallMethod (callType=<optimized out>, callArgs=<optimized out>, engine=<optimized out>, argTypes=<optimized out>, argCount=<optimized out>, returnType=..., index=<optimized out>, object=...))
      {{ at /home/qt/work/install/include/QtCore/qvarlengtharray.h:260)}}
      #7 CallPrecise (object=..., data=..., engine=<optimized out>, engine@entry=0x555555662650, callArgs=<optimized out>, callArgs@entry=0x7ffff020c580, callType=callType@entry=QMetaObject::InvokeMetaMethod))
      {{ at src/qml/jsruntime/qv4qobjectwrapper.cpp:1662
      #8 0x00007ffff76e1251 in operator() (__closure=<optimized out>) at src/qml/jsruntime/qv4qobjectwrapper.cpp:2265)
      #9 operator()<QV4::QObjectMethod::callInternal(const QV4::Value*, const QV4::Value*, int) const::<lambda()> > (call=..., __closure=<synthetic pointer>) at src/qml/jsruntime/qv4qobjectwrapper.cpp:2243)
      #10 QV4::QObjectMethod::callInternal (this=<optimized out>, thisObject=0x7fffffffb710, argv=0x7ffff020c548, argc=<optimized out>) at src/qml/jsruntime/qv4qobjectwrapper.cpp:2265)
      #11 0x00007ffff7732762 in QV4::FunctionObject::call (argc=<optimized out>, argv=<optimized out>, thisObject=<optimized out>, this=<optimized out>))
      {{ at include/QtQml/6.2.0/QtQml/private/../../../../../src/qml/jsruntime/qv4functionobject_p.h:175)}}
      #12 QV4::Moth::VME::interpret (frame=0x7fffffffba00, engine=0x555555662650, code=0xa <error: Cannot access memory at address 0xa>) at src/qml/jsruntime/qv4vme_moth.cpp:871)
      #13 0x00007ffff7735fff in QV4::Moth::VME::exec (frame=0x7fffffffba00, engine=0x555555662650) at src/qml/jsruntime/qv4vme_moth.cpp:553)
      #14 0x00007ffff769612a in QV4::Function::call (context=<optimized out>, argc=<optimized out>, argv=<optimized out>, thisObject=<optimized out>, this=<optimized out>) at src/qml/jsruntime/qv4function.cpp:99)
      #15 QV4::Function::call (this=<optimized out>, thisObject=<optimized out>, argv=<optimized out>, argc=<optimized out>, context=<optimized out>) at src/qml/jsruntime/qv4function.cpp:82)
      #16 0x00007ffff76963de in operator() (argc=0, argv=0x7ffff020c4f8, thisObject=0x7ffff020c4e8, __closure=<synthetic pointer>) at src/qml/jsruntime/qv4function.cpp:66)
      #17 QV4::convertAndCall<QV4::Function::call(const QV4::Value*, void*, const QMetaType, int, const QV4::ExecutionContext*)::<lambda(const QV4::Value*, const QV4::Value*, int)> > (call=..., argc=0, types=0x7fffffffbc80, )
      {{ a=<optimized out>, thisObject=0x7ffff020c4e8, engine=<optimized out>) at include/QtQml/6.2.0/QtQml/private/../../../../../src/qml/jsruntime/qv4jscall_p.h:220)}}
      #18 QV4::Function::call (this=0x55555563d140, thisObject=0x7ffff020c4e8, a=<optimized out>, types=0x7fffffffbc80, argc=0, context=<optimized out>) at src/qml/jsruntime/qv4function.cpp:64)
      #19 0x00007ffff77b5c0d in QQmlJavaScriptExpression::evaluate (this=0x55555563dc90, a=0x7fffffffbc70, types=0x7fffffffbc80, argc=<optimized out>))
      {{ at include/QtQml/6.2.0/QtQml/private/../../../../../src/qml/jsruntime/qv4scopedvalue_p.h:241)}}
      #20 0x00007ffff776d0bb in QQmlBoundSignalExpression::evaluate (this=0x55555563dc90, a=0x0) at src/qml/qml/qqmlboundsignal.cpp:214)
      #21 0x00007ffff776d6c0 in QQmlBoundSignal_callback (e=0x55555563e420, a=0x0) at include/QtQml/6.2.0/QtQml/private/../../../../../src/qml/qml/ftw/qqmlrefcount_p.h:96)
      #22 0x00007ffff77d6e3b in QQmlNotifier::emitNotify (endpoint=<optimized out>, a=0x0) at src/qml/qml/qqmlnotifier.cpp:104)
      #23 0x00007ffff6745fa9 in doActivate<false> (sender=0x555555591960, signal_index=3, argv=0x0) at src/corelib/kernel/qobject.cpp:3725)
      #24 0x00007ffff78aee07 in QQmlTimer::ticked (this=<optimized out>) at src/qml/types/qqmltimer.cpp:321)
      #25 0x00007ffff78af0d2 in QQmlTimer::event (this=<optimized out>, e=<optimized out>) at src/qml/types/qqmltimer.cpp:333)
      #26 0x00007ffff66eab8a in QCoreApplication::notifyInternal2 (receiver=0x555555591960, event=0x555555913810) at src/corelib/kernel/qcoreapplication.cpp:1055)
      #27 0x00007ffff66ed91c in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x55555558ab30) at src/corelib/kernel/qcoreapplication.cpp:1822)
      #28 0x00007ffff6941f03 in postEventSourceDispatch (s=0x5555555ef4c0) at src/corelib/kernel/qeventdispatcher_glib.cpp:279)
      #29 0x00007ffff5a28e6b in g_main_context_dispatch () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0)
      #30 0x00007ffff5a29118 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0)
      #31 0x00007ffff5a291cf in g_main_context_iteration () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0)
      #32 0x00007ffff6941889 in QEventDispatcherGlib::processEvents (this=0x5555555933a0, flags=...) at src/corelib/kernel/qeventdispatcher_glib.cpp:429)
      #33 0x00007ffff66f764b in QEventLoop::exec (this=0x7fffffffda00, flags=...) at include/QtCore/../../src/corelib/global/qflags.h:69)
      #34 0x00007ffff66f228b in QCoreApplication::exec () at include/QtCore/../../src/corelib/global/qflags.h:109)
      #35 0x0000555555559452 in main ()

      By commenting out either the works for fail shoot commands, the example fails or succeeds.

      I've attached the example source for reference.

      Attachments

        Activity

          People

            lagocs Laszlo Agocs
            e8johan Johan Thelin
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: