Bug 414768

Summary: Plasma crashes in JS garbage collector after TaskManager::TaskGroupingProxyModel::Private::sourceDataChanged()
Product: [Plasma] plasmashell Reporter: Tim Richardson <tim>
Component: Task Manager and Icons-Only Task ManagerAssignee: Eike Hein <hein>
Status: RESOLVED UPSTREAM    
Severity: crash CC: christoph, nate, notmart, plasma-bugs
Priority: NOR Keywords: drkonqi
Version: 5.17.3   
Target Milestone: 1.0   
Platform: unspecified   
OS: Linux   
URL: https://bugreports.qt.io/browse/QTBUG-84363
See Also: https://bugs.kde.org/show_bug.cgi?id=401741
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: New crash information added by DrKonqi

Description Tim Richardson 2019-12-02 21:38:22 UTC
Application: plasmashell (5.17.3)

Qt Version: 5.13.2
Frameworks Version: 5.64.0
Operating System: Linux 5.3.10-custom x86_64
Distribution: KDE neon User Edition 5.17

-- Information about the crash:
- What I was doing when the application crashed:
Plasma crash .... just after  reboot, only task running was Disks doing filesystem repair on a SD card

-- Backtrace (Reduced):
#6  0x00007f0945725cd6 in QV4::MemoryManager::collectFromJSStack(QV4::MarkStack*) const () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#7  0x00007f0945725d3e in QV4::MemoryManager::collectRoots(QV4::MarkStack*) () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#8  0x00007f0945725f63 in QV4::MemoryManager::mark() () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#9  0x00007f0945727db9 in  () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#10 0x00007f0945729e56 in QV4::MemoryManager::allocString(unsigned long) () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5


Possible duplicates by query: bug 409244, bug 406600, bug 402725, bug 400877, bug 393930.

Reported using DrKonqi
Comment 1 Tim Richardson 2019-12-02 21:38:23 UTC
Created attachment 124280 [details]
New crash information added by DrKonqi

DrKonqi auto-attaching complete backtrace.
Comment 2 Marco Martin 2019-12-09 17:45:18 UTC
pasting inline 

Thread 1 (Thread 0x7f0948066800 (LWP 2940)):
[KCrash Handler]
#6  0x00007f0945725cd6 in QV4::MemoryManager::collectFromJSStack(QV4::MarkStack*) const () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#7  0x00007f0945725d3e in QV4::MemoryManager::collectRoots(QV4::MarkStack*) () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#8  0x00007f0945725f63 in QV4::MemoryManager::mark() () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#9  0x00007f0945727db9 in  () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#10 0x00007f0945729e56 in QV4::MemoryManager::allocString(unsigned long) () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#11 0x00007f0945897d4a in QV4::ExecutionEngine::newString(QString const&) () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#12 0x00007f09457d3bfa in  () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#13 0x00007f09458ad4f1 in QV4::RuntimeHelpers::ordinaryToPrimitive(QV4::ExecutionEngine*, QV4::Object const*, QV4::String*) () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#14 0x00007f09458ad7a4 in QV4::RuntimeHelpers::objectDefaultValue(QV4::Object const*, int) () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#15 0x00007f09458b278a in QV4::Value::toQStringNoThrow() const () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#16 0x00007f09458a1b48 in QV4::ExecutionEngine::catchExceptionAsQmlError() () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#17 0x00007f0945948db4 in  () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#18 0x00007f0945949486 in QQmlJavaScriptExpression::evaluate(QV4::CallData*, bool*) () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#19 0x00007f09458eefb9 in QQmlBoundSignalExpression::evaluate(void**) () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#20 0x00007f09458f033b in  () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#21 0x00007f0945929c42 in QQmlNotifier::emitNotify(QQmlNotifierEndpoint*, void**) () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#22 0x00007f09458d0f99 in QQmlData::signalEmitted(QAbstractDeclarativeData*, QObject*, int, void**) () at /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5
#23 0x00007f09420bd0f7 in QMetaObject::activate(QObject*, int, int, void**) (sender=sender@entry=0x5653100b0bd0, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd53125d20) at kernel/qobject.cpp:3678
#24 0x00007f09420bdf97 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (sender=sender@entry=0x5653100b0bd0, m=m@entry=0x7f0942541160 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd53125d20) at kernel/qobject.cpp:3660
#25 0x00007f094202834c in QAbstractItemModel::dataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=this@entry=0x5653100b0bd0, _t1=..., _t2=..., _t3=...) at .moc/moc_qabstractitemmodel.cpp:557
#26 0x00007f094205a8aa in QSortFilterProxyModelPrivate::_q_sourceDataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=<optimized out>, source_top_left=..., source_bottom_right=..., roles=...) at itemmodels/qsortfilterproxymodel.cpp:1480
#27 0x00007f094205ccf8 in QSortFilterProxyModel::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at .moc/moc_qsortfilterproxymodel.cpp:225
#28 0x00007f09420bd8d5 in QMetaObject::activate(QObject*, int, int, void**) (sender=sender@entry=0x565310113b90, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=<optimized out>, argv@entry=0x7ffd53126050) at kernel/qobject.cpp:3809
#29 0x00007f09420bdf97 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (sender=sender@entry=0x565310113b90, m=m@entry=0x7f0942541160 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd53126050) at kernel/qobject.cpp:3660
#30 0x00007f094202834c in QAbstractItemModel::dataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=this@entry=0x565310113b90, _t1=..., _t2=..., _t3=...) at .moc/moc_qabstractitemmodel.cpp:557
#31 0x00007f094205a8aa in QSortFilterProxyModelPrivate::_q_sourceDataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=<optimized out>, source_top_left=..., source_bottom_right=..., roles=...) at itemmodels/qsortfilterproxymodel.cpp:1480
#32 0x00007f094205ccf8 in QSortFilterProxyModel::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at .moc/moc_qsortfilterproxymodel.cpp:225
#33 0x00007f09420bd8d5 in QMetaObject::activate(QObject*, int, int, void**) (sender=0x565310170020, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=<optimized out>, argv@entry=0x7ffd53126380) at kernel/qobject.cpp:3809
#34 0x00007f09420bdf97 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (sender=<optimized out>, m=m@entry=0x7f0942541160 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd53126380) at kernel/qobject.cpp:3660
#35 0x00007f094202834c in QAbstractItemModel::dataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=<optimized out>, _t1=..., _t2=..., _t3=...) at .moc/moc_qabstractitemmodel.cpp:557
#36 0x00007f090914052a in TaskManager::TaskGroupingProxyModel::Private::sourceDataChanged(QModelIndex, QModelIndex, QVector<int> const&) (this=0x5653100a4300, topLeft=..., bottomRight=..., roles=...) at ./libtaskmanager/taskgroupingproxymodel.cpp:251
#37 0x00007f090914185d in TaskManager::TaskGroupingProxyModel::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at ./obj-x86_64-linux-gnu/libtaskmanager/taskmanager_autogen/include/moc_taskgroupingproxymodel.cpp:160
#38 0x00007f09420bd8d5 in QMetaObject::activate(QObject*, int, int, void**) (sender=sender@entry=0x565310171080, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=<optimized out>, argv@entry=0x7ffd53126630) at kernel/qobject.cpp:3809
#39 0x00007f09420bdf97 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (sender=sender@entry=0x565310171080, m=m@entry=0x7f0942541160 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd53126630) at kernel/qobject.cpp:3660
#40 0x00007f094202834c in QAbstractItemModel::dataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=this@entry=0x565310171080, _t1=..., _t2=..., _t3=...) at .moc/moc_qabstractitemmodel.cpp:557
#41 0x00007f094205a8aa in QSortFilterProxyModelPrivate::_q_sourceDataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=<optimized out>, source_top_left=..., source_bottom_right=..., roles=...) at itemmodels/qsortfilterproxymodel.cpp:1480
#42 0x00007f094205ccf8 in QSortFilterProxyModel::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at .moc/moc_qsortfilterproxymodel.cpp:225
#43 0x00007f09420bd8d5 in QMetaObject::activate(QObject*, int, int, void**) (sender=0x5653100855c0, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=<optimized out>, argv@entry=0x7ffd53126960) at kernel/qobject.cpp:3809
#44 0x00007f09420bdf97 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (sender=<optimized out>, m=m@entry=0x7f0942541160 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd53126960) at kernel/qobject.cpp:3660
#45 0x00007f094202834c in QAbstractItemModel::dataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=<optimized out>, _t1=..., _t2=..., _t3=...) at .moc/moc_qabstractitemmodel.cpp:557
#46 0x00007f0908ed7b42 in  () at /usr/lib/x86_64-linux-gnu/libKF5ItemModels.so.5
#47 0x00007f0908ed8fc8 in  () at /usr/lib/x86_64-linux-gnu/libKF5ItemModels.so.5
#48 0x00007f09420bd8d5 in QMetaObject::activate(QObject*, int, int, void**) (sender=sender@entry=0x56531017eeb0, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=<optimized out>, argv@entry=0x7ffd53126b60) at kernel/qobject.cpp:3809
#49 0x00007f09420bdf97 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (sender=sender@entry=0x56531017eeb0, m=m@entry=0x7f0942541160 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd53126b60) at kernel/qobject.cpp:3660
#50 0x00007f094202834c in QAbstractItemModel::dataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=this@entry=0x56531017eeb0, _t1=..., _t2=..., _t3=...) at .moc/moc_qabstractitemmodel.cpp:557
#51 0x00007f094204f071 in QIdentityProxyModelPrivate::_q_sourceDataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=<optimized out>, topLeft=..., bottomRight=..., roles=...) at itemmodels/qidentityproxymodel.cpp:483
#52 0x00007f0942050d48 in QIdentityProxyModel::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at .moc/moc_qidentityproxymodel.cpp:164
#53 0x00007f09420bd8d5 in QMetaObject::activate(QObject*, int, int, void**) (sender=0x56531017eff0, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=<optimized out>, argv@entry=0x7ffd53126d80) at kernel/qobject.cpp:3809
#54 0x00007f09420bdf97 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (sender=<optimized out>, m=m@entry=0x7f0942541160 <QAbstractItemModel::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd53126d80) at kernel/qobject.cpp:3660
#55 0x00007f094202834c in QAbstractItemModel::dataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=<optimized out>, _t1=..., _t2=..., _t3=...) at .moc/moc_qabstractitemmodel.cpp:557
#56 0x00007f0909161b50 in TaskManager::XWindowTasksModel::Private::dataChanged(unsigned long long, QVector<int> const&) (this=this@entry=0x56531017f160, window=<optimized out>, roles=...) at ./libtaskmanager/xwindowtasksmodel.cpp:408
#57 0x00007f0909164242 in TaskManager::XWindowTasksModel::Private::windowChanged(unsigned long long, QFlags<NET::Property>, QFlags<NET::Property2>) (this=0x56531017f160, window=<optimized out>, properties=..., properties2=...) at ./libtaskmanager/xwindowtasksmodel.cpp:395
#58 0x00007f09420bd9ef in QtPrivate::QSlotObjectBase::call(QObject*, void**) (a=0x7ffd53126fe0, r=0x56531017eff0, this=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:394
#59 0x00007f09420bd9ef in QMetaObject::activate(QObject*, int, int, void**) (sender=0x5653100a0160, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=2, argv=<optimized out>, argv@entry=0x7ffd53126fe0) at kernel/qobject.cpp:3789
#60 0x00007f09420bdf97 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (sender=<optimized out>, m=m@entry=0x7f0909380500 <XWindowSystemEventBatcher::staticMetaObject>, local_signal_index=local_signal_index@entry=2, argv=argv@entry=0x7ffd53126fe0) at kernel/qobject.cpp:3660
#61 0x00007f090916924b in XWindowSystemEventBatcher::windowChanged(unsigned long long, QFlags<NET::Property>, QFlags<NET::Property2>) (this=<optimized out>, _t1=<optimized out>, _t2=..., _t3=...) at ./obj-x86_64-linux-gnu/libtaskmanager/taskmanager_autogen/EWIEGA46WW/moc_xwindowsystemeventbatcher.cpp:176
#62 0x00007f0909160bc1 in XWindowSystemEventBatcher::<lambda(WId, NET::Properties, NET::Properties2)>::operator() (properties2=..., properties=..., window=<optimized out>, __closure=0x5653100a0400) at ./libtaskmanager/xwindowsystemeventbatcher.cpp:63
#63 0x00007f0909160bc1 in QtPrivate::FunctorCall<QtPrivate::IndexesList<0, 1, 2>, QtPrivate::List<long long unsigned int, QFlags<NET::Property>, QFlags<NET::Property2> >, void, XWindowSystemEventBatcher::XWindowSystemEventBatcher(QObject*)::<lambda(WId, NET::Properties, NET::Properties2)> >::call (arg=<optimized out>, f=...) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:146
#64 0x00007f0909160bc1 in QtPrivate::Functor<XWindowSystemEventBatcher::XWindowSystemEventBatcher(QObject*)::<lambda(WId, NET::Properties, NET::Properties2)>, 3>::call<QtPrivate::List<unsigned long long, QFlags<NET::Property>, QFlags<NET::Property2> >, void> (arg=<optimized out>, f=...) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:256
#65 0x00007f0909160bc1 in QtPrivate::QFunctorSlotObject<XWindowSystemEventBatcher::XWindowSystemEventBatcher(QObject*)::<lambda(WId, NET::Properties, NET::Properties2)>, 3, QtPrivate::List<long long unsigned int, QFlags<NET::Property>, QFlags<NET::Property2> >, void>::impl(int, QtPrivate::QSlotObjectBase *, QObject *, void **, bool *) (which=<optimized out>, this_=0x5653100a03f0, r=<optimized out>, a=<optimized out>, ret=<optimized out>) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qobjectdefs_impl.h:439
#66 0x00007f09420bd9ef in QtPrivate::QSlotObjectBase::call(QObject*, void**) (a=0x7ffd531271b0, r=0x5653100a0160, this=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:394
#67 0x00007f09420bd9ef in QMetaObject::activate(QObject*, int, int, void**) (sender=0x7f0944aa7c00, signalOffset=<optimized out>, local_signal_index=<optimized out>, argv=<optimized out>) at kernel/qobject.cpp:3789
#68 0x00007f0944898a0b in KWindowSystem::windowChanged(unsigned long long, QFlags<NET::Property>, QFlags<NET::Property2>) () at /usr/lib/x86_64-linux-gnu/libKF5WindowSystem.so.5
#69 0x00007f092ab408d6 in  () at /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/org.kde.kwindowsystem.platforms/KF5WindowSystemX11Plugin.so
Comment 3 Christoph Feck 2020-01-31 07:56:57 UTC
*** Bug 415795 has been marked as a duplicate of this bug. ***
Comment 4 Christoph Feck 2020-01-31 07:57:16 UTC
*** Bug 416409 has been marked as a duplicate of this bug. ***
Comment 5 Christoph Feck 2020-01-31 07:57:32 UTC
*** Bug 416975 has been marked as a duplicate of this bug. ***
Comment 6 Tim Richardson 2020-02-08 05:04:51 UTC
I removed Flameshot a week ago, and this problem has not occurred at since then. I also stopped my panel from autohiding. I will re-enable that now. 
I tried both OpenG: 3.1 and 2.0 as the rendering backend, but this is not a factor. 

I can't read the crashreports, but it seems  to be a crash in a qt library which means it shouldn't happen and these configuration changes I am making are probably not very interesting.
Comment 7 Antonio Rojas 2020-03-26 10:31:11 UTC
*** Bug 418154 has been marked as a duplicate of this bug. ***
Comment 8 Antonio Rojas 2020-03-26 10:31:33 UTC
*** Bug 417897 has been marked as a duplicate of this bug. ***
Comment 9 Antonio Rojas 2020-03-26 10:31:54 UTC
*** Bug 417367 has been marked as a duplicate of this bug. ***
Comment 10 Christoph Cullmann 2020-05-23 13:06:46 UTC
This looks a lot like

https://bugreports.qt.io/browse/QTBUG-84363
Comment 11 Nate Graham 2021-03-08 21:52:46 UTC
Here's that stuff that comes from us:

#35 0x00007f094202834c in QAbstractItemModel::dataChanged(QModelIndex const&, QModelIndex const&, QVector<int> const&) (this=<optimized out>, _t1=..., _t2=..., _t3=...) at .moc/moc_qabstractitemmodel.cpp:557
#36 0x00007f090914052a in TaskManager::TaskGroupingProxyModel::Private::sourceDataChanged(QModelIndex, QModelIndex, QVector<int> const&) (this=0x5653100a4300, topLeft=..., bottomRight=..., roles=...) at ./libtaskmanager/taskgroupingproxymodel.cpp:251
#37 0x00007f090914185d in TaskManager::TaskGroupingProxyModel::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at ./obj-x86_64-linux-gnu/libtaskmanager/taskmanager_autogen/include/moc_taskgroupingproxymodel.cpp:160
#38 0x00007f09420bd8d5 in QMetaObject::activate(QObject*, int, int, void**) (sender=sender@entry=0x565310171080, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=<optimized out>, argv@entry=0x7ffd53126630) at kernel/qobject.cpp:3809
Comment 12 Christoph Cullmann 2021-03-08 22:30:32 UTC
I still think any Qt version below 5.15.2 is unusable for any of our stuff, as the GC is broken. (at least 5.13 and 5.14 I thought)
Comment 13 Nate Graham 2021-03-09 01:39:21 UTC
Yikes. Do you happen to know of a bug report for that or the Qt gerrit change that fixed it?
Comment 14 Nate Graham 2021-03-09 03:44:49 UTC
All right, let's say it was https://bugreports.qt.io/browse/QTBUG-84363.
Comment 15 Christoph Cullmann 2021-03-09 08:45:27 UTC
Yes, there is some commit hash mentioned that should be in 5.15.1, but I would not count on that, I thought really all known stuff was fixed in .2, but perhaps I misremember that.

In any case, in the CI, for 5.14, even the "trivial" JS indenter tests in KTextEditor crash, often, therefore => useless.
Comment 16 Nate Graham 2021-03-09 17:02:46 UTC
Wow. Thanks for the info.
Comment 17 Christoph Cullmann 2021-03-09 17:04:55 UTC
Btw., just one of the usual backtraces with Qt 5.14.x

https://build.kde.org/job/Frameworks/job/ktexteditor/job/kf5-qt5%20SUSEQt5.14/162/console

23:15:53  AddressSanitizer:DEADLYSIGNAL
23:15:53  =================================================================
23:15:53  ==3582==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000028 (pc 0x7fbae5aa6efc bp 0x7fbacc01e000 sp 0x7ffc5ad454f0 T0)
23:15:53  ==3582==The signal is caused by a READ memory access.
23:15:53  ==3582==Hint: address points to the zero page.
23:15:53      #0 0x7fbae5aa6efc  (/usr/lib64/libQt5Qml.so.5+0xabefc)
23:15:53      #1 0x7fbae5b21fc8 in QV4::PersistentValueStorage::mark(QV4::MarkStack*) (/usr/lib64/libQt5Qml.so.5+0x126fc8)
23:15:53      #2 0x7fbae5aa729c in QV4::MemoryManager::collectRoots(QV4::MarkStack*) (/usr/lib64/libQt5Qml.so.5+0xac29c)
23:15:53      #3 0x7fbae5aa74b3 in QV4::MemoryManager::mark() (/usr/lib64/libQt5Qml.so.5+0xac4b3)
23:15:53      #4 0x7fbae5aa964d  (/usr/lib64/libQt5Qml.so.5+0xae64d)
23:15:53      #5 0x7fbae5aaae57 in QV4::MemoryManager::allocData(unsigned long) (/usr/lib64/libQt5Qml.so.5+0xafe57)
23:15:53      #6 0x7fbae5aaaeb2 in QV4::MemoryManager::allocObjectWithMemberData(QV4::VTable const*, unsigned int) (/usr/lib64/libQt5Qml.so.5+0xafeb2)
23:15:53      #7 0x7fbae5bbb6f0 in QV4::Runtime::CreateMappedArgumentsObject::call(QV4::ExecutionEngine*) (/usr/lib64/libQt5Qml.so.5+0x1c06f0)
23:15:53      #8 0x7fbacf7911ed  (/memfd:JITCode:QtQml (deleted)+0x1ed)
23:15:53  
23:15:53  AddressSanitizer can not provide additional info.
23:15:53  SUMMARY: AddressSanitizer: SEGV (/usr/lib64/libQt5Qml.so.5+0xabefc) 
23:15:53  ==3582==ABORTING