Details
-
Type:
Bug
-
Status: Closed
-
Priority:
P2: Important
-
Resolution: Done
-
Affects Version/s: 5.6.1, 5.7.0
-
Fix Version/s: 5.6.3
-
Component/s: QML: Declarative and Javascript Engine
-
Labels:None
-
Environment:
openSUSE Leap 42.2 Alpha (Port for AArch64) with Linux 4.4.15
-
Commits:2afb54fb51091765f79548b0b057795bc3c6eb38
Description
On linux for aarch64 with CONFIG_ARM64_VA_BITS=48, use of the QML JS engine results reliably in a nullptr dereference with following backtrace:
#0 0x0000ffffb54f20b0 in QV4::Object::defineReadonlyProperty(QV4::String*, QV4::Value const&) () from /usr/lib64/libQt5Qml.so.5 #1 0x0000ffffb554365c in ?? () from /usr/lib64/libQt5Qml.so.5 #2 0x0000ffffb54b9ad4 in QV4::ExecutionEngine::ExecutionEngine(QV4::EvalISelFactory*) () from /usr/lib64/libQt5Qml.so.5 #3 0x0000ffffb55ef5b0 in QV8Engine::QV8Engine(QJSEngine*) () from /usr/lib64/libQt5Qml.so.5 #4 0x0000ffffb544b600 in QJSEngine::QJSEngine(QJSEnginePrivate&, QObject*) () from /usr/lib64/libQt5Qml.so.5 #5 0x0000ffffb555ac44 in QQmlEngine::QQmlEngine(QObject*) () from /usr/lib64/libQt5Qml.so.5
I assume that V4 does not like it if bits 39-47 in pointers are used.
Attachments
| For Gerrit Dashboard: QTBUG-54822 | ||||||
|---|---|---|---|---|---|---|
| # | Subject | Branch | Project | Status | CR | V |
| 169892,13 | V4: Free up 2 address bits in 64bit mode | 5.6 | qt/qtdeclarative | Status: MERGED | +2 | 0 |