Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: P1: Critical
Fix Version/s: 5.11.2
Affects Version/s: 5.11.0
Component/s: QML: Declarative and Javascript Engine
Labels:
None
Environment:
Archlinux

Commits:
d1693c14b4e7f7d4a8ab4b2e876d9cf43a621e2e

Description

QJSEngine crashes with segmentation fault when evaluating math.js (https://github.com/josdejong/mathjs)

Example:

// g++ -std=c++14 -fPIC -lQt5Qml -lQt5Core -I/usr/include/qt/ -I/usr/include/qt/QtCore -I/usr/include/qt/QtQml main.cpp
#include <QCoreApplication>
#include <QJSEngine>
#include <QString>
#include <QFile>

int main(int argc, char *argv[]) {
    QCoreApplication app{argc,argv};

    QString fileName = "math.min.js";
    QFile scriptFile(fileName);
    scriptFile.open(QIODevice::ReadOnly);

    QJSEngine engine;
    engine.evaluate(scriptFile.readAll());
}

Backtrace:

Program received signal SIGSEGV, Segmentation fault.
QV4::Heap::Base::vtable (this=0x7ffff088e4a0) at /home/developer/projects/archlinux_packages/qt5-declarative/src/qtdeclarative-everywhere-src-5.11.0/include/QtQml/5.11.0/QtQml/private/../../../../../src/qml/memory/qv4heap_p.h:101
101         const VTable *vtable() const { return internalClass->vtable; }
(gdb) print *this
$1 = {internalClass = 0x0}
(gdb) bt
#0 QV4::Heap::Base::vtable (this=0x7ffff088e4a0) at /home/developer/projects/archlinux_packages/qt5-declarative/src/qtdeclarative-everywhere-src-5.11.0/include/QtQml/5.11.0/QtQml/private/../../../../../src/qml/memory/qv4heap_p.h:101
#1 0x00007ffff762c85d in QV4::Value::isObject (this=0x7ffff0d7b898)
    at /home/developer/projects/archlinux_packages/qt5-declarative/src/qtdeclarative-everywhere-src-5.11.0/include/QtQml/5.11.0/QtQml/private/../../../../../src/qml/jsruntime/qv4value_p.h:508
#2 0x00007ffff762c706 in QV4::Value::objectValue (this=0x7ffff0d7b898)
    at /home/developer/projects/archlinux_packages/qt5-declarative/src/qtdeclarative-everywhere-src-5.11.0/include/QtQml/5.11.0/QtQml/private/../../../../../src/qml/jsruntime/qv4value_p.h:368
#3 0x00007ffff762cb92 in QV4::Value::as<QV4::Object> (this=0x7ffff0d7b898)
    at /home/developer/projects/archlinux_packages/qt5-declarative/src/qtdeclarative-everywhere-src-5.11.0/include/QtQml/5.11.0/QtQml/private/../../../../../src/qml/jsruntime/qv4managed_p.h:254
#4 0x00007ffff76fc1c6 in QV4::Scoped<QV4::Object>::Scoped (this=0x7fffffff1c00, scope=..., v=...)
    at /home/developer/projects/archlinux_packages/qt5-declarative/src/qtdeclarative-everywhere-src-5.11.0/include/QtQml/5.11.0/QtQml/private/../../../../../src/qml/jsruntime/qv4scopedvalue_p.h:223
#5 0x00007ffff7810909 in QV4::Runtime::method_loadProperty (engine=0x5555557587f0, object=..., nameIndex=3649)
    at /home/developer/projects/archlinux_packages/qt5-declarative/src/qtdeclarative-everywhere-src-5.11.0/src/qml/jsruntime/qv4runtime.cpp:726
#6 0x00007ffff7fee6f6 in ?? ()
#7 0x00005555557587f0 in ?? ()
#8 0x00007fffffff28e0 in ?? ()
#9 0x00007ffff0d7b798 in ?? ()
#10 0x0000000000000000 in ?? ()
(gdb)

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

Example.tar.gz
132 kB
15 Jun '18 09:55
math.js
1.64 MB
18 Jun '18 14:43

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Erik Verbruggen

Reporter:: Olav Strehl

Votes:: 2 Vote for this issue

Watchers:: 9 Start watching this issue

Dates

Created:: 15 Jun '18 09:55

Updated:: 27 Nov '18 14:06

Resolved:: 27 Nov '18 14:06

Gerrit Reviews

There are no open Gerrit changes

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

revert change 353164263c55825a0ec72d30128c50560c626334: Gerrit Review: