Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-75642

Invalid memory read in QJSEngine::evaluate

    XMLWordPrintable

Details

    • 6ee1acd6279749beddb5ecab211e3d314eb11fb3 (qt/qtdeclarative/5.12)

    Description

      Qt 5.12 branch, with cc9645f11b46aaad36658d62d38a5e44a5ba5ae5 picked onto qtbase.
      Built with clang 8.0.0. Configuration:

      -opensource
      -confirm-license
      -no-use-gold-linker
      -prefix
      /home/qtrob/dev/clang-8.0.0/qt-5.12_base_declarative-cov-asan-rs/qtbase
      -platform
      linux-clang
      -coverage
      trace-pc-guard
      -release
      -static
      -sanitize
      address
      -nomake
      examples
      -nomake
      tests
      

      Input to QJSEngine().evaluate():

      function a(){Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      Function``
      t=>s
      Function``
      ~Function``
      Function``
      Function``
      Function``
      Function``
      S=o=>s
      Function``
      a()}a()
      

      crashes with output:

      AddressSanitizer:DEADLYSIGNAL
      =================================================================
      ==2406==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x5620fefc841e bp 0x7fff994f96e0 sp 0x7fff994f8960 T0)
      ==2406==The signal is caused by a READ memory access.
      ==2406==Hint: address points to the zero page.
          #0 0x5620fefc841d in QV4::MemoryManager::runGC() (/tmp/evaluate-cli/evaluate-cli+0x18d741d)
          #1 0x5620fefc27d0 in QV4::MemoryManager::allocate(QV4::BlockAllocator*, unsigned long) (/tmp/evaluate-cli/evaluate-cli+0x18d17d0)
          #2 0x5620fefc2477 in QV4::MemoryManager::allocString(unsigned long) (/tmp/evaluate-cli/evaluate-cli+0x18d1477)
          #3 0x5620ff2c0fc0 in QV4::ExecutionEngine::newString(QString const&) (/tmp/evaluate-cli/evaluate-cli+0x1bcffc0)
          #4 0x5620ffb2f7de in QV4::CompiledData::CompilationUnit::linkToEngine(QV4::ExecutionEngine*) (/tmp/evaluate-cli/evaluate-cli+0x243e7de)
          #5 0x5620ff01c45a in QV4::FunctionCtor::virtualCallAsConstructor(QV4::FunctionObject const*, QV4::Value const*, int, QV4::Value const*) (/tmp/evaluate-cli/evaluate-cli+0x192b45a)
          #6 0x5620ff2eaf49 in QV4::Runtime::method_callName(QV4::ExecutionEngine*, int, QV4::Value*, int) (/tmp/evaluate-cli/evaluate-cli+0x1bf9f49)
      LLVMSymbolizer: error reading file: No such file or directory
          #7 0x7fb23d98106d  (/memfd:JITCode:./evaluate-cli (deleted)+0x6d)
      
      AddressSanitizer can not provide additional info.
      SUMMARY: AddressSanitizer: SEGV (/tmp/evaluate-cli/evaluate-cli+0x18d741d) in QV4::MemoryManager::runGC()
      ==2406==ABORTING
      

      Attachments

        1. evaluate-cli.zip
          0.6 kB
        2. QTBUG-75642.js
          0.4 kB
        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            ulherman Ulf Hermann
            rlohning Robert Löhning
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes