Details
-
Bug
-
Resolution: Done
-
P1: Critical
-
5.12
-
Manjaro Linux
clang 8.0.0
-
6ee1acd6279749beddb5ecab211e3d314eb11fb3 (qt/qtdeclarative/5.12)
Description
Qt 5.12 branch, with cc9645f11b46aaad36658d62d38a5e44a5ba5ae5 picked onto qtbase.
Built with clang 8.0.0. Configuration:
-opensource -confirm-license -no-use-gold-linker -prefix /home/qtrob/dev/clang-8.0.0/qt-5.12_base_declarative-cov-asan-rs/qtbase -platform linux-clang -coverage trace-pc-guard -release -static -sanitize address -nomake examples -nomake tests
Input to QJSEngine().evaluate():
function a(){Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` Function`` t=>s Function`` ~Function`` Function`` Function`` Function`` Function`` S=o=>s Function`` a()}a()
crashes with output:
AddressSanitizer:DEADLYSIGNAL ================================================================= ==2406==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x5620fefc841e bp 0x7fff994f96e0 sp 0x7fff994f8960 T0) ==2406==The signal is caused by a READ memory access. ==2406==Hint: address points to the zero page. #0 0x5620fefc841d in QV4::MemoryManager::runGC() (/tmp/evaluate-cli/evaluate-cli+0x18d741d) #1 0x5620fefc27d0 in QV4::MemoryManager::allocate(QV4::BlockAllocator*, unsigned long) (/tmp/evaluate-cli/evaluate-cli+0x18d17d0) #2 0x5620fefc2477 in QV4::MemoryManager::allocString(unsigned long) (/tmp/evaluate-cli/evaluate-cli+0x18d1477) #3 0x5620ff2c0fc0 in QV4::ExecutionEngine::newString(QString const&) (/tmp/evaluate-cli/evaluate-cli+0x1bcffc0) #4 0x5620ffb2f7de in QV4::CompiledData::CompilationUnit::linkToEngine(QV4::ExecutionEngine*) (/tmp/evaluate-cli/evaluate-cli+0x243e7de) #5 0x5620ff01c45a in QV4::FunctionCtor::virtualCallAsConstructor(QV4::FunctionObject const*, QV4::Value const*, int, QV4::Value const*) (/tmp/evaluate-cli/evaluate-cli+0x192b45a) #6 0x5620ff2eaf49 in QV4::Runtime::method_callName(QV4::ExecutionEngine*, int, QV4::Value*, int) (/tmp/evaluate-cli/evaluate-cli+0x1bf9f49) LLVMSymbolizer: error reading file: No such file or directory #7 0x7fb23d98106d (/memfd:JITCode:./evaluate-cli (deleted)+0x6d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/tmp/evaluate-cli/evaluate-cli+0x18d741d) in QV4::MemoryManager::runGC() ==2406==ABORTING
Attachments
For Gerrit Dashboard: QTBUG-75642 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
264739,2 | JIT: Don't store accumulator on getTemplateLiteral | 5.12 | qt/qtdeclarative | Status: MERGED | +2 | 0 |
265744,3 | fuzzing: Add JavaScript file which could crash Qt 5.12.3 | master | qt/qtqa | Status: MERGED | +2 | 0 |