Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: P1: Critical
Fix Version/s: 5.14.0 Beta2
Affects Version/s: 5.12.4, 5.12.5, 5.13.1
Component/s: QML: Declarative and Javascript Engine
Labels:
- earmarked_by_ulf

Platform/s:

iOS/tvOS/watchOS, Linux/X11
Commits:
00ae3b2323e9b138b0b43f301ec9da9407c66600

When I call a function with 14 parameters in QML I get a segfault in:

qv4stackframe_p.h line 190:

memset(jsFrame->args + argc, 0, (nRegisters - argc)*sizeof(Value));

nRegisters is 11 and argc is 14, so the third parameters yields -3*sizeof(Value) which is converted to size_t.

I guess the memset should only be done in case argc<nRegisters?

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

crash_test.zip
2 kB
14 Oct '19 12:48

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

For Gerrit Dashboard: QTBUG-78486
#	Subject	Branch	Project	Status	CR	V
278052,3	Pass suitable nFormals when constructing JS stack frame	5.14	qt/qtdeclarative	Status: MERGED	+2	0

Assignee:: Ulf Hermann

Reporter:: Christian Eltges

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 18 Sep '19 13:26

Updated:: 22 Oct '19 06:53

Resolved:: 22 Oct '19 06:53

There are no open Gerrit changes

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

Pass suitable nFormals when constructing JS stack frame: Gerrit Review: