Details
-
Bug
-
Resolution: Done
-
P1: Critical
-
5.12.6, 5.14
-
-
31d05c6734057bed56ac783d4f9d03d3c2ecbcbb (qt/qtdeclarative/5.14) 74bdd7b588528ecdbffa3872706a9ada2b83b716 (qt/qtdeclarative/5.12)
Description
Reproducible crash when running "qjstest --jit 15.4.4.20-9-c-i-31.js". Reproduces on macOS 10.14.
Process 15286 stopped * thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x1) frame #0: 0x0000000100a48302 QtQml`QV4::Value::toBooleanImpl(QV4::Value) [inlined] QV4::Heap::Pointer<QV4::Heap::InternalClass*, 0ul>::get(this=<unavailable>) const at qv4heap_p.h:82:48 [opt] 79 WriteBarrier::write(e, base(), &ptr, reinterpret_cast<Base *>(newVal)); 80 } 81 -> 82 T get() const { return reinterpret_cast<T>(ptr); } 83 84 template <typename Type> 85 Type *cast() { return static_cast<Type *>(ptr); } Target 0: (qjstest) stopped. (lldb) bt * thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x1) * frame #0: 0x0000000100a48302 QtQml`QV4::Value::toBooleanImpl(QV4::Value) [inlined] QV4::Heap::Pointer<QV4::Heap::InternalClass*, 0ul>::get(this=<unavailable>) const at qv4heap_p.h:82:48 [opt] frame #1: 0x0000000100a48302 QtQml`QV4::Value::toBooleanImpl(QV4::Value) [inlined] QV4::Heap::Pointer<QV4::Heap::InternalClass*, 0ul>::operator->(this=<unavailable>) const at qv4heap_p.h:73 [opt] frame #2: 0x0000000100a48302 QtQml`QV4::Value::toBooleanImpl(val=<unavailable>) at qv4value.cpp:84 [opt] frame #3: 0x00000001009c1928 QtQml`QV4::ArrayPrototype::method_filter(QV4::FunctionObject const*, QV4::Value const*, QV4::Value const*, int) [inlined] QV4::Value::toBoolean(this=0x0000000104b016c8) const at qv4value_p.h:185:16 [opt] frame #4: 0x00000001009c191e QtQml`QV4::ArrayPrototype::method_filter(b=<unavailable>, thisObject=<unavailable>, argv=<unavailable>, argc=<unavailable>) at qv4arrayobject.cpp:1385 [opt] frame #5: 0x0000000100a4469a QtQml`QV4::Runtime::CallPropertyLookup::call(QV4::ExecutionEngine*, QV4::Value const&, unsigned int, QV4::Value*, int) [inlined] QV4::FunctionObject::call(this=0x00000001084071e0, thisObject=<unavailable>, argv=<unavailable>, argc=<unavailable>) const at qv4functionobject_p.h:202:16 [opt] frame #6: 0x0000000100a44682 QtQml`QV4::Runtime::CallPropertyLookup::call(engine=<unavailable>, base=0x0000000104b01668, index=<unavailable>, argv=0x0000000104b01680, argc=1) at qv4runtime.cpp:1452 [opt] frame #7: 0x00000001019dce1e frame #8: 0x0000000100a2f9d3 QtQml`QV4::Moth::VME::exec(frame=0x00007ffeefbfec50, engine=0x00007ffeefbfe870) at qv4vme_moth.cpp:460:18 [opt] frame #9: 0x00000001009d9e6f QtQml`QV4::ArrowFunction::virtualCall(fo=<unavailable>, thisObject=<unavailable>, argv=<unavailable>, argc=<unavailable>) at qv4functionobject.cpp:527:18 [opt] frame #10: 0x0000000100a448c6 QtQml`QV4::Runtime::CallValue::call(QV4::ExecutionEngine*, QV4::Value const&, QV4::Value*, int) [inlined] QV4::FunctionObject::call(this=<unavailable>, thisObject=<unavailable>, argv=<unavailable>, argc=<unavailable>) const at qv4functionobject_p.h:202:16 [opt] frame #11: 0x0000000100a448ad QtQml`QV4::Runtime::CallValue::call(engine=0x00007ffeefbfec50, func=<unavailable>, argv=<unavailable>, argc=<unavailable>) at qv4runtime.cpp:1478 [opt] frame #12: 0x00000001019dc389 frame #13: 0x0000000100a2f9d3 QtQml`QV4::Moth::VME::exec(frame=0x00007ffeefbfec50, engine=0x00007ffeefbfea00) at qv4vme_moth.cpp:460:18 [opt] frame #14: 0x00000001009d9e6f QtQml`QV4::ArrowFunction::virtualCall(fo=<unavailable>, thisObject=<unavailable>, argv=<unavailable>, argc=<unavailable>) at qv4functionobject.cpp:527:18 [opt] frame #15: 0x0000000100a4469a QtQml`QV4::Runtime::CallPropertyLookup::call(QV4::ExecutionEngine*, QV4::Value const&, unsigned int, QV4::Value*, int) [inlined] QV4::FunctionObject::call(this=0x0000000108427ce0, thisObject=<unavailable>, argv=<unavailable>, argc=<unavailable>) const at qv4functionobject_p.h:202:16 [opt] frame #16: 0x0000000100a44682 QtQml`QV4::Runtime::CallPropertyLookup::call(engine=<unavailable>, base=0x0000000104b01508, index=<unavailable>, argv=0x0000000104b01520, argc=2) at qv4runtime.cpp:1452 [opt] frame #17: 0x00000001019db8b4 frame #18: 0x0000000100a2f9d3 QtQml`QV4::Moth::VME::exec(frame=0x00007ffeefbfec50, engine=0x00007ffeefbfeb80) at qv4vme_moth.cpp:460:18 [opt] frame #19: 0x00000001009d6f25 QtQml`QV4::Function::call(this=0x0000000101a192f0, thisObject=<unavailable>, argv=<unavailable>, argc=<unavailable>, context=<unavailable>) at qv4function.cpp:69:28 [opt] frame #20: 0x0000000100a0bd3a QtQml`QV4::Script::run(this=0x00007ffeefbfef88, thisObject=<unavailable>) at qv4script.cpp:161:28 [opt] frame #21: 0x00000001000098b5 qjstest`executeTest(data=<unavailable>, runAsModule=<unavailable>, testCasePath=0x00007ffeefbff058, harnessForModules=0x00007ffeefbff048) at test262runner.cpp:546:20 [opt] frame #22: 0x0000000100008bcc qjstest`SingleTest::run(this=0x00007ffeefbff0b0) at test262runner.cpp:578:19 [opt] frame #23: 0x0000000100006852 qjstest`Test262Runner::runSingleTest(this=0x00007ffeefbff258, testCase=<unavailable>) at test262runner.cpp:649:10 [opt] frame #24: 0x0000000100005fb3 qjstest`Test262Runner::run(this=0x00007ffeefbff258) at test262runner.cpp:159:26 [opt] frame #25: 0x0000000100004af0 qjstest`main(argc=3, argv=<unavailable>) at main.cpp:111:20 [opt] frame #26: 0x00007fff711b73d5 libdyld.dylib`start + 1 frame #27: 0x00007fff711b73d5 libdyld.dylib`start + 1