Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: P1: Critical
Fix Version/s: 5.4.0
Affects Version/s: 5.2.1
Component/s: QML: Declarative and Javascript Engine
Labels:
None
Environment:
Windows 7 x64, Mingw32

Description

Summary:
JavaScript interpreter crashes if Array#sort arguments are re-used as variables.
e.g.

arr.sort(function(a, b) {
    a = transform(a);
    b = transform(b);
    return a == b ? 0 : a > b ? 1 : -1;
});

Expected result:
Array is sorted successfully

Actual result:
Qt application crashes with SEGFAULT and message:
file:///.../main.qml:23: TypeError: Cannot read property 'val' of null

Full code to reproduce this bug attached as main.qml.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

main.qml
0.7 kB
19 May '14 13:17
main-shorter.qml
0.4 kB
19 May '14 13:38

Issue Links

replaces

QTBUG-40280 V4 sometimes gives back a reference to a memory location that does not below to the array anymore

Closed

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Lars Knoll

Reporter:: Igor Null

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 19 May '14 13:17

Updated:: 02 Sep '14 15:58

Resolved:: 02 Sep '14 15:58

Gerrit Reviews

There are no open Gerrit changes

Show There are 2 closed Gerrit changes

Hide There are 2 closed Gerrit changes

Fix crashes when calling Array.sort with imperfect sort functions: Gerrit Review:

Fix crashes when calling Array.sort with imperfect sort functions: Gerrit Review: