ubuntu-sdk-bugs team mailing list archive

Thread
Date

[Bug 2111216] Re: Qt V4 JIT engine generates bad JIT code

To: ubuntu-sdk-bugs@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <2111216@xxxxxxxxxxxxxxxxxx>
Date: Thu, 05 Jun 2025 19:35:59 -0000
Reply-to: Bug 2111216 <2111216@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

This bug was fixed in the package qtdeclarative-opensource-src -
5.15.13+dfsg-1ubuntu0.1

---------------
qtdeclarative-opensource-src (5.15.13+dfsg-1ubuntu0.1) noble; urgency=medium

  * Backport upstream patch to fix bad JIT code generation on arm64
    (LP: #2111216).

 -- Dmitry Shachnev <mitya57@xxxxxxxxxx>  Tue, 20 May 2025 16:55:54
+0300

** Changed in: qtdeclarative-opensource-src (Ubuntu Noble)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
SDK bug tracking, which is subscribed to qtdeclarative-opensource-src in
Ubuntu.
https://bugs.launchpad.net/bugs/2111216

Title:
  Qt V4 JIT engine generates bad JIT code

Status in qtdeclarative-opensource-src package in Ubuntu:
  Fix Released
Status in qtdeclarative-opensource-src source package in Noble:
  Fix Released

Bug description:
  [ Impact ]
  We're encountering a critical issue in Qt 5.15.13 as shipped in Ubuntu 24.04 (Noble). The Qt V4 JIT engine occasionally generates invalid machine code, resulting in crashes at runtime.

  This issue is tracked upstream as
  https://bugreports.qt.io/browse/QTBUG-111935, and was fixed in Qt
  5.15.14.

  Symptoms:
      * Application crashes with segmentation faults or illegal instruction errors when executing certain JavaScript in QML (GC).
      * The issue appears to stem from bad register allocation or incorrect code paths during JIT compilation.

  This affects users using Lomiri (and plasma) on arm64 (maybe others)
  devices. It causes random crashes in normal day to day use, 100% with
  QV4_MM_AGGRESSIVE_GC=1, never with QV4_FORCE_INTERPRETER=1.

  [ Test Plan ]
      * Start plasmashell or lomiri with set QV4_MM_AGGRESSIVE_GC=1.

  [ Where problems could occur ]
  The fix touches the JIT interpreter code, so potential problems would occur there.

  However, we run upstream test suite during build, so it should catch
  any potential regressions.

  [ Other Info ]
  Upstream commit that resolves the issue:

  https://code.qt.io/cgit/qt/qtdeclarative.git/commit/?id=3bd18f41cfb0f3da65eecf216e49a9bb6bda71a6

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qtdeclarative-opensource-src/+bug/2111216/+subscriptions

References

[Bug 2111216] [NEW] Qt V4 JIT engine generates bad JIT code
From: Marius Gripsgard , 2025-05-18