ios`llint_op_call_varargs:
0x29beb4: mov r0, r7
0x29beb6: mov r1, r8
0x29beb8: bl 0x295960 ; llint_slow_path_size_and_alloc_frame_for_varargs
0x29bebc: mov r8, r0
0x29bebe: mov r7, r1
0x29bec0: ldr r4, [r7, #0x10]
0x29bec2: movw r12, #0x0
0x29bec6: movt r12, #0xffff
0x29beca: ands.w r4, r4, r12
0x29bece: ldr.w r4, [r4, #1076]
0x29bed2: movw r12, #0x5f28
0x29bed6: add r12, r4
0x29bed8: mvn r10, #0x5
0x29bedc: ldr.w r11, [r12]
0x29bee0: cmp r11, r10
0x29bee2: beq 0x29bee8 ; llint_op_call_varargs + 52
0x29bee4: b.w 0x29ab12 ; llint_throw_from_slow_path_trampoline
0x29bee8: str.w r8, [r7, #36]
0x29beec: mov r0, r7
0x29beee: mov r1, r8
0x29bef0: bl 0x2959e8 ; llint_slow_path_call_varargs
0x29bef4: mov r7, r1
0x29bef6: blx r0
0x29bef8: ldr.w r8, [r7, #36] ; <--------------- Thread 1: EXC_BAD_ACCESS (code=1, address=0x24)
0x29befc: ldr.w r2, [r8, #4]
0x29bf00: add.w r10, r7, r2, lsl #3
0x29bf04: str.w r1, [r10, #4]
0x29bf08: str.w r0, [r7, r2, lsl #3]
0x29bf0c: ldr.w r4, [r8, #28]
0x29bf10: str r1, [r4, #0x10]
0x29bf12: str r0, [r4, #0xc]
0x29bf14: adds.w r8, r8, #0x20
0x29bf18: ldr.w r10, [r8]
0x29bf1c: mov pc, r10
The JS code is rather long and I can't really share it, since it's not yet in the public domain, but so far I've been able to find two potential causes for the issue:
I'm wondering if anyone has run into this issue or if they have any idea how this could be resolved.
Hi folks,
Wondering if anyone has experienced crashes on
llint_op_call_varargsfor certain JS sources. It happens only when running on a device (ARM arch) and not on a simulator.Here's where it crashes:
The JS code is rather long and I can't really share it, since it's not yet in the public domain, but so far I've been able to find two potential causes for the issue:
I'm wondering if anyone has run into this issue or if they have any idea how this could be resolved.
Thanks a lot!