diff options
| author | Fabian Kosmale <fabian.kosmale@qt.io> | 2021-07-29 15:06:05 +0200 |
|---|---|---|
| committer | Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> | 2021-08-02 22:27:44 +0000 |
| commit | cf48a9ef97b726cd458292f53b94dfa897934be5 (patch) | |
| tree | 4e59b320453ce42ccf87f2cd1d72910592ce5de6 | |
| parent | 44f6a797563c084a1eaa763e8e6f3ceaeb936bd4 (diff) | |
QV4::Heap::GeneratorObject: remove unused member
The member was marked as a Pointer for the gc; however it was never
used, and thus also left uninitialized. This could cause memory
corruption or asserts during the gc's mark phase.
Fixes: QTBUG-95417
Change-Id: Ide826c0284b6060de8689e6f0dc753011108dba9
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Maximilian Goldstein <max.goldstein@qt.io>
Reviewed-by: Andrei Golubev <andrei.golubev@qt.io>
(cherry picked from commit d36b480a956e2437888925aa8a1f5e3cb6c06ebd)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
| -rw-r--r-- | src/qml/jsruntime/qv4generatorobject_p.h | 1 | ||||
| -rw-r--r-- | tests/auto/qml/qqmlecmascript/data/generatorCallsGC.qml | 13 | ||||
| -rw-r--r-- | tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp | 10 |
3 files changed, 23 insertions, 1 deletions
diff --git a/src/qml/jsruntime/qv4generatorobject_p.h b/src/qml/jsruntime/qv4generatorobject_p.h index 8e14bcfa84..21cec0b699 100644 --- a/src/qml/jsruntime/qv4generatorobject_p.h +++ b/src/qml/jsruntime/qv4generatorobject_p.h @@ -87,7 +87,6 @@ struct GeneratorPrototype : FunctionObject { #define GeneratorObjectMembers(class, Member) \ Member(class, Pointer, ExecutionContext *, context) \ - Member(class, Pointer, GeneratorFunction *, function) \ Member(class, NoMark, GeneratorState, state) \ Member(class, NoMark, CppStackFrame, cppFrame) \ Member(class, Pointer, ArrayObject *, values) \ diff --git a/tests/auto/qml/qqmlecmascript/data/generatorCallsGC.qml b/tests/auto/qml/qqmlecmascript/data/generatorCallsGC.qml new file mode 100644 index 0000000000..7fe366cac8 --- /dev/null +++ b/tests/auto/qml/qqmlecmascript/data/generatorCallsGC.qml @@ -0,0 +1,13 @@ +import QtQml 2.15 + +QtObject { + function test_generator_gc() { + ((function*() { gc() })()).next(); + ((function*() { gc() })()).next(); + ((function*() { gc() })()).next(); + ((function*() { gc() })()).next(); + } + + Component.onCompleted: () => test_generator_gc() + +} diff --git a/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp b/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp index 3c3a2a7a99..7da1b2c500 100644 --- a/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp +++ b/tests/auto/qml/qqmlecmascript/tst_qqmlecmascript.cpp @@ -240,6 +240,7 @@ private slots: void function(); void topLevelGeneratorFunction(); void generatorCrashNewProperty(); + void generatorCallsGC(); void qtbug_10696(); void qtbug_11606(); void qtbug_11600(); @@ -6505,6 +6506,15 @@ void tst_qqmlecmascript::generatorCrashNewProperty() QCOMPARE(o->property("c").toInt(), 42); } +void tst_qqmlecmascript::generatorCallsGC() +{ + QQmlEngine engine; + QQmlComponent component(&engine, testFileUrl("generatorCallsGC.qml")); + + QScopedPointer<QObject> o(component.create()); // should not crash + QVERIFY2(o != nullptr, qPrintable(component.errorString())); +} + // Test the "Qt.include" method void tst_qqmlecmascript::include() { |