revert change 353164263c55825a0ec72d30128c50560c626334

The change was too aggressive in trying to avoid marking the array data. We didn't catch all cases where on could be inserting a GC controlled object into the array data. Let's be safe and always mark the content of array data objects. Task-number: QTBUG-68894 Change-Id: Ifbb628be898c0903596b1a483212384295b01df5 Reviewed-by: Erik Verbruggen <erik.verbruggen@qt.io>
author: Lars Knoll <lars.knoll@qt.io> 2018-06-19 16:12:22 +0200
committer: Lars Knoll <lars.knoll@qt.io> 2018-06-19 14:20:44 +0000
commit: d1693c14b4e7f7d4a8ab4b2e876d9cf43a621e2e (patch)
tree: 9ce0e6c8d75f2df6654a7dd03d2e7441ea9c1e85
parent: 27a6b122343322a02e0fe26fb76c05f6105c4b94 (diff)
5 files changed, 3 insertions, 18 deletions
diff --git a/src/qml/jsruntime/qv4arraydata.cpp b/src/qml/jsruntime/qv4arraydata.cpp
index b33b34ee08..855407e6f7 100644
--- a/src/qml/jsruntime/qv4arraydata.cpp
+++ b/src/qml/jsruntime/qv4arraydata.cpp
@@ -168,8 +168,6 @@ void ArrayData::realloc(Object *o, Type newType, uint requested, bool enforceAtt
     }
     newData->setAlloc(alloc);
     newData->setType(newType);
-    if (d)
-        newData->d()->needsMark = d->d()->needsMark;
     newData->setAttrs(enforceAttributes ? reinterpret_cast<PropertyAttributes *>(newData->d()->values.values + alloc) : nullptr);
     o->setArrayData(newData);
 
@@ -192,8 +190,6 @@ void ArrayData::realloc(Object *o, Type newType, uint requested, bool enforceAtt
         memcpy(newData->d()->values.values, d->d()->values.values + offset, sizeof(Value)*toCopy);
     }
 
-    if (newType != Heap::ArrayData::Simple)
-        newData->d()->needsMark = true;
     if (newType != Heap::ArrayData::Sparse)
         return;
 
diff --git a/src/qml/jsruntime/qv4arraydata_p.h b/src/qml/jsruntime/qv4arraydata_p.h
index b2573b4491..7ec060f9c6 100644
--- a/src/qml/jsruntime/qv4arraydata_p.h
+++ b/src/qml/jsruntime/qv4arraydata_p.h
@@ -92,7 +92,7 @@ namespace Heap {
 
 #define ArrayDataMembers(class, Member) \
     Member(class, NoMark, ushort, type) \
-    Member(class, NoMark, ushort, needsMark) \
+    Member(class, NoMark, ushort, unused) \
     Member(class, NoMark, uint, offset) \
     Member(class, NoMark, PropertyAttributes *, attrs) \
     Member(class, NoMark, SparseArray *, sparse) \
@@ -147,8 +147,6 @@ struct SimpleArrayData : public ArrayData {
     uint mappedIndex(uint index) const { index += offset; if (index >= values.alloc) index -= values.alloc; return index; }
     const Value &data(uint index) const { return values[mappedIndex(index)]; }
     void setData(EngineBase *e, uint index, Value newVal) {
-        if (newVal.isManaged())
-            needsMark = true;
         values.set(e, mappedIndex(index), newVal);
     }
 
diff --git a/src/qml/jsruntime/qv4engine.cpp b/src/qml/jsruntime/qv4engine.cpp
index 835933c043..0ed0df89a9 100644
--- a/src/qml/jsruntime/qv4engine.cpp
+++ b/src/qml/jsruntime/qv4engine.cpp
@@ -599,12 +599,6 @@ Heap::ArrayObject *ExecutionEngine::newArrayObject(const Value *values, int leng
         // this doesn't require a write barrier, things will be ok, when the new array data gets inserted into
         // the parent object
         memcpy(&d->values.values, values, length*sizeof(Value));
-        for (int i = 0; i < length; ++i) {
-            if (values[i].isManaged()) {
-                d->needsMark = true;
-                break;
-            }
-        }
         a->d()->arrayData.set(this, d);
         a->setArrayLengthUnchecked(length);
     }
diff --git a/src/qml/jsruntime/qv4object.cpp b/src/qml/jsruntime/qv4object.cpp
index bcbe475c2c..0c6cde84ad 100644
--- a/src/qml/jsruntime/qv4object.cpp
+++ b/src/qml/jsruntime/qv4object.cpp
@@ -231,11 +231,8 @@ void Heap::Object::markObjects(Heap::Base *b, MarkStack *stack)
     Object *o = static_cast<Object *>(b);
     if (o->memberData)
         o->memberData->mark(stack);
-    if (o->arrayData) {
-        o->arrayData->setMarkBit();
-        if (o->arrayData->needsMark)
-            ArrayData::markObjects(o->arrayData, stack);
-    }
+    if (o->arrayData)
+        o->arrayData->mark(stack);
     uint nInline = o->vtable()->nInlineProperties;
     Value *v = reinterpret_cast<Value *>(o) + o->vtable()->inlinePropertyOffset;
     const Value *end = v + nInline;
diff --git a/tests/auto/qml/ecmascripttests/test262 b/tests/auto/qml/ecmascripttests/test262
-Subproject e505c11eebe5a389a7d47a4bf570c66469740b0
+Subproject 40b4f28e98c416a092e26aa17489bf94ccb8bf4
author	Lars Knoll <lars.knoll@qt.io>	2018-06-19 16:12:22 +0200
committer	Lars Knoll <lars.knoll@qt.io>	2018-06-19 14:20:44 +0000
commit	d1693c14b4e7f7d4a8ab4b2e876d9cf43a621e2e (patch)
tree	9ce0e6c8d75f2df6654a7dd03d2e7441ea9c1e85
parent	27a6b122343322a02e0fe26fb76c05f6105c4b94 (diff)