diff options
author | Simon Hausmann <simon.hausmann@digia.com> | 2014-03-04 16:15:26 +0100 |
---|---|---|
committer | The Qt Project <gerrit-noreply@qt-project.org> | 2014-03-05 15:01:07 +0100 |
commit | e4e4a7912b03499a20f25e261e1c515aab17e5a8 (patch) | |
tree | 412e643b91e0445b64fe4389c51359bb17195be1 /src/qml/qml/qqmlcompileddata.cpp | |
parent | 0d84dab38059345f51e8318d2474068e817ac007 (diff) |
[new compiler] Fix invalid memory reads when JS closures outlive QML types
If QQmlCompiledData gets destroyed while somebody still has refcount on the
QV4::CompiledData::CompilationUnit, then unit's _data_ would be freed already
by ~QQmlCompiledData. Given that compilationUnit->data is pointing to the same
malloc'ed address as QQmlCompiledData::qmlUnit, we can just let the
CompilationUnit always own the data.
Fixes tst_qquickloader and makes it possible to run the qquickcomponent tests.
Change-Id: Ie3f3e5335139236d7c2524a327665bda0a9cc847
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Diffstat (limited to 'src/qml/qml/qqmlcompileddata.cpp')
-rw-r--r-- | src/qml/qml/qqmlcompileddata.cpp | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/qml/qml/qqmlcompileddata.cpp b/src/qml/qml/qqmlcompileddata.cpp index aec4553d5d..d20215c78a 100644 --- a/src/qml/qml/qqmlcompileddata.cpp +++ b/src/qml/qml/qqmlcompileddata.cpp @@ -140,9 +140,10 @@ QQmlCompiledData::~QQmlCompiledData() if (rootPropertyCache) rootPropertyCache->release(); + qmlUnit = 0; + if (compilationUnit) compilationUnit->deref(); - free(qmlUnit); } void QQmlCompiledData::clear() |