diff options
| author | Simon Hausmann <simon.hausmann@digia.com> | 2014-06-20 17:26:57 +0200 |
|---|---|---|
| committer | Simon Hausmann <simon.hausmann@digia.com> | 2014-06-23 19:17:22 +0200 |
| commit | 195b998175b629e6e915588e66991f74cffa4e48 (patch) | |
| tree | 2e77a4a6cb645e6548daf6382ee85a68f3ea93e8 /src/qml/qml/qqmlobjectcreator_p.h | |
| parent | 714d9d95484907378b46292df7aec0832f557f1d (diff) | |
Fix crash when deleting component in Component.onComplete through loader
This is a regression introduced with Qt 5.3.0. The recursion watcher code that
is supposed to handle the test case of QTBUG-39775 can detect the recursion
into the object creator. However the boolean that indicates the recursion is a
member of a structure that's deleted afterwards. To avoid access to deleted
memory, this patch simply reference counts data structure shared between the
creators and also wraps the recursion watcher into a convenience class that
also increases/decreases the reference count accordingly.
Change-Id: I8d2e3e200ab1295e89d951e09f187d382a056d5a
Task-number: QTBUG-39775
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Diffstat (limited to 'src/qml/qml/qqmlobjectcreator_p.h')
| -rw-r--r-- | src/qml/qml/qqmlobjectcreator_p.h | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/src/qml/qml/qqmlobjectcreator_p.h b/src/qml/qml/qqmlobjectcreator_p.h index 379a3b2970..ad2d67624f 100644 --- a/src/qml/qml/qqmlobjectcreator_p.h +++ b/src/qml/qml/qqmlobjectcreator_p.h @@ -57,7 +57,7 @@ struct QQmlTypeCompiler; class QQmlInstantiationInterrupt; struct QQmlVmeProfiler; -struct QQmlObjectCreatorSharedState +struct QQmlObjectCreatorSharedState : public QSharedData { QQmlContextData *rootContext; QQmlContextData *creationContext; @@ -128,7 +128,8 @@ private: const QVector<QQmlPropertyCache *> &propertyCaches; const QVector<QByteArray> &vmeMetaObjectData; QHash<int, int> objectIndexToId; - QFlagPointer<QQmlObjectCreatorSharedState> sharedState; + QExplicitlySharedDataPointer<QQmlObjectCreatorSharedState> sharedState; + bool topLevelCreator; void *activeVMEDataForRootContext; QObject *_qobject; @@ -142,6 +143,19 @@ private: QQmlVMEMetaObject *_vmeMetaObject; QQmlListProperty<void> _currentList; QV4::ExecutionContext *_qmlContext; + + friend struct QQmlObjectCreatorRecursionWatcher; +}; + +struct QQmlObjectCreatorRecursionWatcher +{ + QQmlObjectCreatorRecursionWatcher(QQmlObjectCreator *creator); + + bool hasRecursed() const { return watcher.hasRecursed(); } + +private: + QExplicitlySharedDataPointer<QQmlObjectCreatorSharedState> sharedState; + QRecursionWatcher<QQmlObjectCreatorSharedState, &QQmlObjectCreatorSharedState::recursionNode> watcher; }; QT_END_NAMESPACE |