diff options
author | Lars Knoll <lars.knoll@digia.com> | 2014-07-25 10:13:50 +0200 |
---|---|---|
committer | Simon Hausmann <simon.hausmann@digia.com> | 2014-07-25 16:27:13 +0200 |
commit | ba8416b80f42c81387170620472194e7a76429b8 (patch) | |
tree | 18f0a3269e212ca5fdf766f0ef3c314e9c5a4d29 /src | |
parent | 39c144f44be76ccc7bdec540a7b7ec00cf0fdc5d (diff) |
Do not use mark() when marking ExecutionContexts
Some execution contexts in the parent chain can be allocated
on the C stack instead of the GC heap. Calling mark() on those would
push them onto the GC stack (which is identical to the JS stack).
In rare cases the reference can survive to live into the next call to
gc(), causing invalid accesses to already deleted contexts.
Change-Id: I709f58de27be9386cf70707c84e4c86c7c303fa7
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/qml/jsruntime/qv4engine.cpp | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/qml/jsruntime/qv4engine.cpp b/src/qml/jsruntime/qv4engine.cpp index 8916cc597e..72be889e72 100644 --- a/src/qml/jsruntime/qv4engine.cpp +++ b/src/qml/jsruntime/qv4engine.cpp @@ -839,7 +839,11 @@ void ExecutionEngine::markObjects() ExecutionContext *c = currentContext(); while (c) { - c->mark(this); + Q_ASSERT(c->inUse); + if (!c->markBit) { + c->markBit = 1; + c->markObjects(c, this); + } c = c->parent; } |