Merge branch 'f27' into f26
This commit is contained in:
Rex Dieter
commit
a3ed28dbb6
|
|
@ -1,96 +0,0 @@
|
|||
From bbf3c4715a1569b26a3aa029046e26989efd6edc Mon Sep 17 00:00:00 2001
|
||||
From: Mitch Curtis <mitch.curtis@qt.io>
|
||||
Date: Wed, 10 Jan 2018 15:42:01 +0100
|
||||
Subject: [PATCH 14/92] Fix crash when accessing a deleted object
|
||||
|
||||
In QObjectWrapper::query(), return QV4::Attr_Invalid if the object was
|
||||
deleted.
|
||||
|
||||
Task-number: QTBUG-44153
|
||||
Change-Id: I53e8be6196489c323b190dbfa20d2dda2a54315e
|
||||
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
||||
---
|
||||
src/qml/jsruntime/qv4qobjectwrapper.cpp | 4 ++++
|
||||
.../qml/qqmllanguage/data/accessDeletedObject.qml | 12 +++++++++++
|
||||
tests/auto/qml/qqmllanguage/tst_qqmllanguage.cpp | 24 ++++++++++++++++++++++
|
||||
3 files changed, 40 insertions(+)
|
||||
create mode 100644 tests/auto/qml/qqmllanguage/data/accessDeletedObject.qml
|
||||
|
||||
diff --git a/src/qml/jsruntime/qv4qobjectwrapper.cpp b/src/qml/jsruntime/qv4qobjectwrapper.cpp
|
||||
index 326381f38..89c10e099 100644
|
||||
--- a/src/qml/jsruntime/qv4qobjectwrapper.cpp
|
||||
+++ b/src/qml/jsruntime/qv4qobjectwrapper.cpp
|
||||
@@ -651,6 +651,10 @@ void QObjectWrapper::put(Managed *m, String *name, const Value &value)
|
||||
PropertyAttributes QObjectWrapper::query(const Managed *m, String *name)
|
||||
{
|
||||
const QObjectWrapper *that = static_cast<const QObjectWrapper*>(m);
|
||||
+ const QObject *thatObject = that->d()->object();
|
||||
+ if (QQmlData::wasDeleted(thatObject))
|
||||
+ return QV4::Object::query(m, name);
|
||||
+
|
||||
ExecutionEngine *engine = that->engine();
|
||||
QQmlContextData *qmlContext = engine->callingQmlContext();
|
||||
QQmlPropertyData local;
|
||||
diff --git a/tests/auto/qml/qqmllanguage/data/accessDeletedObject.qml b/tests/auto/qml/qqmllanguage/data/accessDeletedObject.qml
|
||||
new file mode 100644
|
||||
index 000000000..e5151096e
|
||||
--- /dev/null
|
||||
+++ b/tests/auto/qml/qqmllanguage/data/accessDeletedObject.qml
|
||||
@@ -0,0 +1,12 @@
|
||||
+import QtQuick 2.0
|
||||
+
|
||||
+Item {
|
||||
+ id: root
|
||||
+
|
||||
+ Component.onCompleted: {
|
||||
+ var createdObject = objectCreator.create()
|
||||
+ createdObject.del()
|
||||
+ // Shouldn't crash.
|
||||
+ var test = "index" in createdObject
|
||||
+ }
|
||||
+}
|
||||
diff --git a/tests/auto/qml/qqmllanguage/tst_qqmllanguage.cpp b/tests/auto/qml/qqmllanguage/tst_qqmllanguage.cpp
|
||||
index b1a17afd2..1af57f924 100644
|
||||
--- a/tests/auto/qml/qqmllanguage/tst_qqmllanguage.cpp
|
||||
+++ b/tests/auto/qml/qqmllanguage/tst_qqmllanguage.cpp
|
||||
@@ -269,6 +269,8 @@ private slots:
|
||||
|
||||
void concurrentLoadQmlDir();
|
||||
|
||||
+ void accessDeletedObject();
|
||||
+
|
||||
private:
|
||||
QQmlEngine engine;
|
||||
QStringList defaultImportPathList;
|
||||
@@ -4571,6 +4573,28 @@ void tst_qqmllanguage::concurrentLoadQmlDir()
|
||||
engine.setImportPathList(defaultImportPathList);
|
||||
}
|
||||
|
||||
+// Test that deleting an object and then accessing it doesn't crash.
|
||||
+// QTBUG-44153
|
||||
+class ObjectCreator : public QObject
|
||||
+{
|
||||
+ Q_OBJECT
|
||||
+public slots:
|
||||
+ QObject *create() { return (new ObjectCreator); }
|
||||
+ void del() { delete this; }
|
||||
+};
|
||||
+
|
||||
+void tst_qqmllanguage::accessDeletedObject()
|
||||
+{
|
||||
+ QQmlEngine engine;
|
||||
+
|
||||
+ engine.rootContext()->setContextProperty("objectCreator", new ObjectCreator);
|
||||
+ QQmlComponent component(&engine, testFileUrl("accessDeletedObject.qml"));
|
||||
+ VERIFY_ERRORS(0);
|
||||
+
|
||||
+ QScopedPointer<QObject> o(component.create());
|
||||
+ QVERIFY(!o.isNull());
|
||||
+}
|
||||
+
|
||||
QTEST_MAIN(tst_qqmllanguage)
|
||||
|
||||
#include "tst_qqmllanguage.moc"
|
||||
--
|
||||
2.14.3
|
||||
|
||||
|
|
@ -1,46 +0,0 @@
|
|||
From 4909773f8162de49830d65e886747c11fff72934 Mon Sep 17 00:00:00 2001
|
||||
From: Lars Knoll <lars.knoll@qt.io>
|
||||
Date: Tue, 20 Mar 2018 12:46:58 +0100
|
||||
Subject: [PATCH 29/29] Fix calling Qt.binding() on bound functions
|
||||
|
||||
Calling Qt.binding() on a bound function object is a valid use
|
||||
case and used to work until Qt 5.8.
|
||||
|
||||
The problem was that we optimized the code in QQmlBinding and
|
||||
QQmlJavascriptExpression to directly work on a QV4::Function,
|
||||
so this wouldn't work anymore.
|
||||
|
||||
To fix this make sure recursive calls to Function.bind() are
|
||||
unrolled (so that the BoundFunction's target is never a bound
|
||||
function itself), then add the bound function as an optional
|
||||
member to the QQmlBinding and use it's bound arguments if
|
||||
present.
|
||||
|
||||
Task-number: QTBUG-61927
|
||||
Change-Id: I472214ddd82fc2a1212efd9b769861fc43d2ddaf
|
||||
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
||||
---
|
||||
src/qml/jsruntime/qv4qobjectwrapper.cpp | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/qml/jsruntime/qv4qobjectwrapper.cpp b/src/qml/jsruntime/qv4qobjectwrapper.cpp
|
||||
index c1bbe2a33..816c259b9 100644
|
||||
--- a/src/qml/jsruntime/qv4qobjectwrapper.cpp
|
||||
+++ b/src/qml/jsruntime/qv4qobjectwrapper.cpp
|
||||
@@ -460,9 +460,12 @@ void QObjectWrapper::setProperty(ExecutionEngine *engine, QObject *object, QQmlP
|
||||
|
||||
QV4::Scoped<QQmlBindingFunction> bindingFunction(scope, (const Value &)f);
|
||||
|
||||
+ QV4::ScopedFunctionObject f(scope, bindingFunction->bindingFunction());
|
||||
QV4::ScopedContext ctx(scope, bindingFunction->scope());
|
||||
- newBinding = QQmlBinding::create(property, bindingFunction->function(), object, callingQmlContext, ctx);
|
||||
+ newBinding = QQmlBinding::create(property, f->function(), object, callingQmlContext, ctx);
|
||||
newBinding->setSourceLocation(bindingFunction->currentLocation());
|
||||
+ if (f->isBoundFunction())
|
||||
+ newBinding->setBoundFunction(static_cast<QV4::BoundFunction *>(f.getPointer()));
|
||||
newBinding->setTarget(object, *property, nullptr);
|
||||
}
|
||||
}
|
||||
--
|
||||
2.14.3
|
||||
|
||||
|
|
@ -42,12 +42,8 @@ Patch100: qtdeclarative-leak.patch
|
|||
# so revert this offending commit (for now)
|
||||
Patch111: 0111-Fix-qml-cache-invalidation-when-changing-dependent-C.patch
|
||||
|
||||
# post v5.9.4 fix (5.9 branch)
|
||||
Patch114: 0014-Fix-crash-when-accessing-a-deleted-object.patch
|
||||
|
||||
# 5.11 branch fixes
|
||||
Patch128: 0028-Rebuild-property-cache-in-QObjectWrapper-getProperty.patch
|
||||
Patch129: 0029-Fix-calling-Qt.binding-on-bound-functions.patch
|
||||
|
||||
|
||||
## upstreamable patches
|
||||
|
|
@ -117,9 +113,7 @@ Requires: %{name}%{?_isa} = %{version}-%{release}
|
|||
|
||||
%patch111 -p1 -R -b .0111
|
||||
|
||||
%patch114 -p1 -b .0014
|
||||
%patch128 -p1 -b .0028
|
||||
%patch129 -p1 -b .0029
|
||||
|
||||
%patch201 -p0 -b .kdebug346118
|
||||
%patch202 -p1 -b .no_sse2_non_fatal
|
||||
|
|
@ -132,14 +126,14 @@ mkdir -p %{_target_platform}-no_sse2
|
|||
pushd %{_target_platform}-no_sse2
|
||||
%{qmake_qt5} -config no_sse2 ..
|
||||
make sub-src-clean
|
||||
make %{?_smp_mflags} -C src/qml
|
||||
%make_build -C src/qml
|
||||
popd
|
||||
%endif
|
||||
|
||||
# no shadow builds until fixed: https://bugreports.qt.io/browse/QTBUG-37417
|
||||
%{qmake_qt5}
|
||||
|
||||
make %{?_smp_mflags}
|
||||
%make_build
|
||||
|
||||
|
||||
%install
|
||||
|
|
|
|||
Loading…
Reference in New Issue