kubuntu-packaging

Merge lp:~timo-jyrinki/kubuntu-packaging/qtdeclarative_fix_marking_of_prototype_objects_in_chain into lp:~kubuntu-packagers/kubuntu-packaging/qtdeclarative-opensource-src

  1. qtdeclarative_fix_marking_of_prototype_objects_in_chain
  2. Merge into qtdeclarative-opensource-src
Proposed by Timo Jyrinki
Status: Work in progress
Proposed branch: lp:~timo-jyrinki/kubuntu-packaging/qtdeclarative_fix_marking_of_prototype_objects_in_chain
Merge into: lp:~kubuntu-packagers/kubuntu-packaging/qtdeclarative-opensource-src
Diff against target: 118 lines (+98/-0)
3 files modified
debian/changelog (+8/-0)
debian/patches/Fix-marking-of-prototype-objects-in-chain.patch (+89/-0)
debian/patches/series (+1/-0)
To merge this branch: bzr merge lp:~timo-jyrinki/kubuntu-packaging/qtdeclarative_fix_marking_of_prototype_objects_in_chain
Reviewer Review Type Date Requested Status
PS Jenkins bot continuous-integration Approve
Kubuntu Packagers Pending
Review via email: mp+214689@code.launchpad.net

Commit message

* debian/patches/Fix-marking-of-prototype-objects-in-chain.patch
  - Fix a crasher with deleted QQmlCompiledData as suggested by upstream
    (LP: #1304248)

To post a comment you must log in.
Revision history for this message
PS Jenkins bot (ps-jenkins) wrote :

PASSED: Continuous integration, rev:143
http://jenkins.qa.ubuntu.com/job/kubuntu-packagers-kubuntu-packaging-qtdeclarative-opensource-src-ci/13/
Executed test runs:
    SUCCESS: http://jenkins.qa.ubuntu.com/job/kubuntu-packagers-kubuntu-packaging-qtdeclarative-opensource-src-trusty-amd64-ci/13
    SUCCESS: http://jenkins.qa.ubuntu.com/job/kubuntu-packagers-kubuntu-packaging-qtdeclarative-opensource-src-trusty-armhf-ci/13

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/kubuntu-packagers-kubuntu-packaging-qtdeclarative-opensource-src-ci/13/rebuild

review: Approve (continuous-integration)
Reply

Unmerged revisions

143. By Timo Jyrinki

* debian/patches/Fix-marking-of-prototype-objects-in-chain.patch
  - Fix a crasher with deleted QQmlCompiledData as suggested by upstream
    (LP: #1304248)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2014-04-03 08:34:03 +0000
3+++ debian/changelog 2014-04-08 08:51:51 +0000
4@@ -1,3 +1,11 @@
5+qtdeclarative-opensource-src (5.2.1-3ubuntu14) trusty; urgency=medium
6+
7+ * debian/patches/Fix-marking-of-prototype-objects-in-chain.patch
8+ - Fix a crasher with deleted QQmlCompiledData as suggested by upstream
9+ (LP: #1304248)
10+
11+ -- Timo Jyrinki <timo-jyrinki@ubuntu.com> Tue, 08 Apr 2014 11:42:27 +0300
12+
13 qtdeclarative-opensource-src (5.2.1-3ubuntu13) trusty; urgency=medium
14
15 * debian/patches/Support-RFC2822Date-date-format-similar-to-V8.patch
16
17=== added file 'debian/patches/Fix-marking-of-prototype-objects-in-chain.patch'
18--- debian/patches/Fix-marking-of-prototype-objects-in-chain.patch 1970-01-01 00:00:00 +0000
19+++ debian/patches/Fix-marking-of-prototype-objects-in-chain.patch 2014-04-08 08:51:51 +0000
20@@ -0,0 +1,89 @@
21+From 0d90b1d646d9f443f071f474911cd7a8495d523b Mon Sep 17 00:00:00 2001
22+From: Simon Hausmann <simon.hausmann@digia.com>
23+Date: Mon, 7 Apr 2014 11:20:03 +0200
24+Subject: [PATCH] Fix marking of prototype objects in chain
25+
26+With a real prototype chain it can happen that an internal class' prototype's
27+class itself has a prototype. Therefore the first transition on the empty class
28+is a PrototypeChange one, but the class the transition leads to may have
29+PrototypeChange transitions itself, which weren't marked.
30+
31+There are multiple solutions to this, but this patch is the minimal fix by
32+recursing fully through the internal class tree. That way it's easier to
33+back-port the fix also into 5.2.x based branches.
34+
35+Task-number: QTBUG-37834
36+
37+Change-Id: I901b13a2663fbad5844003ca5752f2f304de320c
38+---
39+ src/qml/jsruntime/qv4internalclass.cpp | 15 ++++++---------
40+ tests/auto/qml/qjsengine/tst_qjsengine.cpp | 18 ++++++++++++++++++
41+ 2 files changed, 24 insertions(+), 9 deletions(-)
42+
43+diff --git a/src/qml/jsruntime/qv4internalclass.cpp b/src/qml/jsruntime/qv4internalclass.cpp
44+index 4fe8f0b..dab137b 100644
45+--- a/src/qml/jsruntime/qv4internalclass.cpp
46++++ b/src/qml/jsruntime/qv4internalclass.cpp
47+@@ -458,17 +458,14 @@ void InternalClass::destroy()
48+ void InternalClass::markObjects()
49+ {
50+ // all prototype changes are done on the empty class
51+- Q_ASSERT(!prototype);
52++ Q_ASSERT(!prototype || this != engine->emptyClass);
53++
54++ if (prototype)
55++ prototype->mark(engine);
56+
57+ for (QHash<Transition, InternalClass *>::ConstIterator it = transitions.begin(), end = transitions.end();
58+- it != end; ++it) {
59+- if (it.key().flags == Transition::VTableChange) {
60+- it.value()->markObjects();
61+- } else if (it.key().flags == Transition::ProtoChange) {
62+- Q_ASSERT(it.value()->prototype);
63+- it.value()->prototype->mark(engine);
64+- }
65+- }
66++ it != end; ++it)
67++ it.value()->markObjects();
68+ }
69+
70+ QT_END_NAMESPACE
71+diff --git a/tests/auto/qml/qjsengine/tst_qjsengine.cpp b/tests/auto/qml/qjsengine/tst_qjsengine.cpp
72+index 518d3e9..7ef6bd9 100644
73+--- a/tests/auto/qml/qjsengine/tst_qjsengine.cpp
74++++ b/tests/auto/qml/qjsengine/tst_qjsengine.cpp
75+@@ -151,6 +151,8 @@ private slots:
76+ void functionDeclarationsInConditionals();
77+
78+ void arrayPop_QTBUG_35979();
79++ void prototypeChainGc();
80++
81+ };
82+
83+ tst_QJSEngine::tst_QJSEngine()
84+@@ -2942,6 +2944,22 @@ void tst_QJSEngine::indexedAccesses()
85+ QCOMPARE(result.toString(), QString("1,3"));
86+ }
87+
88++void tst_QJSEngine::prototypeChainGc()
89++{
90++ QJSEngine engine;
91++
92++ QJSValue getProto = engine.evaluate("Object.getPrototypeOf");
93++
94++ QJSValue factory = engine.evaluate("function() { return Object.create(Object.create({})); }");
95++ QVERIFY(factory.isCallable());
96++ QJSValue obj = factory.call();
97++ engine.collectGarbage();
98++
99++ QJSValue proto = getProto.call(QJSValueList() << obj);
100++ proto = getProto.call(QJSValueList() << proto);
101++ QVERIFY(proto.isObject());
102++}
103++
104+ QTEST_MAIN(tst_QJSEngine)
105+
106+ #include "tst_qjsengine.moc"
107+--
108+1.9.1
109+
110
111=== modified file 'debian/patches/series'
112--- debian/patches/series 2014-04-03 08:34:03 +0000
113+++ debian/patches/series 2014-04-08 08:51:51 +0000
114@@ -19,3 +19,4 @@
115 V4-regalloc-fix-interval-splitting-when-register-pre.patch
116 0001-Call-tzset-from-getLocalTZA-so-we-learn-about-tz-cha.patch
117 Support-RFC2822Date-date-format-similar-to-V8.patch
118+Fix-marking-of-prototype-objects-in-chain.patch

Subscribers

People subscribed via source and target branches