[arch-commits] Commit in qt5-declarative/trunk (PKGBUILD qtbug-68894.patch)
Antonio Rojas
arojas at archlinux.org
Fri Aug 17 14:26:58 UTC 2018
Date: Friday, August 17, 2018 @ 14:26:58
Author: arojas
Revision: 331720
Fix QJSEngine crashes when evaluating math.js (FS#59533)
Added:
qt5-declarative/trunk/qtbug-68894.patch
Modified:
qt5-declarative/trunk/PKGBUILD
-------------------+
PKGBUILD | 11 ++++-
qtbug-68894.patch | 101 ++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 109 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2018-08-17 14:26:47 UTC (rev 331719)
+++ PKGBUILD 2018-08-17 14:26:58 UTC (rev 331720)
@@ -5,7 +5,7 @@
pkgname=qt5-declarative
_qtver=5.11.1
pkgver=${_qtver/-/}
-pkgrel=1
+pkgrel=2
arch=('x86_64')
url='http://qt-project.org/'
license=('GPL3' 'LGPL3' 'FDL' 'custom')
@@ -16,11 +16,16 @@
conflicts=('qtchooser' 'qt5-declarative-render2d')
replaces=('qt5-declarative-render2d')
_pkgfqn="${pkgname/5-/}-everywhere-src-${_qtver}"
-source=("http://download.qt.io/official_releases/qt/${pkgver%.*}/${_qtver}/submodules/${_pkgfqn}.tar.xz")
-sha256sums=('9ecf5ef6bf618fcb6719a4b22e3d9f9ce7623c2344667038171d5662624c4f3a')
+source=("http://download.qt.io/official_releases/qt/${pkgver%.*}/${_qtver}/submodules/${_pkgfqn}.tar.xz"
+ qtbug-68894.patch)
+sha256sums=('9ecf5ef6bf618fcb6719a4b22e3d9f9ce7623c2344667038171d5662624c4f3a'
+ 'aae83820cb67c935e3e9160cea0015306d1a287d020c0f2656c98ecd8f239c6b')
prepare() {
mkdir -p build
+
+ cd ${_pkgfqn}
+ patch -p1 -i ../qtbug-68894.patch # Fix crash when evaluating math.js
}
build() {
Added: qtbug-68894.patch
===================================================================
--- qtbug-68894.patch (rev 0)
+++ qtbug-68894.patch 2018-08-17 14:26:58 UTC (rev 331720)
@@ -0,0 +1,101 @@
+From d1693c14b4e7f7d4a8ab4b2e876d9cf43a621e2e Mon Sep 17 00:00:00 2001
+From: Lars Knoll <lars.knoll at qt.io>
+Date: Tue, 19 Jun 2018 16:12:22 +0200
+Subject: revert change 353164263c55825a0ec72d30128c50560c626334
+
+The change was too aggressive in trying to avoid marking
+the array data. We didn't catch all cases where on could be
+inserting a GC controlled object into the array data. Let's
+be safe and always mark the content of array data objects.
+
+Task-number: QTBUG-68894
+Change-Id: Ifbb628be898c0903596b1a483212384295b01df5
+Reviewed-by: Erik Verbruggen <erik.verbruggen at qt.io>
+---
+ src/qml/jsruntime/qv4arraydata.cpp | 4 ----
+ src/qml/jsruntime/qv4arraydata_p.h | 4 +---
+ src/qml/jsruntime/qv4engine.cpp | 6 ------
+ src/qml/jsruntime/qv4object.cpp | 7 ++-----
+ tests/auto/qml/ecmascripttests/test262 | 2 +-
+ 5 files changed, 4 insertions(+), 19 deletions(-)
+
+diff --git a/src/qml/jsruntime/qv4arraydata.cpp b/src/qml/jsruntime/qv4arraydata.cpp
+index b33b34ee0..855407e6f 100644
+--- a/src/qml/jsruntime/qv4arraydata.cpp
++++ b/src/qml/jsruntime/qv4arraydata.cpp
+@@ -168,8 +168,6 @@ void ArrayData::realloc(Object *o, Type newType, uint requested, bool enforceAtt
+ }
+ newData->setAlloc(alloc);
+ newData->setType(newType);
+- if (d)
+- newData->d()->needsMark = d->d()->needsMark;
+ newData->setAttrs(enforceAttributes ? reinterpret_cast<PropertyAttributes *>(newData->d()->values.values + alloc) : nullptr);
+ o->setArrayData(newData);
+
+@@ -192,8 +190,6 @@ void ArrayData::realloc(Object *o, Type newType, uint requested, bool enforceAtt
+ memcpy(newData->d()->values.values, d->d()->values.values + offset, sizeof(Value)*toCopy);
+ }
+
+- if (newType != Heap::ArrayData::Simple)
+- newData->d()->needsMark = true;
+ if (newType != Heap::ArrayData::Sparse)
+ return;
+
+diff --git a/src/qml/jsruntime/qv4arraydata_p.h b/src/qml/jsruntime/qv4arraydata_p.h
+index b2573b449..7ec060f9c 100644
+--- a/src/qml/jsruntime/qv4arraydata_p.h
++++ b/src/qml/jsruntime/qv4arraydata_p.h
+@@ -92,7 +92,7 @@ namespace Heap {
+
+ #define ArrayDataMembers(class, Member) \
+ Member(class, NoMark, ushort, type) \
+- Member(class, NoMark, ushort, needsMark) \
++ Member(class, NoMark, ushort, unused) \
+ Member(class, NoMark, uint, offset) \
+ Member(class, NoMark, PropertyAttributes *, attrs) \
+ Member(class, NoMark, SparseArray *, sparse) \
+@@ -147,8 +147,6 @@ struct SimpleArrayData : public ArrayData {
+ uint mappedIndex(uint index) const { index += offset; if (index >= values.alloc) index -= values.alloc; return index; }
+ const Value &data(uint index) const { return values[mappedIndex(index)]; }
+ void setData(EngineBase *e, uint index, Value newVal) {
+- if (newVal.isManaged())
+- needsMark = true;
+ values.set(e, mappedIndex(index), newVal);
+ }
+
+diff --git a/src/qml/jsruntime/qv4engine.cpp b/src/qml/jsruntime/qv4engine.cpp
+index 835933c04..0ed0df89a 100644
+--- a/src/qml/jsruntime/qv4engine.cpp
++++ b/src/qml/jsruntime/qv4engine.cpp
+@@ -599,12 +599,6 @@ Heap::ArrayObject *ExecutionEngine::newArrayObject(const Value *values, int leng
+ // this doesn't require a write barrier, things will be ok, when the new array data gets inserted into
+ // the parent object
+ memcpy(&d->values.values, values, length*sizeof(Value));
+- for (int i = 0; i < length; ++i) {
+- if (values[i].isManaged()) {
+- d->needsMark = true;
+- break;
+- }
+- }
+ a->d()->arrayData.set(this, d);
+ a->setArrayLengthUnchecked(length);
+ }
+diff --git a/src/qml/jsruntime/qv4object.cpp b/src/qml/jsruntime/qv4object.cpp
+index bcbe475c2..0c6cde84a 100644
+--- a/src/qml/jsruntime/qv4object.cpp
++++ b/src/qml/jsruntime/qv4object.cpp
+@@ -231,11 +231,8 @@ void Heap::Object::markObjects(Heap::Base *b, MarkStack *stack)
+ Object *o = static_cast<Object *>(b);
+ if (o->memberData)
+ o->memberData->mark(stack);
+- if (o->arrayData) {
+- o->arrayData->setMarkBit();
+- if (o->arrayData->needsMark)
+- ArrayData::markObjects(o->arrayData, stack);
+- }
++ if (o->arrayData)
++ o->arrayData->mark(stack);
+ uint nInline = o->vtable()->nInlineProperties;
+ Value *v = reinterpret_cast<Value *>(o) + o->vtable()->inlinePropertyOffset;
+ const Value *end = v + nInline;
+
More information about the arch-commits
mailing list