Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: P1: Critical
Fix Version/s: 5.15.1, 5.15
Affects Version/s: 5.15.0
Component/s: QML: Declarative and Javascript Engine
Labels:
- Reported_by_support_standard
- earmarked_by_ulf

Commits:
90d24b807373f7b4c10d1a88ffdb5d4ebed08de8 (qt/qtdeclarative/dev) 79eb26ddf76b8e74467a5930ec8269be823921eb (qt/qtdeclarative/5.15)

Description

Looks like newQObject() has a cache that is not safe and also it looks like QJSEngine constructor can also crash. Documentation says that all QJSEngine functions should be reentrant, but this looks like the cache is shared and not protected. To reproduce, run attached application a while and it crashes.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

qtbug84692.zip
0.8 kB
04 Jun '20 06:30

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

For Gerrit Dashboard: QTBUG-84692
#	Subject	Branch	Project	Status	CR	V
302943,6	Fix race condition in QQmlData::createPropertyCache	dev	qt/qtdeclarative	Status: MERGED	+2	0
303205,5	Fix race condition in QQmlData::createPropertyCache	5.15	qt/qtdeclarative	Status: MERGED	+2	0

Activity

People

Assignee:: Fabian Kosmale

Reporter:: Joni Poikelin

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 04 Jun '20 06:29

Updated:: 09 Jun '20 15:20

Resolved:: 05 Jun '20 14:00

Gerrit Reviews

There are no open Gerrit changes

Show There are 2 closed Gerrit changes

Hide There are 2 closed Gerrit changes

Fix race condition in QQmlData::createPropertyCache: Gerrit Review:

Fix race condition in QQmlData::createPropertyCache: Gerrit Review: