Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: P1: Critical
Fix Version/s: 6.0.0 RC
Affects Version/s: 6.0.0 Beta2
Component/s: Build tools: moc
Labels:
None

Commits:
16d412da4c0d7ef4776604b906fccb8132a7712d (qt/qtbase/dev)

Description

In testlib/qsignalspy.h, there is the following code:

                void *argv[] = { &tp, &i };
                QMetaObject::metacall(const_cast<QObject*>(obj),
                                      QMetaObject::RegisterMethodArgumentMetaType,
                                      member.methodIndex(), argv);

i is in this case the iterator of the for loop.

Since 0161f00e5043090f22b23de9822c09062b17d675 we generate the following code in moc:

    } else if (_c == QMetaObject::RegisterMethodArgumentMetaType) {
        if (_id < 2)
            *reinterpret_cast<QMetaType *>(_a[0]) = QMetaType();

This overwrites the loop iterator with 0 if sizeof(int) < sizeof(void*), and we enter an infinite loop.

I am assuming the code in QSignalSpy is wrong, but since it is the moc output that has changed and it causes memory corruption, I think it is better if someone who knows this code makes the call on what the right fix is.

Attachments

Issue Links

resulted from

QTBUG-88260 flood warnings on Ubuntu 20.04 in CI

Closed

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Fabian Kosmale

Reporter:: Eskil Abrahamsen Blomfeldt

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 10 Nov '20 07:43

Updated:: 10 Nov '20 12:28

Resolved:: 10 Nov '20 12:28

Gerrit Reviews

There are no open Gerrit changes

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

QSignalSpy: Use QMetaType instead of metatype id in initArgs: Gerrit Review: