From 113cd9019d5f12ab9ef15e3157dbb67d47549c8a Mon Sep 17 00:00:00 2001 From: Michal Klocek Date: Tue, 8 Dec 2020 11:04:23 +0100 Subject: [PATCH] Fix crash on reallocateAndGrow After 6be398 few tests fail/crash with qtcharts. Fix issue on reallocateAndGraw and avoid accessing flags on invalid header. Data::allocate can return invalid header and dataptr, which takes place if capacity is 0. In code before 6be398 clone method checks if header is not null before resetting flags. However after b76fbb4 resetting flags is no longer needed since it is done in allocateGrow. Task-number: QTBUG-89092 Change-Id: I2fde781dad7a0694a5f17ab716f647c2e35f4ff0 Reviewed-by: Thiago Macieira Reviewed-by: Andrei Golubev (cherry picked from commit b770b7517d30dd17d1096a0bb434677a2b3ff630) Reviewed-by: Qt Cherry-pick Bot --- src/corelib/tools/qarraydatapointer.h | 2 +- tests/auto/corelib/tools/qlist/tst_qlist.cpp | 57 ++++++++++++++++++++ 2 files changed, 58 insertions(+), 1 deletion(-) diff --git a/src/corelib/tools/qarraydatapointer.h b/src/corelib/tools/qarraydatapointer.h index aa94819b351..f6aabeee655 100644 --- a/src/corelib/tools/qarraydatapointer.h +++ b/src/corelib/tools/qarraydatapointer.h @@ -189,6 +189,7 @@ public: QArrayDataPointer dp(allocateGrow(*this, n, where)); if (where == QArrayData::GrowsAtBeginning) { + Q_ASSERT(dp.ptr); dp.ptr += n; Q_ASSERT(dp.freeSpaceAtBegin() >= n); } else { @@ -202,7 +203,6 @@ public: dp->copyAppend(begin(), begin() + toCopy); else dp->moveAppend(begin(), begin() + toCopy); - dp.d->flags = flags(); Q_ASSERT(dp.size == toCopy); } diff --git a/tests/auto/corelib/tools/qlist/tst_qlist.cpp b/tests/auto/corelib/tools/qlist/tst_qlist.cpp index 24dc92c00db..67f3849f948 100644 --- a/tests/auto/corelib/tools/qlist/tst_qlist.cpp +++ b/tests/auto/corelib/tools/qlist/tst_qlist.cpp @@ -264,6 +264,8 @@ private slots: void insertInt() const; void insertMovable() const; void insertCustom() const; + void insertZeroCount_data(); + void insertZeroCount() const; void isEmpty() const; void last() const; void lastIndexOf() const; @@ -290,6 +292,9 @@ private slots: void resizeComplex_data() const; void resizeComplex() const; void resizeCtorAndDtor() const; + void resizeToZero() const; + void resizeToTheSameSize_data(); + void resizeToTheSameSize() const; void reverseIterators() const; void sizeInt() const; void sizeMovable() const; @@ -1716,6 +1721,26 @@ void tst_QList::insertCustom() const insert(); } +void tst_QList::insertZeroCount_data() +{ + QTest::addColumn("pos"); + QTest::newRow("0") << 0; + QTest::newRow("1") << 1; +} + +void tst_QList::insertZeroCount() const +{ + QFETCH(int, pos); + QList x; + x << 0 << 0; + x.insert(pos, 0, 1); + QCOMPARE(x[pos], 0); + QList y; + y = x; + y.insert(pos, 0, 2); + QCOMPARE(y[pos], 0); +} + void tst_QList::isEmpty() const { QList myvec; @@ -2318,6 +2343,38 @@ void tst_QList::resizeCtorAndDtor() const QCOMPARE(Custom::counter.loadAcquire(), items); } +void tst_QList::resizeToZero() const +{ + QList x; + QList y; + x << 1 << 2; + y = x; + y.resize(0); + QCOMPARE(y.size(), 0); + // grow back + y.resize(x.size()); + QCOMPARE(y.size(), x.size()); + // default initialized + QCOMPARE(y[0], 0); + QCOMPARE(y[1], 0); +} + +void tst_QList::resizeToTheSameSize_data() +{ + QTest::addColumn>("x"); + QTest::newRow("size 2") << QList({ 1, 2 }); + QTest::newRow("size 0") << QList(); +} + +void tst_QList::resizeToTheSameSize() const +{ + QFETCH(QList, x); + QList y; + y = x; + y.resize(x.size()); + QCOMPARE(y.size(), x.size()); +} + void tst_QList::reverseIterators() const { QList v;