diff options
author | Simon Hausmann <simon.hausmann@digia.com> | 2014-02-04 11:35:02 +0100 |
---|---|---|
committer | The Qt Project <gerrit-noreply@qt-project.org> | 2014-02-04 14:45:30 +0100 |
commit | c6da58a295235c89ee2a5847b15cb0b1dc66b2f4 (patch) | |
tree | 069e86a0806921f88b4c5ed2f2e00a3e5ba4a379 | |
parent | 33d5e6996f5ae4131c2233c4da5500e4ebda99ea (diff) |
Fix occasional crashes in canvas getImageData and other places
In some places we allocate custom array objects and in the constructor we call
setArrayType, which will allocate the array's data through the GC. In all of
these cases we need to make sure that the array object itself is protected from
garbage collection, because while in the constructor it may not be yet in the
scope the callee has usually set up.
Change-Id: I96b7af4ae00fd809067e12bacd6563984c5e9240
Reviewed-by: Erik Verbruggen <erik.verbruggen@digia.com>
-rw-r--r-- | src/qml/jsruntime/qv4sequenceobject.cpp | 4 | ||||
-rw-r--r-- | src/qml/qml/qqmllistwrapper.cpp | 3 | ||||
-rw-r--r-- | src/qml/types/qqmldelegatemodel.cpp | 3 | ||||
-rw-r--r-- | src/quick/items/context2d/qquickcontext2d.cpp | 3 |
4 files changed, 11 insertions, 2 deletions
diff --git a/src/qml/jsruntime/qv4sequenceobject.cpp b/src/qml/jsruntime/qv4sequenceobject.cpp index 4039f81896..a82dcffbca 100644 --- a/src/qml/jsruntime/qv4sequenceobject.cpp +++ b/src/qml/jsruntime/qv4sequenceobject.cpp @@ -175,10 +175,10 @@ public: , m_propertyIndex(-1) , m_isReference(false) { - setArrayType(ArrayData::Custom); QV4::Scope scope(engine); QV4::ScopedObject protectThis(scope, this); Q_UNUSED(protectThis); + setArrayType(ArrayData::Custom); init(); } @@ -188,10 +188,10 @@ public: , m_propertyIndex(propertyIndex) , m_isReference(true) { - setArrayType(ArrayData::Custom); QV4::Scope scope(engine); QV4::ScopedObject protectThis(scope, this); Q_UNUSED(protectThis); + setArrayType(ArrayData::Custom); loadReference(); init(); } diff --git a/src/qml/qml/qqmllistwrapper.cpp b/src/qml/qml/qqmllistwrapper.cpp index 2c35e12227..0d60fee5d0 100644 --- a/src/qml/qml/qqmllistwrapper.cpp +++ b/src/qml/qml/qqmllistwrapper.cpp @@ -57,6 +57,9 @@ QmlListWrapper::QmlListWrapper(QV8Engine *engine) v8(engine) { setVTable(staticVTable()); + QV4::Scope scope(QV8Engine::getV4(engine)); + QV4::ScopedObject protectThis(scope, this); + Q_UNUSED(protectThis); setArrayType(ArrayData::Custom); } diff --git a/src/qml/types/qqmldelegatemodel.cpp b/src/qml/types/qqmldelegatemodel.cpp index 3bf83a1f66..5dbccefbde 100644 --- a/src/qml/types/qqmldelegatemodel.cpp +++ b/src/qml/types/qqmldelegatemodel.cpp @@ -3198,6 +3198,9 @@ public: : Object(engine) { setVTable(staticVTable()); + QV4::Scope scope(engine); + QV4::ScopedObject protectThis(scope, this); + Q_UNUSED(protectThis); setArrayType(QV4::ArrayData::Custom); } virtual ~QQmlDelegateModelGroupChangeArray() {} diff --git a/src/quick/items/context2d/qquickcontext2d.cpp b/src/quick/items/context2d/qquickcontext2d.cpp index a01ce5db90..f32cf7cbcd 100644 --- a/src/quick/items/context2d/qquickcontext2d.cpp +++ b/src/quick/items/context2d/qquickcontext2d.cpp @@ -871,6 +871,9 @@ struct QQuickJSContext2DPixelData : public QV4::Object : QV4::Object(engine) { setVTable(staticVTable()); + QV4::Scope scope(engine); + QV4::ScopedObject protectThis(scope, this); + Q_UNUSED(protectThis); setArrayType(QV4::ArrayData::Custom); } |