From 889f717fc57ea9881ca250b8230742633c1ed5a2 Mon Sep 17 00:00:00 2001 From: Simon Hausmann Date: Thu, 7 May 2015 16:22:24 +0200 Subject: Fix memory corruption when sharing QObjects between different QML engines MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When marking the JS wrappers for QObject manually, we cannot use ddata->jsWrapper directly but we must respect the case where the same object is exposed to different engines and then we must mark the wrapper that belongs to the engine that is currently collecting garbage. Change-Id: If82883c762ccaf3431e7074243ff2ff703234d66 Task-number: QTBUG-44895 Reviewed-by: Marco Martin Reviewed-by: Jan Kundrát Reviewed-by: Lars Knoll Reviewed-by: Aleix Pol Gonzalez --- src/qml/qml/qqmlvmemetaobject.cpp | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'src/qml/qml/qqmlvmemetaobject.cpp') diff --git a/src/qml/qml/qqmlvmemetaobject.cpp b/src/qml/qml/qqmlvmemetaobject.cpp index 37ff696579..5b1be15869 100644 --- a/src/qml/qml/qqmlvmemetaobject.cpp +++ b/src/qml/qml/qqmlvmemetaobject.cpp @@ -1227,6 +1227,11 @@ void QQmlVMEMetaObject::ensureQObjectWrapper() void QQmlVMEMetaObject::mark(QV4::ExecutionEngine *e) { + QQmlEnginePrivate *ep = (ctxt == 0 || ctxt->engine == 0) ? 0 : QQmlEnginePrivate::get(ctxt->engine); + QV4::ExecutionEngine *v4 = (ep == 0) ? 0 : ep->v4engine(); + if (v4 != e) + return; + varProperties.markOnce(e); // add references created by VMEVariant properties @@ -1234,12 +1239,8 @@ void QQmlVMEMetaObject::mark(QV4::ExecutionEngine *e) for (int ii = 0; ii < maxDataIdx; ++ii) { // XXX TODO: optimize? if (data[ii].dataType() == QMetaType::QObjectStar) { // possible QObject reference. - QObject *ref = data[ii].asQObject(); - if (ref) { - QQmlData *ddata = QQmlData::get(ref); - if (ddata) - ddata->jsWrapper.markOnce(e); - } + if (QObject *ref = data[ii].asQObject()) + QV4::QObjectWrapper::markWrapper(ref, e); } } -- cgit v1.2.3