From b50090e79b122c9de1560a99d1f8aebcc1e24a3a Mon Sep 17 00:00:00 2001 From: Simon Hausmann Date: Mon, 7 Apr 2014 11:20:03 +0200 Subject: Fix marking of prototype objects in chain With a real prototype chain it can happen that an internal class' prototype's class itself has a prototype. Therefore the first transition on the empty class is a PrototypeChange one, but the class the transition leads to may have PrototypeChange transitions itself, which weren't marked. There are multiple solutions to this, but this patch is the minimal fix by recursing fully through the internal class tree. That way it's easier to back-port the fix also into 5.2.x based branches. Task-number: QTBUG-37834 Change-Id: I901b13a2663fbad5844003ca5752f2f304de320c Reviewed-by: Lars Knoll --- tests/auto/qml/qjsengine/tst_qjsengine.cpp | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'tests/auto/qml/qjsengine/tst_qjsengine.cpp') diff --git a/tests/auto/qml/qjsengine/tst_qjsengine.cpp b/tests/auto/qml/qjsengine/tst_qjsengine.cpp index 518d3e9897..7ef6bd9d2b 100644 --- a/tests/auto/qml/qjsengine/tst_qjsengine.cpp +++ b/tests/auto/qml/qjsengine/tst_qjsengine.cpp @@ -151,6 +151,8 @@ private slots: void regexpLastMatch(); void indexedAccesses(); + void prototypeChainGc(); + signals: void testSignal(); }; @@ -2942,6 +2944,22 @@ void tst_QJSEngine::indexedAccesses() QVERIFY(v.isUndefined()); } +void tst_QJSEngine::prototypeChainGc() +{ + QJSEngine engine; + + QJSValue getProto = engine.evaluate("Object.getPrototypeOf"); + + QJSValue factory = engine.evaluate("function() { return Object.create(Object.create({})); }"); + QVERIFY(factory.isCallable()); + QJSValue obj = factory.call(); + engine.collectGarbage(); + + QJSValue proto = getProto.call(QJSValueList() << obj); + proto = getProto.call(QJSValueList() << proto); + QVERIFY(proto.isObject()); +} + QTEST_MAIN(tst_QJSEngine) #include "tst_qjsengine.moc" -- cgit v1.2.3