Don't crash on deleted objects assigned to variant properties

QTBUG-8077
author: Aaron Kennedy <aaron.kennedy@nokia.com> 2010-04-19 06:25:26 (GMT)
committer: Aaron Kennedy <aaron.kennedy@nokia.com> 2010-04-19 06:26:31 (GMT)
commit: fae16b674b619b73037841a00577de5922a26595 (patch)
tree: a58b1f7b79c6d24f5d328efb6b9c427daac4b30a /src
parent: d2f8eaca50b9997bd66805787b5042faa28f5ec2 (diff)
download: Qt-fae16b674b619b73037841a00577de5922a26595.zip
Qt-fae16b674b619b73037841a00577de5922a26595.tar.gz
Qt-fae16b674b619b73037841a00577de5922a26595.tar.bz2
2 files changed, 22 insertions, 6 deletions
diff --git a/src/declarative/qml/qdeclarativevmemetaobject.cpp b/src/declarative/qml/qdeclarativevmemetaobject.cpp
index c4d47b3..45f04a0 100644
--- a/src/declarative/qml/qdeclarativevmemetaobject.cpp
+++ b/src/declarative/qml/qdeclarativevmemetaobject.cpp
@@ -86,7 +86,6 @@ public:
     inline void setValue(const QDate &);
     inline void setValue(const QDateTime &);
     inline void setValue(const QScriptValue &);
-
 private:
     int type;
     void *data[4]; // Large enough to hold all types
@@ -112,6 +111,9 @@ void QDeclarativeVMEVariant::cleanup()
                type == QMetaType::Bool ||
                type == QMetaType::Double) {
         type = QVariant::Invalid;
+    } else if (type == QMetaType::QObjectStar) {
+        ((QDeclarativeGuard<QObject>*)dataPtr())->~QDeclarativeGuard<QObject>();
+        type = QVariant::Invalid;
     } else if (type == QMetaType::QString) {
         ((QString *)dataPtr())->~QString();
         type = QVariant::Invalid;
@@ -160,7 +162,7 @@ QObject *QDeclarativeVMEVariant::asQObject()
     if (type != QMetaType::QObjectStar) 
         setValue((QObject *)0);
 
-    return *(QObject **)(dataPtr());
+    return *(QDeclarativeGuard<QObject> *)(dataPtr());
 }
 
 const QVariant &QDeclarativeVMEVariant::asQVariant() 
@@ -256,8 +258,9 @@ void QDeclarativeVMEVariant::setValue(QObject *v)
     if (type != QMetaType::QObjectStar) {
         cleanup();
         type = QMetaType::QObjectStar;
+        new (dataPtr()) QDeclarativeGuard<QObject>();
     }
-    *(QObject **)(dataPtr()) = v;
+    *(QDeclarativeGuard<QObject>*)(dataPtr()) = v;
 }
 
 void QDeclarativeVMEVariant::setValue(const QVariant &v)
@@ -465,8 +468,7 @@ int QDeclarativeVMEMetaObject::metaCall(QMetaObject::Call c, int _id, void **a)
                     if (c == QMetaObject::ReadProperty) {
                         *reinterpret_cast<QVariant *>(a[0]) = readVarPropertyAsVariant(id);
                     } else if (c == QMetaObject::WriteProperty) {
-                        needActivate = (data[id].asQVariant() != *reinterpret_cast<QVariant *>(a[0]));
-                        data[id].setValue(*reinterpret_cast<QVariant *>(a[0]));
+                        writeVarProperty(id, *reinterpret_cast<QVariant *>(a[0]));
                     }
 
                 } else {
@@ -682,6 +684,8 @@ QScriptValue QDeclarativeVMEMetaObject::readVarProperty(int id)
 {
     if (data[id].dataType() == qMetaTypeId<QScriptValue>())
         return data[id].asQScriptValue();
+    else if (data[id].dataType() == QMetaType::QObjectStar) 
+        return QDeclarativeEnginePrivate::get(ctxt->engine)->objectClass->newQObject(data[id].asQObject());
     else
         return QDeclarativeEnginePrivate::get(ctxt->engine)->scriptValueFromVariant(data[id].asQVariant());
 }
@@ -690,7 +694,9 @@ QVariant QDeclarativeVMEMetaObject::readVarPropertyAsVariant(int id)
 {
     if (data[id].dataType() == qMetaTypeId<QScriptValue>())
         return QDeclarativeEnginePrivate::get(ctxt->engine)->scriptValueToVariant(data[id].asQScriptValue());
-    else
+    else if (data[id].dataType() == QMetaType::QObjectStar) 
+        return QVariant::fromValue(data[id].asQObject());
+    else 
         return data[id].asQVariant();
 }
 
@@ -700,6 +706,15 @@ void QDeclarativeVMEMetaObject::writeVarProperty(int id, const QScriptValue &val
     activate(object, methodOffset + id, 0);
 }
 
+void QDeclarativeVMEMetaObject::writeVarProperty(int id, const QVariant &value)
+{
+    if (value.userType() == QMetaType::QObjectStar) 
+        data[id].setValue(qvariant_cast<QObject *>(value));
+    else
+        data[id].setValue(value);
+    activate(object, methodOffset + id, 0);
+}
+
 void QDeclarativeVMEMetaObject::listChanged(int id)
 {
     activate(object, methodOffset + id, 0);
diff --git a/src/declarative/qml/qdeclarativevmemetaobject_p.h b/src/declarative/qml/qdeclarativevmemetaobject_p.h
index 76390c9..4fc3269 100644
--- a/src/declarative/qml/qdeclarativevmemetaobject_p.h
+++ b/src/declarative/qml/qdeclarativevmemetaobject_p.h
@@ -148,6 +148,7 @@ private:
     QScriptValue readVarProperty(int);
     QVariant readVarPropertyAsVariant(int);
     void writeVarProperty(int, const QScriptValue &);
+    void writeVarProperty(int, const QVariant &);
 
     QAbstractDynamicMetaObject *parent;
author	Aaron Kennedy <aaron.kennedy@nokia.com>	2010-04-19 06:25:26 (GMT)
committer	Aaron Kennedy <aaron.kennedy@nokia.com>	2010-04-19 06:26:31 (GMT)
commit	fae16b674b619b73037841a00577de5922a26595 (patch)
tree	a58b1f7b79c6d24f5d328efb6b9c427daac4b30a /src
parent	d2f8eaca50b9997bd66805787b5042faa28f5ec2 (diff)
download	Qt-fae16b674b619b73037841a00577de5922a26595.zip Qt-fae16b674b619b73037841a00577de5922a26595.tar.gz Qt-fae16b674b619b73037841a00577de5922a26595.tar.bz2