diff options
| -rw-r--r-- | src/script/api/qscriptvalue.cpp | 1 | ||||
| -rw-r--r-- | tests/auto/qscriptvalue/tst_qscriptvalue.cpp | 13 | ||||
| -rw-r--r-- | tests/auto/qscriptvalue/tst_qscriptvalue.h | 1 |
3 files changed, 15 insertions, 0 deletions
diff --git a/src/script/api/qscriptvalue.cpp b/src/script/api/qscriptvalue.cpp index f494106..e40458b 100644 --- a/src/script/api/qscriptvalue.cpp +++ b/src/script/api/qscriptvalue.cpp @@ -2036,6 +2036,7 @@ void QScriptValue::setData(const QScriptValue &data) Q_D(QScriptValue); if (!d || !d->isObject()) return; + QScript::APIShim shim(d->engine); JSC::JSValue other = d->engine->scriptValueToJSCValue(data); if (d->jscValue.inherits(&QScriptObject::info)) { QScriptObject *scriptObject = static_cast<QScriptObject*>(JSC::asObject(d->jscValue)); diff --git a/tests/auto/qscriptvalue/tst_qscriptvalue.cpp b/tests/auto/qscriptvalue/tst_qscriptvalue.cpp index 639df36..53e2699 100644 --- a/tests/auto/qscriptvalue/tst_qscriptvalue.cpp +++ b/tests/auto/qscriptvalue/tst_qscriptvalue.cpp @@ -2253,6 +2253,19 @@ void tst_QScriptValue::getSetData() QVERIFY(!object.data().isValid()); } +void tst_QScriptValue::setData_QTBUG15144() +{ + QScriptEngine eng; + QScriptValue obj = eng.newObject(); + for (int i = 0; i < 10000; ++i) { + // Create an object with property 'fooN' on it, and immediately kill + // the reference to the object so it and the property name become garbage. + eng.evaluate(QString::fromLatin1("o = {}; o.foo%0 = 10; o = null;").arg(i)); + // Setting the data will cause a JS string to be allocated, which could + // trigger a GC. This should not cause a crash. + obj.setData("foodfight"); + } +} class TestScriptClass : public QScriptClass { public: diff --git a/tests/auto/qscriptvalue/tst_qscriptvalue.h b/tests/auto/qscriptvalue/tst_qscriptvalue.h index 462749a..aa6bc6c 100644 --- a/tests/auto/qscriptvalue/tst_qscriptvalue.h +++ b/tests/auto/qscriptvalue/tst_qscriptvalue.h @@ -216,6 +216,7 @@ private slots: void getSetProperty(); void arrayElementGetterSetter(); void getSetData(); + void setData_QTBUG15144(); void getSetScriptClass(); void call(); void construct(); |