From b6d0ed435d2d57359b6eafb2728c024eab0b1ece Mon Sep 17 00:00:00 2001
From: Ulf Hermann <ulf.hermann@qt.io>
Date: Mon, 25 Mar 2019 15:43:13 +0100
Subject: Scope intermediate values when allocating objects

Otherwise the garbage collector might interfere and we might end up
with dangling pointers in random places.

Task-number: QTBUG-74190
Change-Id: I253c526ef930b8f0be14e96a42af8b66fda3b22d
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
---
 src/qml/jsruntime/qv4arrayobject.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/qml/jsruntime/qv4arrayobject.cpp')

diff --git a/src/qml/jsruntime/qv4arrayobject.cpp b/src/qml/jsruntime/qv4arrayobject.cpp
index 8637db3dfd..b5b421fa39 100644
--- a/src/qml/jsruntime/qv4arrayobject.cpp
+++ b/src/qml/jsruntime/qv4arrayobject.cpp
@@ -103,7 +103,9 @@ void ArrayPrototype::init(ExecutionEngine *engine, Object *ctor)
     ctor->defineDefaultProperty(QStringLiteral("from"), method_from, 1);
     ctor->addSymbolSpecies();
 
-    ScopedObject unscopables(scope, engine->newObject(engine->classes[EngineBase::Class_Empty]->changeVTable(QV4::Object::staticVTable())));
+    Scoped<InternalClass> ic(scope, engine->classes[EngineBase::Class_Empty]
+                                            ->changeVTable(QV4::Object::staticVTable()));
+    ScopedObject unscopables(scope, engine->newObject(ic->d()));
     ScopedString name(scope);
     defineDefaultProperty(QStringLiteral("constructor"), (o = ctor));
     defineDefaultProperty(engine->id_toString(), method_toString, 0);
-- 
cgit v1.2.3