From 4199572d64d46bfa2efdcf7c910e81e5b8fb5547 Mon Sep 17 00:00:00 2001 From: Dmitry Shachnev Date: Fri, 16 Jun 2017 22:51:57 +0300 Subject: Fix QML compiler crashes on big endian systems Commit be491913c036b148 changed QV4::CompiledData::Unit to use LEUInt32 structures internally, rather than native uints, however the generators were not updated at that time and still wrote native uints. Also initialize constants field of CompilationUnit to prevent crashes in unlink() where operator delete[] is called. Change-Id: Id6c6e6ad519c9927ba6027479689ecfde9ea86de Reviewed-by: Allan Sandfeld Jensen Reviewed-by: Simon Hausmann --- src/qml/compiler/qqmlirbuilder.cpp | 8 ++++---- src/qml/compiler/qv4compileddata.cpp | 2 ++ src/qml/compiler/qv4compiler.cpp | 10 +++++----- 3 files changed, 11 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/src/qml/compiler/qqmlirbuilder.cpp b/src/qml/compiler/qqmlirbuilder.cpp index 57cb4c607c..03a71768d8 100644 --- a/src/qml/compiler/qqmlirbuilder.cpp +++ b/src/qml/compiler/qqmlirbuilder.cpp @@ -1425,7 +1425,7 @@ QV4::CompiledData::Unit *QmlUnitGenerator::generate(Document &output, const QV4: } // write objects - quint32 *objectTable = reinterpret_cast(data + qmlUnit->offsetToObjects); + QV4::CompiledData::LEUInt32 *objectTable = reinterpret_cast(data + qmlUnit->offsetToObjects); char *objectPtr = data + qmlUnit->offsetToObjects + objectOffsetTableSize; for (int i = 0; i < output.objects.count(); ++i) { const Object *o = output.objects.at(i); @@ -1467,7 +1467,7 @@ QV4::CompiledData::Unit *QmlUnitGenerator::generate(Document &output, const QV4: objectToWrite->offsetToNamedObjectsInComponent = nextOffset; nextOffset += objectToWrite->nNamedObjectsInComponent * sizeof(quint32); - quint32 *functionsTable = reinterpret_cast(objectPtr + objectToWrite->offsetToFunctions); + QV4::CompiledData::LEUInt32 *functionsTable = reinterpret_cast(objectPtr + objectToWrite->offsetToFunctions); for (const Function *f = o->firstFunction(); f; f = f->next) *functionsTable++ = o->runtimeFunctionIndices.at(f->index); @@ -1493,7 +1493,7 @@ QV4::CompiledData::Unit *QmlUnitGenerator::generate(Document &output, const QV4: bindingPtr = writeBindings(bindingPtr, o, &QV4::CompiledData::Binding::isValueBindingToAlias); Q_ASSERT((bindingPtr - objectToWrite->offsetToBindings - objectPtr) / sizeof(QV4::CompiledData::Binding) == unsigned(o->bindingCount())); - quint32 *signalOffsetTable = reinterpret_cast(objectPtr + objectToWrite->offsetToSignals); + QV4::CompiledData::LEUInt32 *signalOffsetTable = reinterpret_cast(objectPtr + objectToWrite->offsetToSignals); quint32 signalTableSize = 0; char *signalPtr = objectPtr + nextOffset; for (const Signal *s = o->firstSignal(); s; s = s->next) { @@ -1513,7 +1513,7 @@ QV4::CompiledData::Unit *QmlUnitGenerator::generate(Document &output, const QV4: signalPtr += size; } - quint32 *namedObjectInComponentPtr = reinterpret_cast(objectPtr + objectToWrite->offsetToNamedObjectsInComponent); + QV4::CompiledData::LEUInt32 *namedObjectInComponentPtr = reinterpret_cast(objectPtr + objectToWrite->offsetToNamedObjectsInComponent); for (int i = 0; i < o->namedObjectsInComponent.count; ++i) { *namedObjectInComponentPtr++ = o->namedObjectsInComponent.at(i); } diff --git a/src/qml/compiler/qv4compileddata.cpp b/src/qml/compiler/qv4compileddata.cpp index 485a5e6fb7..db707061fe 100644 --- a/src/qml/compiler/qv4compileddata.cpp +++ b/src/qml/compiler/qv4compileddata.cpp @@ -99,6 +99,7 @@ CompilationUnit::CompilationUnit() , runtimeLookups(0) , runtimeRegularExpressions(0) , runtimeClasses(0) + , constants(nullptr) , totalBindingsCount(0) , totalParserStatusCount(0) , totalObjectCount(0) @@ -239,6 +240,7 @@ void CompilationUnit::unlink() runtimeFunctions.clear(); #if Q_BYTE_ORDER == Q_BIG_ENDIAN delete [] constants; + constants = nullptr; #endif } diff --git a/src/qml/compiler/qv4compiler.cpp b/src/qml/compiler/qv4compiler.cpp index e32749bbf7..de1b835edb 100644 --- a/src/qml/compiler/qv4compiler.cpp +++ b/src/qml/compiler/qv4compiler.cpp @@ -335,29 +335,29 @@ void QV4::Compiler::JSUnitGenerator::writeFunction(char *f, QV4::IR::Function *i function->codeSize = 0; // write formals - quint32 *formals = (quint32 *)(f + function->formalsOffset); + CompiledData::LEUInt32 *formals = (CompiledData::LEUInt32 *)(f + function->formalsOffset); for (int i = 0; i < irFunction->formals.size(); ++i) formals[i] = getStringId(*irFunction->formals.at(i)); // write locals - quint32 *locals = (quint32 *)(f + function->localsOffset); + CompiledData::LEUInt32 *locals = (CompiledData::LEUInt32 *)(f + function->localsOffset); for (int i = 0; i < irFunction->locals.size(); ++i) locals[i] = getStringId(*irFunction->locals.at(i)); // write QML dependencies - quint32 *writtenDeps = (quint32 *)(f + function->dependingIdObjectsOffset); + CompiledData::LEUInt32 *writtenDeps = (CompiledData::LEUInt32 *)(f + function->dependingIdObjectsOffset); for (int id : irFunction->idObjectDependencies) { Q_ASSERT(id >= 0); *writtenDeps++ = static_cast(id); } - writtenDeps = (quint32 *)(f + function->dependingContextPropertiesOffset); + writtenDeps = (CompiledData::LEUInt32 *)(f + function->dependingContextPropertiesOffset); for (auto property : irFunction->contextObjectPropertyDependencies) { *writtenDeps++ = property.key(); // property index *writtenDeps++ = property.value(); // notify index } - writtenDeps = (quint32 *)(f + function->dependingScopePropertiesOffset); + writtenDeps = (CompiledData::LEUInt32 *)(f + function->dependingScopePropertiesOffset); for (auto property : irFunction->scopeObjectPropertyDependencies) { *writtenDeps++ = property.key(); // property index *writtenDeps++ = property.value(); // notify index -- cgit v1.2.3