From d7b22cefde6cc0f38ac1dd4ee3cee107f47e9655 Mon Sep 17 00:00:00 2001
From: Simon Hausmann <simon.hausmann@qt.io>
Date: Mon, 16 Jul 2018 15:35:18 +0200
Subject: Fix unaligned memory access on ARM

When decoding the bytecode, we must be careful to avoid that the
compiler generates aligned memory access instructions, because the
current byte code pointer may not be aligned at all.

When decoding integer parameters, the existing code would expland to

    qFromLittleEndian(reinterpret_cast<const int>(code)[-nargs+offset])

which loads the integer from the array before passing it by value to
qFromLittleEndian.

[ChangeLog][QtQml] Fix crashes with unaligned memory access on ARM.

Task-number: QTBUG-69328
Change-Id: Ib1c66113e2b8e103ad6f5de11443a561d23a4185
Reviewed-by: Bhushan Shah <bshah@kde.org>
Reviewed-by: Erik Verbruggen <erik.verbruggen@qt.io>
---
 src/qml/compiler/qv4instr_moth_p.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/qml/compiler/qv4instr_moth_p.h b/src/qml/compiler/qv4instr_moth_p.h
index 7dd639c94c..df9182e924 100644
--- a/src/qml/compiler/qv4instr_moth_p.h
+++ b/src/qml/compiler/qv4instr_moth_p.h
@@ -347,7 +347,7 @@ QT_BEGIN_NAMESPACE
     nargs,
 
 #define MOTH_DECODE_ARG(arg, type, nargs, offset) \
-    arg = qFromLittleEndian<type>(reinterpret_cast<const type *>(code)[-nargs + offset]);
+    arg = qFromLittleEndian<type>(qFromUnaligned<type>(reinterpret_cast<const type *>(code) - nargs + offset));
 #define MOTH_ADJUST_CODE(type, nargs) \
     code += static_cast<quintptr>(nargs*sizeof(type) + 1)
 
-- 
cgit v1.2.3