| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This relies heavily on the documented fact that we only support trusted
QML/JS content, meaning most files are only significant, not critical.
This also extends to the handling of qmlc files (as in
compilationunitmapper), as we store them in a user owned, non-shared
cache directory – so any vulnerability there would already mean that an
attacker has write-priviledges on user data.
An exception is ArrayBuffer, which can be used with arbitrary user data,
and should create a valid QBA.
Fixes: QTBUG-136970
Pick-to: 6.10 6.9 6.8
QUIP: 23
Change-Id: I22033fe6ab4acf8362a8183e25b92331d45cb32c
Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a semantic patch using ClangTidyTransformator to convert
sequences of Q_UNREACHABLE() + return into Q_UNREACHABLE_RETURN(),
newly added to qtbase.
const std::string unr = "unr", val = "val", ret = "ret";
auto makeUnreachableReturn = cat("Q_UNREACHABLE_RETURN(",
ifBound(val, cat(node(val)), cat("")),
")");
auto ignoringSwitchCases = [](auto stmt) {
return anyOf(stmt, switchCase(subStmt(stmt)));
};
makeRule(stmt(ignoringSwitchCases(stmt(isExpandedFromMacro("Q_UNREACHABLE")).bind(unr)),
nextStmt(returnStmt(optionally(hasReturnValue(expr().bind(val)))).bind(ret))),
{changeTo(node(unr), cat(makeUnreachableReturn,
";")), // TODO: why is the ; lost w/o this?
changeTo(node(ret), cat(""))},
cat("use ", makeUnreachableReturn));
a.k.a qt-use-unreachable-return.
subStmt() and nextStmt() are non-standard matchers.
There was one false positive, suppressed it with NOLINTNEXTLINE.
It's not really a false positiive, it's just that Clang sees the world
in one way and if conditonal compilation (#if) differs for other
compilers, Clang doesn't know better. This is an artifact of matching
two consecutive statements.
Change-Id: I3855b2dc8523db1ea860f72ad9818738162495c6
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Replace the current license disclaimer in files by
a SPDX-License-Identifier.
Files that have to be modified by hand are modified.
License files are organized under LICENSES directory.
Pick-to: 6.4
Task-number: QTBUG-67283
Change-Id: I63563bbeb6f60f89d2c99660400dca7fab78a294
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
|
| |
|
|
|
|
|
| |
It is shorter and encapsulates the exception handling a bit.
Change-Id: I8e2dc0eb3b930e222b8cb4852b73d99ca18a0379
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A QJSManagedValue is a view on a QJSValue which always knows the engine
the value belongs to. This allows us to implement the JavaScript
semantics of the various QJSValue methods in a much more rigorous way.
[ChangeLog][QtQml] The new QJSManagedValue should be used instead of
QJSValue for manipulating properties and prototypes of JavaScript
values, as well as for calling JavaScript functions.
Change-Id: I9d445ffcf68dfa72dba9bae0818e83c80665ad66
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The sameValue(Zero) algorithm were implemented according to the
JavaScript specification; however QML has the concept of value types.
For those we need to check equality with the intrinsic isEqualTo method.
This aligns sameValue(Zero) with strict equality in its treatment of
value types.
This fixes Array.includes for value types
Fixes: QTBUG-81825
Change-Id: Idd3e09cbed94bca6ea44f5683610b87d184e432c
Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
|
| |
|
|
|
|
|
|
| |
The static part can be used for compilation and won't resolve managed
objects. This allows us to remove all the remaining V4_BOOTSTRAP.
Change-Id: Id2f6feb64c48beb2a407697881aea8c0d791a532
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
| |
The only thing we actually need is toArrayIndex() and that is a static
method. We provide it in a separate file.
Change-Id: I86b11e3d81a319202a0babacd17d87e7816ac88a
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
|
| |
This is a better fit for the method. In turn, remove all the
V4_BOOTSTRAP conditions from qv4engine_p.h and make sure we don't
include or compile it in bootstrap mode.
Change-Id: I5933b0724e561313ca20c420b83e4d70e63bddf5
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Get rid of makeIdentifier(), as toPropertyKey() will take
care of it.
Rename identifier() to propertyKey() and check that the
key is valid.
Remove String/StringOrSymbol::asArrayIndex(), we don't need it
anymore.
Change-Id: I3c490fabc1475c9ea288b49b1638b6fa1bc237b7
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
| |
Change all uses of Identifier to use the new PropertyKey class
and get rid of Identifier.
Change-Id: Ib7e83b06a3c923235e145b6e083fe980dc240452
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
This will replace Identifier over the next few commits.
The advantage of PropertyKey is that it can be stored on
the JS stack, so that a GC run won't accidentally clean
up the string/symbol referenced by the key.
Change-Id: Ib4daa4616bcfa537e6d371ef7c7740bc7727a50d
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
| |
and use it where required.
Change-Id: I309ca61e0360b26428fc2ea5a2eea47c8e0632a0
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
| |
Based on top of an ArrayObject for now, which is admittedly a bit of a
cheat and not matching the "spirit" of the spec. OTOH, that makes it
easy to write, and is presumably quite lightweight, so perhaps this is acceptable
as a starting point.
Change-Id: Ibc98137965b3e75635b960a2f88c251d45e6e837
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We also add a sameValueZero helper, to make life easier.
Remaining failures:
built-ins/Array/prototype/includes/get-prop.js fails (due to missing Proxy)
built-ins/Array/prototype/includes/length-boundaries.js fails
length-boundaries failure is due to strange treatment of edge number values in
Value, I think, I haven't yet been able to rectify that one.
Change-Id: Idacca528d88fb052d19a5d244662927f502f20d2
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
| |
Change-Id: I0990e9610a3200502719191fa0a4174ba9ee1903
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
| |
Change-Id: I904e72e746cb14bb7af4bcbed8e74766c6cbbcf8
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
|
| |
Added basic infrastructure to create symbols and convert them
back to strings. In addition, storing and retrieving of symbol
based properties in Objects works.
Change-Id: I185f7aa46e7afa19db5a801102142892e03b7bf1
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
| |
This is required to be able to turn the internal class into
something that lives on the GC heap.
Change-Id: Ie4318588d420743b1e1ab1cd596a1c9d153eb793
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
| |
Change-Id: Iccfe50c967560deee9e2903bbe3a293b13fe8b48
Reviewed-by: Erik Verbruggen <erik.verbruggen@qt.io>
|
| |
|
|
|
|
|
|
|
|
| |
Calling a non inline memberfunction does force the this argument
onto the stack. Replacing those functions with static member
functions taking the object by Value avoids that problem and
allows the QV4::Value to be passed in registers.
Change-Id: I9cf1c220e1dc0f958b416a7216d9ba1ae79a4b3e
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
| |
Change-Id: Ieace8a47428e60e38ee6827a05ebe00db935c5cd
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
| |
And with this there is no need to special case integers
in the BitXxx binops anymore.
Change-Id: I9f94651d776f4e31ff8152fe7ce00dc5b1fa706e
Reviewed-by: Erik Verbruggen <erik.verbruggen@qt.io>
|
| |
|
|
|
| |
Change-Id: Ic1131d6e3b4e04fd1c9e0e045ae94cd47cef5ae2
Reviewed-by: Erik Verbruggen <erik.verbruggen@qt.io>
|
| |
|
|
|
|
|
| |
Now to actually check if both values are 0
Change-Id: I138e34f6b884d45a4b01c7963b3518f2b36a4857
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
| |
Change-Id: I6146e4c41aa08ff4804fa2f37e93186ddc0a2a0f
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This only deals with Qt code. MASM has a lot of those left. We should
just update from upstream instead to get the fixes.
qv4regalloc.cpp:660:52: warning: this statement may fall through [-Wimplicit-fallthrough=]
if (leftSource->type == DoubleType || rightSource->type == DoubleType) {
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
qv4regalloc.cpp:666:13: note: here
case OpBitAnd:
^~~~
Change-Id: I7814054a102a407d876ffffd14b6b0e2d6b03689
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
| |
Value::type() is not inlined by GCC LTO, and does more work than needed.
Change-Id: I0a1f99f48d8e55caf685a9a3aa56dce079c8f1b2
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
| |
Try to avoid calling both as objectValue() already
checks isObject().
Change-Id: I1d770d4d9dabed4ea4cc3e322b8fdc5a64f5bd2b
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
| |
It's enough to just call stringValue(), as that already
does the isString() check.
Change-Id: I7be0e643a7975c0704b4c9c43b337deb8db9fce0
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
From Qt 5.7 -> LGPL v2.1 isn't an option anymore, see
http://blog.qt.io/blog/2016/01/13/new-agreement-with-the-kde-free-qt-foundation/
Updated license headers to use new LGPL header instead of LGPL21 one
(in those files which will be under LGPL v3)
Change-Id: Ic36f1a0a1436fe6ac6eeca8c2375a79857e9cb12
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The union in QV4::Value is used to do type punning. In C++, this is
compiler-defined behavior. For example, Clang and GCC will try to detect
it and try to do the proper thing. However, it can play havoc with Alias
Analysis, and it is not guaranteed that some Undefined Behavior (or
Compiler depenedent behavior) might occur.
The really problematic part is the struct inside the union: depending on
the calling convention and the register size, it results in some
exciting code. For example, the AMD64 ABI specifies that a struct of two
values of INTEGER class can be passed in separate registers when doing a
function call. Now, if the AA in the compiler looses track of the fact
that the tag overlaps with the double, you might get:
ecx := someTag
... conditional jumps
double_case:
rdx := xorredDoubleValue
callq someWhere
If the someWhere function checks for the tag first, mayhem ensues: the
double value in rdx does not overwrite the tag that is passed in ecx.
Changing the code to do reinterpret_cast<>s might also give problems
on 32bit architectures, because there is a double, whose size is not the
same as the size of the tag, which could confuse AA.
So, to fix this, the following is changed:
- only have a quint64 field in the QV4::Value, which has the added
benefit that it's very clear for the compiler that it's a POD
- as memcpy is the only approved way to ensure bit-by-bit "conversion"
between types (esp. FP<->non-FP types), change all conversions to use
memcpy. Use bitops (shift/and/or) for anything else.
- only use accessor functions for non-quint64 values
As any modern compiler has memcpy as an intrinsic, the call will be
replaced with one or a few move instructions. The accessor functions
also get inlined, the bitops get optimized, so in all cases the compiler
can generate the most compact code possible.
This patch obsoletes f558bc48585c69de36151248c969a484a969ebb4 (which had
the exact aliassing problem of the double and the tag as described
above).
Change-Id: I60a39d8564be5ce6106403a56a8de90943217006
Reviewed-by: Ulf Hermann <ulf.hermann@theqtcompany.com>
|
| |
|
|
|
|
|
|
| |
This is a cleaner separation and further reduces include dependencies
in the definitions of our basic data structured.
Change-Id: I18aa86cdea0c0dfbc16075d4d617af97e638811e
Reviewed-by: Simon Hausmann <simon.hausmann@theqtcompany.com>
|
| |
|
|
|
| |
Change-Id: Ie48dc8f95daa4738e690902b5d33010afa7b974f
Reviewed-by: Simon Hausmann <simon.hausmann@theqtcompany.com>
|
| |
|
|
|
|
|
|
|
| |
Start moving the memory related functionality into it's own folder.
This will simplify refactoring of the GC related functionality later
on.
Change-Id: I70ec6f512af7a7897625afb84d914c17572b0ccd
Reviewed-by: Simon Hausmann <simon.hausmann@theqtcompany.com>
|
| |
|
|
|
|
|
|
|
| |
Qt copyrights are now in The Qt Company, so we could update the source
code headers accordingly. In the same go we should also fix the links to
point to qt.io.
Change-Id: I61120571787870c0ed17066afb31779b1e6e30e9
Reviewed-by: Iikka Eklund <iikka.eklund@theqtcompany.com>
|
| |
|
|
|
| |
Change-Id: Icd76d3d03fac2e57530e55f8ec15b97109dcdcbc
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Instead pass a const Value & into the functions
With our new inheritance structure, we can get rid of ValueRef
and instead simply pass a pointer to a Value again. Pointers to
Values are safe to use again now, as they are now guaranteed to
be in a place where the GC knows about them.
Change-Id: I44c606fde764db3993b8128fd6fb781d3a298e53
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
|
| |
|
|
|
| |
Change-Id: I596f14554d81f5e9af9996294d96047f2e810bef
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
|
| |
|
|
|
| |
Change-Id: I4c92c7bc9d94d8265e306f45d863fdc080a5e2a6
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
|
| |
|
|
|
| |
Change-Id: I85afd5758f72e19c280dc196601ee145f0c25f01
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
|
| |
|
|
|
| |
Change-Id: I4cb63c3cc4eb9bb81f10f9826f80e581b4e1990c
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
|
| |
|
|
|
|
|
|
|
|
| |
Avoid the use of Returned<String> for newString and changed the identifier
table to use Heap::String. This required moving some code back into
Heap::String, but that's code that doesn't call back into the GC, so
allocations and therefore future object moves aren't possible.
Change-Id: I1dca3e9c12a9c56f09419af8cc8cba39fe04f720
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
|
| |
|
|
|
|
|
|
| |
We don't need Returned<T> anymore with the QV4:: vs. Heap:: separation.
Eliminating Returned<T> simplifies also some code.
Change-Id: Ic2a9cd3c1a94f2ea37b539d3984d63997121c2b9
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
|
| |
|
|
|
|
|
| |
This is safer and cleaner than to use a context pointer.
Change-Id: Id5ef4e6667571897cd029125a0bdc18ce299da6d
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
|
| |
|
|
|
|
|
| |
And do the same change for ArrayData.
Change-Id: Ia1ae56bd0ff586c9b987e15af7a53f395a37054a
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
|
| |
|
|
|
| |
Change-Id: Ibb4658576a98b53de2eac2474ce4d5b9eb83b6ae
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
|
| |
|
|
|
|
|
|
|
| |
- Renamed LICENSE.LGPL to LICENSE.LGPLv21
- Added LICENSE.LGPLv3 & LICENSE.GPLv2
- Removed LICENSE.GPL
Change-Id: I84a565e2e0caa3b76bf291a7d188a57a4b00e1b0
Reviewed-by: Jani Heikkinen <jani.heikkinen@digia.com>
|
| |
|
|
|
|
|
|
|
| |
This prepares for moving over to a d pointer scheme,
where Managed subclasses don't hold any data directly. This
is required to be able to move over to a modern GC.
Change-Id: I3f59633ac07a7da461bd2d4f0f9f3a8e3b0baf02
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is among other things needed to fix the qml import scanner to detect
dependencies from .js files correctly.
The patch also fixes the use of Q_QML_EXPORT towards Q_QML_PRIVATE_EXPORT
where appropriate and corrects the wrong include path for the double conversion
code to actually be relative to the file it is included from. This worked by
accident because of other include paths present in the build.
Change-Id: I338583dad2f76300819af8ab0dae8e5724c84430
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
|
