language-servers/slint
1
0
Fork 0
mirror of https://github.com/slint-ui/slint.git synced 2025-10-01 06:11:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Fix crash with VRc::borrow() on wasm32

Browse source 
When converting a Weak<VT, T> into Weak<VT, Dyn>, we were ignoring that
while T inside VRcInner may be at a certain offset to satisfy alignment,
the empty Dyn field may not and thus be at a different offset.

On wasm32 for example the compiler generated component struct has a
16-byte alignment, while the Dyn has none. So converting the Weak<VT,
Dyn> to a VRc<VT, Dyn> and then calling borrow() would use the wrong
instance pointer.

To fix this, this patch introduces an extra offset field that's
preserved during the casting and that's used for borrow() as well as
drop().
This commit is contained in:
Simon Hausmann 2020-11-12 10:24:47 +01:00
parent 7817705737
commit 753ec83a05
2 changed files with 26 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

3
api/sixtyfps-cpp/include/vtable.h
View file

@ -69,6 +69,7 @@ private:
const VTable *vtable = &X::component_type;
int strong_ref = 1;
int weak_ref = 1;
std::uint16_t data_offset = offsetof(VRcInner, data);
union {
X data;
Layout layout;
@ -86,7 +87,7 @@ public:
~VRc() {
if (!--inner->strong_ref) {
Layout layout = inner->vtable->drop_in_place({inner->vtable, &inner->data});
layout.size += sizeof(const VTable *) + 2 * sizeof(int);
layout.size += inner->data_offset;
layout.align = std::max<size_t>(layout.align, alignof(VRcInner<VTable, Dyn>));
inner->layout = layout;
if (!--inner->weak_ref) {