From 547223a4f31067ed34acabd9a2d8a0b7645fd3f8 Mon Sep 17 00:00:00 2001
From: Aaron Kennedy <aaron.kennedy@nokia.com>
Date: Wed, 6 May 2009 10:56:28 +1000
Subject: Fix crash

As QMetaObject::indexOfProperty() downcasts QMetaObject's that have the DynamicMetaObject flag set, we must ensure that we use a QAbstractDynamicMetaObject whereever we set this flag, otherwise it may crash.
---
 src/declarative/qml/qmlcompiler.cpp | 5 +++--
 src/declarative/qml/qmlparser.cpp   | 6 +++---
 src/declarative/qml/qmlparser_p.h   | 3 ++-
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/declarative/qml/qmlcompiler.cpp b/src/declarative/qml/qmlcompiler.cpp
index f0cf4cc..67a0a04 100644
--- a/src/declarative/qml/qmlcompiler.cpp
+++ b/src/declarative/qml/qmlcompiler.cpp
@@ -1276,9 +1276,10 @@ bool QmlCompiler::compileDynamicMeta(QmlParser::Object *obj)
     if (obj->metatype)
         builder.setSuperClass(obj->metatype);
 
-    obj->extObject = builder.toMetaObject();
+    obj->extObjectData = builder.toMetaObject();
+    static_cast<QMetaObject &>(obj->extObject) = *obj->extObjectData;
 
-    output->mos << obj->extObject;
+    output->mos << obj->extObjectData;
     QmlInstruction store;
     store.type = QmlInstruction::StoreMetaObject;
     store.storeMeta.data = output->mos.count() - 1;
diff --git a/src/declarative/qml/qmlparser.cpp b/src/declarative/qml/qmlparser.cpp
index a943c4d..d68eb68 100644
--- a/src/declarative/qml/qmlparser.cpp
+++ b/src/declarative/qml/qmlparser.cpp
@@ -63,7 +63,7 @@ QT_BEGIN_NAMESPACE
 using namespace QmlParser;
 
 QmlParser::Object::Object()
-: type(-1), metatype(0), extObject(0), defaultProperty(0), line(-1), column(-1)
+: type(-1), metatype(0), extObjectData(0), defaultProperty(0), line(-1), column(-1)
 {
 }
 
@@ -76,8 +76,8 @@ QmlParser::Object::~Object()
 
 const QMetaObject *Object::metaObject() const
 {
-    if (extObject && metatype)
-        return extObject;
+    if (extObjectData && metatype)
+        return &extObject;
     else
         return metatype;
 }
diff --git a/src/declarative/qml/qmlparser_p.h b/src/declarative/qml/qmlparser_p.h
index 676e25e..2c9b0f1 100644
--- a/src/declarative/qml/qmlparser_p.h
+++ b/src/declarative/qml/qmlparser_p.h
@@ -94,7 +94,8 @@ namespace QmlParser
         const QMetaObject *metatype;
         // The synthesized metaobject, if QML added signals or properties to
         // this type.  Otherwise null
-        QMetaObject *extObject;
+        QMetaObject *extObjectData;
+        QAbstractDynamicMetaObject extObject;
 
         Property *getDefaultProperty();
         Property *getProperty(const QByteArray &name, bool create=true);
-- 
cgit v0.12