diff options
| author | Ulf Hermann <ulf.hermann@qt.io> | 2019-06-12 09:35:05 +0200 |
|---|---|---|
| committer | Ulf Hermann <ulf.hermann@qt.io> | 2019-06-12 10:00:46 +0200 |
| commit | 6ee1acd6279749beddb5ecab211e3d314eb11fb3 (patch) | |
| tree | a678c73b68a4ed47ceb6f793ac4174cd0690b1b6 | |
| parent | 08215dd21ebefe41f30e43d630a68d644419d021 (diff) | |
JIT: Don't store accumulator on getTemplateLiteral
We don't use the accumulator in that method. It could contain any random
value.
Fixes: QTBUG-75642
Change-Id: I41f958c1174cce76d0d77e14d5617d441aaf1e11
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
| -rw-r--r-- | src/qml/jit/qv4baselinejit.cpp | 1 | ||||
| -rw-r--r-- | tests/auto/qml/qjsengine/tst_qjsengine.cpp | 18 |
2 files changed, 18 insertions, 1 deletions
diff --git a/src/qml/jit/qv4baselinejit.cpp b/src/qml/jit/qv4baselinejit.cpp index 1e4288e3c9..7bd51ba37e 100644 --- a/src/qml/jit/qv4baselinejit.cpp +++ b/src/qml/jit/qv4baselinejit.cpp @@ -913,7 +913,6 @@ void BaselineJIT::generate_ThrowOnNullOrUndefined() void BaselineJIT::generate_GetTemplateObject(int index) { - STORE_ACC(); as->prepareCallWithArgCount(2); as->passInt32AsArg(index, 1); as->passFunctionAsArg(0); diff --git a/tests/auto/qml/qjsengine/tst_qjsengine.cpp b/tests/auto/qml/qjsengine/tst_qjsengine.cpp index dbb758ae42..d4143614c0 100644 --- a/tests/auto/qml/qjsengine/tst_qjsengine.cpp +++ b/tests/auto/qml/qjsengine/tst_qjsengine.cpp @@ -237,6 +237,7 @@ private slots: void equality(); void aggressiveGc(); + void noAccumulatorInTemplateLiteral(); public: Q_INVOKABLE QJSValue throwingCppMethod1(); @@ -4673,6 +4674,23 @@ void tst_QJSEngine::aggressiveGc() qputenv("QV4_MM_AGGRESSIVE_GC", origAggressiveGc); } +void tst_QJSEngine::noAccumulatorInTemplateLiteral() +{ + const QByteArray origAggressiveGc = qgetenv("QV4_MM_AGGRESSIVE_GC"); + qputenv("QV4_MM_AGGRESSIVE_GC", "true"); + { + QJSEngine engine; + + // getTemplateLiteral should not save the accumulator as it's garbage and trashes + // the next GC run. Instead, we want to see the stack overflow error. + QJSValue value = engine.evaluate("function a(){\nS=o=>s\nFunction``\na()}a()"); + + QVERIFY(value.isError()); + QCOMPARE(value.toString(), "RangeError: Maximum call stack size exceeded."); + } + qputenv("QV4_MM_AGGRESSIVE_GC", origAggressiveGc); +} + QTEST_MAIN(tst_QJSEngine) #include "tst_qjsengine.moc" |