5 files changed, 58 insertions, 29 deletions

diff --git a/src/qml/parser/qqmljs.g b/src/qml/parser/qqmljs.g
index b86dba6daa..8ae51a795f 100644
--- a/src/qml/parser/qqmljs.g
+++ b/src/qml/parser/qqmljs.g
@@ -614,16 +614,8 @@ bool Parser::parse(int startToken)
     program = 0;
 
     do {
-        if (++tos == stack_size) {
+        if (++tos == stack_size)
             reallocateStack();
-            if (stack_size > 10000) {
-                // We're now in some serious right-recursive stuff, which will probably result in
-                // an AST that's so deep that recursively visiting it will run out of stack space.
-                const QString msg = QCoreApplication::translate("QQmlParser", "Maximum statement or expression depth exceeded");
-                diagnostic_messages.append(DiagnosticMessage(DiagnosticMessage::Error, token_buffer[0].loc, msg));
-                return false;
-            }
-        }
 
         state_stack[tos] = action;
 
diff --git a/src/qml/parser/qqmljsast.cpp b/src/qml/parser/qqmljsast.cpp
index 4ebb2d3b5c..54a1200493 100644
--- a/src/qml/parser/qqmljsast.cpp
+++ b/src/qml/parser/qqmljsast.cpp
@@ -65,21 +65,6 @@ ClassExpression *asAnonymousClassDefinition(Node *n)
     return c;
 }
 
-
-void Node::accept(Visitor *visitor)
-{
-    if (visitor->preVisit(this)) {
-        accept0(visitor);
-    }
-    visitor->postVisit(this);
-}
-
-void Node::accept(Node *node, Visitor *visitor)
-{
-    if (node)
-        node->accept(visitor);
-}
-
 ExpressionNode *Node::expressionCast()
 {
     return nullptr;
diff --git a/src/qml/parser/qqmljsast_p.h b/src/qml/parser/qqmljsast_p.h
index 43aeec6525..e84c62af2f 100644
--- a/src/qml/parser/qqmljsast_p.h
+++ b/src/qml/parser/qqmljsast_p.h
@@ -271,11 +271,29 @@ public:
     virtual FunctionExpression *asFunctionDefinition();
     virtual ClassExpression *asClassDefinition();
 
-    void accept(Visitor *visitor);
-    static void accept(Node *node, Visitor *visitor);
+    inline void accept(Visitor *visitor)
+    {
+        Visitor::RecursionDepthCheck recursionCheck(visitor);
+        if (recursionCheck()) {
+            if (visitor->preVisit(this))
+                accept0(visitor);
+            visitor->postVisit(this);
+        } else {
+            visitor->throwRecursionDepthError();
+        }
+    }
 
+    inline static void accept(Node *node, Visitor *visitor)
+    {
+        if (node)
+            node->accept(visitor);
+    }
+
+    // ### Remove when we can. This is part of the qmldevtools library, though.
     inline static void acceptChild(Node *node, Visitor *visitor)
-    { return accept(node, visitor); } // ### remove
+    {
+        return accept(node, visitor);
+    }
 
     virtual void accept0(Visitor *visitor) = 0;
     virtual SourceLocation firstSourceLocation() const = 0;
diff --git a/src/qml/parser/qqmljsastvisitor.cpp b/src/qml/parser/qqmljsastvisitor.cpp
index eec151298e..666623eecc 100644
--- a/src/qml/parser/qqmljsastvisitor.cpp
+++ b/src/qml/parser/qqmljsastvisitor.cpp
@@ -43,7 +43,7 @@ QT_QML_BEGIN_NAMESPACE
 
 namespace QQmlJS { namespace AST {
 
-Visitor::Visitor()
+Visitor::Visitor(quint16 parentRecursionDepth) : m_recursionDepth(parentRecursionDepth)
 {
 }
 
diff --git a/src/qml/parser/qqmljsastvisitor_p.h b/src/qml/parser/qqmljsastvisitor_p.h
index c925096de6..9c69f88e0c 100644
--- a/src/qml/parser/qqmljsastvisitor_p.h
+++ b/src/qml/parser/qqmljsastvisitor_p.h
@@ -61,7 +61,33 @@ namespace QQmlJS { namespace AST {
 class QML_PARSER_EXPORT Visitor
 {
 public:
-    Visitor();
+    class RecursionDepthCheck
+    {
+        Q_DISABLE_COPY(RecursionDepthCheck)
+    public:
+        RecursionDepthCheck(RecursionDepthCheck &&) = delete;
+        RecursionDepthCheck &operator=(RecursionDepthCheck &&) = delete;
+
+        RecursionDepthCheck(Visitor *visitor) : m_visitor(visitor)
+        {
+            ++(m_visitor->m_recursionDepth);
+        }
+
+        ~RecursionDepthCheck()
+        {
+            --(m_visitor->m_recursionDepth);
+        }
+
+        bool operator()() const {
+            return m_visitor->m_recursionDepth < s_recursionLimit;
+        }
+
+    private:
+        static const quint16 s_recursionLimit = 4096;
+        Visitor *m_visitor;
+    };
+
+    Visitor(quint16 parentRecursionDepth = 0);
     virtual ~Visitor();
 
     virtual bool preVisit(Node *) { return true; }
@@ -374,6 +400,14 @@ public:
 
     virtual bool visit(DebuggerStatement *) { return true; }
     virtual void endVisit(DebuggerStatement *) {}
+
+    virtual void throwRecursionDepthError() = 0;
+
+    quint16 recursionDepth() const { return m_recursionDepth; }
+
+protected:
+    quint16 m_recursionDepth = 0;
+    friend class RecursionDepthCheck;
 };
 
 } } // namespace AST