From 727ddee130271242e20a7a2d3a66d49b3e2c0d0c Mon Sep 17 00:00:00 2001
From: Erik Verbruggen <erik.verbruggen@qt.io>
Date: Thu, 8 Mar 2018 11:21:11 +0100
Subject: Fix failing assertion when loading QML/JS on Integrity

With the QV4::Moth::BytecodeGenerator::Jump type we are relying on the
compiler doing a return value optimization. That however is not required
by the C++11 standard and the GHS compiler does indeed not do that here,
resulting in a ~Jump destructor call in the following sequence _before_
link() is called:

    Jump generateJump() { ...; return Jump(...); }
    ...
    generateJump().link();

The destructor however verifies that link() was called, which fails.

Fix this by making Jump a move-only type, which the compiler will issue
if it doesn't perform a return value optimization.

Task-number: QTBUG-66917
Change-Id: I97cc9a5d7f97d61e573ad8bc309cf48ab18eb25d
Reviewed-by: Kimmo Ollila <kimmo.ollila@qt.io>
Reviewed-by: Erik Verbruggen <erik.verbruggen@qt.io>
---
 src/qml/compiler/qv4bytecodegenerator_p.h | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/src/qml/compiler/qv4bytecodegenerator_p.h b/src/qml/compiler/qv4bytecodegenerator_p.h
index 3b3c766bfe..e69f2cd310 100644
--- a/src/qml/compiler/qv4bytecodegenerator_p.h
+++ b/src/qml/compiler/qv4bytecodegenerator_p.h
@@ -102,14 +102,19 @@ public:
         Jump(BytecodeGenerator *generator, int instruction)
             : generator(generator),
               index(instruction)
-        {}
+        { Q_ASSERT(generator && index != -1); }
+
         ~Jump() {
-            Q_ASSERT(generator->instructions[index].linkedLabel != -1);
+            Q_ASSERT(index == -1 || generator->instructions[index].linkedLabel != -1); // make sure link() got called
         }
 
+        Jump(Jump &&j) {
+            std::swap(generator, j.generator);
+            std::swap(index, j.index);
+        }
 
-        BytecodeGenerator *generator;
-        int index;
+        BytecodeGenerator *generator = nullptr;
+        int index = -1;
 
         void link() {
             link(generator->label());
@@ -119,6 +124,12 @@ public:
             Q_ASSERT(generator->instructions[index].linkedLabel == -1);
             generator->instructions[index].linkedLabel = l.index;
         }
+
+    private:
+        // make this type move-only:
+        Q_DISABLE_COPY(Jump)
+        // we never move-assign this type anywhere, so disable it:
+        Jump &operator=(Jump &&) = delete;
     };
 
     struct ExceptionHandler : public Label {
-- 
cgit v1.2.3