From c02b0e529a3266cce2f7d852deca7774402b236e Mon Sep 17 00:00:00 2001
From: Ulf Hermann <ulf.hermann@qt.io>
Date: Thu, 21 Jul 2022 15:02:02 +0200
Subject: Qml: When cloning a stack frame, also clone its instruction pointer

Otherwise we get an out of range access when looking for the line
number. To be extra safe, we also add another guard against this to the
lineNumber() function.

Pick-to: 6.2 6.3 6.4
Fixes: QTBUG-90466
Change-Id: I4d9cb52ecba2631696537f02a3c1b75c3658ceb8
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
---
 src/qml/jsruntime/qv4jscall_p.h | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'src/qml/jsruntime/qv4jscall_p.h')

diff --git a/src/qml/jsruntime/qv4jscall_p.h b/src/qml/jsruntime/qv4jscall_p.h
index 014b0473a5..900ff7d2af 100644
--- a/src/qml/jsruntime/qv4jscall_p.h
+++ b/src/qml/jsruntime/qv4jscall_p.h
@@ -104,8 +104,12 @@ struct ScopedStackFrame
     ScopedStackFrame(const Scope &scope, ExecutionContext *context)
         : engine(scope.engine)
     {
-        frame.init(engine->currentStackFrame ? engine->currentStackFrame->v4Function : nullptr,
-                   nullptr, context, nullptr, nullptr, 0);
+        if (auto currentFrame = engine->currentStackFrame) {
+            frame.init(currentFrame->v4Function, nullptr, context, nullptr, nullptr, 0);
+            frame.instructionPointer = currentFrame->instructionPointer;
+        } else {
+            frame.init(nullptr, nullptr, context, nullptr, nullptr, 0);
+        }
         frame.push(engine);
     }
 
-- 
cgit v1.2.3