From 783ec60774a565f3a16c25af076b720de0e6acbd Mon Sep 17 00:00:00 2001 From: Ulf Hermann Date: Fri, 1 Mar 2019 14:57:21 +0100 Subject: Disable tail calls for function called with more arguments than formals We cannot easily find the required stack space to store the extra arguments without adding a new stack frame. In principle it would be possible, but heavily recursing on such functions should be a rare problem. Change-Id: I1a53a6d29e37ce67aa7bd64acb7b1f41197e84c0 Fixes: QTBUG-72807 Reviewed-by: Simon Hausmann --- src/qml/jsruntime/qv4runtime.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/qml/jsruntime') diff --git a/src/qml/jsruntime/qv4runtime.cpp b/src/qml/jsruntime/qv4runtime.cpp index 424103cb08..53dd3a66dd 100644 --- a/src/qml/jsruntime/qv4runtime.cpp +++ b/src/qml/jsruntime/qv4runtime.cpp @@ -1561,12 +1561,14 @@ ReturnedValue Runtime::method_tailCall(CppStackFrame *frame, ExecutionEngine *en const Value &thisObject = tos[StackOffsets::tailCall_thisObject]; Value *argv = reinterpret_cast(frame->jsFrame) + tos[StackOffsets::tailCall_argv].int_32(); int argc = tos[StackOffsets::tailCall_argc].int_32(); + Q_ASSERT(argc >= 0); if (!function.isFunctionObject()) return engine->throwTypeError(); const FunctionObject &fo = static_cast(function); - if (!frame->callerCanHandleTailCall || !fo.canBeTailCalled() || engine->debugger()) { + if (!frame->callerCanHandleTailCall || !fo.canBeTailCalled() || engine->debugger() + || unsigned(argc) > fo.formalParameterCount()) { // Cannot tailcall, do a normal call: return fo.call(&thisObject, argv, argc); } -- cgit v1.2.3