Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-98356

JIT crash on invalid yield syntax

    XMLWordPrintable

    Details

    • Commits:
      dde1d86baabac1eddd84a11b7d2ed49e26c511bd (qt/qtdeclarative/dev) 762e70ea2ec028d0ce1659ed4ae8fc2ec47d950f (qt/qtdeclarative/6.2) 0e88794676 (qt/tqtc-qtdeclarative/5.15)

      Description

      This code :

      function *a() {
          (function() { yield 1; })();
      }
      let it = a();
      it.next();
      

      is accepted as valid syntax leading to a crash when JIT kicks in : 

      QV4::JIT::BaselineJIT::generate_Yield()
      QV4::Moth::ByteCodeHandler::decode(const char * code, unsigned int len)
      QV4::JIT::BaselineJIT::generate()

       PS: I wasn't able to crash the app with the code above which is derived from our real world crash and fix knowledge on this.

        Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            Assignee:
            qtqmlteam Qt Qml Team User
            Reporter:
            vrouille Vincent Rouillé
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Gerrit Reviews

                There are no open Gerrit changes