corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 476177 - TM: cx->stackPool must not be accessed on trace. r=brendan.

Browse Source
This commit is contained in:
Jason Orendorff
2009-01-30 17:40:05 -06:00
parent 865d411fcd
commit 5b0a24c8d7
20 changed files with 92 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
js/src/jsiter.cpp
View File

@@ -64,6 +64,8 @@
#include "jsscan.h"
#include "jsscope.h"
#include "jsscript.h"
#include "jsstaticcheck.h"
#include "jstracer.h"
#if JS_HAS_XML_SUPPORT
#include "jsxml.h"
@@ -75,7 +77,7 @@
#if JS_HAS_GENERATORS
static JSBool
static JS_REQUIRES_STACK JSBool
CloseGenerator(JSContext *cx, JSObject *genobj);
#endif
@@ -407,6 +409,7 @@ js_ValueToIterator(JSContext *cx, uintN flags, jsval *vp)
if (!InitNativeIterator(cx, iterobj, obj, flags))
goto bad;
} else {
js_LeaveTrace(cx);
arg = BOOLEAN_TO_JSVAL((flags & JSITER_FOREACH) == 0);
if (!js_InternalInvoke(cx, obj, *vp, JSINVOKE_ITERATOR, 1, &arg,
vp)) {
@@ -449,6 +452,7 @@ js_CloseIterator(JSContext *cx, jsval v)
}
#if JS_HAS_GENERATORS
else if (clasp == &js_GeneratorClass) {
JS_ASSERT_NOT_ON_TRACE(cx);
if (!CloseGenerator(cx, obj))
return JS_FALSE;
}
@@ -814,7 +818,7 @@ typedef enum JSGeneratorOp {
* Start newborn or restart yielding generator and perform the requested
* operation inside its frame.
*/
static JSBool
static JS_REQUIRES_STACK JSBool
SendToGenerator(JSContext *cx, JSGeneratorOp op, JSObject *obj,
JSGenerator *gen, jsval arg)
{
@@ -904,7 +908,7 @@ SendToGenerator(JSContext *cx, JSGeneratorOp op, JSObject *obj,
return JS_FALSE;
}
static JSBool
static JS_REQUIRES_STACK JSBool
CloseGenerator(JSContext *cx, JSObject *obj)
{
JSGenerator *gen;
@@ -932,6 +936,8 @@ generator_op(JSContext *cx, JSGeneratorOp op, jsval *vp, uintN argc)
JSGenerator *gen;
jsval arg;
js_LeaveTrace(cx);
obj = JS_THIS_OBJECT(cx, vp);
if (!JS_InstanceOf(cx, obj, &js_GeneratorClass, vp + 2))
return JS_FALSE;
@@ -976,6 +982,8 @@ generator_op(JSContext *cx, JSGeneratorOp op, jsval *vp, uintN argc)
}
}
js_LeaveTrace(cx);
arg = ((op == JSGENOP_SEND || op == JSGENOP_THROW) && argc != 0)
? vp[2]
: JSVAL_VOID;