Ubuntu Pastebin

Paste from odroid at Wed, 1 Mar 2017 00:43:03 +0000

Download as text 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
commit cd514b09f1b8a384e5a4994ada9b97334c29c5a1
Author: Shu-yu Guo <shu@rfrn.org>
Date:   Wed Mar 1 11:10:31 2017 +1030

    Bug 1334314 - Fix debug mode OSR exception handling for IteratorClose trynotes. Adapted for Ubuntu by memeka <mihailescu2m@gmail.com>.

diff --git a/js/src/jit-test/tests/ion/bug1334314.js b/js/src/jit-test/tests/ion/bug1334314.js
new file mode 100644
index 0000000..98a8db6
--- /dev/null
+++ b/js/src/jit-test/tests/ion/bug1334314.js
@@ -0,0 +1,16 @@
+// |jit-test| error: TypeError
+	
+	var g = newGlobal();
+g.parent = this;
+g.eval("new Debugger(parent).onExceptionUnwind = function () { };");
+
+	function f() {
+		    [[]] = [];
+		}
+try {
+	    f();
+	} catch (e) {};
+try {
+	    f();
+	} catch (e) {};
+f();
diff --git a/js/src/jit/BaselineBailouts.cpp b/js/src/jit/BaselineBailouts.cpp
index b14d5c6..5d42b2c 100644
--- a/js/src/jit/BaselineBailouts.cpp
+++ b/js/src/jit/BaselineBailouts.cpp
@@ -467,7 +467,7 @@ GetNextNonLoopEntryPc(jsbytecode* pc)
 }
 
 static bool
-HasLiveIteratorAtStackDepth(JSScript* script, jsbytecode* pc, uint32_t stackDepth)
+HasLiveStackValueAtDepth(JSScript* script, jsbytecode* pc, uint32_t stackDepth)
 {
     if (!script->hasTrynotes())
         return false;
@@ -481,15 +481,35 @@ HasLiveIteratorAtStackDepth(JSScript* script, jsbytecode* pc, uint32_t stackDept
         if (pcOffset >= tn->start + tn->length)
             continue;
 
-        // For-in loops have only the iterator on stack.
-        if (tn->kind == JSTRY_FOR_IN && stackDepth == tn->stackDepth)
-            return true;
+        switch (tn->kind) {
+            case JSTRY_FOR_IN:
+                // For-in loops have only the iterator on stack.
+                if (stackDepth == tn->stackDepth)
+                    return true;
+                break;
 
-        // For-of loops have both the iterator and the result on stack.
-        if (tn->kind == JSTRY_FOR_OF &&
-            (stackDepth == tn->stackDepth || stackDepth == tn->stackDepth - 1))
-        {
-            return true;
+            case JSTRY_FOR_OF:
+                // For-of loops have both the iterator and the result on stack.
+                if (stackDepth == tn->stackDepth - 1)
+                    return true;
+                break;
+
+            case JSTRY_ITERCLOSE:
+                // Code that need to call IteratorClose have the iterator on the
+                // stack.
+                if (stackDepth == tn->stackDepth)
+                    return true;
+                break;
+
+            case JSTRY_DESTRUCTURING_ITERCLOSE:
+                // Destructuring code that need to call IteratorClose have both
+                // the iterator and the "done" value on the stack.
+                if (stackDepth == tn->stackDepth || stackDepth == tn->stackDepth - 1)
+                    return true;
+                break;
+
+            default:
+                break;
         }
     }
 
@@ -900,7 +920,7 @@ InitFromBailout(JSContext* cx, HandleScript caller, jsbytecode* callerPC,
             // iterators, however, so read them out. They will be closed by
             // HandleExceptionBaseline.
             MOZ_ASSERT(cx->compartment()->isDebuggee());
-            if (iter.moreFrames() || HasLiveIteratorAtStackDepth(script, pc, i + 1)) {
+            if (iter.moreFrames() || HasLiveStackValueAtDepth(script, pc, i + 1)) {
                 v = iter.read();
             } else {
                 iter.skip();
Download as text