[INFER] Fix bogus assert, allow Disassemble() to be called during GC/arena traversal, bug 684281.

2024-09-13 09:24:08 -07:00 · 2011-09-04 13:34:38 -07:00 · 2011-09-04 13:34:38 -07:00 · 2ac6308262
commit 2ac6308262
parent 27f0eb5880
3 changed files with 34 additions and 29 deletions
--- a/js/src/jsinfer.cpp
+++ b/js/src/jsinfer.cpp
@ -2346,28 +2346,6 @@ ScriptAnalysis::addSingletonTypeBarrier(JSContext *cx, const jsbytecode *pc, Typ
    code.typeBarriers = barrier;
 }

-static void
-PrintScriptTypeCallback(JSContext *cx, void *data, void *thing,
-                        JSGCTraceKind traceKind, size_t thingSize)
-{
-    JS_ASSERT(!data);
-    JS_ASSERT(traceKind == JSTRACE_SCRIPT);
-    JSScript *script = static_cast<JSScript *>(thing);
-    if (script->hasAnalysis() && script->analysis()->ranInference())
-        script->analysis()->printTypes(cx);
-}
-
-#ifdef DEBUG
-static void
-PrintObjectCallback(JSContext *cx, void *data, void *thing,
-                    JSGCTraceKind traceKind, size_t thingSize)
-{
-    JS_ASSERT(traceKind == JSTRACE_OBJECT);
-    TypeObject *object = (TypeObject *) thing;
-    object->print(cx);
-}
-#endif
-
 void
 TypeCompartment::print(JSContext *cx, bool force)
 {
@ -2376,15 +2354,16 @@ TypeCompartment::print(JSContext *cx, bool force)
    if (!force && !InferSpewActive(ISpewResult))
        return;

-    {
-        AutoUnlockGC unlock(cx->runtime);
-        IterateCells(cx, compartment, gc::FINALIZE_SCRIPT, cx, PrintScriptTypeCallback);
+    for (gc::CellIter i(cx, compartment, gc::FINALIZE_SCRIPT); !i.done(); i.next()) {
+        JSScript *script = i.get<JSScript>();
+        if (script->hasAnalysis() && script->analysis()->ranInference())
+            script->analysis()->printTypes(cx);
    }

 #ifdef DEBUG
-    {
-        AutoUnlockGC unlock(cx->runtime);
-        IterateCells(cx, compartment, gc::FINALIZE_TYPE_OBJECT, NULL, PrintObjectCallback);
+    for (gc::CellIter i(cx, compartment, gc::FINALIZE_TYPE_OBJECT); !i.done(); i.next()) {
+        TypeObject *object = i.get<TypeObject>();
+        object->print(cx);
    }
 #endif

--- a/js/src/jsobjinlines.h
+++ b/js/src/jsobjinlines.h
@ -143,7 +143,7 @@ JSObject::getProperty(JSContext *cx, JSObject *receiver, jsid id, js::Value *vp)
    } else {
        if (!js_GetProperty(cx, this, receiver, id, vp))
            return false;
-        JS_ASSERT_IF(!hasSingletonType(),
+        JS_ASSERT_IF(!hasSingletonType() && nativeContains(js_CheckForStringIndex(id)),
                     js::types::TypeHasProperty(cx, type(), id, *vp));
    }
    return true;
--- a/js/src/jsopcode.cpp
+++ b/js/src/jsopcode.cpp
@ -359,9 +359,35 @@ js_DumpScript(JSContext *cx, JSScript *script)
    return ok;
 }

+static char *
+QuoteString(Sprinter *sp, JSString *str, uint32 quote);
+
 static bool
 ToDisassemblySource(JSContext *cx, jsval v, JSAutoByteString *bytes)
 {
+    if (JSVAL_IS_STRING(v)) {
+        Sprinter sprinter;
+        void *mark = JS_ARENA_MARK(&cx->tempPool);
+        INIT_SPRINTER(cx, &sprinter, &cx->tempPool, 0);
+        char *nbytes = QuoteString(&sprinter, JSVAL_TO_STRING(v), '"');
+        if (!nbytes)
+            return false;
+        nbytes = JS_sprintf_append(NULL, "%s", nbytes);
+        JS_ARENA_RELEASE(&cx->tempPool, mark);
+        if (!nbytes)
+            return false;
+        bytes->initBytes(nbytes);
+        return true;
+    }
+
+    if (cx->runtime->gcRunning || JS_THREAD_DATA(cx)->noGCOrAllocationCheck) {
+        char *source = JS_sprintf_append(NULL, "<value>");
+        if (!source)
+            return false;
+        bytes->initBytes(source);
+        return true;
+    }
+
    if (!JSVAL_IS_PRIMITIVE(v)) {
        JSObject *obj = JSVAL_TO_OBJECT(v);
        Class *clasp = obj->getClass();