wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

[INFER] Always mark overflows for slowpath incops, bug 646594.

Browse Source
This commit is contained in:
Brian Hackett 2011-03-30 15:01:31 -07:00
parent 0efc0215e7
commit 47fe3ec386
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
js/src/jsinterp.cpp
View File

@ -4174,7 +4174,7 @@ do_incop:
goto error; goto error;
if (!cx->typeMonitorAssign(obj, id, regs.sp[-1])) if (!cx->typeMonitorAssign(obj, id, regs.sp[-1]))
goto error; goto error;
if (!regs.sp[-1].isInt32() && !script->typeMonitorOverflow(cx, regs.pc)) if (!script->typeMonitorOverflow(cx, regs.pc))
goto error; goto error;
regs.fp->setAssigning(); regs.fp->setAssigning();
JSBool ok = obj->setProperty(cx, id, &regs.sp[-1], script->strictModeCode); JSBool ok = obj->setProperty(cx, id, &regs.sp[-1], script->strictModeCode);
@ -4248,7 +4248,7 @@ BEGIN_CASE(JSOP_LOCALINC)
PUSH_COPY(*vp); PUSH_COPY(*vp);
if (!js_DoIncDec(cx, &js_CodeSpec[op], &regs.sp[-1], vp)) if (!js_DoIncDec(cx, &js_CodeSpec[op], &regs.sp[-1], vp))
goto error; goto error;
if (!vp->isInt32() && !script->typeMonitorOverflow(cx, regs.pc)) if (!script->typeMonitorOverflow(cx, regs.pc))
goto error; goto error;
} }
len = JSOP_INCARG_LENGTH; len = JSOP_INCARG_LENGTH;

3
js/src/methodjit/StubCalls.cpp
View File

@ -1691,7 +1691,8 @@ ObjIncOp(VMFrame &f, JSObject *obj, jsid id)
d += N; d += N;
ref.setNumber(d); ref.setNumber(d);
} }
if (!v.setNumber(d) && !f.script()->typeMonitorOverflow(cx, f.pc())) v.setNumber(d);
if (!f.script()->typeMonitorOverflow(cx, f.pc()))
return false; return false;
if (!cx->typeMonitorAssign(obj, id, v)) if (!cx->typeMonitorAssign(obj, id, v))
return false; return false;