Bug 853417 - Prevent self-hosted scripts from ever being visible to client scripts. r=jimb

--HG--
extra : rebase_source : b6f6d5a4ebd990d72d4fce36c5821fd5b3f0c0fb

js/src/jsapi.cpp

@@ -7066,7 +7066,7 @@ JS_DescribeScriptedCaller(JSContext *cx, JSScript **script, unsigned *lineno)
     if (lineno)
         *lineno = 0;
 
-    ScriptFrameIter i(cx);
+    NonBuiltinScriptFrameIter i(cx);
     if (i.done())
         return JS_FALSE;
 

js/src/jsdbgapi.cpp

@@ -84,14 +84,16 @@ js::ScriptDebugPrologue(JSContext *cx, AbstractFramePtr frame)
 {
     JS_ASSERT_IF(frame.isStackFrame(), frame.asStackFrame() == cx->fp());
 
-    if (frame.isFramePushedByExecute()) {
-        if (JSInterpreterHook hook = cx->runtime->debugHooks.executeHook)
-            frame.setHookData(hook(cx, Jsvalify(frame), IsTopFrameConstructing(cx, frame),
-                                   true, 0, cx->runtime->debugHooks.executeHookData));
-    } else {
-        if (JSInterpreterHook hook = cx->runtime->debugHooks.callHook)
-            frame.setHookData(hook(cx, Jsvalify(frame), IsTopFrameConstructing(cx, frame),
-                                   true, 0, cx->runtime->debugHooks.callHookData));
+    if (!frame.script()->selfHosted) {
+        if (frame.isFramePushedByExecute()) {
+            if (JSInterpreterHook hook = cx->runtime->debugHooks.executeHook)
+                frame.setHookData(hook(cx, Jsvalify(frame), IsTopFrameConstructing(cx, frame),
+                                       true, 0, cx->runtime->debugHooks.executeHookData));
+        } else {
+            if (JSInterpreterHook hook = cx->runtime->debugHooks.callHook)
+                frame.setHookData(hook(cx, Jsvalify(frame), IsTopFrameConstructing(cx, frame),
+                                       true, 0, cx->runtime->debugHooks.callHookData));
+        }
     }
 
     RootedValue rval(cx);
@@ -931,7 +933,7 @@ JS_UnwrapObjectAndInnerize(JSObject *obj)
 JS_FRIEND_API(JSBool)
 js_CallContextDebugHandler(JSContext *cx)
 {
-    ScriptFrameIter iter(cx);
+    NonBuiltinScriptFrameIter iter(cx);
     JS_ASSERT(!iter.done());
 
     RootedValue rval(cx);
@@ -955,9 +957,7 @@ JS::DescribeStack(JSContext *cx, unsigned maxFrames)
 {
     Vector<FrameDescription> frames(cx);
 
-    for (ScriptFrameIter i(cx); !i.done(); ++i) {
-        if (i.script()->selfHosted)
-            continue;
+    for (NonBuiltinScriptFrameIter i(cx); !i.done(); ++i) {
         FrameDescription desc;
         desc.script = i.script();
         desc.lineno = PCToLineNumber(i.script(), i.pc());
@@ -1028,7 +1028,7 @@ FormatValue(JSContext *cx, const Value &v, JSAutoByteString &bytes)
 }
 
 static char *
-FormatFrame(JSContext *cx, const ScriptFrameIter &iter, char *buf, int num,
+FormatFrame(JSContext *cx, const NonBuiltinScriptFrameIter &iter, char *buf, int num,
             JSBool showArgs, JSBool showLocals, JSBool showThisProps)
 {
     RootedScript script(cx, iter.script());
@@ -1206,7 +1206,7 @@ JS::FormatStackDump(JSContext *cx, char *buf,
 {
     int num = 0;
 
-    for (ScriptFrameIter i(cx); !i.done(); ++i) {
+    for (NonBuiltinScriptFrameIter i(cx); !i.done(); ++i) {
         buf = FormatFrame(cx, i, buf, num, showArgs, showLocals, showThisProps);
         num++;
     }
@@ -1343,7 +1343,7 @@ JSAbstractFramePtr::evaluateUCInStackFrame(JSContext *cx,
 
 JSBrokenFrameIterator::JSBrokenFrameIterator(JSContext *cx)
 {
-    ScriptFrameIter iter(cx);
+    NonBuiltinScriptFrameIter iter(cx);
     data_ = iter.copyData();
 }
 
@@ -1355,7 +1355,7 @@ JSBrokenFrameIterator::~JSBrokenFrameIterator()
 bool
 JSBrokenFrameIterator::done() const
 {
-    ScriptFrameIter iter(*(StackIter::Data *)data_);
+    NonBuiltinScriptFrameIter iter(*(StackIter::Data *)data_);
     return iter.done();
 }
 
@@ -1363,7 +1363,7 @@ JSBrokenFrameIterator &
 JSBrokenFrameIterator::operator++()
 {
     StackIter::Data *data = (StackIter::Data *)data_;
-    ScriptFrameIter iter(*data);
+    NonBuiltinScriptFrameIter iter(*data);
     ++iter;
     *data = iter.data_;
     return *this;
@@ -1372,20 +1372,20 @@ JSBrokenFrameIterator::operator++()
 JSAbstractFramePtr
 JSBrokenFrameIterator::abstractFramePtr() const
 {
-    ScriptFrameIter iter(*(StackIter::Data *)data_);
+    NonBuiltinScriptFrameIter iter(*(StackIter::Data *)data_);
     return Jsvalify(iter.abstractFramePtr());
 }
 
 jsbytecode *
 JSBrokenFrameIterator::pc() const
 {
-    ScriptFrameIter iter(*(StackIter::Data *)data_);
+    NonBuiltinScriptFrameIter iter(*(StackIter::Data *)data_);
     return iter.pc();
 }
 
 bool
 JSBrokenFrameIterator::isConstructing() const
 {
-    ScriptFrameIter iter(*(StackIter::Data *)data_);
+    NonBuiltinScriptFrameIter iter(*(StackIter::Data *)data_);
     return iter.isConstructing();
 }

js/src/jsscript.cpp

@@ -405,7 +405,8 @@ js::XDRScript(XDRState<mode> *xdr, HandleObject enclosingScope, HandleScript enc
         IsGenerator,
         IsGeneratorExp,
         OwnSource,
-        ExplicitUseStrict
+        ExplicitUseStrict,
+        SelfHosted
     };
 
     uint32_t length, lineno, nslots;
@@ -473,6 +474,8 @@ js::XDRScript(XDRState<mode> *xdr, HandleObject enclosingScope, HandleScript enc
             scriptBits |= (1 << Strict);
         if (script->explicitUseStrict)
             scriptBits |= (1 << ExplicitUseStrict);
+        if (script->selfHosted)
+            scriptBits |= (1 << SelfHosted);
         if (script->bindingsAccessedDynamically)
             scriptBits |= (1 << ContainsDynamicNameAccess);
         if (script->funHasExtensibleScope)
@@ -531,7 +534,8 @@ js::XDRScript(XDRState<mode> *xdr, HandleObject enclosingScope, HandleScript enc
         // staticLevel is set below.
         CompileOptions options(cx);
         options.setVersion(version_)
-               .setNoScriptRval(!!(scriptBits & (1 << NoScriptRval)));
+               .setNoScriptRval(!!(scriptBits & (1 << NoScriptRval)))
+               .setSelfHostingMode(!!(scriptBits & (1 << SelfHosted)));
         ScriptSource *ss;
         if (scriptBits & (1 << OwnSource)) {
             ss = cx->new_<ScriptSource>();

js/src/vm/Stack.h

@@ -2028,7 +2028,7 @@ class ScriptFrameIter : public StackIter
 class NonBuiltinScriptFrameIter : public StackIter
 {
     void settle() {
-        while (!done() && (!isScript() || (isFunctionFrame() && callee()->isSelfHostedBuiltin())))
+        while (!done() && (!isScript() || script()->selfHosted))
             StackIter::operator++();
     }
 
@@ -2036,6 +2036,10 @@ class NonBuiltinScriptFrameIter : public StackIter
     NonBuiltinScriptFrameIter(JSContext *cx, StackIter::SavedOption opt = StackIter::STOP_AT_SAVED)
         : StackIter(cx, opt) { settle(); }
 
+    NonBuiltinScriptFrameIter(const StackIter::Data &data)
+      : StackIter(data)
+    {}
+
     NonBuiltinScriptFrameIter &operator++() { StackIter::operator++(); settle(); return *this; }
 };
 

js/src/vm/Xdr.h

@@ -25,7 +25,7 @@ namespace js {
  * and saved versions. If deserialization fails, the data should be
  * invalidated if possible.
  */
-static const uint32_t XDR_BYTECODE_VERSION = uint32_t(0xb973c0de - 140);
+static const uint32_t XDR_BYTECODE_VERSION = uint32_t(0xb973c0de - 141);
 
 class XDRBuffer {
   public: