From 6b895feec3ac492bc0d098dcfa30a506827c529d Mon Sep 17 00:00:00 2001
From: Nick Fitzgerald <fitzgen@gmail.com>
Date: Tue, 24 Feb 2015 10:35:00 +0100
Subject: [PATCH] Bug 1135827 - Don't root more times than necessary in
 js::SavedStacks::insertFrames. r=jimb

---
 js/src/vm/SavedStacks.cpp |  6 +++---
 js/src/vm/SavedStacks.h   | 14 +++++++++++++-
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/js/src/vm/SavedStacks.cpp b/js/src/vm/SavedStacks.cpp
index b9b54fa0ef4..fd40da4eeb3 100644
--- a/js/src/vm/SavedStacks.cpp
+++ b/js/src/vm/SavedStacks.cpp
@@ -78,7 +78,7 @@ class MOZ_STACK_CLASS SavedFrame::AutoLookupVector : public JS::CustomAutoRooter
 
     typedef Vector<Lookup, 20> LookupVector;
     inline LookupVector *operator->() { return &lookups; }
-    inline Lookup &operator[](size_t i) { return lookups[i]; }
+    inline HandleLookup operator[](size_t i) { return HandleLookup(lookups[i]); }
 
   private:
     LookupVector lookups;
@@ -628,7 +628,7 @@ SavedStacks::insertFrames(JSContext *cx, FrameIter &iter, MutableHandleSavedFram
     // actual SavedFrame instances.
     RootedSavedFrame parentFrame(cx, nullptr);
     for (size_t i = stackChain->length(); i != 0; i--) {
-        SavedFrame::AutoLookupRooter lookup(cx, &stackChain[i-1]);
+        SavedFrame::HandleLookup lookup = stackChain[i-1];
         lookup->parent = parentFrame;
         parentFrame.set(getOrCreateSavedFrame(cx, lookup));
         if (!parentFrame)
@@ -642,7 +642,7 @@ SavedStacks::insertFrames(JSContext *cx, FrameIter &iter, MutableHandleSavedFram
 SavedFrame *
 SavedStacks::getOrCreateSavedFrame(JSContext *cx, SavedFrame::HandleLookup lookup)
 {
-    const SavedFrame::Lookup &lookupInstance = *lookup;
+    const SavedFrame::Lookup &lookupInstance = lookup.get();
     DependentAddPtr<SavedFrame::Set> p(cx, frames, lookupInstance);
     if (p)
         return *p;
diff --git a/js/src/vm/SavedStacks.h b/js/src/vm/SavedStacks.h
index 6656a7aae77..234caec290a 100644
--- a/js/src/vm/SavedStacks.h
+++ b/js/src/vm/SavedStacks.h
@@ -56,9 +56,21 @@ class SavedFrame : public NativeObject {
                     SystemAllocPolicy> Set;
 
     typedef RootedGeneric<Lookup*> AutoLookupRooter;
-    typedef AutoLookupRooter &HandleLookup;
+
     class AutoLookupVector;
 
+    class MOZ_STACK_CLASS HandleLookup {
+        friend class AutoLookupVector;
+
+        Lookup &lookup;
+
+        explicit HandleLookup(Lookup &lookup) : lookup(lookup) { }
+
+      public:
+        inline Lookup &get() { return lookup; }
+        inline Lookup *operator->() { return &lookup; }
+    };
+
   private:
     static bool finishSavedFrameInit(JSContext *cx, HandleObject ctor, HandleObject proto);
     void initFromLookup(HandleLookup lookup);