wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 480244 - Prevent recording of treecalls when function calls with extra args are in pending frames, r=gal.

Browse Source
This commit is contained in:
Graydon Hoare 2009-03-03 16:03:45 -08:00
parent 3067959f6b
commit e24ed2b771
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
js/src/jstracer.cpp
View File

@ -3571,6 +3571,13 @@ js_RecordLoopEdge(JSContext* cx, TraceRecorder* r, uintN& inlineCallCount)
Fragment* f = getLoop(&JS_TRACE_MONITOR(cx), cx->fp->regs->pc, ti->globalShape);
if (nesting_enabled && f) {
/* Cannot handle treecalls with callDepth > 0 and argc > nargs, see bug 480244. */
if (r->getCallDepth() > 0 &&
cx->fp->argc > cx->fp->fun->nargs) {
js_AbortRecording(cx, "Can't call inner tree with extra args in pending frame");
return false;
}
/* Make sure inner tree call will not run into an out-of-memory condition. */
if (tm->reservedDoublePoolPtr < (tm->reservedDoublePool + MAX_NATIVE_STACK_SLOTS) &&
!js_ReplenishReservedPool(cx, tm)) {