From f178f5f002316da9211cb9824f5e5a199e79c0b2 Mon Sep 17 00:00:00 2001
From: Shu-yu Guo <shu@rfrn.org>
Date: Wed, 17 Jun 2015 21:26:57 -0700
Subject: [PATCH] Bug 1165486 - Rebase yield offsets when cloning scripts.
 (r=jandem)

---
 js/src/jsscript.cpp |  3 +++
 js/src/jsscript.h   | 23 +++++++++++++----------
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/js/src/jsscript.cpp b/js/src/jsscript.cpp
index 7b4960e9e61..01047da81e4 100644
--- a/js/src/jsscript.cpp
+++ b/js/src/jsscript.cpp
@@ -3104,6 +3104,7 @@ js::detail::CopyScript(JSContext* cx, HandleObject scriptStaticScope, HandleScri
     uint32_t nregexps  = src->hasRegexps()  ? src->regexps()->length  : 0;
     uint32_t ntrynotes = src->hasTrynotes() ? src->trynotes()->length : 0;
     uint32_t nblockscopes = src->hasBlockScopes() ? src->blockScopes()->length : 0;
+    uint32_t nyieldoffsets = src->hasYieldOffsets() ? src->yieldOffsets().length() : 0;
 
     /* Script data */
 
@@ -3248,6 +3249,8 @@ js::detail::CopyScript(JSContext* cx, HandleObject scriptStaticScope, HandleScri
         dst->trynotes()->vector = Rebase<JSTryNote>(dst, src, src->trynotes()->vector);
     if (nblockscopes != 0)
         dst->blockScopes()->vector = Rebase<BlockScopeNote>(dst, src, src->blockScopes()->vector);
+    if (nyieldoffsets != 0)
+        dst->yieldOffsets().vector_ = Rebase<uint32_t>(dst, src, src->yieldOffsets().vector_);
 
     /*
      * Function delazification assumes that their script does not have a
diff --git a/js/src/jsscript.h b/js/src/jsscript.h
index 4280ad4b7b8..c8dd0a66fda 100644
--- a/js/src/jsscript.h
+++ b/js/src/jsscript.h
@@ -55,6 +55,15 @@ namespace frontend {
     class UpvarCookie;
 }
 
+namespace detail {
+
+// Do not call this directly! It is exposed for the friend declarations in
+// this file.
+bool
+CopyScript(JSContext* cx, HandleObject scriptStaticScope, HandleScript src, HandleScript dst);
+
+} // namespace detail
+
 }
 
 /*
@@ -130,6 +139,10 @@ struct BlockScopeArray {
 };
 
 class YieldOffsetArray {
+    friend bool
+    detail::CopyScript(JSContext* cx, HandleObject scriptStaticScope, HandleScript src,
+                       HandleScript dst);
+
     uint32_t*       vector_;   // Array of bytecode offsets.
     uint32_t        length_;    // Count of bytecode offsets.
 
@@ -767,16 +780,6 @@ template<XDRMode mode>
 bool
 XDRScriptConst(XDRState<mode>* xdr, MutableHandleValue vp);
 
-
-namespace detail {
-
-// Do not call this directly! It is exposed for the friend declaration in
-// JSScript.
-bool
-CopyScript(JSContext* cx, HandleObject scriptStaticScope, HandleScript src, HandleScript dst);
-
-} // namespace detail
-
 } /* namespace js */
 
 class JSScript : public js::gc::TenuredCell