Bug 422137 - assertion botch or bogus OOM when decompiling script with debugger trap on JOF_CALL bytecode, r=igor, a1.9=shaver

This commit is contained in:
crowder@fiverocks.com 2008-04-24 11:59:14 -07:00
parent 5e90a6931d
commit fb779b15d3
2 changed files with 53 additions and 17 deletions

View File

@ -107,12 +107,19 @@ js_UntrapScriptCode(JSContext *cx, JSScript *script)
trap = (JSTrap *)trap->links.next) {
if (trap->script == script) {
if (code == script->code) {
code = (jsbytecode *)
JS_malloc(cx, script->length * sizeof(jsbytecode));
jssrcnote *sn, *notes;
size_t nbytes;
nbytes = script->length * sizeof(jsbytecode);
notes = SCRIPT_NOTES(script);
for (sn = notes; !SN_IS_TERMINATOR(sn); sn = SN_NEXT(sn))
continue;
nbytes += (sn - notes + 1) * sizeof *sn;
code = (jsbytecode *) JS_malloc(cx, nbytes);
if (!code)
break;
memcpy(code, script->code,
script->length * sizeof(jsbytecode));
memcpy(code, script->code, nbytes);
}
code[trap->pc - script->code] = trap->op;
}

View File

@ -1606,18 +1606,8 @@ InitSprintStack(JSContext *cx, SprintStack *ss, JSPrinter *jp, uintN depth)
return JS_TRUE;
}
/*
* If nb is non-negative, decompile nb bytecodes starting at pc. Otherwise
* the decompiler starts at pc and continues until it reaches an opcode for
* which decompiling would result in the stack depth equaling -(nb + 1).
*
* The nextop parameter is either JSOP_NOP or the "next" opcode in order of
* abstract interpretation (not necessarily physically next in a bytecode
* vector). So nextop is JSOP_POP for the last operand in a comma expression,
* or JSOP_AND for the right operand of &&.
*/
static jsbytecode *
Decompile(SprintStack *ss, jsbytecode *pc, intN nb, JSOp nextop)
static JS_INLINE jsbytecode *
DecompileBytecode(SprintStack *ss, jsbytecode *pc, intN nb, JSOp nextop)
{
JSContext *cx;
JSPrinter *jp, *jp2;
@ -1724,7 +1714,6 @@ Decompile(SprintStack *ss, jsbytecode *pc, intN nb, JSOp nextop)
JS_END_MACRO
cx = ss->sprinter.context;
JS_CHECK_RECURSION(cx, return NULL);
jp = ss->printer;
startpc = pc;
@ -4551,6 +4540,46 @@ Decompile(SprintStack *ss, jsbytecode *pc, intN nb, JSOp nextop)
return pc;
}
/*
* If nb is non-negative, decompile nb bytecodes starting at pc. Otherwise
* the decompiler starts at pc and continues until it reaches an opcode for
* which decompiling would result in the stack depth equaling -(nb + 1).
*
* The nextop parameter is either JSOP_NOP or the "next" opcode in order of
* abstract interpretation (not necessarily physically next in a bytecode
* vector). So nextop is JSOP_POP for the last operand in a comma expression,
* or JSOP_AND for the right operand of &&.
*/
static jsbytecode *
Decompile(SprintStack *ss, jsbytecode *pc, intN nb, JSOp nextop)
{
JSContext *cx;
JSPrinter *jp;
jsbytecode *oldcode, *oldmain, *code;
cx = ss->sprinter.context;
JS_CHECK_RECURSION(cx, return NULL);
jp = ss->printer;
oldcode = jp->script->code;
oldmain = jp->script->main;
code = js_UntrapScriptCode(cx, jp->script);
if (code != oldcode) {
jp->script->code = code;
jp->script->main = code + (oldmain - jp->script->code);
pc = code + (pc - oldcode);
}
pc = DecompileBytecode(ss, pc, nb, nextop);
if (code != oldcode) {
JS_free(cx, jp->script->code);
jp->script->code = oldcode;
jp->script->main = oldmain;
}
return (pc ? pc - code + oldcode : NULL);
}
static JSBool
DecompileCode(JSPrinter *jp, JSScript *script, jsbytecode *pc, uintN len,
uintN pcdepth)