mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 422137 - assertion botch or bogus OOM when decompiling script with debugger trap on JOF_CALL bytecode, r=igor, a1.9=shaver
This commit is contained in:
parent
5e90a6931d
commit
fb779b15d3
@ -107,12 +107,19 @@ js_UntrapScriptCode(JSContext *cx, JSScript *script)
|
||||
trap = (JSTrap *)trap->links.next) {
|
||||
if (trap->script == script) {
|
||||
if (code == script->code) {
|
||||
code = (jsbytecode *)
|
||||
JS_malloc(cx, script->length * sizeof(jsbytecode));
|
||||
jssrcnote *sn, *notes;
|
||||
size_t nbytes;
|
||||
|
||||
nbytes = script->length * sizeof(jsbytecode);
|
||||
notes = SCRIPT_NOTES(script);
|
||||
for (sn = notes; !SN_IS_TERMINATOR(sn); sn = SN_NEXT(sn))
|
||||
continue;
|
||||
nbytes += (sn - notes + 1) * sizeof *sn;
|
||||
|
||||
code = (jsbytecode *) JS_malloc(cx, nbytes);
|
||||
if (!code)
|
||||
break;
|
||||
memcpy(code, script->code,
|
||||
script->length * sizeof(jsbytecode));
|
||||
memcpy(code, script->code, nbytes);
|
||||
}
|
||||
code[trap->pc - script->code] = trap->op;
|
||||
}
|
||||
|
@ -1606,18 +1606,8 @@ InitSprintStack(JSContext *cx, SprintStack *ss, JSPrinter *jp, uintN depth)
|
||||
return JS_TRUE;
|
||||
}
|
||||
|
||||
/*
|
||||
* If nb is non-negative, decompile nb bytecodes starting at pc. Otherwise
|
||||
* the decompiler starts at pc and continues until it reaches an opcode for
|
||||
* which decompiling would result in the stack depth equaling -(nb + 1).
|
||||
*
|
||||
* The nextop parameter is either JSOP_NOP or the "next" opcode in order of
|
||||
* abstract interpretation (not necessarily physically next in a bytecode
|
||||
* vector). So nextop is JSOP_POP for the last operand in a comma expression,
|
||||
* or JSOP_AND for the right operand of &&.
|
||||
*/
|
||||
static jsbytecode *
|
||||
Decompile(SprintStack *ss, jsbytecode *pc, intN nb, JSOp nextop)
|
||||
static JS_INLINE jsbytecode *
|
||||
DecompileBytecode(SprintStack *ss, jsbytecode *pc, intN nb, JSOp nextop)
|
||||
{
|
||||
JSContext *cx;
|
||||
JSPrinter *jp, *jp2;
|
||||
@ -1724,7 +1714,6 @@ Decompile(SprintStack *ss, jsbytecode *pc, intN nb, JSOp nextop)
|
||||
JS_END_MACRO
|
||||
|
||||
cx = ss->sprinter.context;
|
||||
JS_CHECK_RECURSION(cx, return NULL);
|
||||
|
||||
jp = ss->printer;
|
||||
startpc = pc;
|
||||
@ -4551,6 +4540,46 @@ Decompile(SprintStack *ss, jsbytecode *pc, intN nb, JSOp nextop)
|
||||
return pc;
|
||||
}
|
||||
|
||||
/*
|
||||
* If nb is non-negative, decompile nb bytecodes starting at pc. Otherwise
|
||||
* the decompiler starts at pc and continues until it reaches an opcode for
|
||||
* which decompiling would result in the stack depth equaling -(nb + 1).
|
||||
*
|
||||
* The nextop parameter is either JSOP_NOP or the "next" opcode in order of
|
||||
* abstract interpretation (not necessarily physically next in a bytecode
|
||||
* vector). So nextop is JSOP_POP for the last operand in a comma expression,
|
||||
* or JSOP_AND for the right operand of &&.
|
||||
*/
|
||||
static jsbytecode *
|
||||
Decompile(SprintStack *ss, jsbytecode *pc, intN nb, JSOp nextop)
|
||||
{
|
||||
JSContext *cx;
|
||||
JSPrinter *jp;
|
||||
jsbytecode *oldcode, *oldmain, *code;
|
||||
|
||||
cx = ss->sprinter.context;
|
||||
JS_CHECK_RECURSION(cx, return NULL);
|
||||
|
||||
jp = ss->printer;
|
||||
oldcode = jp->script->code;
|
||||
oldmain = jp->script->main;
|
||||
code = js_UntrapScriptCode(cx, jp->script);
|
||||
if (code != oldcode) {
|
||||
jp->script->code = code;
|
||||
jp->script->main = code + (oldmain - jp->script->code);
|
||||
pc = code + (pc - oldcode);
|
||||
}
|
||||
|
||||
pc = DecompileBytecode(ss, pc, nb, nextop);
|
||||
|
||||
if (code != oldcode) {
|
||||
JS_free(cx, jp->script->code);
|
||||
jp->script->code = oldcode;
|
||||
jp->script->main = oldmain;
|
||||
}
|
||||
return (pc ? pc - code + oldcode : NULL);
|
||||
}
|
||||
|
||||
static JSBool
|
||||
DecompileCode(JSPrinter *jp, JSScript *script, jsbytecode *pc, uintN len,
|
||||
uintN pcdepth)
|
||||
|
Loading…
Reference in New Issue
Block a user