Bug 983029. Make sure to observe stack discipline for Rooted when initializing a WebIDL union containing the 'object' type. r=khuey
authorBoris Zbarsky <bzbarsky@mit.edu>
Fri, 14 Mar 2014 14:50:39 -0400
changeset 173698 f9790cf27463c72f73eb359b84aaeb5c2f902c09
parent 173697 7d192442dfca1bdb9cdb07f5f6380c1710ef4360
child 173699 69473c50b7d8a7f6a956975ffa8c5e6fb56ad05b
push id26415
push userkwierso@gmail.com
push dateSat, 15 Mar 2014 05:20:40 +0000
treeherdermozilla-central@82c90c17fc95 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskhuey
bugs983029
milestone30.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 983029. Make sure to observe stack discipline for Rooted when initializing a WebIDL union containing the 'object' type. r=khuey
dom/bindings/Codegen.py
--- a/dom/bindings/Codegen.py
+++ b/dom/bindings/Codegen.py
@@ -3271,17 +3271,20 @@ while (true) {
             setDictionary = CGGeneric("done = (failed = !%s.TrySetTo%s(cx, ${val}, ${mutableVal}, tryNext)) || !tryNext;" % (unionArgumentObj, name))
             names.append(name)
         else:
             setDictionary = None
 
         objectMemberTypes = filter(lambda t: t.isObject(), memberTypes)
         if len(objectMemberTypes) > 0:
             assert len(objectMemberTypes) == 1
-            object = CGGeneric("%s.SetToObject(cx, argObj);\n"
+            # Very important to NOT construct a temporary Rooted here, since the
+            # SetToObject call can call a Rooted constructor and we need to keep
+            # stack discipline for Rooted.
+            object = CGGeneric("%s.SetToObject(cx, &${val}.toObject());\n"
                                "done = true;" % unionArgumentObj)
             names.append(objectMemberTypes[0].name)
         else:
             object = None
 
         hasObjectTypes = interfaceObject or arrayObject or dateObject or callbackObject or object
         if hasObjectTypes:
             # "object" is not distinguishable from other types
@@ -3298,17 +3301,17 @@ while (true) {
             if interfaceObject:
                 assert not object
                 if templateBody:
                     templateBody = CGIfWrapper(templateBody, "!done")
                 templateBody = CGList([interfaceObject, templateBody], "\n")
             else:
                 templateBody = CGList([templateBody, object], "\n")
 
-            if any([arrayObject, dateObject, callbackObject, object]):
+            if dateObject:
                 templateBody.prepend(CGGeneric("JS::Rooted<JSObject*> argObj(cx, &${val}.toObject());"))
             templateBody = CGIfWrapper(templateBody, "${val}.isObject()")
         else:
             templateBody = CGGeneric()
 
         if setDictionary:
             assert not object
             templateBody = CGList([templateBody,