Bug 1083232. Don't refcount the principals in FrameState, since it has stack lifetime and the principals will be kept alive by the JS stack while he FrameState is alive. r=fitzgen
--- a/js/src/vm/SavedStacks.cpp
+++ b/js/src/vm/SavedStacks.cpp
@@ -743,32 +743,27 @@ SavedStacks::chooseSamplingProbability(J
allocationSamplingProbability = allocationTrackingDbg->allocationSamplingProbability;
}
SavedStacks::FrameState::FrameState(const FrameIter &iter)
: principals(iter.compartment()->principals),
name(iter.isNonEvalFunctionFrame() ? iter.functionDisplayAtom() : nullptr),
location()
{
- if (principals)
- JS_HoldPrincipals(principals);
}
SavedStacks::FrameState::FrameState(const FrameState &fs)
: principals(fs.principals),
name(fs.name),
location(fs.location)
{
- if (principals)
- JS_HoldPrincipals(principals);
}
-SavedStacks::FrameState::~FrameState() {
- if (principals)
- JS_DropPrincipals(TlsPerThreadData.get()->runtimeFromMainThread(), principals);
+SavedStacks::FrameState::~FrameState()
+{
}
void
SavedStacks::FrameState::trace(JSTracer *trc) {
if (name)
gc::MarkStringUnbarriered(trc, &name, "SavedStacks::FrameState::name");
location.trace(trc);
}
--- a/js/src/vm/SavedStacks.h
+++ b/js/src/vm/SavedStacks.h
@@ -228,16 +228,19 @@ class SavedStacks {
FrameState() : principals(nullptr), name(nullptr), location() { }
explicit FrameState(const FrameIter &iter);
FrameState(const FrameState &fs);
~FrameState();
void trace(JSTracer *trc);
+ // Note: we don't have to hold/drop principals, because we're
+ // only alive while the stack is being walked and during this
+ // time the principals are kept alive by the stack itself.
JSPrincipals *principals;
JSAtom *name;
LocationValue location;
};
class MOZ_STACK_CLASS AutoFrameStateVector : public JS::CustomAutoRooter {
public:
explicit AutoFrameStateVector(JSContext *cx)