[INFER] Leave analysis before possibly reentering the interpreter while finishing incops, bug 658209.
authorBrian Hackett <bhackett1024@gmail.com>
Thu, 19 May 2011 12:33:12 -0700
changeset 75080 47e5a6ca466ed21caef377da15b49c6bf31bbec2
parent 75079 176ee6b37ad0de72cb84125ea0b8eb3538b0b8c2
child 75081 b6cf7f39177f72dfdb84331309313f06b37941c6
push id2
push userbsmedberg@mozilla.com
push dateFri, 19 Aug 2011 14:38:13 +0000
bugs658209
milestone6.0a1
[INFER] Leave analysis before possibly reentering the interpreter while finishing incops, bug 658209.
js/src/jit-test/tests/jaeger/recompile/bug658209.js
js/src/methodjit/InvokeHelpers.cpp
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/jaeger/recompile/bug658209.js
@@ -0,0 +1,10 @@
+for (var i=0; i<20; i++) {
+    (function () {
+        var x;
+        (function () {
+            x = /abc/;
+            x++;
+            gc();
+        })();
+    })();
+}
--- a/js/src/methodjit/InvokeHelpers.cpp
+++ b/js/src/methodjit/InvokeHelpers.cpp
@@ -1315,17 +1315,23 @@ js_InternalInterpret(void *returnData, v
     JaegerSpew(JSpew_Recompile, "interpreter rejoin (file \"%s\") (line \"%d\") (op %s)\n",
                script->filename, script->lineno, OpcodeNames[op]);
 #endif
 
     uint32 nextDepth = uint32(-1);
 
     InterpMode interpMode = JSINTERP_REJOIN;
 
-    if ((cs->format & (JOF_INC | JOF_DEC)) && rejoin != REJOIN_FALLTHROUGH && rejoin != REJOIN_RESUME) {
+    if ((cs->format & (JOF_INC | JOF_DEC)) &&
+        rejoin != REJOIN_FALLTHROUGH && rejoin != REJOIN_RESUME) {
+        /* We may reenter the interpreter while finishing the INC/DEC operation. */
+        nextDepth = analysis->getCode(nextpc).stackDepth;
+        untrap.retrap();
+        enter.leave();
+
         switch (op) {
           case JSOP_INCLOCAL:
           case JSOP_DECLOCAL:
           case JSOP_LOCALINC:
           case JSOP_LOCALDEC:
           case JSOP_INCARG:
           case JSOP_DECARG:
           case JSOP_ARGINC: