bug 716512 - make sure that gcparam in shell cannot set MAX_GC_BYTES to a value les than the current GC_BYTES. r=anygregor
authorIgor Bukanov <igor@mir2.org>
Mon, 09 Jan 2012 15:23:36 +0100
changeset 85259 a85cf7f0d235e543276ec1cedd118da02c190bc1
parent 85258 6f54fcb4f7005104e5634f63fdc9e8a5c75b3e2f
child 85260 b6c60a28454d68d2bab7899c164ca8205dc8e5ed
push id805
push userakeybl@mozilla.com
push dateWed, 01 Feb 2012 18:17:35 +0000
treeherdermozilla-aurora@6fb3bf232436 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersanygregor
bugs716512
milestone12.0a1
bug 716512 - make sure that gcparam in shell cannot set MAX_GC_BYTES to a value les than the current GC_BYTES. r=anygregor
js/src/shell/js.cpp
js/src/tests/js1_6/extensions/regress-456826.js
--- a/js/src/shell/js.cpp
+++ b/js/src/shell/js.cpp
@@ -1249,54 +1249,66 @@ GCParameter(JSContext *cx, uintN argc, j
         str = JS_ValueToString(cx, vp[2]);
         if (!str)
             return JS_FALSE;
         vp[2] = STRING_TO_JSVAL(str);
     }
 
     JSFlatString *flatStr = JS_FlattenString(cx, str);
     if (!flatStr)
-        return JS_FALSE;
+        return false;
 
     size_t paramIndex = 0;
     for (;; paramIndex++) {
         if (paramIndex == ArrayLength(paramMap)) {
             JS_ReportError(cx,
                            "the first argument argument must be maxBytes, "
                            "maxMallocBytes, gcStackpoolLifespan, gcBytes or "
                            "gcNumber");
-            return JS_FALSE;
+            return false;
         }
         if (JS_FlatStringEqualsAscii(flatStr, paramMap[paramIndex].name))
             break;
     }
     JSGCParamKey param = paramMap[paramIndex].param;
 
     if (argc == 1) {
         uint32_t value = JS_GetGCParameter(cx->runtime, param);
         return JS_NewNumberValue(cx, value, &vp[0]);
     }
 
     if (param == JSGC_NUMBER ||
         param == JSGC_BYTES) {
         JS_ReportError(cx, "Attempt to change read-only parameter %s",
                        paramMap[paramIndex].name);
-        return JS_FALSE;
+        return false;
     }
 
     uint32_t value;
     if (!JS_ValueToECMAUint32(cx, vp[3], &value)) {
         JS_ReportError(cx,
                        "the second argument must be convertable to uint32_t "
                        "with non-zero value");
-        return JS_FALSE;
-    }
+        return false;
+    }
+
+    if (param == JSGC_MAX_BYTES) {
+        uint32_t gcBytes = JS_GetGCParameter(cx->runtime, JSGC_BYTES);
+        if (value < gcBytes) {
+            JS_ReportError(cx,
+                           "attempt to set maxBytes to the value less than the current "
+                           "gcBytes (%u)",
+                           gcBytes);
+            return false;
+        }
+    }
+
     JS_SetGCParameter(cx->runtime, param, value);
     *vp = JSVAL_VOID;
-    return JS_TRUE;
+    return true;
 }
 
 static JSBool
 InternalConst(JSContext *cx, uintN argc, jsval *vp)
 {
     if (argc != 1) {
         JS_ReportError(cx, "the function takes exactly one argument");
         return false;
@@ -2008,51 +2020,51 @@ TryNotes(JSContext *cx, JSScript *script
 
 static bool
 DisassembleScript(JSContext *cx, JSScript *script, JSFunction *fun, bool lines, bool recursive,
                   Sprinter *sp)
 {
     if (fun && (fun->flags & ~7U)) {
         uint16_t flags = fun->flags;
         Sprint(sp, "flags:");
-        
+
 #define SHOW_FLAG(flag) if (flags & JSFUN_##flag) Sprint(sp, " " #flag);
-        
+
         SHOW_FLAG(LAMBDA);
         SHOW_FLAG(HEAVYWEIGHT);
         SHOW_FLAG(EXPR_CLOSURE);
-        
+
 #undef SHOW_FLAG
-        
+
         if (fun->isNullClosure())
             Sprint(sp, " NULL_CLOSURE");
         else if (fun->isFlatClosure())
             Sprint(sp, " FLAT_CLOSURE");
-        
+
         JSScript *script = fun->script();
         if (script->bindings.hasUpvars()) {
             Sprint(sp, "\nupvars: {\n");
-            
+
             Vector<JSAtom *> localNames(cx);
             if (!script->bindings.getLocalNameArray(cx, &localNames))
                 return false;
-            
+
             JSUpvarArray *uva = script->upvars();
             uintN upvar_base = script->bindings.countArgsAndVars();
-            
+
             for (uint32_t i = 0, n = uva->length; i < n; i++) {
                 JSAtom *atom = localNames[upvar_base + i];
                 UpvarCookie cookie = uva->vector[i];
                 JSAutoByteString printable;
                 if (js_AtomToPrintableString(cx, atom, &printable)) {
                     Sprint(sp, "  %s: {skip:%u, slot:%u},\n",
                            printable.ptr(), cookie.level(), cookie.slot());
                 }
             }
-            
+
             Sprint(sp, "}");
         }
         Sprint(sp, "\n");
     }
 
     if (!js_Disassemble(cx, script, lines, sp))
         return false;
     SrcNotes(cx, script, sp);
@@ -2185,17 +2197,17 @@ Disassemble(JSContext *cx, uintN argc, j
 
 static JSBool
 DisassFile(JSContext *cx, uintN argc, jsval *vp)
 {
     /* Support extra options at the start, just like Dissassemble. */
     DisassembleOptionParser p(argc, JS_ARGV(cx, vp));
     if (!p.parse(cx))
         return false;
-    
+
     if (!p.argc) {
         JS_SET_RVAL(cx, vp, JSVAL_VOID);
         return JS_TRUE;
     }
 
     JSObject *thisobj = JS_THIS_OBJECT(cx, vp);
     if (!thisobj)
         return JS_FALSE;
@@ -2217,17 +2229,17 @@ DisassFile(JSContext *cx, uintN argc, js
     LifoAllocScope las(&cx->tempLifoAlloc());
     Sprinter sprinter;
     INIT_SPRINTER(cx, &sprinter, &cx->tempLifoAlloc(), 0);
     bool ok = DisassembleScript(cx, script, NULL, p.lines, p.recursive, &sprinter);
     if (ok)
         fprintf(stdout, "%s\n", sprinter.base);
     if (!ok)
         return false;
-    
+
     JS_SET_RVAL(cx, vp, JSVAL_VOID);
     return true;
 }
 
 static JSBool
 DisassWithSrc(JSContext *cx, uintN argc, jsval *vp)
 {
 #define LINE_BUF_LEN 512
@@ -5028,17 +5040,17 @@ BindScriptArgs(JSContext *cx, JSObject *
     RootObject root(cx, &obj);
 
     MultiStringRange msr = op->getMultiStringArg("scriptArgs");
     RootedVarObject scriptArgs(cx);
     scriptArgs = JS_NewArrayObject(cx, 0, NULL);
     if (!scriptArgs)
         return false;
 
-    /* 
+    /*
      * Script arguments are bound as a normal |arguments| property on the
      * global object. It has no special significance, like |arguments| in
      * function scope does -- this identifier is used de-facto across shell
      * implementations, see bug 675269.
      */
     if (!JS_DefineProperty(cx, obj, "arguments", OBJECT_TO_JSVAL(scriptArgs), NULL, NULL, 0))
         return false;
 
@@ -5217,17 +5229,17 @@ Shell(JSContext *cx, OptionParser *op, c
             JSDB_TermDebugger(jsdc);
 #endif /* JSDEBUGGER_C_UI */
         JSD_DebuggerOff(jsdc);
     }
 #endif  /* JSDEBUGGER */
 
     if (enableDisassemblyDumps)
         JS_DumpCompartmentPCCounts(cx);
- 
+
     return result;
 }
 
 static void
 MaybeOverrideOutFileFromEnv(const char* const envVar,
                             FILE* defaultOut,
                             FILE** outFile)
 {
@@ -5370,17 +5382,17 @@ main(int argc, char **argv, char **envp)
       case OptionParser::Okay:
         break;
     }
 
     if (op.getHelpOption())
         return EXIT_SUCCESS;
 
 #ifdef DEBUG
-    /* 
+    /*
      * Process OOM options as early as possible so that we can observe as many
      * allocations as possible.
      */
     if (op.getIntOption('A') >= 0)
         OOM_maxAllocations = op.getIntOption('A');
     if (op.getBoolOption('O'))
         OOM_printAllocationCount = true;
 #endif
--- a/js/src/tests/js1_6/extensions/regress-456826.js
+++ b/js/src/tests/js1_6/extensions/regress-456826.js
@@ -51,17 +51,19 @@ function test()
   enterFunc ('test');
   printBugNumber(BUGNUMBER);
   printStatus (summary);
 
   jit(true);
 
   if (typeof gcparam != 'undefined')
   {
-    gcparam("maxBytes", 22000);
+    gc();
+    gc();
+    gcparam("maxBytes", gcparam("gcBytes") + 4*1024);
     expectExitCode(5);
   }
 
   const numRows = 600;
   const numCols = 600;
   var scratch = {};
   var scratchZ = {};