Bug 1530364 - Ensure compartment always has a live global when creating a new global in it. r=bzbarsky
authorJan de Mooij <jdemooij@mozilla.com>
Wed, 13 Mar 2019 08:24:36 +0000
changeset 521665 7f3111601872
parent 521664 c4a4baf50679
child 521666 d7348960f8da
push id10867
push userdvarga@mozilla.com
push dateThu, 14 Mar 2019 15:20:45 +0000
treeherdermozilla-beta@abad13547875 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbzbarsky
bugs1530364
milestone67.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1530364 - Ensure compartment always has a live global when creating a new global in it. r=bzbarsky Differential Revision: https://phabricator.services.mozilla.com/D23287
js/src/vm/GlobalObject.cpp
--- a/js/src/vm/GlobalObject.cpp
+++ b/js/src/vm/GlobalObject.cpp
@@ -565,16 +565,27 @@ GlobalObject* GlobalObject::createIntern
 /* static */
 GlobalObject* GlobalObject::new_(JSContext* cx, const Class* clasp,
                                  JSPrincipals* principals,
                                  JS::OnNewGlobalHookOption hookOption,
                                  const JS::RealmOptions& options) {
   MOZ_ASSERT(!cx->isExceptionPending());
   MOZ_ASSERT_IF(cx->zone(), !cx->zone()->isAtomsZone());
 
+  // If we are creating a new global in an existing compartment, make sure the
+  // compartment has a live global at all times (by rooting it here).
+  // See bug 1530364.
+  Rooted<GlobalObject*> existingGlobal(cx);
+  const JS::RealmCreationOptions& creationOptions = options.creationOptions();
+  if (creationOptions.compartmentSpecifier() ==
+      JS::CompartmentSpecifier::ExistingCompartment) {
+    Compartment* comp = creationOptions.compartment();
+    existingGlobal = &comp->firstGlobal();
+  }
+
   Realm* realm = NewRealm(cx, principals, options);
   if (!realm) {
     return nullptr;
   }
 
   Rooted<GlobalObject*> global(cx);
   {
     AutoRealmUnchecked ar(cx, realm);