Bug 930260 - fix infinite recursion in signal handler on non-main-thread in debug builds (r=bhackett)
authorLuke Wagner <luke@mozilla.com>
Wed, 23 Oct 2013 17:03:35 -0500
changeset 166734 42f131becd2fad742b11b2dab09016e2cfd304a9
parent 166733 c89628d36c8d75e60bcff9260b969404b9dfae16
child 166735 6d4ff510c1179135cbda49e3568924bb7b18f0a2
push id428
push userbbajaj@mozilla.com
push dateTue, 28 Jan 2014 00:16:25 +0000
treeherdermozilla-release@cd72a7ff3a75 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbhackett
bugs930260
milestone27.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 930260 - fix infinite recursion in signal handler on non-main-thread in debug builds (r=bhackett)
js/src/jit/AsmJSSignalHandlers.cpp
js/src/vm/Runtime.h
--- a/js/src/jit/AsmJSSignalHandlers.cpp
+++ b/js/src/jit/AsmJSSignalHandlers.cpp
@@ -154,17 +154,17 @@ InnermostAsmJSActivation()
 
 static JSRuntime *
 RuntimeForCurrentThread()
 {
     PerThreadData *threadData = TlsPerThreadData.get();
     if (!threadData)
         return nullptr;
 
-    return threadData->runtimeFromMainThread();
+    return threadData->runtimeIfOnOwnerThread();
 }
 #endif // !defined(XP_MACOSX)
 
 // Crashing inside the signal handler can cause the handler to be recursively
 // invoked, eventually blowing the stack without actually showing a crash
 // report dialog via Breakpad. To guard against this we watch for such
 // recursion and fall through to the next handler immediately rather than
 // trying to handle it.
--- a/js/src/vm/Runtime.h
+++ b/js/src/vm/Runtime.h
@@ -587,16 +587,17 @@ class PerThreadData : public PerThreadDa
     ~PerThreadData();
 
     bool init();
     void addToThreadList();
     void removeFromThreadList();
 
     bool associatedWith(const JSRuntime *rt) { return runtime_ == rt; }
     inline JSRuntime *runtimeFromMainThread();
+    inline JSRuntime *runtimeIfOnOwnerThread();
 };
 
 template<class Client>
 struct MallocProvider
 {
     void *malloc_(size_t bytes) {
         Client *client = static_cast<Client *>(this);
         client->updateMallocCounter(bytes);
@@ -1790,16 +1791,22 @@ PerThreadData::setIonStackLimit(uintptr_
 
 inline JSRuntime *
 PerThreadData::runtimeFromMainThread()
 {
     JS_ASSERT(js::CurrentThreadCanAccessRuntime(runtime_));
     return runtime_;
 }
 
+inline JSRuntime *
+PerThreadData::runtimeIfOnOwnerThread()
+{
+    return js::CurrentThreadCanAccessRuntime(runtime_) ? runtime_ : nullptr;
+}
+
 /************************************************************************/
 
 static JS_ALWAYS_INLINE void
 MakeRangeGCSafe(Value *vec, size_t len)
 {
     mozilla::PodZero(vec, len);
 }