Fix off-by-N in CG_COUNT_FINAL_SRCNOTES (214210).

This commit is contained in:
brendan%mozilla.org 2003-07-29 09:11:04 +00:00
parent dac741004a
commit ccebdd1892
2 changed files with 31 additions and 22 deletions

View File

@ -478,12 +478,20 @@ js_SetSrcNoteOffset(JSContext *cx, JSCodeGenerator *cg, uintN index,
* the CG_COUNT_FINAL_SRCNOTES macro. This macro knows a lot about details of
* js_FinishTakingSrcNotes.
*/
#define CG_COUNT_FINAL_SRCNOTES(cg) \
((cg)->prolog.noteCount + \
(((cg)->prolog.noteCount && (cg)->prolog.currentLine != (cg)->firstLine) \
? 2 + (((cg)->firstLine > SN_3BYTE_OFFSET_MASK) << 1) \
: 0) + \
(cg)->main.noteCount + 1)
#define CG_COUNT_FINAL_SRCNOTES(cg, cnt) \
JS_BEGIN_MACRO \
cnt = (cg)->main.noteCount + 1; \
if ((cg)->prolog.noteCount) { \
cnt += (cg)->prolog.noteCount; \
if ((cg)->prolog.currentLine != (cg)->firstLine) { \
ptrdiff_t diff_ = CG_PROLOG_OFFSET(cg) - \
(cg)->prolog.lastNoteOffset; \
if (diff_ > SN_DELTA_MASK) \
cnt += JS_HOWMANY(diff_ - SN_DELTA_MASK, SN_XDELTA_MASK); \
cnt += 2 + (((cg)->firstLine > SN_3BYTE_OFFSET_MASK) << 1); \
} \
} \
JS_END_MACRO
extern JSBool
js_FinishTakingSrcNotes(JSContext *cx, JSCodeGenerator *cg, jssrcnote *notes);
@ -509,10 +517,12 @@ js_NewTryNote(JSContext *cx, JSCodeGenerator *cg, ptrdiff_t start,
* preallocate enough space in a JSTryNote[] to pass as the notes parameter of
* js_FinishTakingTryNotes.
*/
#define CG_COUNT_FINAL_TRYNOTES(cg) \
(((cg)->tryNext > (cg)->tryBase) \
? PTRDIFF(cg->tryNext, cg->tryBase, JSTryNote) + 1 \
: 0)
#define CG_COUNT_FINAL_TRYNOTES(cg, cnt) \
JS_BEGIN_MACRO \
cnt = ((cg)->tryNext > (cg)->tryBase) \
? PTRDIFF(cg->tryNext, cg->tryBase, JSTryNote) + 1 \
: 0; \
JS_END_MACRO
extern void
js_FinishTakingTryNotes(JSContext *cx, JSCodeGenerator *cg, JSTryNote *notes);

View File

@ -510,11 +510,11 @@ js_XDRScript(JSXDRState *xdr, JSScript **scriptp, JSBool *hasMagic)
if (ntrynotes)
nsrcnotes += JSTRYNOTE_ALIGNMASK;
newscript = JS_realloc(cx, script,
sizeof(JSScript) +
length * sizeof(jsbytecode) +
nsrcnotes * sizeof(jssrcnote) +
ntrynotes * sizeof(JSTryNote));
newscript = (JSScript *) JS_realloc(cx, script,
sizeof(JSScript) +
length * sizeof(jsbytecode) +
nsrcnotes * sizeof(jssrcnote) +
ntrynotes * sizeof(JSTryNote));
if (!newscript)
goto error;
@ -989,8 +989,8 @@ js_NewScript(JSContext *cx, uint32 length, uint32 nsrcnotes, uint32 ntrynotes)
JSScript *script;
/* Round up source note count to align script->trynotes for its type. */
/* XXX only if ntrynotes != 0, but then tinderbox tests crash */
nsrcnotes += JSTRYNOTE_ALIGNMASK;
if (ntrynotes)
nsrcnotes += JSTRYNOTE_ALIGNMASK;
script = (JSScript *) JS_malloc(cx,
sizeof(JSScript) +
length * sizeof(jsbytecode) +
@ -1013,16 +1013,15 @@ js_NewScript(JSContext *cx, uint32 length, uint32 nsrcnotes, uint32 ntrynotes)
JS_FRIEND_API(JSScript *)
js_NewScriptFromCG(JSContext *cx, JSCodeGenerator *cg, JSFunction *fun)
{
uint32 mainLength, prologLength;
uint32 mainLength, prologLength, nsrcnotes, ntrynotes;
JSScript *script;
const char *filename;
mainLength = CG_OFFSET(cg);
prologLength = CG_PROLOG_OFFSET(cg);
script = js_NewScript(cx,
prologLength + mainLength,
CG_COUNT_FINAL_SRCNOTES(cg),
CG_COUNT_FINAL_TRYNOTES(cg));
CG_COUNT_FINAL_SRCNOTES(cg, nsrcnotes);
CG_COUNT_FINAL_TRYNOTES(cg, ntrynotes);
script = js_NewScript(cx, prologLength + mainLength, nsrcnotes, ntrynotes);
if (!script)
return NULL;