From 4fa44f04f7fc8ed585c85eef738f401eabe824be Mon Sep 17 00:00:00 2001
From: Sean Stangl <sstangl@mozilla.com>
Date: Mon, 7 Apr 2014 13:43:50 -0700
Subject: [PATCH] Bug 856796 - Attempt detection of YARR bug; r=till

---
 js/src/yarr/YarrInterpreter.cpp | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/js/src/yarr/YarrInterpreter.cpp b/js/src/yarr/YarrInterpreter.cpp
index f59b99699bee..4231fd3ff47a 100644
--- a/js/src/yarr/YarrInterpreter.cpp
+++ b/js/src/yarr/YarrInterpreter.cpp
@@ -1009,6 +1009,12 @@ public:
                     }
                 }
             } else {
+                // Avoid a topcrash before it occurs.
+                if (!backTrack->lastContext) {
+                    ASSERT(!"Tripped Bug 856796!");
+                    return JSRegExpErrorInternal;
+                }
+
                 resetMatches(term, context);
                 popParenthesesDisjunctionContext(backTrack);
                 freeParenthesesDisjunctionContext(context);
@@ -1055,6 +1061,12 @@ public:
                     return JSRegExpMatch;
                 }
 
+                // Avoid a topcrash before it occurs.
+                if (!backTrack->lastContext) {
+                    ASSERT(!"Tripped Bug 856796!");
+                    return JSRegExpErrorInternal;
+                }
+
                 // pop a match off the stack
                 resetMatches(term, context);
                 popParenthesesDisjunctionContext(backTrack);