From 84ec9162dfde5ab715679158a1af84c0826c99b2 Mon Sep 17 00:00:00 2001
From: Jan de Mooij <jdemooij@mozilla.com>
Date: Tue, 24 May 2016 07:51:28 +0200
Subject: [PATCH] Bug 1274193 part 3 - Use GO_THROUGH_SAVED when we know
 there's no saved frame boundary. r=luke

---
 js/src/builtin/Eval.cpp    | 2 +-
 js/src/jit/Ion.cpp         | 7 ++++---
 js/src/jit/VMFunctions.cpp | 2 +-
 js/src/jsfun.cpp           | 2 +-
 js/src/jsopcode.cpp        | 2 +-
 js/src/vm/SelfHosting.cpp  | 4 ++--
 js/src/vm/Stack.cpp        | 2 +-
 7 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/js/src/builtin/Eval.cpp b/js/src/builtin/Eval.cpp
index 0de005ec08d4..e2f4f5678dc8 100644
--- a/js/src/builtin/Eval.cpp
+++ b/js/src/builtin/Eval.cpp
@@ -426,7 +426,7 @@ bool
 js::DirectEval(JSContext* cx, HandleValue v, MutableHandleValue vp)
 {
     // Direct eval can assume it was called from an interpreted or baseline frame.
-    ScriptFrameIter iter(cx, FrameIter::STOP_AT_SAVED);
+    ScriptFrameIter iter(cx, FrameIter::GO_THROUGH_SAVED);
     AbstractFramePtr caller = iter.abstractFramePtr();
 
     MOZ_ASSERT(JSOp(*iter.pc()) == JSOP_EVAL ||
diff --git a/js/src/jit/Ion.cpp b/js/src/jit/Ion.cpp
index e45f5a3913ec..746f47628dde 100644
--- a/js/src/jit/Ion.cpp
+++ b/js/src/jit/Ion.cpp
@@ -2842,13 +2842,14 @@ jit::SetEnterJitData(JSContext* cx, EnterJitData& data, RunState& state,
             if (!vals.reserve(1))
                 return false;
 
-            ScriptFrameIter iter(cx, FrameIter::STOP_AT_SAVED);
             data.maxArgc = 1;
             data.maxArgv = vals.begin();
-            if (state.asExecute()->newTarget().isNull())
+            if (state.asExecute()->newTarget().isNull()) {
+                ScriptFrameIter iter(cx, FrameIter::GO_THROUGH_SAVED);
                 vals.infallibleAppend(iter.newTarget());
-            else
+            } else {
                 vals.infallibleAppend(state.asExecute()->newTarget());
+            }
         }
     }
 
diff --git a/js/src/jit/VMFunctions.cpp b/js/src/jit/VMFunctions.cpp
index 3c49f6378e0f..2d4e10734775 100644
--- a/js/src/jit/VMFunctions.cpp
+++ b/js/src/jit/VMFunctions.cpp
@@ -1270,7 +1270,7 @@ MarkObjectGroupFromIon(JSRuntime* rt, ObjectGroup** groupp)
 bool
 ThrowRuntimeLexicalError(JSContext* cx, unsigned errorNumber)
 {
-    ScriptFrameIter iter(cx, FrameIter::STOP_AT_SAVED);
+    ScriptFrameIter iter(cx, FrameIter::GO_THROUGH_SAVED);
     RootedScript script(cx, iter.script());
     ReportRuntimeLexicalError(cx, errorNumber, script, iter.pc());
     return false;
diff --git a/js/src/jsfun.cpp b/js/src/jsfun.cpp
index 56d07e6f4daf..1175f45a1651 100644
--- a/js/src/jsfun.cpp
+++ b/js/src/jsfun.cpp
@@ -1221,7 +1221,7 @@ js::fun_apply(JSContext* cx, unsigned argc, Value* vp)
     // the calling frame (which we must do now).
     if (args[1].isMagic(JS_OPTIMIZED_ARGUMENTS)) {
         // Step 3-6.
-        ScriptFrameIter iter(cx, FrameIter::STOP_AT_SAVED);
+        ScriptFrameIter iter(cx, FrameIter::GO_THROUGH_SAVED);
         MOZ_ASSERT(iter.numActualArgs() <= ARGS_LENGTH_MAX);
         if (!args2.init(iter.numActualArgs()))
             return false;
diff --git a/js/src/jsopcode.cpp b/js/src/jsopcode.cpp
index 4b5ca5e293d1..72aed8e8f3c4 100644
--- a/js/src/jsopcode.cpp
+++ b/js/src/jsopcode.cpp
@@ -719,7 +719,7 @@ js::DumpPC(JSContext* cx)
     Sprinter sprinter(cx);
     if (!sprinter.init())
         return false;
-    ScriptFrameIter iter(cx, FrameIter::STOP_AT_SAVED);
+    ScriptFrameIter iter(cx, FrameIter::GO_THROUGH_SAVED);
     if (iter.done()) {
         fprintf(stdout, "Empty stack.\n");
         return true;
diff --git a/js/src/vm/SelfHosting.cpp b/js/src/vm/SelfHosting.cpp
index 4ea5b88433db..131e3457fff8 100644
--- a/js/src/vm/SelfHosting.cpp
+++ b/js/src/vm/SelfHosting.cpp
@@ -806,7 +806,7 @@ intrinsic_ActiveFunction(JSContext* cx, unsigned argc, Value* vp)
     CallArgs args = CallArgsFromVp(argc, vp);
     MOZ_ASSERT(args.length() == 0);
 
-    ScriptFrameIter iter(cx, FrameIter::STOP_AT_SAVED);
+    ScriptFrameIter iter(cx, FrameIter::GO_THROUGH_SAVED);
     MOZ_ASSERT(iter.isFunctionFrame());
     args.rval().setObject(*iter.callee(cx));
     return true;
@@ -1880,7 +1880,7 @@ intrinsic_IsConstructing(JSContext* cx, unsigned argc, Value* vp)
     CallArgs args = CallArgsFromVp(argc, vp);
     MOZ_ASSERT(args.length() == 0);
 
-    ScriptFrameIter iter(cx, FrameIter::STOP_AT_SAVED);
+    ScriptFrameIter iter(cx, FrameIter::GO_THROUGH_SAVED);
     bool isConstructing = iter.isConstructing();
     args.rval().setBoolean(isConstructing);
     return true;
diff --git a/js/src/vm/Stack.cpp b/js/src/vm/Stack.cpp
index 25fb94a8a922..9bba55638794 100644
--- a/js/src/vm/Stack.cpp
+++ b/js/src/vm/Stack.cpp
@@ -47,7 +47,7 @@ InterpreterFrame::initExecuteFrame(JSContext* cx, HandleScript script, AbstractF
             if (newTarget.isNull() && evalInFramePrev.script()->functionOrCallerFunction())
                 newTarget = evalInFramePrev.newTarget();
         } else {
-            FrameIter iter(cx, FrameIter::STOP_AT_SAVED);
+            FrameIter iter(cx, FrameIter::GO_THROUGH_SAVED);
             MOZ_ASSERT(!iter.isWasm());
             if (newTarget.isNull() && iter.script()->functionOrCallerFunction())
                 newTarget = iter.newTarget();