From c7cc4c6c916ca5d89e50815a4eeb7635f03f0620 Mon Sep 17 00:00:00 2001
From: Jason Orendorff <jorendorff@mozilla.com>
Date: Wed, 20 Mar 2019 19:20:06 +0000
Subject: [PATCH] Bug 1534776 - Don't leak the world if the shell's main()
 exits early. r=jwalden

This changes the order of some cleanup operations, harmlessly, to make
initialization and teardown more FIFO.

Differential Revision: https://phabricator.services.mozilla.com/D23222

--HG--
extra : moz-landing-system : lando
---
 js/src/shell/js.cpp | 35 +++++++++++++++++++----------------
 1 file changed, 19 insertions(+), 16 deletions(-)

diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
index 1fa6d759297c..a87e39ef677f 100644
--- a/js/src/shell/js.cpp
+++ b/js/src/shell/js.cpp
@@ -11181,14 +11181,26 @@ int main(int argc, char** argv, char** envp) {
   if (!cx) {
     return 1;
   }
+  auto destroyCx = MakeScopeExit([cx] { JS_DestroyContext(cx); });
 
   UniquePtr<ShellContext> sc = MakeUnique<ShellContext>(cx);
   if (!sc) {
     return 1;
   }
+  auto destroyShellContext = MakeScopeExit([cx, &sc] {
+    // Must clear out some of sc's pointer containers before JS_DestroyContext.
+    sc->markObservers.reset();
+
+    JS_SetContextPrivate(cx, nullptr);
+    sc.reset();
+  });
 
   JS_SetContextPrivate(cx, sc.get());
   JS_SetGrayGCRootsTracer(cx, TraceGrayRoots, nullptr);
+  auto resetGrayGCRootsTracer = MakeScopeExit([cx] {
+    JS_SetGrayGCRootsTracer(cx, nullptr, nullptr);
+  });
+
   // Waiting is allowed on the shell's main thread, for now.
   JS_SetFutexCanWait(cx);
   JS::SetWarningReporter(cx, WarningReporter);
@@ -11230,6 +11242,13 @@ int main(int argc, char** argv, char** envp) {
 
   js::UseInternalJobQueues(cx);
 
+  auto shutdownShellThreads = MakeScopeExit([cx] {
+    KillWatchdog(cx);
+    KillWorkerThreads(cx);
+    DestructSharedObjectMailbox();
+    CancelOffThreadJobsForRuntime(cx);
+  });
+
   if (const char* opt = op.getStringOption("nursery-strings")) {
     if (strcmp(opt, "on") == 0) {
       cx->runtime()->gc.nursery().enableStrings();
@@ -11275,21 +11294,5 @@ int main(int argc, char** argv, char** envp) {
   }
 #endif
 
-  JS_SetGrayGCRootsTracer(cx, nullptr, nullptr);
-
-  // Must clear out some of sc's pointer containers before JS_DestroyContext.
-  sc->markObservers.reset();
-
-  KillWatchdog(cx);
-
-  KillWorkerThreads(cx);
-
-  DestructSharedObjectMailbox();
-
-  CancelOffThreadJobsForRuntime(cx);
-
-  JS_SetContextPrivate(cx, nullptr);
-  sc.reset();
-  JS_DestroyContext(cx);
   return result;
 }