From ecd6a30ad44dfd993fc611762458e4a3e7cf5e4b Mon Sep 17 00:00:00 2001
From: Jason Orendorff <jason.orendorff@gmail.com>
Date: Thu, 15 Oct 2020 14:05:08 +0000
Subject: [PATCH] Bug 1412202 - Part 5: Update DebugEnvironments for generator
 frames. r=jandem

No effect yet, since there are no stack locals to copy. Without this change,
storing generator locals in the stack would cause several debugger tests to
fail.

Differential Revision: https://phabricator.services.mozilla.com/D93387
---
 js/src/vm/EnvironmentObject.cpp | 22 ++++------------------
 js/src/vm/JSFunction.h          |  4 ++++
 2 files changed, 8 insertions(+), 18 deletions(-)

diff --git a/js/src/vm/EnvironmentObject.cpp b/js/src/vm/EnvironmentObject.cpp
index f0a0a2519af5..c0ebd7381160 100644
--- a/js/src/vm/EnvironmentObject.cpp
+++ b/js/src/vm/EnvironmentObject.cpp
@@ -2457,7 +2457,10 @@ ArrayObject* DebugEnvironmentProxy::maybeSnapshot() const {
 }
 
 void DebugEnvironmentProxy::initSnapshot(ArrayObject& o) {
-  MOZ_ASSERT(maybeSnapshot() == nullptr);
+  MOZ_ASSERT_IF(
+    maybeSnapshot() != nullptr,
+    environment().is<CallObject>() &&
+    environment().as<CallObject>().callee().isGeneratorOrAsync());
   setReservedSlot(SNAPSHOT_SLOT, ObjectValue(o));
 }
 
@@ -2665,11 +2668,6 @@ bool DebugEnvironments::addDebugEnvironment(
     Handle<DebugEnvironmentProxy*> debugEnv) {
   MOZ_ASSERT(!ei.hasSyntacticEnvironment());
   MOZ_ASSERT(cx->realm() == debugEnv->nonCCWRealm());
-  // Generators should always have environments.
-  MOZ_ASSERT_IF(
-      ei.scope().is<FunctionScope>(),
-      !ei.scope().as<FunctionScope>().canonicalFunction()->isGenerator() &&
-          !ei.scope().as<FunctionScope>().canonicalFunction()->isAsync());
 
   if (!CanUseDebugEnvironmentMaps(cx)) {
     return true;
@@ -2835,10 +2833,6 @@ void DebugEnvironments::onPopCall(JSContext* cx, AbstractFramePtr frame) {
       return;
     }
 
-    if (frame.callee()->isGenerator() || frame.callee()->isAsync()) {
-      return;
-    }
-
     CallObject& callobj = frame.environmentChain()->as<CallObject>();
     envs->liveEnvs.remove(&callobj);
     if (JSObject* obj = envs->proxiedEnvs.lookup(&callobj)) {
@@ -2960,12 +2954,6 @@ bool DebugEnvironments::updateLiveEnvironments(JSContext* cx) {
       continue;
     }
 
-    if (frame.isFunctionFrame()) {
-      if (frame.callee()->isGenerator() || frame.callee()->isAsync()) {
-        continue;
-      }
-    }
-
     if (!frame.isDebuggee()) {
       continue;
     }
@@ -3143,8 +3131,6 @@ static DebugEnvironmentProxy* GetDebugEnvironmentForMissing(
   if (ei.scope().is<FunctionScope>()) {
     RootedFunction callee(cx,
                           ei.scope().as<FunctionScope>().canonicalFunction());
-    // Generators should always reify their scopes.
-    MOZ_ASSERT(!callee->isGenerator() && !callee->isAsync());
 
     JS::ExposeObjectToActiveJS(callee);
     Rooted<CallObject*> callobj(cx,
diff --git a/js/src/vm/JSFunction.h b/js/src/vm/JSFunction.h
index a2697be0f2ee..d778fb3471f1 100644
--- a/js/src/vm/JSFunction.h
+++ b/js/src/vm/JSFunction.h
@@ -514,6 +514,10 @@ class JSFunction : public js::NativeObject {
     return asyncKind() == js::FunctionAsyncKind::AsyncFunction;
   }
 
+  bool isGeneratorOrAsync() const {
+    return isGenerator() || isAsync();
+  }
+
   void initScript(js::BaseScript* script) {
     MOZ_ASSERT_IF(script, realm() == script->realm());
     MOZ_ASSERT(isInterpreted());