KotJohansson/UXP-Fixed
1
0
Fork 0
mirror of https://github.com/ManchildProductions/UXP-Fixed.git synced 2026-05-27 14:38:54 +00:00
Code Issues Projects Releases Wiki Activity

Fix Value::isGCThing footgun, stop returning true for NullValue

Browse Source
This commit is contained in:
trav90
2018-04-07 12:24:30 -05:00
parent d960419686
commit bbd4001cb2
31 changed files with 87 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dom/xhr/XMLHttpRequestWorker.cpp
+2 -2
View File
@@ -1148,8 +1148,8 @@ EventRunnable::PreDispatch(WorkerPrivate* /* unused */)
} else {
bool doClone = true;
JS::Rooted<JS::Value> transferable(cx);
JS::Rooted<JSObject*> obj(cx, response.isObjectOrNull() ?
response.toObjectOrNull() : nullptr);
JS::Rooted<JSObject*> obj(cx, response.isObject() ?
&response.toObject() : nullptr);
if (obj && JS_IsArrayBufferObject(obj)) {
// Use cached response if the arraybuffer has been transfered.
if (mProxy->mArrayBufferResponseWasTransferred) {
js/public/CallArgs.h
+1 -1
View File
@@ -290,7 +290,7 @@ class MOZ_STACK_CLASS CallArgs : public detail::CallArgsBase<detail::IncludeUsed
args.constructing_ = constructing;
#ifdef DEBUG
for (unsigned i = 0; i < argc; ++i)
MOZ_ASSERT_IF(argv[i].isMarkable(), !GCThingIsMarkedGray(GCCellPtr(argv[i])));
MOZ_ASSERT_IF(argv[i].isGCThing(), !GCThingIsMarkedGray(GCCellPtr(argv[i])));
#endif
return args;
}
js/public/Proxy.h
+2 -2
View File
@@ -456,7 +456,7 @@ SetProxyExtra(JSObject* obj, size_t n, const Value& extra)
Value* vp = &detail::GetProxyDataLayout(obj)->values->extraSlots[n];
// Trigger a barrier before writing the slot.
if (vp->isMarkable() || extra.isMarkable())
if (vp->isGCThing() || extra.isGCThing())
SetValueInProxy(vp, extra);
else
*vp = extra;
@@ -482,7 +482,7 @@ SetReservedOrProxyPrivateSlot(JSObject* obj, size_t slot, const Value& value)
MOZ_ASSERT(slot == 0);
MOZ_ASSERT(slot < JSCLASS_RESERVED_SLOTS(GetObjectClass(obj)) || IsProxy(obj));
shadow::Object* sobj = reinterpret_cast<shadow::Object*>(obj);
if (sobj->slotRef(slot).isMarkable() || value.isMarkable())
if (sobj->slotRef(slot).isGCThing() || value.isGCThing())
SetReservedOrProxyPrivateSlotWithBarrier(obj, slot, value);
else
sobj->slotRef(slot) = value;
js/public/TraceKind.h
+5 -3
View File
@@ -40,9 +40,11 @@ enum class TraceKind
// Note: The order here is determined by our Value packing. Other users
// should sort alphabetically, for consistency.
Object = 0x00,
String = 0x01,
Symbol = 0x02,
Script = 0x03,
String = 0x02,
Symbol = 0x03,
// 0x1 is not used for any GCThing Value tag, so we use it for Script.
Script = 0x01,
// Shape details are exposed through JS_TraceShapeCycleCollectorChildren.
Shape = 0x04,
js/public/Value.h
+18 -36
View File
@@ -51,12 +51,12 @@ JS_ENUM_HEADER(JSValueType, uint8_t)
JSVAL_TYPE_DOUBLE = 0x00,
JSVAL_TYPE_INT32 = 0x01,
JSVAL_TYPE_UNDEFINED = 0x02,
JSVAL_TYPE_BOOLEAN = 0x03,
JSVAL_TYPE_MAGIC = 0x04,
JSVAL_TYPE_STRING = 0x05,
JSVAL_TYPE_SYMBOL = 0x06,
JSVAL_TYPE_PRIVATE_GCTHING = 0x07,
JSVAL_TYPE_NULL = 0x08,
JSVAL_TYPE_NULL = 0x03,
JSVAL_TYPE_BOOLEAN = 0x04,
JSVAL_TYPE_MAGIC = 0x05,
JSVAL_TYPE_STRING = 0x06,
JSVAL_TYPE_SYMBOL = 0x07,
JSVAL_TYPE_PRIVATE_GCTHING = 0x08,
JSVAL_TYPE_OBJECT = 0x0c,
/* These never appear in a jsval; they are only provided as an out-of-band value. */
@@ -75,11 +75,11 @@ JS_ENUM_HEADER(JSValueTag, uint32_t)
JSVAL_TAG_CLEAR = 0xFFFFFF80,
JSVAL_TAG_INT32 = JSVAL_TAG_CLEAR | JSVAL_TYPE_INT32,
JSVAL_TAG_UNDEFINED = JSVAL_TAG_CLEAR | JSVAL_TYPE_UNDEFINED,
JSVAL_TAG_NULL = JSVAL_TAG_CLEAR | JSVAL_TYPE_NULL,
JSVAL_TAG_STRING = JSVAL_TAG_CLEAR | JSVAL_TYPE_STRING,
JSVAL_TAG_SYMBOL = JSVAL_TAG_CLEAR | JSVAL_TYPE_SYMBOL,
JSVAL_TAG_BOOLEAN = JSVAL_TAG_CLEAR | JSVAL_TYPE_BOOLEAN,
JSVAL_TAG_MAGIC = JSVAL_TAG_CLEAR | JSVAL_TYPE_MAGIC,
JSVAL_TAG_NULL = JSVAL_TAG_CLEAR | JSVAL_TYPE_NULL,
JSVAL_TAG_OBJECT = JSVAL_TAG_CLEAR | JSVAL_TYPE_OBJECT,
JSVAL_TAG_PRIVATE_GCTHING = JSVAL_TAG_CLEAR | JSVAL_TYPE_PRIVATE_GCTHING
} JS_ENUM_FOOTER(JSValueTag);
@@ -95,11 +95,11 @@ JS_ENUM_HEADER(JSValueTag, uint32_t)
JSVAL_TAG_MAX_DOUBLE = 0x1FFF0,
JSVAL_TAG_INT32 = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_INT32,
JSVAL_TAG_UNDEFINED = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_UNDEFINED,
JSVAL_TAG_NULL = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_NULL,
JSVAL_TAG_STRING = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_STRING,
JSVAL_TAG_SYMBOL = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_SYMBOL,
JSVAL_TAG_BOOLEAN = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_BOOLEAN,
JSVAL_TAG_MAGIC = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_MAGIC,
JSVAL_TAG_NULL = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_NULL,
JSVAL_TAG_OBJECT = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_OBJECT,
JSVAL_TAG_PRIVATE_GCTHING = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_PRIVATE_GCTHING
} JS_ENUM_FOOTER(JSValueTag);
@@ -112,11 +112,11 @@ JS_ENUM_HEADER(JSValueShiftedTag, uint64_t)
JSVAL_SHIFTED_TAG_MAX_DOUBLE = ((((uint64_t)JSVAL_TAG_MAX_DOUBLE) << JSVAL_TAG_SHIFT) | 0xFFFFFFFF),
JSVAL_SHIFTED_TAG_INT32 = (((uint64_t)JSVAL_TAG_INT32) << JSVAL_TAG_SHIFT),
JSVAL_SHIFTED_TAG_UNDEFINED = (((uint64_t)JSVAL_TAG_UNDEFINED) << JSVAL_TAG_SHIFT),
JSVAL_SHIFTED_TAG_NULL = (((uint64_t)JSVAL_TAG_NULL) << JSVAL_TAG_SHIFT),
JSVAL_SHIFTED_TAG_STRING = (((uint64_t)JSVAL_TAG_STRING) << JSVAL_TAG_SHIFT),
JSVAL_SHIFTED_TAG_SYMBOL = (((uint64_t)JSVAL_TAG_SYMBOL) << JSVAL_TAG_SHIFT),
JSVAL_SHIFTED_TAG_BOOLEAN = (((uint64_t)JSVAL_TAG_BOOLEAN) << JSVAL_TAG_SHIFT),
JSVAL_SHIFTED_TAG_MAGIC = (((uint64_t)JSVAL_TAG_MAGIC) << JSVAL_TAG_SHIFT),
JSVAL_SHIFTED_TAG_NULL = (((uint64_t)JSVAL_TAG_NULL) << JSVAL_TAG_SHIFT),
JSVAL_SHIFTED_TAG_OBJECT = (((uint64_t)JSVAL_TAG_OBJECT) << JSVAL_TAG_SHIFT),
JSVAL_SHIFTED_TAG_PRIVATE_GCTHING = (((uint64_t)JSVAL_TAG_PRIVATE_GCTHING) << JSVAL_TAG_SHIFT)
} JS_ENUM_FOOTER(JSValueShiftedTag);
@@ -140,7 +140,6 @@ static_assert(sizeof(JSValueShiftedTag) == sizeof(uint64_t),
#define JSVAL_TYPE_TO_TAG(type) ((JSValueTag)(JSVAL_TAG_CLEAR | (type)))
#define JSVAL_LOWER_INCL_TAG_OF_OBJ_OR_NULL_SET JSVAL_TAG_NULL
#define JSVAL_UPPER_EXCL_TAG_OF_PRIMITIVE_SET JSVAL_TAG_OBJECT
#define JSVAL_UPPER_INCL_TAG_OF_NUMBER_SET JSVAL_TAG_INT32
#define JSVAL_LOWER_INCL_TAG_OF_GCTHING_SET JSVAL_TAG_STRING
@@ -152,12 +151,10 @@ static_assert(sizeof(JSValueShiftedTag) == sizeof(uint64_t),
#define JSVAL_TYPE_TO_TAG(type) ((JSValueTag)(JSVAL_TAG_MAX_DOUBLE | (type)))
#define JSVAL_TYPE_TO_SHIFTED_TAG(type) (((uint64_t)JSVAL_TYPE_TO_TAG(type)) << JSVAL_TAG_SHIFT)
#define JSVAL_LOWER_INCL_TAG_OF_OBJ_OR_NULL_SET JSVAL_TAG_NULL
#define JSVAL_UPPER_EXCL_TAG_OF_PRIMITIVE_SET JSVAL_TAG_OBJECT
#define JSVAL_UPPER_INCL_TAG_OF_NUMBER_SET JSVAL_TAG_INT32
#define JSVAL_LOWER_INCL_TAG_OF_GCTHING_SET JSVAL_TAG_STRING
#define JSVAL_LOWER_INCL_SHIFTED_TAG_OF_OBJ_OR_NULL_SET JSVAL_SHIFTED_TAG_NULL
#define JSVAL_UPPER_EXCL_SHIFTED_TAG_OF_PRIMITIVE_SET JSVAL_SHIFTED_TAG_OBJECT
#define JSVAL_UPPER_EXCL_SHIFTED_TAG_OF_NUMBER_SET JSVAL_SHIFTED_TAG_UNDEFINED
#define JSVAL_LOWER_INCL_SHIFTED_TAG_OF_GCTHING_SET JSVAL_SHIFTED_TAG_STRING
@@ -537,12 +534,7 @@ class MOZ_NON_PARAM alignas(8) Value
}
bool isObjectOrNull() const {
MOZ_ASSERT(uint32_t(toTag()) <= uint32_t(JSVAL_TAG_OBJECT));
#if defined(JS_NUNBOX32)
return uint32_t(toTag()) >= uint32_t(JSVAL_LOWER_INCL_TAG_OF_OBJ_OR_NULL_SET);
#elif defined(JS_PUNBOX64)
return data.asBits >= JSVAL_LOWER_INCL_SHIFTED_TAG_OF_OBJ_OR_NULL_SET;
#endif
return isObject() || isNull();
}
bool isGCThing() const {
@@ -575,12 +567,8 @@ class MOZ_NON_PARAM alignas(8) Value
return isMagic();
}
bool isMarkable() const {
return isGCThing() && !isNull();
}
JS::TraceKind traceKind() const {
MOZ_ASSERT(isMarkable());
MOZ_ASSERT(isGCThing());
static_assert((JSVAL_TAG_STRING & 0x03) == size_t(JS::TraceKind::String),
"Value type tags must correspond with JS::TraceKinds.");
static_assert((JSVAL_TAG_SYMBOL & 0x03) == size_t(JS::TraceKind::Symbol),
@@ -684,11 +672,6 @@ class MOZ_NON_PARAM alignas(8) Value
#endif
}
js::gc::Cell* toMarkablePointer() const {
MOZ_ASSERT(isMarkable());
return toGCThing();
}
GCCellPtr toGCCellPtr() const {
return GCCellPtr(toGCThing(), traceKind());
}
@@ -760,9 +743,9 @@ class MOZ_NON_PARAM alignas(8) Value
* Private GC Thing API
*
* Non-JSObject, JSString, and JS::Symbol cells may be put into the 64-bit
* payload as private GC things. Such Values are considered isMarkable()
* and isGCThing(), and as such, automatically marked. Their traceKind()
* is gotten via their cells.
* payload as private GC things. Such Values are considered isGCThing(), and
* as such, automatically marked. Their traceKind() is gotten via their
* cells.
*/
void setPrivateGCThing(js::gc::Cell* cell) {
@@ -980,7 +963,7 @@ IsOptimizedPlaceholderMagicValue(const Value& v)
static MOZ_ALWAYS_INLINE void
ExposeValueToActiveJS(const Value& v)
{
if (v.isMarkable())
if (v.isGCThing())
js::gc::ExposeGCThingToActiveJS(GCCellPtr(v));
}
@@ -1298,7 +1281,7 @@ template <>
struct BarrierMethods<JS::Value>
{
static gc::Cell* asGCThingOrNull(const JS::Value& v) {
return v.isMarkable() ? v.toGCThing() : nullptr;
return v.isGCThing() ? v.toGCThing() : nullptr;
}
static void postBarrier(JS::Value* v, const JS::Value& prev, const JS::Value& next) {
JS::HeapValuePostBarrier(v, prev, next);
@@ -1338,9 +1321,8 @@ class ValueOperations
bool isObject() const { return value().isObject(); }
bool isMagic() const { return value().isMagic(); }
bool isMagic(JSWhyMagic why) const { return value().isMagic(why); }
bool isMarkable() const { return value().isMarkable(); }
bool isPrimitive() const { return value().isPrimitive(); }
bool isGCThing() const { return value().isGCThing(); }
bool isPrimitive() const { return value().isPrimitive(); }
bool isNullOrUndefined() const { return value().isNullOrUndefined(); }
bool isObjectOrNull() const { return value().isObjectOrNull(); }
@@ -1485,7 +1467,7 @@ DispatchTyped(F f, const JS::Value& val, Args&&... args)
return f(val.toSymbol(), mozilla::Forward<Args>(args)...);
if (MOZ_UNLIKELY(val.isPrivateGCThing()))
return DispatchTyped(f, val.toGCCellPtr(), mozilla::Forward<Args>(args)...);
MOZ_ASSERT(!val.isMarkable());
MOZ_ASSERT(!val.isGCThing());
return F::defaultValue(val);
}
js/src/builtin/TestingFunctions.cpp
+1 -1
View File
@@ -881,7 +881,7 @@ HasChild(JSContext* cx, unsigned argc, Value* vp)
RootedValue parent(cx, args.get(0));
RootedValue child(cx, args.get(1));
if (!parent.isMarkable() || !child.isMarkable()) {
if (!parent.isGCThing() || !child.isGCThing()) {
args.rval().setBoolean(false);
return true;
}
js/src/gc/Barrier.cpp
+1 -1
View File
@@ -56,7 +56,7 @@ HeapSlot::preconditionForWriteBarrierPost(NativeObject* obj, Kind kind, uint32_t
bool isCorrectSlot = kind == Slot
? obj->getSlotAddressUnchecked(slot)->get() == target
: static_cast<HeapSlot*>(obj->getDenseElements() + slot)->get() == target;
bool isBlackToGray = target.isMarkable() &&
bool isBlackToGray = target.isGCThing() &&
IsMarkedBlack(obj) && JS::GCThingIsMarkedGray(JS::GCCellPtr(target));
return isCorrectSlot && !isBlackToGray;
}
js/src/gc/Barrier.h
+1 -1
View File
@@ -282,7 +282,7 @@ template <typename S> struct ReadBarrierFunctor : public VoidDefaultAdaptor<S> {
template <>
struct InternalBarrierMethods<Value>
{
static bool isMarkable(const Value& v) { return v.isMarkable(); }
static bool isMarkable(const Value& v) { return v.isGCThing(); }
static bool isMarkableTaggedPointer(const Value& v) { return isMarkable(v); }
static void preBarrier(const Value& v) {
js/src/gc/Marking.cpp
+2 -2
View File
@@ -328,7 +328,7 @@ ShouldMarkCrossCompartment(JSTracer* trc, JSObject* src, Cell* cell)
static bool
ShouldMarkCrossCompartment(JSTracer* trc, JSObject* src, const Value& val)
{
return val.isMarkable() && ShouldMarkCrossCompartment(trc, src, (Cell*)val.toGCThing());
return val.isGCThing() && ShouldMarkCrossCompartment(trc, src, val.toGCThing());
}
static void
@@ -1599,7 +1599,7 @@ ObjectDenseElementsMayBeMarkable(NativeObject* nobj)
if (!mayBeMarkable) {
const Value* elements = nobj->getDenseElementsAllowCopyOnWrite();
for (unsigned i = 0; i < nobj->getDenseInitializedLength(); i++)
MOZ_ASSERT(!elements[i].isMarkable());
MOZ_ASSERT(!elements[i].isGCThing());
}
#endif
js/src/gc/Marking.h
+1 -1
View File
@@ -404,7 +404,7 @@ IsAboutToBeFinalizedDuringSweep(TenuredCell& tenured);
inline Cell*
ToMarkable(const Value& v)
{
if (v.isMarkable())
if (v.isGCThing())
return (Cell*)v.toGCThing();
return nullptr;
}
js/src/jit/CodeGenerator.cpp
+2 -2
View File
@@ -8526,8 +8526,8 @@ StoreUnboxedPointer(MacroAssembler& masm, T address, MIRType type, const LAlloca
masm.patchableCallPreBarrier(address, type);
if (value->isConstant()) {
Value v = value->toConstant()->toJSValue();
if (v.isMarkable()) {
masm.storePtr(ImmGCPtr(v.toMarkablePointer()), address);
if (v.isGCThing()) {
masm.storePtr(ImmGCPtr(v.toGCThing()), address);
} else {
MOZ_ASSERT(v.isNull());
masm.storePtr(ImmWord(0), address);
js/src/jit/JitFrames.cpp
+1 -1
View File
@@ -2062,7 +2062,7 @@ SnapshotIterator::traceAllocation(JSTracer* trc)
return;
Value v = allocationValue(alloc, RM_AlwaysDefault);
if (!v.isMarkable())
if (!v.isGCThing())
return;
Value copy = v;
js/src/jit/Lowering.cpp
+1 -1
View File
@@ -2687,7 +2687,7 @@ IsNonNurseryConstant(MDefinition* def)
if (!def->isConstant())
return false;
Value v = def->toConstant()->toJSValue();
return !v.isMarkable() || !IsInsideNursery(v.toMarkablePointer());
return !v.isGCThing() || !IsInsideNursery(v.toGCThing());
}
void
js/src/jit/arm/MacroAssembler-arm.cpp
+6 -6
View File
@@ -3286,8 +3286,8 @@ void
MacroAssemblerARMCompat::moveValue(const Value& val, Register type, Register data)
{
ma_mov(Imm32(val.toNunboxTag()), type);
if (val.isMarkable())
ma_mov(ImmGCPtr(val.toMarkablePointer()), data);
if (val.isGCThing())
ma_mov(ImmGCPtr(val.toGCThing()), data);
else
ma_mov(Imm32(val.toNunboxPayload()), data);
}
@@ -3484,8 +3484,8 @@ MacroAssemblerARMCompat::storePayload(const Value& val, const BaseIndex& dest)
ScratchRegisterScope scratch(asMasm());
SecondScratchRegisterScope scratch2(asMasm());
if (val.isMarkable())
ma_mov(ImmGCPtr(val.toMarkablePointer()), scratch);
if (val.isGCThing())
ma_mov(ImmGCPtr(val.toGCThing()), scratch);
else
ma_mov(Imm32(val.toNunboxPayload()), scratch);
@@ -5314,8 +5314,8 @@ MacroAssembler::branchTestValue(Condition cond, const ValueOperand& lhs,
// equal, short circuit false (NotEqual).
ScratchRegisterScope scratch(*this);
if (rhs.isMarkable())
ma_cmp(lhs.payloadReg(), ImmGCPtr(rhs.toMarkablePointer()), scratch);
if (rhs.isGCThing())
ma_cmp(lhs.payloadReg(), ImmGCPtr(rhs.toGCThing()), scratch);
else
ma_cmp(lhs.payloadReg(), Imm32(rhs.toNunboxPayload()), scratch);
ma_cmp(lhs.typeReg(), Imm32(rhs.toNunboxTag()), scratch, Equal);
js/src/jit/arm/MacroAssembler-arm.h
+8 -8
View File
@@ -915,8 +915,8 @@ class MacroAssemblerARMCompat : public MacroAssemblerARM
ma_mov(Imm32(val.toNunboxTag()), scratch);
ma_str(scratch, ToType(dest), scratch2);
if (val.isMarkable())
ma_mov(ImmGCPtr(val.toMarkablePointer()), scratch);
if (val.isGCThing())
ma_mov(ImmGCPtr(val.toGCThing()), scratch);
else
ma_mov(Imm32(val.toNunboxPayload()), scratch);
ma_str(scratch, ToPayload(dest), scratch2);
@@ -944,15 +944,15 @@ class MacroAssemblerARMCompat : public MacroAssemblerARM
// Store the payload, marking if necessary.
if (payloadoffset < 4096 && payloadoffset > -4096) {
if (val.isMarkable())
ma_mov(ImmGCPtr(val.toMarkablePointer()), scratch2);
if (val.isGCThing())
ma_mov(ImmGCPtr(val.toGCThing()), scratch2);
else
ma_mov(Imm32(val.toNunboxPayload()), scratch2);
ma_str(scratch2, DTRAddr(scratch, DtrOffImm(payloadoffset)));
} else {
ma_add(Imm32(payloadoffset), scratch, scratch2);
if (val.isMarkable())
ma_mov(ImmGCPtr(val.toMarkablePointer()), scratch2);
if (val.isGCThing())
ma_mov(ImmGCPtr(val.toGCThing()), scratch2);
else
ma_mov(Imm32(val.toNunboxPayload()), scratch2);
ma_str(scratch2, DTRAddr(scratch, DtrOffImm(0)));
@@ -977,8 +977,8 @@ class MacroAssemblerARMCompat : public MacroAssemblerARM
void popValue(ValueOperand val);
void pushValue(const Value& val) {
push(Imm32(val.toNunboxTag()));
if (val.isMarkable())
push(ImmGCPtr(val.toMarkablePointer()));
if (val.isGCThing())
push(ImmGCPtr(val.toGCThing()));
else
push(Imm32(val.toNunboxPayload()));
}
js/src/jit/arm64/MacroAssembler-arm64.h
+4 -4
View File
@@ -306,7 +306,7 @@ class MacroAssemblerCompat : public vixl::MacroAssembler
void pushValue(const Value& val) {
vixl::UseScratchRegisterScope temps(this);
const Register scratch = temps.AcquireX().asUnsized();
if (val.isMarkable()) {
if (val.isGCThing()) {
BufferOffset load = movePatchablePtr(ImmPtr(val.bitsAsPunboxPointer()), scratch);
writeDataRelocation(val, load);
push(scratch);
@@ -349,7 +349,7 @@ class MacroAssemblerCompat : public vixl::MacroAssembler
}
}
void moveValue(const Value& val, Register dest) {
if (val.isMarkable()) {
if (val.isGCThing()) {
BufferOffset load = movePatchablePtr(ImmPtr(val.bitsAsPunboxPointer()), dest);
writeDataRelocation(val, load);
} else {
@@ -1835,8 +1835,8 @@ class MacroAssemblerCompat : public vixl::MacroAssembler
dataRelocations_.writeUnsigned(load.getOffset());
}
void writeDataRelocation(const Value& val, BufferOffset load) {
if (val.isMarkable()) {
gc::Cell* cell = val.toMarkablePointer();
if (val.isGCThing()) {
gc::Cell* cell = val.toGCThing();
if (cell && gc::IsInsideNursery(cell))
embedsNurseryPointers_ = true;
dataRelocations_.writeUnsigned(load.getOffset());
js/src/jit/mips32/MacroAssembler-mips32.cpp
+2 -2
View File
@@ -1527,8 +1527,8 @@ MacroAssemblerMIPSCompat::getType(const Value& val)
void
MacroAssemblerMIPSCompat::moveData(const Value& val, Register data)
{
if (val.isMarkable())
ma_li(data, ImmGCPtr(val.toMarkablePointer()));
if (val.isGCThing())
ma_li(data, ImmGCPtr(val.toGCThing()));
else
ma_li(data, Imm32(val.toNunboxPayload()));
}
js/src/jit/mips32/MacroAssembler-mips32.h
+2 -2
View File
@@ -480,8 +480,8 @@ class MacroAssemblerMIPSCompat : public MacroAssemblerMIPS
void popValue(ValueOperand val);
void pushValue(const Value& val) {
push(Imm32(val.toNunboxTag()));
if (val.isMarkable())
push(ImmGCPtr(val.toMarkablePointer()));
if (val.isGCThing())
push(ImmGCPtr(val.toGCThing()));
else
push(Imm32(val.toNunboxPayload()));
}
js/src/jit/mips64/MacroAssembler-mips64.cpp
+1 -1
View File
@@ -1885,7 +1885,7 @@ MacroAssemblerMIPS64Compat::storeValue(JSValueType type, Register reg, Address d
void
MacroAssemblerMIPS64Compat::storeValue(const Value& val, Address dest)
{
if (val.isMarkable()) {
if (val.isGCThing()) {
writeDataRelocation(val);
movWithPatch(ImmWord(val.asRawBits()), SecondScratchReg);
} else {
js/src/jit/mips64/MacroAssembler-mips64.h
+3 -3
View File
@@ -221,8 +221,8 @@ class MacroAssemblerMIPS64Compat : public MacroAssemblerMIPS64
}
void writeDataRelocation(const Value& val) {
if (val.isMarkable()) {
gc::Cell* cell = val.toMarkablePointer();
if (val.isGCThing()) {
gc::Cell* cell = val.toGCThing();
if (cell && gc::IsInsideNursery(cell))
embedsNurseryPointers_ = true;
dataRelocations_.writeUnsigned(currentOffset());
@@ -498,7 +498,7 @@ class MacroAssemblerMIPS64Compat : public MacroAssemblerMIPS64
void pushValue(ValueOperand val);
void popValue(ValueOperand val);
void pushValue(const Value& val) {
if (val.isMarkable()) {
if (val.isGCThing()) {
writeDataRelocation(val);
movWithPatch(ImmWord(val.asRawBits()), ScratchRegister);
push(ScratchRegister);
js/src/jit/x64/MacroAssembler-x64.h
+4 -4
View File
@@ -58,8 +58,8 @@ class MacroAssemblerX64 : public MacroAssemblerX86Shared
// X64 helpers.
/////////////////////////////////////////////////////////////////
void writeDataRelocation(const Value& val) {
if (val.isMarkable()) {
gc::Cell* cell = val.toMarkablePointer();
if (val.isGCThing()) {
gc::Cell* cell = val.toGCThing();
if (cell && gc::IsInsideNursery(cell))
embedsNurseryPointers_ = true;
dataRelocations_.writeUnsigned(masm.currentOffset());
@@ -132,7 +132,7 @@ class MacroAssemblerX64 : public MacroAssemblerX86Shared
template <typename T>
void storeValue(const Value& val, const T& dest) {
ScratchRegisterScope scratch(asMasm());
if (val.isMarkable()) {
if (val.isGCThing()) {
movWithPatch(ImmWord(val.asRawBits()), scratch);
writeDataRelocation(val);
} else {
@@ -171,7 +171,7 @@ class MacroAssemblerX64 : public MacroAssemblerX86Shared
pop(val.valueReg());
}
void pushValue(const Value& val) {
if (val.isMarkable()) {
if (val.isGCThing()) {
ScratchRegisterScope scratch(asMasm());
movWithPatch(ImmWord(val.asRawBits()), scratch);
writeDataRelocation(val);
js/src/jit/x86/MacroAssembler-x86.cpp
+2 -2
View File
@@ -499,8 +499,8 @@ MacroAssembler::branchTestValue(Condition cond, const ValueOperand& lhs,
const Value& rhs, Label* label)
{
MOZ_ASSERT(cond == Equal || cond == NotEqual);
if (rhs.isMarkable())
cmpPtr(lhs.payloadReg(), ImmGCPtr(rhs.toMarkablePointer()));
if (rhs.isGCThing())
cmpPtr(lhs.payloadReg(), ImmGCPtr(rhs.toGCThing()));
else
cmpPtr(lhs.payloadReg(), ImmWord(rhs.toNunboxPayload()));
js/src/jit/x86/MacroAssembler-x86.h
+6 -6
View File
@@ -94,8 +94,8 @@ class MacroAssemblerX86 : public MacroAssemblerX86Shared
}
void moveValue(const Value& val, Register type, Register data) {
movl(Imm32(val.toNunboxTag()), type);
if (val.isMarkable())
movl(ImmGCPtr(val.toMarkablePointer()), data);
if (val.isGCThing())
movl(ImmGCPtr(val.toGCThing()), data);
else
movl(Imm32(val.toNunboxPayload()), data);
}
@@ -213,8 +213,8 @@ class MacroAssemblerX86 : public MacroAssemblerX86Shared
}
void pushValue(const Value& val) {
push(Imm32(val.toNunboxTag()));
if (val.isMarkable())
push(ImmGCPtr(val.toMarkablePointer()));
if (val.isGCThing())
push(ImmGCPtr(val.toGCThing()));
else
push(Imm32(val.toNunboxPayload()));
}
@@ -235,8 +235,8 @@ class MacroAssemblerX86 : public MacroAssemblerX86Shared
pop(dest.high);
}
void storePayload(const Value& val, Operand dest) {
if (val.isMarkable())
movl(ImmGCPtr(val.toMarkablePointer()), ToPayload(dest));
if (val.isGCThing())
movl(ImmGCPtr(val.toGCThing()), ToPayload(dest));
else
movl(Imm32(val.toNunboxPayload()), ToPayload(dest));
}
js/src/jscompartmentinlines.h
+1 -1
View File
@@ -61,7 +61,7 @@ inline bool
JSCompartment::wrap(JSContext* cx, JS::MutableHandleValue vp)
{
/* Only GC things have to be wrapped or copied. */
if (!vp.isMarkable())
if (!vp.isGCThing())
return true;
/*
js/src/jsfriendapi.h
+1 -1
View File
@@ -761,7 +761,7 @@ SetReservedSlot(JSObject* obj, size_t slot, const JS::Value& value)
{
MOZ_ASSERT(slot < JSCLASS_RESERVED_SLOTS(GetObjectClass(obj)));
shadow::Object* sobj = reinterpret_cast<shadow::Object*>(obj);
if (sobj->slotRef(slot).isMarkable() || value.isMarkable())
if (sobj->slotRef(slot).isGCThing() || value.isGCThing())
SetReservedOrProxyPrivateSlotWithBarrier(obj, slot, value);
else
sobj->slotRef(slot) = value;
js/src/jsfun.h
+1 -1
View File
@@ -830,7 +830,7 @@ inline void
JSFunction::setExtendedSlot(size_t which, const js::Value& val)
{
MOZ_ASSERT(which < mozilla::ArrayLength(toExtended()->extendedSlots));
MOZ_ASSERT_IF(js::IsMarkedBlack(this) && val.isMarkable(),
MOZ_ASSERT_IF(js::IsMarkedBlack(this) && val.isGCThing(),
!JS::GCThingIsMarkedGray(JS::GCCellPtr(val)));
toExtended()->extendedSlots[which] = val;
}
js/src/jsscript.cpp
+1 -1
View File
@@ -3309,7 +3309,7 @@ js::detail::CopyScript(JSContext* cx, HandleScript src, HandleScript dst,
GCPtrValue* vector = Rebase<GCPtrValue>(dst, src, src->consts()->vector);
dst->consts()->vector = vector;
for (unsigned i = 0; i < nconsts; ++i)
MOZ_ASSERT_IF(vector[i].isMarkable(), vector[i].toString()->isAtom());
MOZ_ASSERT_IF(vector[i].isGCThing(), vector[i].toString()->isAtom());
}
if (nobjects != 0) {
GCPtrObject* vector = Rebase<GCPtrObject>(dst, src, src->objects()->vector);
js/src/vm/ProxyObject.cpp
+1 -1
View File
@@ -45,7 +45,7 @@ ProxyObject::New(JSContext* cx, const BaseProxyHandler* handler, HandleValue pri
// wrappee. Prefer to allocate in the nursery, when possible.
NewObjectKind newKind = NurseryAllocatedProxy;
if (options.singleton()) {
MOZ_ASSERT(priv.isGCThing() && priv.toGCThing()->isTenured());
MOZ_ASSERT(priv.isNull() || (priv.isGCThing() && priv.toGCThing()->isTenured()));
newKind = SingletonObject;
} else if ((priv.isGCThing() && priv.toGCThing()->isTenured()) ||
!handler->canNurseryAllocate() ||
js/xpconnect/src/XPCVariant.cpp
+4 -4
View File
@@ -55,7 +55,7 @@ XPCTraceableVariant::~XPCTraceableVariant()
{
Value val = GetJSValPreserveColor();
MOZ_ASSERT(val.isGCThing(), "Must be traceable or unlinked");
MOZ_ASSERT(val.isGCThing() || val.isNull(), "Must be traceable or unlinked");
mData.Cleanup();
@@ -65,7 +65,7 @@ XPCTraceableVariant::~XPCTraceableVariant()
void XPCTraceableVariant::TraceJS(JSTracer* trc)
{
MOZ_ASSERT(GetJSValPreserveColor().isMarkable());
MOZ_ASSERT(GetJSValPreserveColor().isGCThing());
JS::TraceEdge(trc, &mJSVal, "XPCTraceableVariant::mJSVal");
}
@@ -86,7 +86,7 @@ NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(XPCVariant)
tmp->mData.Cleanup();
if (val.isMarkable()) {
if (val.isGCThing()) {
XPCTraceableVariant* v = static_cast<XPCTraceableVariant*>(tmp);
v->RemoveFromRootSet();
}
@@ -99,7 +99,7 @@ XPCVariant::newVariant(JSContext* cx, const Value& aJSVal)
{
RefPtr<XPCVariant> variant;
if (!aJSVal.isMarkable())
if (!aJSVal.isGCThing())
variant = new XPCVariant(cx, aJSVal);
else
variant = new XPCTraceableVariant(cx, aJSVal);
xpcom/base/nsCycleCollector.cpp
+1 -1
View File
@@ -2690,7 +2690,7 @@ public:
void* aClosure) const override
{
const JS::Value& val = aValue->unbarrieredGet();
if (val.isMarkable() && ValueIsGrayCCThing(val)) {
if (val.isGCThing() && ValueIsGrayCCThing(val)) {
MOZ_ASSERT(!js::gc::IsInsideNursery(val.toGCThing()));
mCollector->GetJSPurpleBuffer()->mValues.InfallibleAppend(val);
}
xpcom/base/nsCycleCollectorTraceJSHelpers.cpp
+1 -1
View File
@@ -36,7 +36,7 @@ void
TraceCallbackFunc::Trace(JS::Heap<JS::Value>* aPtr, const char* aName,
void* aClosure) const
{
if (aPtr->unbarrieredGet().isMarkable()) {
if (aPtr->unbarrieredGet().isGCThing()) {
mCallback(JS::GCCellPtr(aPtr->unbarrieredGet()), aName, aClosure);
}
}