From 3ded48cbe3529811f8638fde9f392bc915c35163 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Mon, 13 May 2019 15:45:32 +0000 Subject: Unhook Unboxed Objects option --- js/src/shell/js.cpp | 3 --- 1 file changed, 3 deletions(-) (limited to 'js/src/shell') diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp index 8d144417a..193d8d22b 100644 --- a/js/src/shell/js.cpp +++ b/js/src/shell/js.cpp @@ -7276,9 +7276,6 @@ SetContextOptions(JSContext* cx, const OptionParser& op) if (op.getBoolOption("wasm-check-bce")) jit::JitOptions.wasmAlwaysCheckBounds = true; - if (op.getBoolOption("no-unboxed-objects")) - jit::JitOptions.disableUnboxedObjects = true; - if (const char* str = op.getStringOption("cache-ir-stubs")) { if (strcmp(str, "on") == 0) jit::JitOptions.disableCacheIR = false; -- cgit v1.2.3 From ec96ef3b7712da562d9f2f26c4099a5700c4eea4 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Wed, 12 Jun 2019 09:56:41 +0000 Subject: Remove unboxed array context option and shell flag. --- js/src/shell/js.cpp | 4 ---- 1 file changed, 4 deletions(-) (limited to 'js/src/shell') diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp index 193d8d22b..29cbd9762 100644 --- a/js/src/shell/js.cpp +++ b/js/src/shell/js.cpp @@ -320,7 +320,6 @@ static bool enableIon = false; static bool enableAsmJS = false; static bool enableWasm = false; static bool enableNativeRegExp = false; -static bool enableUnboxedArrays = false; static bool enableSharedMemory = SHARED_MEMORY_DEFAULT; static bool enableWasmAlwaysBaseline = false; static bool enableArrayProtoValues = true; @@ -7260,7 +7259,6 @@ SetContextOptions(JSContext* cx, const OptionParser& op) enableAsmJS = !op.getBoolOption("no-asmjs"); enableWasm = !op.getBoolOption("no-wasm"); enableNativeRegExp = !op.getBoolOption("no-native-regexp"); - enableUnboxedArrays = op.getBoolOption("unboxed-arrays"); enableWasmAlwaysBaseline = op.getBoolOption("wasm-always-baseline"); enableArrayProtoValues = !op.getBoolOption("no-array-proto-values"); @@ -7270,7 +7268,6 @@ SetContextOptions(JSContext* cx, const OptionParser& op) .setWasm(enableWasm) .setWasmAlwaysBaseline(enableWasmAlwaysBaseline) .setNativeRegExp(enableNativeRegExp) - .setUnboxedArrays(enableUnboxedArrays) .setArrayProtoValues(enableArrayProtoValues); if (op.getBoolOption("wasm-check-bce")) @@ -7710,7 +7707,6 @@ main(int argc, char** argv, char** envp) || !op.addBoolOption('\0', "no-wasm", "Disable WebAssembly compilation") || !op.addBoolOption('\0', "no-native-regexp", "Disable native regexp compilation") || !op.addBoolOption('\0', "no-unboxed-objects", "Disable creating unboxed plain objects") - || !op.addBoolOption('\0', "unboxed-arrays", "Allow creating unboxed arrays") || !op.addBoolOption('\0', "wasm-always-baseline", "Enable wasm baseline compiler when possible") || !op.addBoolOption('\0', "wasm-check-bce", "Always generate wasm bounds check, even redundant ones.") || !op.addBoolOption('\0', "no-array-proto-values", "Remove Array.prototype.values") -- cgit v1.2.3 From 1cf7e63d993b0f41aecc3af7e0cd759c8b067df4 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Tue, 25 Jun 2019 20:13:11 +0000 Subject: Remove Unboxed Objects Option Code --- js/src/shell/js.cpp | 2 -- 1 file changed, 2 deletions(-) (limited to 'js/src/shell') diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp index 29cbd9762..617b5e902 100644 --- a/js/src/shell/js.cpp +++ b/js/src/shell/js.cpp @@ -7536,7 +7536,6 @@ SetWorkerContextOptions(JSContext* cx) .setWasm(enableWasm) .setWasmAlwaysBaseline(enableWasmAlwaysBaseline) .setNativeRegExp(enableNativeRegExp) - .setUnboxedArrays(enableUnboxedArrays) .setArrayProtoValues(enableArrayProtoValues); cx->setOffthreadIonCompilationEnabled(offthreadCompilation); cx->profilingScripts = enableCodeCoverage || enableDisassemblyDumps; @@ -7706,7 +7705,6 @@ main(int argc, char** argv, char** envp) || !op.addBoolOption('\0', "no-asmjs", "Disable asm.js compilation") || !op.addBoolOption('\0', "no-wasm", "Disable WebAssembly compilation") || !op.addBoolOption('\0', "no-native-regexp", "Disable native regexp compilation") - || !op.addBoolOption('\0', "no-unboxed-objects", "Disable creating unboxed plain objects") || !op.addBoolOption('\0', "wasm-always-baseline", "Enable wasm baseline compiler when possible") || !op.addBoolOption('\0', "wasm-check-bce", "Always generate wasm bounds check, even redundant ones.") || !op.addBoolOption('\0', "no-array-proto-values", "Remove Array.prototype.values") -- cgit v1.2.3 From 90d999c59a08bfc3145317aa4f0a92db0597632e Mon Sep 17 00:00:00 2001 From: Gaming4JC Date: Sat, 8 Jun 2019 15:12:00 -0400 Subject: 1320403 - Move JSFunction::EXPR_BODY to JSScript, LazyScript, and FunctionBox. --- js/src/shell/js.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'js/src/shell') diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp index 617b5e902..f6a13623c 100644 --- a/js/src/shell/js.cpp +++ b/js/src/shell/js.cpp @@ -2689,7 +2689,7 @@ DisassembleScript(JSContext* cx, HandleScript script, HandleFunction fun, if (sp->put(" CONSTRUCTOR") < 0) return false; } - if (fun->isExprBody()) { + if (script->isExprBody()) { if (sp->put(" EXPRESSION_CLOSURE") < 0) return false; } -- cgit v1.2.3 From 739a81958035410ddd9b230354a56c909cc5c816 Mon Sep 17 00:00:00 2001 From: Gaming4JC Date: Sat, 8 Jun 2019 18:54:17 -0400 Subject: 1320408 - Part 2: Change JSFunction::getOrCreateScript to static method. --- js/src/shell/js.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'js/src/shell') diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp index f6a13623c..f8b10285a 100644 --- a/js/src/shell/js.cpp +++ b/js/src/shell/js.cpp @@ -2310,7 +2310,7 @@ ValueToScript(JSContext* cx, HandleValue v, JSFunction** funp = nullptr) return nullptr; } - JSScript* script = fun->getOrCreateScript(cx); + JSScript* script = JSFunction::getOrCreateScript(cx, fun); if (!script) return nullptr; @@ -2726,7 +2726,7 @@ DisassembleScript(JSContext* cx, HandleScript script, HandleFunction fun, RootedFunction fun(cx, &obj->as()); if (fun->isInterpreted()) { - RootedScript script(cx, fun->getOrCreateScript(cx)); + RootedScript script(cx, JSFunction::getOrCreateScript(cx, fun)); if (script) { if (!DisassembleScript(cx, script, fun, lines, recursive, sourceNotes, sp)) return false; @@ -5403,7 +5403,7 @@ DumpScopeChain(JSContext* cx, unsigned argc, Value* vp) ReportUsageErrorASCII(cx, callee, "Argument must be an interpreted function"); return false; } - script = fun->getOrCreateScript(cx); + script = JSFunction::getOrCreateScript(cx, fun); } else { script = obj->as().script(); } -- cgit v1.2.3 From af6768fb1f2e44b0bfe4136c79d8031028d073b1 Mon Sep 17 00:00:00 2001 From: Gaming4JC Date: Sat, 8 Jun 2019 19:20:00 -0400 Subject: 1320408 - Part 4: Change JSObject::getGroup to static method. --- js/src/shell/js.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'js/src/shell') diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp index f8b10285a..19bb6b84a 100644 --- a/js/src/shell/js.cpp +++ b/js/src/shell/js.cpp @@ -3488,8 +3488,8 @@ GroupOf(JSContext* cx, unsigned argc, JS::Value* vp) JS_ReportErrorASCII(cx, "groupOf: object expected"); return false; } - JSObject* obj = &args[0].toObject(); - ObjectGroup* group = obj->getGroup(cx); + RootedObject obj(cx, &args[0].toObject()); + ObjectGroup* group = JSObject::getGroup(cx, obj); if (!group) return false; args.rval().set(JS_NumberValue(double(uintptr_t(group) >> 3))); -- cgit v1.2.3 From 8e932efef46c70fd0c165ee432893f9898267f08 Mon Sep 17 00:00:00 2001 From: Gaming4JC Date: Sun, 16 Jun 2019 11:32:41 -0400 Subject: 1283712 - Part 10: Support notes in getLastWarning shell-only testing function. --- js/src/shell/js.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'js/src/shell') diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp index 19bb6b84a..1e2435955 100644 --- a/js/src/shell/js.cpp +++ b/js/src/shell/js.cpp @@ -6419,6 +6419,14 @@ CreateLastWarningObject(JSContext* cx, JSErrorReport* report) if (!DefineProperty(cx, warningObj, cx->names().columnNumber, columnVal)) return false; + RootedObject notesArray(cx, CreateErrorNotesArray(cx, report)); + if (!notesArray) + return false; + + RootedValue notesArrayVal(cx, ObjectValue(*notesArray)); + if (!DefineProperty(cx, warningObj, cx->names().notes, notesArrayVal)) + return false; + GetShellContext(cx)->lastWarning.setObject(*warningObj); return true; } -- cgit v1.2.3 From 53e46b1e12ef01ccaabb3256738ea1eac74b7941 Mon Sep 17 00:00:00 2001 From: Gaming4JC Date: Sat, 13 Jul 2019 21:33:52 -0400 Subject: 1216630 - Print class source when calling toString on the constructor. This is accomplished in the following ways. LazyScripts and JSScripts now have 4 offsets: - Source begin and end for the actual source. This is used for lazy parsing. - toString begin and end for toString. Some kinds of functions, like async, only have a different begin offset. Class constructors have different offsets for both begin and end. For syntactically present (i.e. non-default) constructors, the class source span is remembered directly on the LazyScript or JSScript. The toString implementation then splices out the substring directly. For default constructors, a new SRC_CLASS SrcNote type is added. It's binary and has as its arguments the begin and end offsets of the class expression or statement. MakeDefaultConstructor reads the note and overrides the cloned self-hosted function's source object. This is probably the least intrusive way to accomplish this. --- js/src/shell/js.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'js/src/shell') diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp index 1e2435955..51cd11fe8 100644 --- a/js/src/shell/js.cpp +++ b/js/src/shell/js.cpp @@ -2550,6 +2550,14 @@ SrcNotes(JSContext* cx, HandleScript script, Sprinter* sp) return false; break; + case SRC_CLASS_SPAN: { + unsigned startOffset = GetSrcNoteOffset(sn, 0); + unsigned endOffset = GetSrcNoteOffset(sn, 1); + if (!sp->jsprintf(" %u %u", startOffset, endOffset)) + return false; + break; + } + default: MOZ_ASSERT_UNREACHABLE("unrecognized srcnote"); } -- cgit v1.2.3 From dee457e63aa52ac83c0545ae87dc273cbdd072f1 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Tue, 22 Oct 2019 20:57:58 +0200 Subject: Avoid uint32_t overflow in js shell by checking size of file before trying to stuff something insanely large into a Uint8Array. See also: BMO 1571911 --- js/src/shell/OSObject.cpp | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'js/src/shell') diff --git a/js/src/shell/OSObject.cpp b/js/src/shell/OSObject.cpp index 846ec7b15..4fb3d4e77 100644 --- a/js/src/shell/OSObject.cpp +++ b/js/src/shell/OSObject.cpp @@ -184,6 +184,11 @@ FileAsTypedArray(JSContext* cx, JS::HandleString pathnameStr) return nullptr; JS_ReportErrorUTF8(cx, "can't seek start of %s", pathname.ptr()); } else { + if (len > INT32_MAX) { + JS_ReportErrorUTF8(cx, "file %s is too large for a Uint8Array", + pathname.ptr()); + return nullptr; + } obj = JS_NewUint8Array(cx, len); if (!obj) return nullptr; -- cgit v1.2.3