summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--js/src/vm/TypeInference.cpp15
-rw-r--r--js/src/vm/TypeInference.h5
2 files changed, 11 insertions, 9 deletions
diff --git a/js/src/vm/TypeInference.cpp b/js/src/vm/TypeInference.cpp
index 3d09c7464..c86345d9c 100644
--- a/js/src/vm/TypeInference.cpp
+++ b/js/src/vm/TypeInference.cpp
@@ -12,6 +12,8 @@
#include "mozilla/SizePrintfMacros.h"
#include "mozilla/Sprintf.h"
+#include <new>
+
#include "jsapi.h"
#include "jscntxt.h"
#include "jsgc.h"
@@ -859,10 +861,8 @@ TypeSet::IsTypeAboutToBeFinalized(TypeSet::Type* v)
}
bool
-TypeSet::clone(LifoAlloc* alloc, TemporaryTypeSet* result) const
+TypeSet::cloneIntoUninitialized(LifoAlloc* alloc, TemporaryTypeSet* result) const
{
- MOZ_ASSERT(result->empty());
-
unsigned objectCount = baseObjectCount();
unsigned capacity = (objectCount >= 2) ? TypeHashSet::Capacity(objectCount) : 0;
@@ -874,15 +874,15 @@ TypeSet::clone(LifoAlloc* alloc, TemporaryTypeSet* result) const
PodCopy(newSet, objectSet, capacity);
}
- new(result) TemporaryTypeSet(flags, capacity ? newSet : objectSet);
+ new (result) TemporaryTypeSet(flags, capacity ? newSet : objectSet);
return true;
}
TemporaryTypeSet*
TypeSet::clone(LifoAlloc* alloc) const
{
- TemporaryTypeSet* res = alloc->new_<TemporaryTypeSet>();
- if (!res || !clone(alloc, res))
+ TemporaryTypeSet* res = alloc->pod_malloc<TemporaryTypeSet>();
+ if (!res || !cloneIntoUninitialized(alloc, res))
return nullptr;
return res;
}
@@ -1150,10 +1150,9 @@ TypeScript::FreezeTypeSets(CompilerConstraintList* constraints, JSScript* script
TemporaryTypeSet* types = alloc->newArrayUninitialized<TemporaryTypeSet>(count);
if (!types)
return false;
- PodZero(types, count);
for (size_t i = 0; i < count; i++) {
- if (!existing[i].clone(alloc, &types[i]))
+ if (!existing[i].cloneIntoUninitialized(alloc, &types[i]))
return false;
}
diff --git a/js/src/vm/TypeInference.h b/js/src/vm/TypeInference.h
index 0e737bad7..0f1cd4936 100644
--- a/js/src/vm/TypeInference.h
+++ b/js/src/vm/TypeInference.h
@@ -498,7 +498,10 @@ class TypeSet
// Clone a type set into an arbitrary allocator.
TemporaryTypeSet* clone(LifoAlloc* alloc) const;
- bool clone(LifoAlloc* alloc, TemporaryTypeSet* result) const;
+
+ // |*result| is not even partly initialized when this function is called:
+ // this function placement-new's its contents into existence.
+ bool cloneIntoUninitialized(LifoAlloc* alloc, TemporaryTypeSet* result) const;
// Create a new TemporaryTypeSet where undefined and/or null has been filtered out.
TemporaryTypeSet* filter(LifoAlloc* alloc, bool filterUndefined, bool filterNull) const;