From bbd4001cb261cc54e2adf804ea7cbeb09078d7d9 Mon Sep 17 00:00:00 2001
From: trav90 <travawine@protonmail.ch>
Date: Sat, 7 Apr 2018 12:24:30 -0500
Subject: Fix Value::isGCThing footgun, stop returning true for NullValue

---
 js/src/jit/x86/MacroAssembler-x86.cpp |  4 ++--
 js/src/jit/x86/MacroAssembler-x86.h   | 12 ++++++------
 2 files changed, 8 insertions(+), 8 deletions(-)

(limited to 'js/src/jit/x86')

diff --git a/js/src/jit/x86/MacroAssembler-x86.cpp b/js/src/jit/x86/MacroAssembler-x86.cpp
index 754b29c2d..dc97b5b5b 100644
--- a/js/src/jit/x86/MacroAssembler-x86.cpp
+++ b/js/src/jit/x86/MacroAssembler-x86.cpp
@@ -499,8 +499,8 @@ MacroAssembler::branchTestValue(Condition cond, const ValueOperand& lhs,
                                 const Value& rhs, Label* label)
 {
     MOZ_ASSERT(cond == Equal || cond == NotEqual);
-    if (rhs.isMarkable())
-        cmpPtr(lhs.payloadReg(), ImmGCPtr(rhs.toMarkablePointer()));
+    if (rhs.isGCThing())
+        cmpPtr(lhs.payloadReg(), ImmGCPtr(rhs.toGCThing()));
     else
         cmpPtr(lhs.payloadReg(), ImmWord(rhs.toNunboxPayload()));
 
diff --git a/js/src/jit/x86/MacroAssembler-x86.h b/js/src/jit/x86/MacroAssembler-x86.h
index 21cd63a0c..2b2507c77 100644
--- a/js/src/jit/x86/MacroAssembler-x86.h
+++ b/js/src/jit/x86/MacroAssembler-x86.h
@@ -94,8 +94,8 @@ class MacroAssemblerX86 : public MacroAssemblerX86Shared
     }
     void moveValue(const Value& val, Register type, Register data) {
         movl(Imm32(val.toNunboxTag()), type);
-        if (val.isMarkable())
-            movl(ImmGCPtr(val.toMarkablePointer()), data);
+        if (val.isGCThing())
+            movl(ImmGCPtr(val.toGCThing()), data);
         else
             movl(Imm32(val.toNunboxPayload()), data);
     }
@@ -213,8 +213,8 @@ class MacroAssemblerX86 : public MacroAssemblerX86Shared
     }
     void pushValue(const Value& val) {
         push(Imm32(val.toNunboxTag()));
-        if (val.isMarkable())
-            push(ImmGCPtr(val.toMarkablePointer()));
+        if (val.isGCThing())
+            push(ImmGCPtr(val.toGCThing()));
         else
             push(Imm32(val.toNunboxPayload()));
     }
@@ -235,8 +235,8 @@ class MacroAssemblerX86 : public MacroAssemblerX86Shared
         pop(dest.high);
     }
     void storePayload(const Value& val, Operand dest) {
-        if (val.isMarkable())
-            movl(ImmGCPtr(val.toMarkablePointer()), ToPayload(dest));
+        if (val.isGCThing())
+            movl(ImmGCPtr(val.toGCThing()), ToPayload(dest));
         else
             movl(Imm32(val.toNunboxPayload()), ToPayload(dest));
     }
-- 
cgit v1.2.3