Bug 891966 - 1 - Don't allow construction of Handle<T> from Heap<T> r=bz

2024-09-13 09:24:08 -07:00 · 2013-07-23 10:58:27 +01:00 · 2013-07-23 10:58:27 +01:00 · b216cf9603
commit b216cf9603
parent 8bcb261a97
7 changed files with 20 additions and 15 deletions
--- a/content/xbl/src/nsXBLProtoImplMethod.cpp
+++ b/content/xbl/src/nsXBLProtoImplMethod.cpp
@ -261,7 +261,9 @@ nsXBLProtoImplMethod::Write(nsIScriptContext* aContext,
    rv = aStream->WriteWStringZ(mName);
    NS_ENSURE_SUCCESS(rv, rv);

-    return XBL_SerializeFunction(aContext, aStream, mMethod.AsHeapObject());
+    JS::Handle<JSObject*> method =
+      JS::Handle<JSObject*>::fromMarkedLocation(mMethod.AsHeapObject().address());
+    return XBL_SerializeFunction(aContext, aStream, method);
  }

  return NS_OK;
@ -364,7 +366,9 @@ nsXBLProtoImplAnonymousMethod::Write(nsIScriptContext* aContext,
    nsresult rv = aStream->Write8(aType);
    NS_ENSURE_SUCCESS(rv, rv);

-    rv = XBL_SerializeFunction(aContext, aStream, mMethod.AsHeapObject());
+    JS::Handle<JSObject*> method =
+      JS::Handle<JSObject*>::fromMarkedLocation(mMethod.AsHeapObject().address());
+    rv = XBL_SerializeFunction(aContext, aStream, method);
    NS_ENSURE_SUCCESS(rv, rv);
  }

--- a/content/xbl/src/nsXBLProtoImplProperty.cpp
+++ b/content/xbl/src/nsXBLProtoImplProperty.cpp
@ -358,12 +358,16 @@ nsXBLProtoImplProperty::Write(nsIScriptContext* aContext,
  NS_ENSURE_SUCCESS(rv, rv);

  if (mJSAttributes & JSPROP_GETTER) {
-    rv = XBL_SerializeFunction(aContext, aStream, mGetter.AsHeapObject());
+    JS::Handle<JSObject*> function =
+      JS::Handle<JSObject*>::fromMarkedLocation(mGetter.AsHeapObject().address());
+    rv = XBL_SerializeFunction(aContext, aStream, function);
    NS_ENSURE_SUCCESS(rv, rv);
  }

  if (mJSAttributes & JSPROP_SETTER) {
-    rv = XBL_SerializeFunction(aContext, aStream, mSetter.AsHeapObject());
+     JS::Handle<JSObject*> function =
+      JS::Handle<JSObject*>::fromMarkedLocation(mSetter.AsHeapObject().address());
+    rv = XBL_SerializeFunction(aContext, aStream, function);
    NS_ENSURE_SUCCESS(rv, rv);
  }

--- a/content/xul/content/src/nsXULElement.cpp
+++ b/content/xul/content/src/nsXULElement.cpp
@ -2381,7 +2381,9 @@ nsXULPrototypeScript::Serialize(nsIObjectOutputStream* aStream,
    rv = aStream->Write32(mLangVersion);
    if (NS_FAILED(rv)) return rv;
    // And delegate the writing to the nsIScriptContext
-    rv = context->Serialize(aStream, mScriptObject);
+    JS::Handle<JSScript*> script =
+        JS::Handle<JSScript*>::fromMarkedLocation(mScriptObject.address());
+    rv = context->Serialize(aStream, script);
    if (NS_FAILED(rv)) return rv;

    return NS_OK;
@ -2406,8 +2408,7 @@ nsXULPrototypeScript::SerializeOutOfLine(nsIObjectOutputStream* aStream,
                 "writing to the cache file, but the XUL cache is off?");
    bool exists;
    cache->HasData(mSrcURI, &exists);
-    
-    
+
    /* return will be NS_OK from GetAsciiSpec.
     * that makes no sense.
     * nor does returning NS_OK from HasMuxedDocument.
--- a/content/xul/content/src/nsXULElement.h
+++ b/content/xul/content/src/nsXULElement.h
@ -243,7 +243,7 @@ public:
    // &mScriptObject pointer can't go stale.
    JS::Handle<JSScript*> GetScriptObject()
    {
-        return JS::Handle<JSScript*>(mScriptObject);
+        return JS::Handle<JSScript*>::fromMarkedLocation(mScriptObject.address());
    }

    void TraceScriptObject(JSTracer* aTrc)
--- a/dom/bindings/CallbackObject.h
+++ b/dom/bindings/CallbackObject.h
@ -76,7 +76,7 @@ public:
   */
  JS::Handle<JSObject*> CallbackPreserveColor() const
  {
-    return mCallback;
+    return JS::Handle<JSObject*>::fromMarkedLocation(mCallback.address());
  }

  enum ExceptionHandling {
--- a/dom/bindings/Codegen.py
+++ b/dom/bindings/Codegen.py
@ -1893,7 +1893,7 @@ class CGGetPerInterfaceObject(CGAbstractMethod):
  }

  /* The object might _still_ be null, but that's OK */
-  return JS::Handle<JSObject*>(protoAndIfaceArray[%s]);""" %
+  return JS::Handle<JSObject*>::fromMarkedLocation(protoAndIfaceArray[%s].address());""" %
                (self.id, self.id))

 class CGGetProtoObjectMethod(CGGetPerInterfaceObject):
@ -9842,7 +9842,7 @@ class CallbackOperationBase(CallbackMethod):
        # This relies on getCallableDecl declaring a boolean
        # isCallable in the case when we're a single-operation
        # interface.
-        return "isCallable ? aThisObj : mCallback"
+        return "isCallable ? aThisObj.get() : mCallback"

    def getCallableDecl(self):
        replacements = {
--- a/js/public/RootingAPI.h
+++ b/js/public/RootingAPI.h
@ -408,10 +408,6 @@ class MOZ_NONHEAP_CLASS Handle : public js::HandleBase<T>
        ptr = handle.address();
    }

-    Handle(const Heap<T> &heapPtr) {
-        ptr = heapPtr.address();
-    }
-
    /*
     * This may be called only if the location of the T is guaranteed
     * to be marked (for some reason other than being a Rooted),