wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 935952 - Clean up TypeObjectKey property interface to avoid querying objects with unknown properties, r=jandem.

Browse Source
This commit is contained in:
Brian Hackett 2013-11-08 08:56:10 -07:00
parent 9600a1a039
commit e39b4d8319
4 changed files with 29 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
js/src/jit/IonBuilder.cpp
View File

@ -5974,10 +5974,13 @@ IonBuilder::testSingletonProperty(JSObject *obj, PropertyName *name)
return nullptr; return nullptr;
types::TypeObjectKey *objType = types::TypeObjectKey::get(obj); types::TypeObjectKey *objType = types::TypeObjectKey::get(obj);
if (context())
objType->ensureTrackedProperty(context(), NameToId(name));
if (objType->unknownProperties()) if (objType->unknownProperties())
return nullptr; return nullptr;
types::HeapTypeSetKey property = objType->property(NameToId(name), context()); types::HeapTypeSetKey property = objType->property(NameToId(name));
if (property.isOwnProperty(constraints())) { if (property.isOwnProperty(constraints())) {
if (obj->hasSingletonType()) if (obj->hasSingletonType())
return property.singleton(constraints()); return property.singleton(constraints());
@ -6049,10 +6052,12 @@ IonBuilder::testSingletonPropertyTypes(MDefinition *obj, JSObject *singleton, Pr
types::TypeObjectKey *object = types->getObject(i); types::TypeObjectKey *object = types->getObject(i);
if (!object) if (!object)
continue; continue;
if (context())
object->ensureTrackedProperty(context(), NameToId(name));
if (object->unknownProperties()) if (object->unknownProperties())
return false; return false;
types::HeapTypeSetKey property = object->property(NameToId(name), context()); types::HeapTypeSetKey property = object->property(NameToId(name));
if (property.isOwnProperty(constraints())) if (property.isOwnProperty(constraints()))
return false; return false;
@ -6187,12 +6192,15 @@ IonBuilder::getStaticName(JSObject *staticObject, PropertyName *name, bool *psuc
} }
types::TypeObjectKey *staticType = types::TypeObjectKey::get(staticObject); types::TypeObjectKey *staticType = types::TypeObjectKey::get(staticObject);
if (context())
staticType->ensureTrackedProperty(context(), NameToId(name));
if (staticType->unknownProperties()) { if (staticType->unknownProperties()) {
*psucceeded = false; *psucceeded = false;
return true; return true;
} }
types::HeapTypeSetKey property = staticType->property(id, context()); types::HeapTypeSetKey property = staticType->property(id);
if (!property.maybeTypes() || if (!property.maybeTypes() ||
!property.maybeTypes()->definiteProperty() || !property.maybeTypes()->definiteProperty() ||
property.configured(constraints(), staticType)) property.configured(constraints(), staticType))

5
js/src/jit/MIR.cpp
View File

@ -2928,8 +2928,11 @@ jit::PropertyReadNeedsTypeBarrier(JSContext *propertycx,
break; break;
types::TypeObjectKey *typeObj = types::TypeObjectKey::get(obj); types::TypeObjectKey *typeObj = types::TypeObjectKey::get(obj);
if (propertycx)
typeObj->ensureTrackedProperty(propertycx, NameToId(name));
if (!typeObj->unknownProperties()) { if (!typeObj->unknownProperties()) {
types::HeapTypeSetKey property = typeObj->property(NameToId(name), propertycx); types::HeapTypeSetKey property = typeObj->property(NameToId(name));
if (property.maybeTypes()) { if (property.maybeTypes()) {
types::TypeSet::TypeList types; types::TypeSet::TypeList types;
if (!property.maybeTypes()->enumerateTypes(&types)) if (!property.maybeTypes()->enumerateTypes(&types))

22
js/src/jsinfer.cpp
View File

@ -827,7 +827,7 @@ TypeObjectKey::unknownProperties()
} }
HeapTypeSetKey HeapTypeSetKey
TypeObjectKey::property(jsid id, JSContext *maybecx /* = nullptr */) TypeObjectKey::property(jsid id)
{ {
JS_ASSERT(!unknownProperties()); JS_ASSERT(!unknownProperties());
@ -837,22 +837,24 @@ TypeObjectKey::property(jsid id, JSContext *maybecx /* = nullptr */)
if (TypeObject *type = maybeType()) if (TypeObject *type = maybeType())
property.maybeTypes_ = type->maybeGetProperty(id); property.maybeTypes_ = type->maybeGetProperty(id);
return property;
}
void
TypeObjectKey::ensureTrackedProperty(JSContext *cx, jsid id)
{
#ifdef JS_ION #ifdef JS_ION
// If we are accessing a lazily defined property which actually exists in // If we are accessing a lazily defined property which actually exists in
// the VM and has not been instantiated yet, instantiate it now if we are // the VM and has not been instantiated yet, instantiate it now if we are
// on the main thread and able to do so. // on the main thread and able to do so.
if (maybecx && !property.maybeTypes() && !JSID_IS_VOID(id) && !JSID_IS_EMPTY(id)) { if (!JSID_IS_VOID(id) && !JSID_IS_EMPTY(id)) {
JS_ASSERT(CurrentThreadCanAccessRuntime(maybecx->runtime())); JS_ASSERT(CurrentThreadCanAccessRuntime(cx->runtime()));
JSObject *singleton = isSingleObject() ? asSingleObject() : asTypeObject()->singleton; if (JSObject *obj = singleton()) {
if (singleton && singleton->isNative() && singleton->nativeLookupPure(id)) { if (obj->isNative() && obj->nativeLookupPure(id))
EnsureTrackPropertyTypes(maybecx, singleton, id); EnsureTrackPropertyTypes(cx, obj, id);
if (TypeObject *type = maybeType())
property.maybeTypes_ = type->maybeGetProperty(id);
} }
} }
#endif // JS_ION #endif // JS_ION
return property;
} }
bool bool

3
js/src/jsinfer.h
View File

@ -1257,7 +1257,8 @@ struct TypeObjectKey
void watchStateChangeForInlinedCall(CompilerConstraintList *constraints); void watchStateChangeForInlinedCall(CompilerConstraintList *constraints);
void watchStateChangeForNewScriptTemplate(CompilerConstraintList *constraints); void watchStateChangeForNewScriptTemplate(CompilerConstraintList *constraints);
void watchStateChangeForTypedArrayBuffer(CompilerConstraintList *constraints); void watchStateChangeForTypedArrayBuffer(CompilerConstraintList *constraints);
HeapTypeSetKey property(jsid id, JSContext *maybecx = nullptr); HeapTypeSetKey property(jsid id);
void ensureTrackedProperty(JSContext *cx, jsid id);
TypeObject *maybeType(); TypeObject *maybeType();
}; };