Bug 1276028 - Baldr: address review comments (r=bbouvier)

2016-06-15 06:02:34 +01:00 · 2016-06-15 06:02:34 +01:00 · a9533fbac8
--- a/js/src/asmjs/AsmJS.cpp
+++ b/js/src/asmjs/AsmJS.cpp
@ -7965,7 +7965,7 @@ static Module&
 AsmJSModuleFunctionToModule(JSFunction* fun)
 {
    MOZ_ASSERT(IsAsmJSModule(fun));
-    const Value& v = fun->getExtendedSlot(FunctionExtended::WASM_MODULE_SLOT);
+    const Value& v = fun->getExtendedSlot(FunctionExtended::ASMJS_MODULE_SLOT);
    return v.toObject().as<WasmModuleObject>().module();
 }
@ -8005,7 +8005,7 @@ NewAsmJSModuleFunction(ExclusiveContext* cx, JSFunction* origFun, HandleObject m
    if (!moduleFun)
        return nullptr;
-    moduleFun->setExtendedSlot(FunctionExtended::WASM_MODULE_SLOT, ObjectValue(*moduleObj));
+    moduleFun->setExtendedSlot(FunctionExtended::ASMJS_MODULE_SLOT, ObjectValue(*moduleObj));
    MOZ_ASSERT(IsAsmJSModule(moduleFun));
    return moduleFun;
--- a/js/src/asmjs/WasmFrameIterator.cpp
+++ b/js/src/asmjs/WasmFrameIterator.cpp
@ -812,10 +812,11 @@ wasm::ToggleProfiling(const Instance& instance, const CodeRange& codeRange, bool
    if (!codeRange.isFunction())
        return;
-    uint8_t* profilingEntry     = instance.codeSegment().code() + codeRange.funcProfilingEntry();
+    uint8_t* code = instance.codeSegment().code();
-    uint8_t* tableProfilingJump = instance.codeSegment().code() + codeRange.funcTableProfilingJump();
+    uint8_t* profilingEntry     = code + codeRange.funcProfilingEntry();
-    uint8_t* profilingJump      = instance.codeSegment().code() + codeRange.funcProfilingJump();
+    uint8_t* tableProfilingJump = code + codeRange.funcTableProfilingJump();
-    uint8_t* profilingEpilogue  = instance.codeSegment().code() + codeRange.funcProfilingEpilogue();
+    uint8_t* profilingJump      = code + codeRange.funcProfilingJump();
    uint8_t* profilingEpilogue  = code + codeRange.funcProfilingEpilogue();
    if (enabled) {
        MacroAssembler::patchNopToNearJump(tableProfilingJump, profilingEntry);
--- a/js/src/asmjs/WasmGenerator.cpp
+++ b/js/src/asmjs/WasmGenerator.cpp
@ -18,6 +18,7 @@
 #include "asmjs/WasmGenerator.h"
 #include "mozilla/CheckedInt.h"
 #include "mozilla/EnumeratedRange.h"
 #include "asmjs/WasmBaselineCompile.h"
@ -543,14 +544,19 @@ ModuleGenerator::addImport(const Sig& sig, uint32_t globalDataOffset)
 bool
 ModuleGenerator::allocateGlobalBytes(uint32_t bytes, uint32_t align, uint32_t* globalDataOffset)
 {
-    uint32_t pad = ComputeByteAlignment(linkData_.globalDataLength, align);
+    CheckedInt<uint32_t> newGlobalDataLength(linkData_.globalDataLength);
-    if (UINT32_MAX - linkData_.globalDataLength < pad + bytes)
+
    newGlobalDataLength += ComputeByteAlignment(newGlobalDataLength.value(), align);
    if (!newGlobalDataLength.isValid())
        return false;
-    linkData_.globalDataLength += pad;
+    *globalDataOffset = newGlobalDataLength.value();
-    *globalDataOffset = linkData_.globalDataLength;
+    newGlobalDataLength += bytes;
    linkData_.globalDataLength += bytes;
    if (!newGlobalDataLength.isValid())
        return false;
    linkData_.globalDataLength = newGlobalDataLength.value();
    return true;
 }
--- a/js/src/asmjs/WasmInstance.cpp
+++ b/js/src/asmjs/WasmInstance.cpp
@ -376,15 +376,15 @@ NewExportedFunction(JSContext* cx, Handle<WasmInstanceObject*> instanceObj, uint
    if (!fun)
        return nullptr;
-    fun->setExtendedSlot(FunctionExtended::WASM_MODULE_SLOT, ObjectValue(*instanceObj));
+    fun->setExtendedSlot(FunctionExtended::WASM_INSTANCE_SLOT, ObjectValue(*instanceObj));
    fun->setExtendedSlot(FunctionExtended::WASM_EXPORT_INDEX_SLOT, Int32Value(exportIndex));
    return fun;
 }
 static bool
 CreateExportObject(JSContext* cx,
-                   Handle<WasmInstanceObject*> instanceObj,
+                   HandleWasmInstanceObject instanceObj,
-                   Handle<ArrayBufferObjectMaybeShared*> heap,
+                   HandleArrayBufferObjectMaybeShared heap,
                   const ExportMap& exportMap,
                   const ExportVector& exports,
                   MutableHandleObject exportObj)
@ -887,7 +887,7 @@ Instance&
 wasm::ExportedFunctionToInstance(JSFunction* fun)
 {
    MOZ_ASSERT(IsExportedFunction(fun));
-    const Value& v = fun->getExtendedSlot(FunctionExtended::WASM_MODULE_SLOT);
+    const Value& v = fun->getExtendedSlot(FunctionExtended::WASM_INSTANCE_SLOT);
    return v.toObject().as<WasmInstanceObject>().instance();
 }
--- a/js/src/asmjs/WasmJS.cpp
+++ b/js/src/asmjs/WasmJS.cpp
@ -121,7 +121,7 @@ const ClassOps WasmModuleObject::classOps_ =
 const Class WasmModuleObject::class_ =
 {
    "WasmModuleObject",
-    JSCLASS_IS_ANONYMOUS | JSCLASS_DELAY_METADATA_BUILDER |
+    JSCLASS_DELAY_METADATA_BUILDER |
    JSCLASS_HAS_RESERVED_SLOTS(WasmModuleObject::RESERVED_SLOTS),
    &WasmModuleObject::classOps_,
 };
@ -136,7 +136,7 @@ WasmModuleObject::finalize(FreeOp* fop, JSObject* obj)
 WasmModuleObject::create(ExclusiveContext* cx, UniqueModule module)
 {
    AutoSetNewObjectMetadata metadata(cx);
-    auto obj = NewObjectWithGivenProto<WasmModuleObject>(cx, nullptr);
+    auto* obj = NewObjectWithGivenProto<WasmModuleObject>(cx, nullptr);
    if (!obj)
        return nullptr;
@ -170,7 +170,7 @@ const ClassOps WasmInstanceObject::classOps_ =
 const Class WasmInstanceObject::class_ =
 {
    "WasmInstanceObject",
-    JSCLASS_IS_ANONYMOUS | JSCLASS_DELAY_METADATA_BUILDER |
+    JSCLASS_DELAY_METADATA_BUILDER |
    JSCLASS_HAS_RESERVED_SLOTS(WasmInstanceObject::RESERVED_SLOTS),
    &WasmInstanceObject::classOps_,
 };
--- a/js/src/asmjs/WasmModule.cpp
+++ b/js/src/asmjs/WasmModule.cpp
@ -314,8 +314,8 @@ Module::addSizeOfMisc(MallocSizeOf mallocSizeOf,
 bool
 Module::instantiate(JSContext* cx,
                    Handle<FunctionVector> funcImports,
-                    Handle<ArrayBufferObjectMaybeShared*> heap,
+                    HandleArrayBufferObjectMaybeShared heap,
-                    MutableHandle<WasmInstanceObject*> instanceObj) const
+                    MutableHandleWasmInstanceObject instanceObj) const
 {
    MOZ_ASSERT(funcImports.length() == metadata_->imports.length());
--- a/js/src/asmjs/WasmModule.h
+++ b/js/src/asmjs/WasmModule.h
@ -139,7 +139,7 @@ struct ExportMap
 // operations: instantiation and serialization. A Module can be instantiated any
 // number of times to produce new Instance objects. A Module can be serialized
 // any number of times such that the serialized bytes can be deserialized later
-// to produce and new, equivalent Module.
+// to produce a new, equivalent Module.
 //
 // Since fully linked-and-instantiated code (represented by CodeSegment) cannot
 // be shared between instances, Module stores an unlinked, uninstantiated copy
--- a/js/src/jsfun.h
+++ b/js/src/jsfun.h
@ -704,10 +704,10 @@ class FunctionExtended : public JSFunction
    static const unsigned METHOD_HOMEOBJECT_SLOT = 0;
    /*
-     * All asm.js/wasm functions store their compiled module (either
+     * Exported asm.js/wasm functions store their WasmInstanceObject in the
-     * WasmModuleObject or AsmJSModuleObject) in the first extended slot.
+     * first slot.
     */
-    static const unsigned WASM_MODULE_SLOT = 0;
+    static const unsigned WASM_INSTANCE_SLOT = 0;
    /*
     * wasm/asm.js exported functions store the index of the export in the
@ -715,6 +715,12 @@ class FunctionExtended : public JSFunction
     */
    static const unsigned WASM_EXPORT_INDEX_SLOT = 1;
    /*
     * asm.js module functions store their WasmModuleObject in the first slot.
     */
    static const unsigned ASMJS_MODULE_SLOT = 0;
    static inline size_t offsetOfExtendedSlot(unsigned which) {
        MOZ_ASSERT(which < NUM_EXTENDED_SLOTS);
        return offsetof(FunctionExtended, extendedSlots) + which * sizeof(GCPtrValue);