The invoke_copy_to_stack() function passes incorrect "stack_args" and
"end" arguments to the alloc_word() utility function, for parameter types
T_I8..T_I64, T_U8..T_U64, T_BOOL, T_CHAR and T_WCHAR.
Namely, the "end" input parameter of invoke_copy_to_stack(), which is
currently incorrectly passed as "end" to alloc_word(), points to the very
end of the entire exchange area between _NS_InvokeByIndex() and
invoke_copy_to_stack(). However, alloc_word()'s "end" parameter should
point to the end of the "ireg" (integer registers) sub-area of the
exchange area. That is, "ireg_end" should be passed to alloc_word() as
"end".
Because invoke_copy_to_stack()'s "end" input parameter is strictly greater
than "ireg_end", alloc_word() will happily trample over the "freg"
(floating point registers) area, on the above-mentioned type branches,
given a large enough "paramCount".
Similarly, as second argument, "stack_args" should be passed to
alloc_word(), pointing to the next available stack slot, for spilled-over
arguments. Passing "stk", which initially points to the base of the entire
exchange area (and hence the base of the "ireg" area) makes no sense.
The two other alloc_word() calls in the function are correct. So
centralize all calls to alloc_word() to a single location -- thereby
ending up with a sole call site per alloc_XXX() function --, and compute
only the last argument, "word", conditionally.
This fixes an obscure SIGSEGV in AARCH64 Firefox. Triggering the bug
requires a target function with seven integer-like parameters (not
counting the implicit "this" -- aka "that" -- parameter), followed by at
least one parameter of the above buggy types. nsIOService::NewChannel2()
is such a target function, for example.
DONTBUILD because NPTOB
This patch removes checking of all the callback calls in memory reporter
CollectReport() functions, because it's not useful.
The patch also does some associated clean-up.
- Replaces some uses of nsIMemoryReporterCallback with the preferred
nsIHandleReportCallback typedef.
- Replaces aCallback/aCb/aClosure with aHandleRepor/aData for CollectReports()
parameter names, for consistency.
- Adds MOZ_MUST_USE/[must_use] in a few places in nsIMemoryReporter.idl.
- Uses the MOZ_COLLECT_REPORT macro in all suitable places.
Overall the patch reduces code size by ~300 lines and reduces the size of
libxul by about 37 KiB on my Linux64 builds.
--HG--
extra : rebase_source : e94323614bd10463a0c5134a7276238a7ca1cf23
I think technically you could implement one of these in JS now, which
might prevent me from reasonably asserting that these can never GC. I
doubt anybody would ever do that, so it should be okay. There are zero
references to these two interfaces in all of addon DXR, and none in
Firefox JS.
MozReview-Commit-ID: 3AkW0AkqmNx
This removes the unnecessary setting of c-basic-offset from all
python-mode files.
This was automatically generated using
perl -pi -e 's/; *c-basic-offset: *[0-9]+//'
... on the affected files.
The bulk of these files are moz.build files but there a few others as
well.
MozReview-Commit-ID: 2pPf3DEiZqx
--HG--
extra : rebase_source : 0a7dcac80b924174a2c429b093791148ea6ac204
When using GetIIDForParamNoAlloc to get return paramter type, if param is nsIDOM*, it should get it by GetShimForParam.
When this situation, GetEntryFor Param tries to get nsIDOMDocument, so GetEntryForParam doesn't get entry. Then, GetShimForParam tries to get entry. But since it doesn't traverse parent objects, it will try to get nsIDocShell instead.
So it might not get correct entry.
MozReview-Commit-ID: LaOVymgFMgi
--HG--
extra : rebase_source : 9ce3b38872dd6bcabd473296cc5bda25c7d5ceab
extra : histedit_source : 385797913a2d76e2981b4106d572edd784145126
A few callers of NS_NewISupportsArray() didn't use the return value to detect
failure, but instead checked if the |array| argument was null after the call.
This is inconsistent with the majority of the calls to NS_NewISupportsArray().
This patch changes them to be checked in the normal way.
--HG--
extra : rebase_source : bf91836d7c3b159833c303a3716f4d9366f8b76a
This patch makes NativeProperties variable-length and reduces static data by
110,336 bytes on 64-bit, and half that on 32-bit.
MozReview-Commit-ID: 2etZ5AnEhgO
--HG--
extra : rebase_source : 6a167b64df7da3c6940114782fe08337f04a694d
This patch:
- Removes XPTArena's ability to support arbitrary alignments.
- Hardwires two sub-arenas into XPTArena, one with alignment of 8 and one with
alignment of 1.
- Uses the first sub-arena for most allocations and the second sub-arena for C
string allocations.
These changes reduce "xpti-working-set" by 56 KiB.
The patch also renames all the used of "malloc" in XPT identifiers with
"calloc", to make clearer that the result is always zeroed.
--HG--
extra : rebase_source : 8e6cc42644621a7f3c80593006734e25420c7229
With careful layout we can reduce sizeof(XPTTypeDescriptor) from 4 to 3, which
also reduces sizeof(XPTParamDescriptor) from 6 to 4. This reduces
"xpti-working-set" by 16 KiB.
The union-of-structs also improves readability by making it clearer exactly
which fields are used for which types.
--HG--
extra : rebase_source : 08060096f93c756fda847b90b45df1b1b207e2b5
RegisterBuffer() is the only place that creates an XPTState, and it also
destroys it. So the XPTState can be allocated on the stack, which voids the
need for the creation of an XPTArena.
--HG--
extra : rebase_source : b25f0e798d72b8742efc96793a927f8a060101cf
Currently XPT can both encode and decode, but encoding has been handled by
Python code since bug 643817, so the encoding support can be removed. This
results in many simplifications. Some notable changes:
- All the XPTHashTable code (including XPTDatapool::offset_map) is no longer
necessary.
- PrimitiveTest.cpp and SimpleTypeLib.cpp both don't make much sense without
encoding support, so I removed them.
- A lot of the version code was already unused, e.g. XPT_VERSION_*,
XPT_TYPELIB_VERSIONS_STRUCT, XPT_TYPELIB_VERSIONS.
XPT_MAJOR_INCOMPATIBLE_VERSION is the only thing actually used in version
checks.
- The patch also removes some code that was dead even before encoding removal,
such as XPT_ParseVersionString().
--HG--
extra : rebase_source : 11cfe0b01efde4e2ff0c74b02b408baebedd3dd8
On win32, NS_InvokeByIndex is implemented with inline assembly. This
inline assembly assumes that it is wrapped by the compiler with the
standard x86 prologue and epilogue:
push ebp
mov ebp, esp
[inline assembly that manipulates the stack pointer]
pop ebp
ret
In particular, the last instruction of the inline assembly is:
mov esp, ebp
which cancels out the effects of the stack manipulation performed by all
the inline assembly that proceeds the instruction.
When compiling with clang-cl, however, the above assumption does not
hold, as clang-cl inserts a more complex prologue and epilogue,
something like:
push ebp
mov ebp, esp
sub esp, frame_size
[save registers into stack frame]
[inline assembly that manipulates the stack pointer]
[restore registers from stack frame]
add esp, frame_size
mov esp, ebp
pop ebp
ret
Combining this more extensive prologue and epilogue with the assumptions
of the inline assembly leads to interesting crashes when
NS_InvokeByIndex is called: the inline assembly effectively deallocates
the stack allocated by the inline assembly *and* the stack frame
allocated by the compiler itself. The compiler-generated code then
attemptes to deallocate the stack frame, leading to the crash, as the
code now returns to an unspecified address.
To avoid these sorts of problems in clang-cl and make the code more
robust generally, let's move the NS_InvokeByIndex implementation to a
separate assembly file. We can then write exactly what we need to have
happen, safe from any manipulations of the compiler.
Since we don't compile much (any?) code in Gecko with MASM, we need to
add the /SAFESEH flag to the assembler invocation so that the object
file with be appropriately marked as not containing exception handlers;
the linker (which is invoked with the /SAFESEH flag itself) will then
consent to link it into libxul.
The bulk of this commit was generated with a script, executed at the top
level of a typical source code checkout. The only non-machine-generated
part was modifying MFBT's moz.build to reflect the new naming.
CLOSED TREE makes big refactorings like this a piece of cake.
# The main substitution.
find . -name '*.cpp' -o -name '*.cc' -o -name '*.h' -o -name '*.mm' -o -name '*.idl'| \
xargs perl -p -i -e '
s/nsRefPtr\.h/RefPtr\.h/g; # handle includes
s/nsRefPtr ?</RefPtr</g; # handle declarations and variables
'
# Handle a special friend declaration in gfx/layers/AtomicRefCountedWithFinalize.h.
perl -p -i -e 's/::nsRefPtr;/::RefPtr;/' gfx/layers/AtomicRefCountedWithFinalize.h
# Handle nsRefPtr.h itself, a couple places that define constructors
# from nsRefPtr, and code generators specially. We do this here, rather
# than indiscriminantly s/nsRefPtr/RefPtr/, because that would rename
# things like nsRefPtrHashtable.
perl -p -i -e 's/nsRefPtr/RefPtr/g' \
mfbt/nsRefPtr.h \
xpcom/glue/nsCOMPtr.h \
xpcom/base/OwningNonNull.h \
ipc/ipdl/ipdl/lower.py \
ipc/ipdl/ipdl/builtin.py \
dom/bindings/Codegen.py \
python/lldbutils/lldbutils/utils.py
# In our indiscriminate substitution above, we renamed
# nsRefPtrGetterAddRefs, the class behind getter_AddRefs. Fix that up.
find . -name '*.cpp' -o -name '*.h' -o -name '*.idl' | \
xargs perl -p -i -e 's/nsRefPtrGetterAddRefs/RefPtrGetterAddRefs/g'
if [ -d .git ]; then
git mv mfbt/nsRefPtr.h mfbt/RefPtr.h
else
hg mv mfbt/nsRefPtr.h mfbt/RefPtr.h
fi
--HG--
rename : mfbt/nsRefPtr.h => mfbt/RefPtr.h
xptcstubs_arm mostly works on iOS but Apple's assembler is ridiculous so
the inline assembly for the SharedStub and the stub methods needs judicious
preprocessor use.
--HG--
extra : commitid : ChAcktTzVX0
extra : rebase_source : 11fbaa4940fd9aaeba51e2477d4c8b1a7851791e
The patch removes 455 occurrences of FAIL_ON_WARNINGS from moz.build files, and
adds 78 instances of ALLOW_COMPILER_WARNINGS. About half of those 78 are in
code we control and which should be removable with a little effort.
--HG--
extra : rebase_source : 82e3387abfbd5f1471e953961d301d3d97ed2973
After this change, we have ShallowSizeOf{In,Ex}cludingThis(), which don't do
anything to measure children. (They can be combined with iteration to measure
children.)
--HG--
extra : rebase_source : f98420176f50990bbc5a25e35788328154cfeb00
The bulk of this commit was generated by running:
run-clang-tidy.py \
-checks='-*,llvm-namespace-comment' \
-header-filter=^/.../mozilla-central/.* \
-fix
Adding isMainProcessScriptable() into the middle of nsIInterfaceInfo
caused problems with some binary addons that relied on the ordering of
the methods in nsIInterfaceInfo. In an attempt to placate those addons,
move isMainProcessScriptable() to the end of the vtable. This change is
a no-op for normal libxul usage.
Eric Rahm
Laszlo Ersek
Boris Zbarsky
Nicholas Nethercote
Sebastian Hengst
Trevor Saunders
Andrew McCreight
Tom Tromey
Chris Peterson
Nathan Froyd
Makoto Kato
Christian Holler
Paul Bignier
Kyle Huey
Jan Beich
Nathan Froyd
Andrea Marchesini
Ted Mielczarek
Ehsan Akhgari
David Major
Birunthan Mohanathas
Wes Kocher