Bug 1257045 - Give Debugger wrappers of wasm code their own CCW key kinds. (r=jimb)
☠☠ backed out by c7914f20970a ☠ ☠
authorShu-yu Guo <shu@rfrn.org>
Thu, 17 Mar 2016 18:53:04 -0700
changeset 289353 fbc336fb47f9a138762948e6262a3b0113b5c702
parent 289352 962dbeaf5c5db13672538d2a7c19443d4b4a1016
child 289354 a7040abce944a562d5a1cc1cca298b9da71ef4c5
push id19656
push usergwagner@mozilla.com
push dateMon, 04 Apr 2016 13:43:23 +0000
treeherderb2g-inbound@e99061fde28a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjimb
bugs1257045
milestone48.0a1
Bug 1257045 - Give Debugger wrappers of wasm code their own CCW key kinds. (r=jimb)
js/src/gc/Tracer.cpp
js/src/jit-test/tests/debug/bug1257045.js
js/src/jscompartment.cpp
js/src/jscompartment.h
js/src/jsgc.cpp
js/src/vm/Debugger.cpp
--- a/js/src/gc/Tracer.cpp
+++ b/js/src/gc/Tracer.cpp
@@ -144,16 +144,18 @@ JS::TraceIncomingCCWs(JSTracer* trc, con
                 // across zones multiple times, and don't hold a strong
                 // reference.
                 continue;
 
               case CrossCompartmentKey::ObjectWrapper:
               case CrossCompartmentKey::DebuggerObject:
               case CrossCompartmentKey::DebuggerSource:
               case CrossCompartmentKey::DebuggerEnvironment:
+              case CrossCompartmentKey::DebuggerWasmScript:
+              case CrossCompartmentKey::DebuggerWasmSource:
                 obj = static_cast<JSObject*>(key.wrapped);
                 // Ignore CCWs whose wrapped value doesn't live in our given
                 // set of zones.
                 if (!compartments.has(obj->compartment()))
                     continue;
 
                 TraceManuallyBarrieredEdge(trc, &obj, "cross-compartment wrapper");
                 MOZ_ASSERT(obj == key.wrapped);
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/debug/bug1257045.js
@@ -0,0 +1,8 @@
+fullcompartmentchecks(true);
+var g = newGlobal();
+var dbg = new Debugger(g);
+dbg.onNewScript = (function(script) {
+    s = script;
+})
+g.eval(`Wasm.instantiateModule(wasmTextToBinary('(module (func) (export "" 0))'));`);
+s.source;
--- a/js/src/jscompartment.cpp
+++ b/js/src/jscompartment.cpp
@@ -221,17 +221,19 @@ class WrapperMapRef : public BufferableR
 
     void trace(JSTracer* trc) override {
         CrossCompartmentKey prior = key;
         if (key.debugger)
             TraceManuallyBarrieredEdge(trc, &key.debugger, "CCW debugger");
         if (key.kind == CrossCompartmentKey::ObjectWrapper ||
             key.kind == CrossCompartmentKey::DebuggerObject ||
             key.kind == CrossCompartmentKey::DebuggerEnvironment ||
-            key.kind == CrossCompartmentKey::DebuggerSource)
+            key.kind == CrossCompartmentKey::DebuggerSource ||
+            key.kind == CrossCompartmentKey::DebuggerWasmScript ||
+            key.kind == CrossCompartmentKey::DebuggerWasmSource)
         {
             MOZ_ASSERT(IsInsideNursery(key.wrapped) ||
                        key.wrapped->asTenured().getTraceKind() == JS::TraceKind::Object);
             TraceManuallyBarrieredEdge(trc, reinterpret_cast<JSObject**>(&key.wrapped),
                                        "CCW wrapped object");
         }
         if (key.debugger == prior.debugger && key.wrapped == prior.wrapped)
             return;
@@ -762,16 +764,18 @@ bool
 CrossCompartmentKey::needsSweep()
 {
     bool keyDying;
     switch (kind) {
       case CrossCompartmentKey::ObjectWrapper:
       case CrossCompartmentKey::DebuggerObject:
       case CrossCompartmentKey::DebuggerEnvironment:
       case CrossCompartmentKey::DebuggerSource:
+      case CrossCompartmentKey::DebuggerWasmScript:
+      case CrossCompartmentKey::DebuggerWasmSource:
           MOZ_ASSERT(IsInsideNursery(wrapped) ||
                      wrapped->asTenured().getTraceKind() == JS::TraceKind::Object);
           keyDying = IsAboutToBeFinalizedUnbarriered(reinterpret_cast<JSObject**>(&wrapped));
           break;
       case CrossCompartmentKey::StringWrapper:
           MOZ_ASSERT(wrapped->asTenured().getTraceKind() == JS::TraceKind::String);
           keyDying = IsAboutToBeFinalizedUnbarriered(reinterpret_cast<JSString**>(&wrapped));
           break;
--- a/js/src/jscompartment.h
+++ b/js/src/jscompartment.h
@@ -68,17 +68,19 @@ class DtoaCache {
 struct CrossCompartmentKey
 {
     enum Kind {
         ObjectWrapper,
         StringWrapper,
         DebuggerScript,
         DebuggerSource,
         DebuggerObject,
-        DebuggerEnvironment
+        DebuggerEnvironment,
+        DebuggerWasmScript,
+        DebuggerWasmSource
     };
 
     Kind kind;
     JSObject* debugger;
     js::gc::Cell* wrapped;
 
     explicit CrossCompartmentKey(JSObject* wrapped)
       : kind(ObjectWrapper), debugger(nullptr), wrapped(wrapped)
--- a/js/src/jsgc.cpp
+++ b/js/src/jsgc.cpp
@@ -4141,16 +4141,18 @@ GCRuntime::markCompartments()
         for (JSCompartment::WrapperEnum e(c); !e.empty(); e.popFront()) {
             const CrossCompartmentKey& key = e.front().key();
             JSCompartment* dest;
             switch (key.kind) {
               case CrossCompartmentKey::ObjectWrapper:
               case CrossCompartmentKey::DebuggerObject:
               case CrossCompartmentKey::DebuggerSource:
               case CrossCompartmentKey::DebuggerEnvironment:
+              case CrossCompartmentKey::DebuggerWasmScript:
+              case CrossCompartmentKey::DebuggerWasmSource:
                 dest = static_cast<JSObject*>(key.wrapped)->compartment();
                 break;
               case CrossCompartmentKey::DebuggerScript:
                 dest = static_cast<JSScript*>(key.wrapped)->compartment();
                 break;
               default:
                 dest = nullptr;
                 break;
@@ -4584,17 +4586,19 @@ JSCompartment::findOutgoingEdges(Compone
                 JS::Zone* w = other.zone();
                 if (w->isGCMarking())
                     finder.addEdgeTo(w);
             }
         } else {
             MOZ_ASSERT(kind == CrossCompartmentKey::DebuggerScript ||
                        kind == CrossCompartmentKey::DebuggerSource ||
                        kind == CrossCompartmentKey::DebuggerObject ||
-                       kind == CrossCompartmentKey::DebuggerEnvironment);
+                       kind == CrossCompartmentKey::DebuggerEnvironment ||
+                       kind == CrossCompartmentKey::DebuggerWasmScript ||
+                       kind == CrossCompartmentKey::DebuggerWasmSource);
             /*
              * Add edge for debugger object wrappers, to ensure (in conjuction
              * with call to Debugger::findCompartmentEdges below) that debugger
              * and debuggee objects are always swept in the same group.
              */
             JS::Zone* w = other.zone();
             if (w->isGCMarking())
                 finder.addEdgeTo(w);
--- a/js/src/vm/Debugger.cpp
+++ b/js/src/vm/Debugger.cpp
@@ -5005,17 +5005,17 @@ JSObject*
 Debugger::wrapVariantReferent(JSContext* cx, Handle<DebuggerScriptReferent> referent)
 {
     JSObject* obj;
     if (referent.is<JSScript*>()) {
         obj = wrapVariantReferent<DebuggerScriptReferent, JSScript*, ScriptWeakMap>(
             cx, scripts, CrossCompartmentKey::DebuggerScript, referent);
     } else {
         obj = wrapVariantReferent<DebuggerScriptReferent, WasmModuleObject*, WasmModuleWeakMap>(
-            cx, wasmModuleScripts, CrossCompartmentKey::DebuggerObject, referent);
+            cx, wasmModuleScripts, CrossCompartmentKey::DebuggerWasmScript, referent);
     }
     MOZ_ASSERT_IF(obj, GetScriptReferent(obj) == referent);
     return obj;
 }
 
 JSObject*
 Debugger::wrapScript(JSContext* cx, HandleScript script)
 {
@@ -6248,17 +6248,17 @@ JSObject*
 Debugger::wrapVariantReferent(JSContext* cx, Handle<DebuggerSourceReferent> referent)
 {
     JSObject* obj;
     if (referent.is<ScriptSourceObject*>()) {
         obj = wrapVariantReferent<DebuggerSourceReferent, ScriptSourceObject*, SourceWeakMap>(
             cx, sources, CrossCompartmentKey::DebuggerSource, referent);
     } else {
         obj = wrapVariantReferent<DebuggerSourceReferent, WasmModuleObject*, WasmModuleWeakMap>(
-            cx, wasmModuleSources, CrossCompartmentKey::DebuggerObject, referent);
+            cx, wasmModuleSources, CrossCompartmentKey::DebuggerWasmSource, referent);
     }
     MOZ_ASSERT_IF(obj, GetSourceReferent(obj) == referent);
     return obj;
 }
 
 JSObject*
 Debugger::wrapSource(JSContext* cx, HandleScriptSource source)
 {