Bug 1100169 - Fix allocation kind computation for inline typed objects, r=nmatsakis.
authorBrian Hackett <bhackett1024@gmail.com>
Tue, 18 Nov 2014 09:00:11 -0700
changeset 216204 05bd5fb3b1b59d1324967d296b0b9559d231be06
parent 216203 8edd196e6d87fe4a0e68f6978e6dca6403946b02
child 216205 c46d86623e15265b09054a385211de53d37973b4
push id51978
push userbhackett@mozilla.com
push dateTue, 18 Nov 2014 16:00:28 +0000
treeherdermozilla-inbound@05bd5fb3b1b5 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersnmatsakis
bugs1100169
milestone36.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1100169 - Fix allocation kind computation for inline typed objects, r=nmatsakis.
js/src/builtin/TypedObject.h
--- a/js/src/builtin/TypedObject.h
+++ b/js/src/builtin/TypedObject.h
@@ -720,17 +720,21 @@ class InlineTypedObject : public TypedOb
   public:
     static const size_t MaximumSize =
         sizeof(NativeObject) - sizeof(TypedObject) + NativeObject::MAX_FIXED_SLOTS * sizeof(Value);
 
     static gc::AllocKind allocKindForTypeDescriptor(TypeDescr *descr) {
         size_t nbytes = descr->size();
         MOZ_ASSERT(nbytes <= MaximumSize);
 
-        size_t dataSlots = AlignBytes(nbytes, sizeof(Value) / sizeof(Value));
+        if (nbytes <= sizeof(NativeObject) - sizeof(TypedObject))
+            return gc::FINALIZE_OBJECT0;
+        nbytes -= sizeof(NativeObject) - sizeof(TypedObject);
+
+        size_t dataSlots = AlignBytes(nbytes, sizeof(Value)) / sizeof(Value);
         MOZ_ASSERT(nbytes <= dataSlots * sizeof(Value));
         return gc::GetGCObjectKind(dataSlots);
     }
 
     uint8_t *inlineTypedMem() const {
         static_assert(offsetof(InlineTypedObject, data_) == sizeof(JSObject),
                       "The data for an inline typed object must follow the shape and type.");
         return (uint8_t *) &data_;