| author | Tiberius Oros <toros@mozilla.com> |
| Fri, 20 Jul 2018 12:56:59 +0300 | |
| changeset 427448 | 4f12d77b4f9b6adaf06615c1c8cdc14de836dc1a |
| parent 427408 | 47f713574cb269d5fb0bbb9bbc908131256ad81c (current diff) |
| parent 427447 | f91522b8872496ac750c5549a2ea8f1534c82cfd (diff) |
| child 427449 | cd8671232fd851520c6e7a5619b65b420984cfa7 |
| child 427459 | 8cce0e7ad6f3f7e91afe13e97e04fc0f0ed400c6 |
| child 427507 | 18c964a8c8186475819b42ed3e4b12acd6024c74 |
| push id | 34304 |
| push user | toros@mozilla.com |
| push date | Fri, 20 Jul 2018 09:57:23 +0000 |
| treeherder | mozilla-central@4f12d77b4f9b [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | merge |
| milestone | 63.0a1 |
| first release with | nightly linux32
4f12d77b4f9b
/
63.0a1
/
20180720101508
/
files
nightly linux64
4f12d77b4f9b
/
63.0a1
/
20180720101508
/
files
nightly mac
4f12d77b4f9b
/
63.0a1
/
20180720101508
/
files
nightly win32
4f12d77b4f9b
/
63.0a1
/
20180720101508
/
files
nightly win64
4f12d77b4f9b
/
63.0a1
/
20180720101508
/
files
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| releases | nightly linux32
63.0a1
/
20180720101508
/
pushlog to previous
nightly linux64
63.0a1
/
20180720101508
/
pushlog to previous
nightly mac
63.0a1
/
20180720101508
/
pushlog to previous
nightly win32
63.0a1
/
20180720101508
/
pushlog to previous
nightly win64
63.0a1
/
20180720101508
/
pushlog to previous
|
--- a/browser/base/content/test/static/browser_all_files_referenced.js +++ b/browser/base/content/test/static/browser_all_files_referenced.js @@ -127,16 +127,17 @@ var whitelist = [ {file: "chrome://global/skin/tree/sort-asc-classic.png", platforms: ["linux"]}, {file: "chrome://global/skin/tree/sort-asc.png", platforms: ["linux"]}, {file: "chrome://global/skin/tree/sort-dsc-classic.png", platforms: ["linux"]}, {file: "chrome://global/skin/tree/sort-dsc.png", platforms: ["linux"]}, // Bug 1344267 {file: "chrome://marionette/content/test_anonymous_content.xul"}, {file: "chrome://marionette/content/test_dialog.properties"}, {file: "chrome://marionette/content/test_dialog.xul"}, + {file: "chrome://marionette/content/PerTestCoverageUtils.jsm"}, // Bug 1348533 {file: "chrome://mozapps/skin/downloads/buttons.png", platforms: ["macosx"]}, {file: "chrome://mozapps/skin/downloads/downloadButtons.png", platforms: ["linux", "win"]}, // Bug 1348558 {file: "chrome://mozapps/skin/update/downloadButtons.png", platforms: ["linux"]}, // Bug 1348559 {file: "chrome://pippki/content/resetpassword.xul"},
--- a/dom/base/nsContentUtils.cpp +++ b/dom/base/nsContentUtils.cpp @@ -7764,18 +7764,18 @@ nsContentUtils::IPCTransferableToTransfe aTransferable->SetTransferData(item.flavor().get(), imgPtr, sizeof(nsISupports*)); } else { nsCOMPtr<nsISupportsCString> dataWrapper = do_CreateInstance(NS_SUPPORTS_CSTRING_CONTRACTID, &rv); NS_ENSURE_SUCCESS(rv, rv); // The buffer contains the terminating null. Shmem itemData = item.data().get_Shmem(); - const nsDependentCString text(itemData.get<char>(), - itemData.Size<char>()); + const nsDependentCSubstring text(itemData.get<char>(), + itemData.Size<char>()); rv = dataWrapper->SetData(text); NS_ENSURE_SUCCESS(rv, rv); rv = aTransferable->SetTransferData(item.flavor().get(), dataWrapper, text.Length()); NS_ENSURE_SUCCESS(rv, rv); } @@ -7946,25 +7946,25 @@ ConvertToShmem(mozilla::dom::nsIContentC { MOZ_ASSERT((aChild && !aParent) || (!aChild && aParent)); IShmemAllocator* allocator = aChild ? static_cast<IShmemAllocator*>(aChild) : static_cast<IShmemAllocator*>(aParent); Shmem result; - if (!allocator->AllocShmem(aInput.Length() + 1, + if (!allocator->AllocShmem(aInput.Length(), SharedMemory::TYPE_BASIC, &result)) { return result; } memcpy(result.get<char>(), aInput.BeginReading(), - aInput.Length() + 1); + aInput.Length()); return result; } void nsContentUtils::TransferableToIPCTransferable(nsITransferable* aTransferable, IPCDataTransfer* aIPCDataTransfer, bool aInSyncMessage,
--- a/dom/base/nsDocument.cpp +++ b/dom/base/nsDocument.cpp @@ -2838,17 +2838,17 @@ nsIDocument::ApplySettingsFromCSP(bool a } } nsresult nsIDocument::InitCSP(nsIChannel* aChannel) { MOZ_ASSERT(!mScriptGlobalObject, "CSP must be initialized before mScriptGlobalObject is set!"); - if (!CSPService::sCSPEnabled) { + if (!StaticPrefs::security_csp_enable()) { MOZ_LOG(gCspPRLog, LogLevel::Debug, ("CSP is disabled, skipping CSP init for document %p", this)); return NS_OK; } nsAutoCString tCspHeaderValue, tCspROHeaderValue; nsCOMPtr<nsIHttpChannel> httpChannel; @@ -12512,18 +12512,19 @@ nsIDocument::MaybeAllowStorageForOpener( } nsAutoString origin; nsresult rv = nsContentUtils::GetUTFOrigin(uri, origin); if (NS_WARN_IF(NS_FAILED(rv))) { return; } - AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor(origin, - openerInner); + // We don't care when the asynchronous work finishes here. + Unused << AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor(origin, + openerInner); } bool nsIDocument::HasBeenUserGestureActivated() { if (mUserGestureActivated) { return true; }
--- a/dom/base/nsGlobalWindowOuter.cpp +++ b/dom/base/nsGlobalWindowOuter.cpp @@ -7144,17 +7144,19 @@ nsGlobalWindowOuter::MaybeAllowStorageFo } nsAutoString origin; nsresult rv = nsContentUtils::GetUTFOrigin(aURI, origin); if (NS_WARN_IF(NS_FAILED(rv))) { return; } - AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor(origin, inner); + // We don't care when the asynchronous work finishes here. + Unused << AntiTrackingCommon::AddFirstPartyStorageAccessGrantedFor(origin, + inner); } //***************************************************************************** // nsGlobalWindowOuter: Helper Functions //***************************************************************************** already_AddRefed<nsIDocShellTreeOwner> nsGlobalWindowOuter::GetTreeOwner()
--- a/dom/html/HTMLMetaElement.cpp +++ b/dom/html/HTMLMetaElement.cpp @@ -89,17 +89,18 @@ HTMLMetaElement::BindToTree(nsIDocument* NS_ENSURE_SUCCESS(rv, rv); if (aDocument && AttrValueIs(kNameSpaceID_None, nsGkAtoms::name, nsGkAtoms::viewport, eIgnoreCase)) { nsAutoString content; GetContent(content); nsContentUtils::ProcessViewportInfo(aDocument, content); } - if (CSPService::sCSPEnabled && aDocument && !aDocument->IsLoadedAsData() && + if (StaticPrefs::security_csp_enable() && aDocument && + !aDocument->IsLoadedAsData() && AttrValueIs(kNameSpaceID_None, nsGkAtoms::httpEquiv, nsGkAtoms::headerCSP, eIgnoreCase)) { // only accept <meta http-equiv="Content-Security-Policy" content=""> if it appears // in the <head> element. Element* headElt = aDocument->GetHeadElement(); if (headElt && nsContentUtils::ContentIsDescendantOf(this, headElt)) { nsAutoString content;
--- a/dom/ipc/ContentChild.cpp +++ b/dom/ipc/ContentChild.cpp @@ -3340,17 +3340,17 @@ ContentChild::RecvInvokeDragSession(nsTA for (uint32_t j = 0; j < items.Length(); ++j) { const IPCDataTransferItem& item = items[j]; RefPtr<nsVariantCC> variant = new nsVariantCC(); if (item.data().type() == IPCDataTransferData::TnsString) { const nsString& data = item.data().get_nsString(); variant->SetAsAString(data); } else if (item.data().type() == IPCDataTransferData::TShmem) { Shmem data = item.data().get_Shmem(); - variant->SetAsACString(nsDependentCString(data.get<char>(), data.Size<char>())); + variant->SetAsACString(nsDependentCSubstring(data.get<char>(), data.Size<char>())); Unused << DeallocShmem(data); } else if (item.data().type() == IPCDataTransferData::TIPCBlob) { RefPtr<BlobImpl> blobImpl = IPCBlobUtils::Deserialize(item.data().get_IPCBlob()); variant->SetAsISupports(blobImpl); } else { continue; }
--- a/dom/ipc/ContentParent.cpp +++ b/dom/ipc/ContentParent.cpp @@ -5782,15 +5782,17 @@ ContentParent::RecvBHRThreadHang(const H obs->NotifyObservers(hangDetails, "bhr-thread-hang", nullptr); } return IPC_OK(); } mozilla::ipc::IPCResult ContentParent::RecvFirstPartyStorageAccessGrantedForOrigin(const Principal& aParentPrincipal, const nsCString& aTrackingOrigin, - const nsCString& aGrantedOrigin) + const nsCString& aGrantedOrigin, + FirstPartyStorageAccessGrantedForOriginResolver&& aResolver) { AntiTrackingCommon::SaveFirstPartyStorageAccessGrantedForOriginOnParentProcess(aParentPrincipal, aTrackingOrigin, - aGrantedOrigin); + aGrantedOrigin, + std::move(aResolver)); return IPC_OK(); }
--- a/dom/ipc/ContentParent.h +++ b/dom/ipc/ContentParent.h @@ -1223,17 +1223,18 @@ public: const DiscardedData& aDiscardedData) override; virtual mozilla::ipc::IPCResult RecvBHRThreadHang( const HangDetails& aHangDetails) override; virtual mozilla::ipc::IPCResult RecvFirstPartyStorageAccessGrantedForOrigin(const Principal& aParentPrincipal, const nsCString& aTrackingOrigin, - const nsCString& aGrantedOrigin) override; + const nsCString& aGrantedOrigin, + FirstPartyStorageAccessGrantedForOriginResolver&& aResolver) override; // Notify the ContentChild to enable the input event prioritization when // initializing. void MaybeEnableRemoteInputEventQueue(); public: void SendGetFilesResponseAndForget(const nsID& aID, const GetFilesResponseResult& aResult);
--- a/dom/ipc/PContent.ipdl +++ b/dom/ipc/PContent.ipdl @@ -1160,17 +1160,18 @@ parent: async AddPerformanceMetrics(nsID aID, PerformanceInfo[] aMetrics); /* * A 3rd party tracking origin (aTrackingOrigin) has received the permission * granted to have access to aGrantedOrigin when loaded by aParentPrincipal. */ async FirstPartyStorageAccessGrantedForOrigin(Principal aParentPrincipal, nsCString aTrackingOrigin, - nsCString aGrantedOrigin); + nsCString aGrantedOrigin) + returns (bool unused); both: async AsyncMessage(nsString aMessage, CpowEntry[] aCpows, Principal aPrincipal, ClonedMessageData aData); /** * Notify `push-subscription-modified` observers in the parent and child. */
--- a/dom/ipc/TabParent.cpp +++ b/dom/ipc/TabParent.cpp @@ -3397,17 +3397,17 @@ TabParent::AddInitialDnDDataTo(DataTrans nsContentUtils::DataTransferItemToImage(item, getter_AddRefs(imageContainer)); if (NS_FAILED(rv)) { continue; } variant->SetAsISupports(imageContainer); } else { Shmem data = item.data().get_Shmem(); - variant->SetAsACString(nsDependentCString(data.get<char>(), data.Size<char>())); + variant->SetAsACString(nsDependentCSubstring(data.get<char>(), data.Size<char>())); } mozilla::Unused << DeallocShmem(item.data().get_Shmem()); } // We set aHidden to false, as we don't need to worry about hiding data // from content in the parent process where there is no content. // XXX: Nested Content Processes may change this
--- a/dom/security/nsCSPContext.cpp +++ b/dom/security/nsCSPContext.cpp @@ -315,35 +315,22 @@ NS_IMPL_CLASSINFO(nsCSPContext, nullptr, nsIClassInfo::MAIN_THREAD_ONLY, NS_CSPCONTEXT_CID) NS_IMPL_ISUPPORTS_CI(nsCSPContext, nsIContentSecurityPolicy, nsISerializable) -int32_t nsCSPContext::sScriptSampleMaxLength; -bool nsCSPContext::sViolationEventsEnabled = false; - nsCSPContext::nsCSPContext() : mInnerWindowID(0) , mLoadingContext(nullptr) , mLoadingPrincipal(nullptr) , mQueueUpMessages(true) { - static bool sInitialized = false; - if (!sInitialized) { - Preferences::AddIntVarCache(&sScriptSampleMaxLength, - "security.csp.reporting.script-sample.max-length", - 40); - Preferences::AddBoolVarCache(&sViolationEventsEnabled, - "security.csp.enable_violation_events"); - sInitialized = true; - } - CSPCONTEXTLOG(("nsCSPContext::nsCSPContext")); } nsCSPContext::~nsCSPContext() { CSPCONTEXTLOG(("nsCSPContext::~nsCSPContext")); for (uint32_t i = 0; i < mPolicies.Length(); i++) { delete mPolicies[i]; @@ -1196,17 +1183,17 @@ nsCSPContext::SendReports( return NS_OK; } nsresult nsCSPContext::FireViolationEvent( Element* aTriggeringElement, const mozilla::dom::SecurityPolicyViolationEventInit& aViolationEventInit) { - if (!sViolationEventsEnabled) { + if (!StaticPrefs::security_csp_enable_violation_events()) { return NS_OK; } if (mEventListener) { nsAutoString json; if (aViolationEventInit.ToJSON(json)) { mEventListener->OnCSPViolationEvent(json); }
--- a/dom/security/nsCSPContext.h +++ b/dom/security/nsCSPContext.h @@ -4,16 +4,17 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef nsCSPContext_h___ #define nsCSPContext_h___ #include "mozilla/dom/nsCSPUtils.h" #include "mozilla/dom/SecurityPolicyViolationEvent.h" +#include "mozilla/StaticPrefs.h" #include "nsDataHashtable.h" #include "nsIChannel.h" #include "nsIChannelEventSink.h" #include "nsIClassInfo.h" #include "nsIContentSecurityPolicy.h" #include "nsIInterfaceRequestor.h" #include "nsISerializable.h" #include "nsIStreamListener.h" @@ -135,17 +136,19 @@ class nsCSPContext : public nsIContentSe } nsWeakPtr GetLoadingContext(){ return mLoadingContext; } static uint32_t ScriptSampleMaxLength() { - return std::max(sScriptSampleMaxLength, 0); + return std::max( + mozilla::StaticPrefs::security_csp_reporting_script_sample_max_length(), + 0); } private: bool permitsInternal(CSPDirective aDir, mozilla::dom::Element* aTriggeringElement, nsIURI* aContentLocation, nsIURI* aOriginalURIIfRedirect, const nsAString& aNonce, @@ -160,20 +163,16 @@ class nsCSPContext : public nsIContentSe mozilla::dom::Element* aTriggeringElement, const nsAString& aNonce, const nsAString& aContent, const nsAString& aViolatedDirective, uint32_t aViolatedPolicyIndex, uint32_t aLineNumber, uint32_t aColumnNumber); - static int32_t sScriptSampleMaxLength; - - static bool sViolationEventsEnabled; - nsString mReferrer; uint64_t mInnerWindowID; // used for web console logging nsTArray<nsCSPPolicy*> mPolicies; nsCOMPtr<nsIURI> mSelfURI; nsDataHashtable<nsCStringHashKey, int16_t> mShouldLoadCache; nsCOMPtr<nsILoadGroup> mCallingChannelLoadGroup; nsWeakPtr mLoadingContext; // The CSP hangs off the principal, so let's store a raw pointer of the principal
--- a/dom/security/nsCSPParser.cpp +++ b/dom/security/nsCSPParser.cpp @@ -1,16 +1,17 @@ /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* vim: set ts=8 sts=2 et sw=2 tw=80: */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "mozilla/ArrayUtils.h" #include "mozilla/Preferences.h" +#include "mozilla/StaticPrefs.h" #include "nsCOMPtr.h" #include "nsContentUtils.h" #include "nsCSPParser.h" #include "nsCSPUtils.h" #include "nsIConsoleService.h" #include "nsIContentPolicy.h" #include "nsIScriptError.h" #include "nsIStringBundle.h" @@ -56,18 +57,16 @@ static const uint32_t kSubHostPathCharac static const char *const kHashSourceValidFns [] = { "sha256", "sha384", "sha512" }; static const uint32_t kHashSourceValidFnsLen = 3; static const char* const kStyle = "style"; static const char* const kScript = "script"; /* ===== nsCSPParser ==================== */ -bool nsCSPParser::sCSPExperimentalEnabled = false; -bool nsCSPParser::sStrictDynamicEnabled = false; nsCSPParser::nsCSPParser(policyTokens& aTokens, nsIURI* aSelfURI, nsCSPContext* aCSPContext, bool aDeliveredViaMetaTag) : mCurChar(nullptr) , mEndChar(nullptr) , mHasHashOrNonce(false) @@ -79,22 +78,16 @@ nsCSPParser::nsCSPParser(policyTokens& a , mScriptSrc(nullptr) , mParsingFrameAncestorsDir(false) , mTokens(aTokens) , mSelfURI(aSelfURI) , mPolicy(nullptr) , mCSPContext(aCSPContext) , mDeliveredViaMetaTag(aDeliveredViaMetaTag) { - static bool initialized = false; - if (!initialized) { - initialized = true; - Preferences::AddBoolVarCache(&sCSPExperimentalEnabled, "security.csp.experimentalEnabled"); - Preferences::AddBoolVarCache(&sStrictDynamicEnabled, "security.csp.enableStrictDynamic"); - } CSPPARSERLOG(("nsCSPParser::nsCSPParser")); } nsCSPParser::~nsCSPParser() { CSPPARSERLOG(("nsCSPParser::~nsCSPParser")); } @@ -483,17 +476,17 @@ nsCSPParser::keywordSource() } if (CSP_IsKeyword(mCurToken, CSP_REPORT_SAMPLE)) { return new nsCSPKeywordSrc(CSP_UTF16KeywordToEnum(mCurToken)); } if (CSP_IsKeyword(mCurToken, CSP_STRICT_DYNAMIC)) { // make sure strict dynamic is enabled - if (!sStrictDynamicEnabled) { + if (!StaticPrefs::security_csp_enableStrictDynamic()) { return nullptr; } if (!CSP_IsDirective(mCurDir[0], nsIContentSecurityPolicy::SCRIPT_SRC_DIRECTIVE)) { // Todo: Enforce 'strict-dynamic' within default-src; see Bug 1313937 const char16_t* params[] = { u"strict-dynamic" }; logWarningErrorToConsole(nsIScriptError::warningFlag, "ignoringStrictDynamic", params, ArrayLength(params)); return nullptr; @@ -963,17 +956,17 @@ nsCSPDirective* nsCSPParser::directiveName() { CSPPARSERLOG(("nsCSPParser::directiveName, mCurToken: %s, mCurValue: %s", NS_ConvertUTF16toUTF8(mCurToken).get(), NS_ConvertUTF16toUTF8(mCurValue).get())); // Check if it is a valid directive if (!CSP_IsValidDirective(mCurToken) || - (!sCSPExperimentalEnabled && + (!StaticPrefs::security_csp_experimentalEnabled() && CSP_IsDirective(mCurToken, nsIContentSecurityPolicy::REQUIRE_SRI_FOR))) { const char16_t* params[] = { mCurToken.get() }; logWarningErrorToConsole(nsIScriptError::warningFlag, "couldNotProcessUnknownDirective", params, ArrayLength(params)); return nullptr; } // The directive 'reflected-xss' is part of CSP 1.1, see:
--- a/dom/security/nsCSPParser.h +++ b/dom/security/nsCSPParser.h @@ -28,19 +28,16 @@ class nsCSPParser { bool aDeliveredViaMetaTag); private: nsCSPParser(policyTokens& aTokens, nsIURI* aSelfURI, nsCSPContext* aCSPContext, bool aDeliveredViaMetaTag); - static bool sCSPExperimentalEnabled; - static bool sStrictDynamicEnabled; - ~nsCSPParser(); // Parsing the CSP using the source-list from http://www.w3.org/TR/CSP11/#source-list nsCSPPolicy* policy(); void directive(); nsCSPDirective* directiveName(); void directiveValue(nsTArray<nsCSPBaseSrc*>& outSrcs);
--- a/dom/security/nsCSPService.cpp +++ b/dom/security/nsCSPService.cpp @@ -1,41 +1,38 @@ /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* vim: set ts=8 sts=2 et sw=2 tw=80: */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "mozilla/Logging.h" +#include "mozilla/Preferences.h" +#include "mozilla/StaticPrefs.h" #include "nsString.h" #include "nsCOMPtr.h" #include "nsIURI.h" #include "nsIPrincipal.h" #include "nsIObserver.h" #include "nsIContent.h" #include "nsCSPService.h" #include "nsIContentSecurityPolicy.h" #include "nsError.h" #include "nsIAsyncVerifyRedirectCallback.h" #include "nsAsyncRedirectVerifyHelper.h" -#include "mozilla/Preferences.h" #include "nsIScriptError.h" #include "nsContentUtils.h" #include "nsContentPolicyUtils.h" using namespace mozilla; -/* Keeps track of whether or not CSP is enabled */ -bool CSPService::sCSPEnabled = true; - static LazyLogModule gCspPRLog("CSP"); CSPService::CSPService() { - Preferences::AddBoolVarCache(&sCSPEnabled, "security.csp.enable"); } CSPService::~CSPService() { mAppStatusCache.Clear(); } NS_IMPL_ISUPPORTS(CSPService, nsIContentPolicy, nsIChannelEventSink) @@ -147,17 +144,18 @@ CSPService::ShouldLoad(nsIURI *aContentL // default decision, CSP can revise it if there's a policy to enforce *aDecision = nsIContentPolicy::ACCEPT; // No need to continue processing if CSP is disabled or if the protocol // or type is *not* subject to CSP. // Please note, the correct way to opt-out of CSP using a custom // protocolHandler is to set one of the nsIProtocolHandler flags // that are whitelistet in subjectToCSP() - if (!sCSPEnabled || !subjectToCSP(aContentLocation, contentType)) { + if (!StaticPrefs::security_csp_enable() || + !subjectToCSP(aContentLocation, contentType)) { return NS_OK; } // Find a principal to retrieve the CSP from. If we don't have a context node // (because, for instance, the load originates in a service worker), or the // requesting principal's CSP overrides our document CSP, use the request // principal. Otherwise, use the document principal. nsCOMPtr<nsINode> node(do_QueryInterface(requestContext)); @@ -277,17 +275,18 @@ CSPService::AsyncOnChannelRedirect(nsICh } // No need to continue processing if CSP is disabled or if the protocol // is *not* subject to CSP. // Please note, the correct way to opt-out of CSP using a custom // protocolHandler is to set one of the nsIProtocolHandler flags // that are whitelistet in subjectToCSP() nsContentPolicyType policyType = loadInfo->InternalContentPolicyType(); - if (!sCSPEnabled || !subjectToCSP(newUri, policyType)) { + if (!StaticPrefs::security_csp_enable() || + !subjectToCSP(newUri, policyType)) { return NS_OK; } /* Since redirecting channels don't call into nsIContentPolicy, we call our * Content Policy implementation directly when redirects occur using the * information set in the LoadInfo when channels are created. * * We check if the CSP permits this host for this type of load, if not,
--- a/dom/security/nsCSPService.h +++ b/dom/security/nsCSPService.h @@ -21,17 +21,16 @@ class CSPService : public nsIContentPoli public nsIChannelEventSink { public: NS_DECL_ISUPPORTS NS_DECL_NSICONTENTPOLICY NS_DECL_NSICHANNELEVENTSINK CSPService(); - static bool sCSPEnabled; protected: virtual ~CSPService(); private: // Maps origins to app status. nsDataHashtable<nsCStringHashKey, uint16_t> mAppStatusCache; };
--- a/dom/workers/ScriptLoader.cpp +++ b/dom/workers/ScriptLoader.cpp @@ -1254,17 +1254,17 @@ private: // properly set the referrer header on fetch/xhr requests. If bug 1340694 // is ever fixed this can be removed. rv = mWorkerPrivate->SetPrincipalFromChannel(channel); NS_ENSURE_SUCCESS(rv, rv); nsCOMPtr<nsIContentSecurityPolicy> csp = mWorkerPrivate->GetCSP(); // We did inherit CSP in bug 1223647. If we do not already have a CSP, we // should get it from the HTTP headers on the worker script. - if (CSPService::sCSPEnabled) { + if (StaticPrefs::security_csp_enable()) { if (!csp) { rv = mWorkerPrivate->SetCSPFromHeaderValues(tCspHeaderValue, tCspROHeaderValue); NS_ENSURE_SUCCESS(rv, rv); } else { csp->EnsureEventTarget(mWorkerPrivate->MainThreadEventTarget()); } }
--- a/dom/workers/WorkerThread.cpp +++ b/dom/workers/WorkerThread.cpp @@ -25,17 +25,22 @@ namespace mozilla { using namespace ipc; namespace dom { namespace { // The C stack size. We use the same stack size on all platforms for // consistency. -const uint32_t kWorkerStackSize = 256 * sizeof(size_t) * 1024; +// +// Note: Our typical equation of 256 machine words works out to 2MB on 64-bit +// platforms. Since that works out to the size of a VM huge page, that can +// sometimes lead to an OS allocating an entire huge page for the stack at once. +// To avoid this, we subtract the size of 2 pages, to be safe. +const uint32_t kWorkerStackSize = 256 * sizeof(size_t) * 1024 - 8192; } // namespace WorkerThreadFriendKey::WorkerThreadFriendKey() { MOZ_COUNT_CTOR(WorkerThreadFriendKey); }
--- a/js/src/frontend/BytecodeEmitter.cpp +++ b/js/src/frontend/BytecodeEmitter.cpp @@ -24,16 +24,17 @@ #include "jsutil.h" #include "ds/Nestable.h" #include "frontend/BytecodeControlStructures.h" #include "frontend/EmitterScope.h" #include "frontend/ForOfLoopControl.h" #include "frontend/IfEmitter.h" #include "frontend/Parser.h" +#include "frontend/SwitchEmitter.h" #include "frontend/TDZCheckCache.h" #include "frontend/TryEmitter.h" #include "vm/BytecodeUtil.h" #include "vm/Debugger.h" #include "vm/GeneratorObject.h" #include "vm/JSAtom.h" #include "vm/JSContext.h" #include "vm/JSFunction.h" @@ -1479,32 +1480,62 @@ BytecodeEmitter::reportError(ParseNode* va_list args; va_start(args, errorNumber); parser->errorReporter().errorAtVA(offset, errorNumber, &args); va_end(args); } +void +BytecodeEmitter::reportError(const Maybe<uint32_t>& maybeOffset, unsigned errorNumber, ...) +{ + MOZ_ASSERT_IF(!maybeOffset, this->scriptStartOffsetSet); + uint32_t offset = maybeOffset ? *maybeOffset : this->scriptStartOffset; + + va_list args; + va_start(args, errorNumber); + + parser->errorReporter().errorAtVA(offset, errorNumber, &args); + + va_end(args); +} + bool BytecodeEmitter::reportExtraWarning(ParseNode* pn, unsigned errorNumber, ...) { MOZ_ASSERT_IF(!pn, this->scriptStartOffsetSet); uint32_t offset = pn ? pn->pn_pos.begin : this->scriptStartOffset; va_list args; va_start(args, errorNumber); bool result = parser->errorReporter().reportExtraWarningErrorNumberVA(nullptr, offset, errorNumber, &args); va_end(args); return result; } bool +BytecodeEmitter::reportExtraWarning(const Maybe<uint32_t>& maybeOffset, + unsigned errorNumber, ...) +{ + MOZ_ASSERT_IF(!maybeOffset, this->scriptStartOffsetSet); + uint32_t offset = maybeOffset ? *maybeOffset : this->scriptStartOffset; + + va_list args; + va_start(args, errorNumber); + + bool result = parser->errorReporter().reportExtraWarningErrorNumberVA(nullptr, offset, errorNumber, &args); + + va_end(args); + return result; +} + +bool BytecodeEmitter::emitNewInit(JSProtoKey key) { const size_t len = 1 + UINT32_INDEX_LEN; ptrdiff_t offset; if (!emitCheck(len, &offset)) return false; jsbytecode* code = this->code(offset); @@ -2306,354 +2337,142 @@ BytecodeEmitter::emitNumberOp(double dva /* * Using MOZ_NEVER_INLINE in here is a workaround for llvm.org/pr14047. * LLVM is deciding to inline this function which uses a lot of stack space * into emitTree which is recursive and uses relatively little stack space. */ MOZ_NEVER_INLINE bool BytecodeEmitter::emitSwitch(ParseNode* pn) { - ParseNode* cases = pn->pn_right; - MOZ_ASSERT(cases->isKind(ParseNodeKind::LexicalScope) || - cases->isKind(ParseNodeKind::StatementList)); - - // Ensure that the column of the switch statement is set properly. - if (!updateSourceCoordNotes(pn->pn_pos.begin)) - return false; - - // Emit code for the discriminant. + ParseNode* lexical = pn->pn_right; + MOZ_ASSERT(lexical->isKind(ParseNodeKind::LexicalScope)); + ParseNode* cases = lexical->scopeBody(); + MOZ_ASSERT(cases->isKind(ParseNodeKind::StatementList)); + + SwitchEmitter se(this); + if (!se.emitDiscriminant(Some(pn->pn_pos.begin))) + return false; if (!emitTree(pn->pn_left)) return false; // Enter the scope before pushing the switch BreakableControl since all // breaks are under this scope. - Maybe<TDZCheckCache> tdzCache; - Maybe<EmitterScope> emitterScope; - if (cases->isKind(ParseNodeKind::LexicalScope)) { - if (!cases->isEmptyScope()) { - tdzCache.emplace(this); - emitterScope.emplace(this); - if (!emitterScope->enterLexical(this, ScopeKind::Lexical, cases->scopeBindings())) - return false; - } - - // Advance |cases| to refer to the switch case list. - cases = cases->scopeBody(); + if (!lexical->isEmptyScope()) { + if (!se.emitLexical(lexical->scopeBindings())) + return false; // A switch statement may contain hoisted functions inside its // cases. The PNX_FUNCDEFS flag is propagated from the STATEMENTLIST // bodies of the cases to the case list. if (cases->pn_xflags & PNX_FUNCDEFS) { - MOZ_ASSERT(emitterScope); for (ParseNode* caseNode = cases->pn_head; caseNode; caseNode = caseNode->pn_next) { if (caseNode->pn_right->pn_xflags & PNX_FUNCDEFS) { if (!emitHoistedFunctionsInList(caseNode->pn_right)) return false; } } } - } - - // After entering the scope, push the switch control. - BreakableControl controlInfo(this, StatementKind::Switch); - - ptrdiff_t top = offset(); - - // Switch bytecodes run from here till end of final case. + } else { + MOZ_ASSERT(!(cases->pn_xflags & PNX_FUNCDEFS)); + } + + SwitchEmitter::TableGenerator tableGen(this); uint32_t caseCount = cases->pn_count; - if (caseCount > JS_BIT(16)) { - reportError(pn, JSMSG_TOO_MANY_CASES); - return false; - } - - // Try for most optimal, fall back if not dense ints. - JSOp switchOp = JSOP_TABLESWITCH; - uint32_t tableLength = 0; - int32_t low, high; - bool hasDefault = false; CaseClause* firstCase = cases->pn_head ? &cases->pn_head->as<CaseClause>() : nullptr; - if (caseCount == 0 || - (caseCount == 1 && (hasDefault = firstCase->isDefault()))) - { - low = 0; - high = -1; + if (caseCount == 0) { + tableGen.finish(0); + } else if (caseCount == 1 && firstCase->isDefault()) { + caseCount = 0; + tableGen.finish(0); } else { - Vector<size_t, 128, SystemAllocPolicy> intmap; - int32_t intmapBitLength = 0; - - low = JSVAL_INT_MAX; - high = JSVAL_INT_MIN; - for (CaseClause* caseNode = firstCase; caseNode; caseNode = caseNode->next()) { if (caseNode->isDefault()) { - hasDefault = true; caseCount--; // one of the "cases" was the default continue; } - if (switchOp == JSOP_CONDSWITCH) + if (tableGen.isInvalid()) continue; - MOZ_ASSERT(switchOp == JSOP_TABLESWITCH); - ParseNode* caseValue = caseNode->caseExpression(); if (caseValue->getKind() != ParseNodeKind::Number) { - switchOp = JSOP_CONDSWITCH; + tableGen.setInvalid(); continue; } int32_t i; if (!NumberEqualsInt32(caseValue->pn_dval, &i)) { - switchOp = JSOP_CONDSWITCH; - continue; - } - - if (unsigned(i + int(JS_BIT(15))) >= unsigned(JS_BIT(16))) { - switchOp = JSOP_CONDSWITCH; - continue; - } - if (i < low) - low = i; - if (i > high) - high = i; - - // Check for duplicates, which require a JSOP_CONDSWITCH. - // We bias i by 65536 if it's negative, and hope that's a rare - // case (because it requires a malloc'd bitmap). - if (i < 0) - i += JS_BIT(16); - if (i >= intmapBitLength) { - size_t newLength = NumWordsForBitArrayOfLength(i + 1); - if (!intmap.resize(newLength)) { - ReportOutOfMemory(cx); - return false; - } - intmapBitLength = newLength * BitArrayElementBits; - } - if (IsBitArrayElementSet(intmap.begin(), intmap.length(), i)) { - switchOp = JSOP_CONDSWITCH; + tableGen.setInvalid(); continue; } - SetBitArrayElement(intmap.begin(), intmap.length(), i); - } - - // Compute table length and select condswitch instead if overlarge or - // more than half-sparse. - if (switchOp == JSOP_TABLESWITCH) { - tableLength = uint32_t(high - low + 1); - if (tableLength >= JS_BIT(16) || tableLength > 2 * caseCount) - switchOp = JSOP_CONDSWITCH; - } - } - - // The note has one or two offsets: first tells total switch code length; - // second (if condswitch) tells offset to first JSOP_CASE. - unsigned noteIndex; - size_t switchSize; - if (switchOp == JSOP_CONDSWITCH) { - // 0 bytes of immediate for unoptimized switch. - switchSize = 0; - if (!newSrcNote3(SRC_CONDSWITCH, 0, 0, ¬eIndex)) + + if (!tableGen.addNumber(i)) + return false; + } + + tableGen.finish(caseCount); + } + + if (!se.validateCaseCount(caseCount)) + return false; + + bool isTableSwitch = tableGen.isValid(); + if (isTableSwitch) { + if (!se.emitTable(tableGen)) return false; } else { - MOZ_ASSERT(switchOp == JSOP_TABLESWITCH); - - // 3 offsets (len, low, high) before the table, 1 per entry. - switchSize = size_t(JUMP_OFFSET_LEN * (3 + tableLength)); - if (!newSrcNote2(SRC_TABLESWITCH, 0, ¬eIndex)) - return false; - } - - // Emit switchOp followed by switchSize bytes of jump or lookup table. - MOZ_ASSERT(top == offset()); - if (!emitN(switchOp, switchSize)) - return false; - - Vector<CaseClause*, 32, SystemAllocPolicy> table; - - JumpList condSwitchDefaultOff; - if (switchOp == JSOP_CONDSWITCH) { - unsigned caseNoteIndex; - bool beforeCases = true; - ptrdiff_t lastCaseOffset = -1; - - // The case conditions need their own TDZ cache since they might not - // all execute. - TDZCheckCache tdzCache(this); + if (!se.emitCond()) + return false; // Emit code for evaluating cases and jumping to case statements. for (CaseClause* caseNode = firstCase; caseNode; caseNode = caseNode->next()) { + if (caseNode->isDefault()) + continue; + ParseNode* caseValue = caseNode->caseExpression(); - // If the expression is a literal, suppress line number emission so // that debugging works more naturally. - if (caseValue) { - if (!emitTree(caseValue, ValueUsage::WantValue, - caseValue->isLiteral() ? SUPPRESS_LINENOTE : EMIT_LINENOTE)) - { - return false; - } - } - - if (!beforeCases) { - // prevCase is the previous JSOP_CASE's bytecode offset. - if (!setSrcNoteOffset(caseNoteIndex, 0, offset() - lastCaseOffset)) - return false; - } - if (!caseValue) { - // This is the default clause. - continue; - } - - if (!newSrcNote2(SRC_NEXTCASE, 0, &caseNoteIndex)) - return false; - - // The case clauses are produced before any of the case body. The - // JumpList is saved on the parsed tree, then later restored and - // patched when generating the cases body. - JumpList caseJump; - if (!emitJump(JSOP_CASE, &caseJump)) - return false; - caseNode->setOffset(caseJump.offset); - lastCaseOffset = caseJump.offset; - - if (beforeCases) { - // Switch note's second offset is to first JSOP_CASE. - unsigned noteCount = notes().length(); - if (!setSrcNoteOffset(noteIndex, 1, lastCaseOffset - top)) - return false; - unsigned noteCountDelta = notes().length() - noteCount; - if (noteCountDelta != 0) - caseNoteIndex += noteCountDelta; - beforeCases = false; - } - } - - // If we didn't have an explicit default (which could fall in between - // cases, preventing us from fusing this setSrcNoteOffset with the call - // in the loop above), link the last case to the implicit default for - // the benefit of IonBuilder. - if (!hasDefault && - !beforeCases && - !setSrcNoteOffset(caseNoteIndex, 0, offset() - lastCaseOffset)) - { - return false; - } - - // Emit default even if no explicit default statement. - if (!emitJump(JSOP_DEFAULT, &condSwitchDefaultOff)) - return false; - } else { - MOZ_ASSERT(switchOp == JSOP_TABLESWITCH); - - // skip default offset. - jsbytecode* pc = code(top + JUMP_OFFSET_LEN); - - // Fill in switch bounds, which we know fit in 16-bit offsets. - SET_JUMP_OFFSET(pc, low); - pc += JUMP_OFFSET_LEN; - SET_JUMP_OFFSET(pc, high); - pc += JUMP_OFFSET_LEN; - - if (tableLength != 0) { - if (!table.growBy(tableLength)) { - ReportOutOfMemory(cx); + if (!emitTree(caseValue, ValueUsage::WantValue, + caseValue->isLiteral() ? SUPPRESS_LINENOTE : EMIT_LINENOTE)) + { return false; } - for (CaseClause* caseNode = firstCase; caseNode; caseNode = caseNode->next()) { - if (ParseNode* caseValue = caseNode->caseExpression()) { - MOZ_ASSERT(caseValue->isKind(ParseNodeKind::Number)); - - int32_t i = int32_t(caseValue->pn_dval); - MOZ_ASSERT(double(i) == caseValue->pn_dval); - - i -= low; - MOZ_ASSERT(uint32_t(i) < tableLength); - MOZ_ASSERT(!table[i]); - table[i] = caseNode; - } - } - } - } - - JumpTarget defaultOffset{ -1 }; + if (!se.emitCaseJump()) + return false; + } + } // Emit code for each case's statements. for (CaseClause* caseNode = firstCase; caseNode; caseNode = caseNode->next()) { - if (switchOp == JSOP_CONDSWITCH && !caseNode->isDefault()) { - // The case offset got saved in the caseNode structure after - // emitting the JSOP_CASE jump instruction above. - JumpList caseCond; - caseCond.offset = caseNode->offset(); - if (!emitJumpTargetAndPatch(caseCond)) - return false; - } - - JumpTarget here; - if (!emitJumpTarget(&here)) - return false; - if (caseNode->isDefault()) - defaultOffset = here; - - // If this is emitted as a TABLESWITCH, we'll need to know this case's - // offset later when emitting the table. Store it in the node's - // pn_offset (giving the field a different meaning vs. how we used it - // on the immediately preceding line of code). - caseNode->setOffset(here.offset); - - TDZCheckCache tdzCache(this); + if (caseNode->isDefault()) { + if (!se.emitDefaultBody()) + return false; + } else { + if (isTableSwitch) { + ParseNode* caseValue = caseNode->caseExpression(); + MOZ_ASSERT(caseValue->isKind(ParseNodeKind::Number)); + + int32_t i = int32_t(caseValue->pn_dval); + MOZ_ASSERT(double(i) == caseValue->pn_dval); + + if (!se.emitCaseBody(i, tableGen)) + return false; + } else { + if (!se.emitCaseBody()) + return false; + } + } if (!emitTree(caseNode->statementList())) return false; } - if (!hasDefault) { - // If no default case, offset for default is to end of switch. - if (!emitJumpTarget(&defaultOffset)) - return false; - } - MOZ_ASSERT(defaultOffset.offset != -1); - - // Set the default offset (to end of switch if no default). - jsbytecode* pc; - if (switchOp == JSOP_CONDSWITCH) { - pc = nullptr; - patchJumpsToTarget(condSwitchDefaultOff, defaultOffset); - } else { - MOZ_ASSERT(switchOp == JSOP_TABLESWITCH); - pc = code(top); - SET_JUMP_OFFSET(pc, defaultOffset.offset - top); - pc += JUMP_OFFSET_LEN; - } - - // Set the SRC_SWITCH note's offset operand to tell end of switch. - if (!setSrcNoteOffset(noteIndex, 0, lastNonJumpTargetOffset() - top)) - return false; - - if (switchOp == JSOP_TABLESWITCH) { - // Skip over the already-initialized switch bounds. - pc += 2 * JUMP_OFFSET_LEN; - - // Fill in the jump table, if there is one. - for (uint32_t i = 0; i < tableLength; i++) { - CaseClause* caseNode = table[i]; - ptrdiff_t off = caseNode ? caseNode->offset() - top : 0; - SET_JUMP_OFFSET(pc, off); - pc += JUMP_OFFSET_LEN; - } - } - - // Patch breaks before leaving the scope, as all breaks are under the - // lexical scope if it exists. - if (!controlInfo.patchBreaks(this)) - return false; - - if (emitterScope && !emitterScope->leave(this)) + if (!se.emitEnd()) return false; return true; } bool BytecodeEmitter::isRunOnceLambda() {
--- a/js/src/frontend/BytecodeEmitter.h +++ b/js/src/frontend/BytecodeEmitter.h @@ -414,17 +414,21 @@ struct MOZ_STACK_CLASS BytecodeEmitter void setScriptStartOffsetIfUnset(TokenPos pos) { if (!scriptStartOffsetSet) { scriptStartOffset = pos.begin; scriptStartOffsetSet = true; } } void reportError(ParseNode* pn, unsigned errorNumber, ...); + void reportError(const mozilla::Maybe<uint32_t>& maybeOffset, + unsigned errorNumber, ...); bool reportExtraWarning(ParseNode* pn, unsigned errorNumber, ...); + bool reportExtraWarning(const mozilla::Maybe<uint32_t>& maybeOffset, + unsigned errorNumber, ...); // If pn contains a useful expression, return true with *answer set to true. // If pn contains a useless expression, return true with *answer set to // false. Return false on error. // // The caller should initialize *answer to false and invoke this function on // an expression statement or similar subtree to decide whether the tree // could produce code that has any side effects. For an expression
--- a/js/src/frontend/ParseNode.h +++ b/js/src/frontend/ParseNode.h @@ -250,26 +250,23 @@ IsTypeofKind(ParseNodeKind kind) * pn_count: 1 + number of formal parameters * pn_tree: ParamsBody or StatementList node * Spread unary pn_kid: expression being spread * * <Statements> * StatementList list pn_head: list of pn_count statements * If ternary pn_kid1: cond, pn_kid2: then, pn_kid3: else or null. * Switch binary pn_left: discriminant - * pn_right: list of Case nodes, with at most one - * default node, or if there are let bindings - * in the top level of the switch body's cases, a - * LexicalScope node that contains the list of - * Case nodes. + * pn_right: LexicalScope node that contains the list + * of Case nodes, with at most one + * default node. * Case binary pn_left: case-expression if CaseClause, or * null if DefaultClause * pn_right: StatementList node for this case's * statements - * pn_u.binary.offset: scratch space for the emitter * While binary pn_left: cond, pn_right: body * DoWhile binary pn_left: body, pn_right: cond * For binary pn_left: either ForIn (for-in statement), * ForOf (for-of) or ForHead (for(;;)) * pn_right: body * ForIn ternary pn_kid1: declaration or expression to left of 'in' * pn_kid2: null * pn_kid3: object expr to right of 'in' @@ -553,17 +550,16 @@ class ParseNode ParseNode* kid3; /* else-part, default case, etc. */ } ternary; struct { /* two kids if binary */ ParseNode* left; ParseNode* right; union { unsigned iflags; /* JSITER_* flags for ParseNodeKind::For node */ bool isStatic; /* only for ParseNodeKind::ClassMethod */ - uint32_t offset; /* for the emitter's use on ParseNodeKind::Case nodes */ }; } binary; struct { /* one kid if unary */ ParseNode* kid; bool prologue; /* directive prologue member (as pn_prologue) */ } unary; struct { /* name, labeled statement, etc. */ @@ -1017,20 +1013,16 @@ class CaseClause : public BinaryNode ParseNode* caseExpression() const { return pn_left; } bool isDefault() const { return !caseExpression(); } ParseNode* statementList() const { return pn_right; } // The next CaseClause in the same switch statement. CaseClause* next() const { return pn_next ? &pn_next->as<CaseClause>() : nullptr; } - // Scratch space used by the emitter. - uint32_t offset() const { return pn_u.binary.offset; } - void setOffset(uint32_t u) { pn_u.binary.offset = u; } - static bool test(const ParseNode& node) { bool match = node.isKind(ParseNodeKind::Case); MOZ_ASSERT_IF(match, node.isArity(PN_BINARY)); MOZ_ASSERT_IF(match, node.isOp(JSOP_NOP)); return match; } };
new file mode 100644 --- /dev/null +++ b/js/src/frontend/SwitchEmitter.cpp @@ -0,0 +1,425 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "frontend/SwitchEmitter.h" + +#include "jsutil.h" + +#include "frontend/BytecodeEmitter.h" +#include "frontend/SharedContext.h" +#include "frontend/SourceNotes.h" +#include "vm/BytecodeUtil.h" +#include "vm/Opcodes.h" +#include "vm/Runtime.h" + +using namespace js; +using namespace js::frontend; + +using mozilla::Maybe; + +bool +SwitchEmitter::TableGenerator::addNumber(int32_t caseValue) +{ + if (isInvalid()) + return true; + + if (unsigned(caseValue + int(JS_BIT(15))) >= unsigned(JS_BIT(16))) { + setInvalid(); + return true; + } + + if (intmap_.isNothing()) + intmap_.emplace(); + + low_ = std::min(low_, caseValue); + high_ = std::max(high_, caseValue); + + // Check for duplicates, which require a JSOP_CONDSWITCH. + // We bias caseValue by 65536 if it's negative, and hope that's a rare case + // (because it requires a malloc'd bitmap). + if (caseValue < 0) + caseValue += JS_BIT(16); + if (caseValue >= intmapBitLength_) { + size_t newLength = NumWordsForBitArrayOfLength(caseValue + 1); + if (!intmap_->resize(newLength)) { + ReportOutOfMemory(bce_->cx); + return false; + } + intmapBitLength_ = newLength * BitArrayElementBits; + } + if (IsBitArrayElementSet(intmap_->begin(), intmap_->length(), caseValue)) { + // Duplicate entry is not supported in table switch. + setInvalid(); + return true; + } + SetBitArrayElement(intmap_->begin(), intmap_->length(), caseValue); + return true; +} + +void +SwitchEmitter::TableGenerator::finish(uint32_t caseCount) +{ + intmap_.reset(); + +#ifdef DEBUG + finished_ = true; +#endif + + if (isInvalid()) + return; + + if (caseCount == 0) { + low_ = 0; + high_ = -1; + return; + } + + // Compute table length and select condswitch instead if overlarge + // or more than half-sparse. + tableLength_ = uint32_t(high_ - low_ + 1); + if (tableLength_ >= JS_BIT(16) || tableLength_ > 2 * caseCount) + setInvalid(); +} + +uint32_t +SwitchEmitter::TableGenerator::toCaseIndex(int32_t caseValue) const +{ + MOZ_ASSERT(finished_); + MOZ_ASSERT(isValid()); + uint32_t caseIndex = uint32_t(caseValue - low_); + MOZ_ASSERT(caseIndex < tableLength_); + return caseIndex; +} + +uint32_t +SwitchEmitter::TableGenerator::tableLength() const +{ + MOZ_ASSERT(finished_); + MOZ_ASSERT(isValid()); + return tableLength_; +} + +SwitchEmitter::SwitchEmitter(BytecodeEmitter* bce) + : bce_(bce) +{} + +bool +SwitchEmitter::emitDiscriminant(const Maybe<uint32_t>& switchPos) +{ + MOZ_ASSERT(state_ == State::Start); + switchPos_ = switchPos; + + if (switchPos_) { + // Ensure that the column of the switch statement is set properly. + if (!bce_->updateSourceCoordNotes(*switchPos_)) + return false; + } + + state_ = State::Discriminant; + return true; +} + +bool +SwitchEmitter::emitLexical(Handle<LexicalScope::Data*> bindings) +{ + MOZ_ASSERT(state_ == State::Discriminant); + MOZ_ASSERT(bindings); + + tdzCacheLexical_.emplace(bce_); + emitterScope_.emplace(bce_); + if (!emitterScope_->enterLexical(bce_, ScopeKind::Lexical, bindings)) + return false; + + state_ = State::Lexical; + return true; +} + +bool +SwitchEmitter::validateCaseCount(uint32_t caseCount) +{ + MOZ_ASSERT(state_ == State::Discriminant || state_ == State::Lexical); + if (caseCount > JS_BIT(16)) { + bce_->reportError(switchPos_, JSMSG_TOO_MANY_CASES); + return false; + } + caseCount_ = caseCount; + + state_ = State::CaseCount; + return true; +} + +bool +SwitchEmitter::emitCond() +{ + MOZ_ASSERT(state_ == State::CaseCount); + + kind_ = Kind::Cond; + + // After entering the scope if necessary, push the switch control. + controlInfo_.emplace(bce_, StatementKind::Switch); + top_ = bce_->offset(); + + if (!caseOffsets_.resize(caseCount_)) { + ReportOutOfMemory(bce_->cx); + return false; + } + + // The note has two offsets: first tells total switch code length; + // second tells offset to first JSOP_CASE. + if (!bce_->newSrcNote3(SRC_CONDSWITCH, 0, 0, ¬eIndex_)) + return false; + + MOZ_ASSERT(top_ == bce_->offset()); + if (!bce_->emitN(JSOP_CONDSWITCH, 0)) + return false; + + tdzCacheCaseAndBody_.emplace(bce_); + + state_ = State::Cond; + return true; +} + +bool +SwitchEmitter::emitTable(const TableGenerator& tableGen) +{ + MOZ_ASSERT(state_ == State::CaseCount); + kind_ = Kind::Table; + + // After entering the scope if necessary, push the switch control. + controlInfo_.emplace(bce_, StatementKind::Switch); + top_ = bce_->offset(); + + // The note has one offset that tells total switch code length. + + // 3 offsets (len, low, high) before the table, 1 per entry. + size_t switchSize = size_t(JUMP_OFFSET_LEN * (3 + tableGen.tableLength())); + if (!bce_->newSrcNote2(SRC_TABLESWITCH, 0, ¬eIndex_)) + return false; + + if (!caseOffsets_.resize(tableGen.tableLength())) { + ReportOutOfMemory(bce_->cx); + return false; + } + + MOZ_ASSERT(top_ == bce_->offset()); + if (!bce_->emitN(JSOP_TABLESWITCH, switchSize)) + return false; + + // Skip default offset. + jsbytecode* pc = bce_->code(top_ + JUMP_OFFSET_LEN); + + // Fill in switch bounds, which we know fit in 16-bit offsets. + SET_JUMP_OFFSET(pc, tableGen.low()); + SET_JUMP_OFFSET(pc + JUMP_OFFSET_LEN, tableGen.high()); + + state_ = State::Table; + return true; +} + +bool +SwitchEmitter::emitCaseOrDefaultJump(uint32_t caseIndex, bool isDefault) +{ + MOZ_ASSERT(kind_ == Kind::Cond); + + if (state_ == State::Case) { + // Link the last JSOP_CASE's SRC_NEXTCASE to current JSOP_CASE or + // JSOP_DEFAULT for the benefit of IonBuilder. + if (!bce_->setSrcNoteOffset(caseNoteIndex_, 0, bce_->offset() - lastCaseOffset_)) + return false; + } + + if (isDefault) { + if (!bce_->emitJump(JSOP_DEFAULT, &condSwitchDefaultOffset_)) + return false; + return true; + } + + if (!bce_->newSrcNote2(SRC_NEXTCASE, 0, &caseNoteIndex_)) + return false; + + JumpList caseJump; + if (!bce_->emitJump(JSOP_CASE, &caseJump)) + return false; + caseOffsets_[caseIndex] = caseJump.offset; + lastCaseOffset_ = caseJump.offset; + + if (state_ == State::Cond) { + // Switch note's second offset is to first JSOP_CASE. + unsigned noteCount = bce_->notes().length(); + if (!bce_->setSrcNoteOffset(noteIndex_, 1, lastCaseOffset_ - top_)) + return false; + unsigned noteCountDelta = bce_->notes().length() - noteCount; + if (noteCountDelta != 0) + caseNoteIndex_ += noteCountDelta; + } + + return true; +} + +bool +SwitchEmitter::emitCaseJump() +{ + MOZ_ASSERT(kind_ == Kind::Cond); + MOZ_ASSERT(state_ == State::Cond || state_ == State::Case); + if (!emitCaseOrDefaultJump(caseIndex_, false)) + return false; + caseIndex_++; + + state_ = State::Case; + return true; +} + +bool +SwitchEmitter::emitImplicitDefault() +{ + MOZ_ASSERT(kind_ == Kind::Cond); + MOZ_ASSERT(state_ == State::Cond || state_ == State::Case); + if (!emitCaseOrDefaultJump(0, true)) + return false; + + caseIndex_ = 0; + + // No internal state after emitting default jump. + return true; +} + +bool +SwitchEmitter::emitCaseBody() +{ + MOZ_ASSERT(kind_ == Kind::Cond); + MOZ_ASSERT(state_ == State::Cond || state_ == State::Case || + state_ == State::CaseBody || state_ == State::DefaultBody); + + tdzCacheCaseAndBody_.reset(); + + if (state_ == State::Cond || state_ == State::Case) { + // For cond switch, JSOP_DEFAULT is always emitted. + if (!emitImplicitDefault()) + return false; + } + + JumpList caseJump; + caseJump.offset = caseOffsets_[caseIndex_]; + if (!bce_->emitJumpTargetAndPatch(caseJump)) + return false; + + JumpTarget here; + if (!bce_->emitJumpTarget(&here)) + return false; + caseIndex_++; + + tdzCacheCaseAndBody_.emplace(bce_); + + state_ = State::CaseBody; + return true; +} + +bool +SwitchEmitter::emitCaseBody(int32_t caseValue, const TableGenerator& tableGen) +{ + MOZ_ASSERT(kind_ == Kind::Table); + MOZ_ASSERT(state_ == State::Table || + state_ == State::CaseBody || state_ == State::DefaultBody); + + tdzCacheCaseAndBody_.reset(); + + JumpTarget here; + if (!bce_->emitJumpTarget(&here)) + return false; + caseOffsets_[tableGen.toCaseIndex(caseValue)] = here.offset; + + tdzCacheCaseAndBody_.emplace(bce_); + + state_ = State::CaseBody; + return true; +} + +bool +SwitchEmitter::emitDefaultBody() +{ + MOZ_ASSERT(state_ == State::Cond || state_ == State::Table || + state_ == State::Case || + state_ == State::CaseBody); + MOZ_ASSERT(!hasDefault_); + + tdzCacheCaseAndBody_.reset(); + + if (state_ == State::Cond || state_ == State::Case) { + // For cond switch, JSOP_DEFAULT is always emitted. + if (!emitImplicitDefault()) + return false; + } + JumpTarget here; + if (!bce_->emitJumpTarget(&here)) + return false; + defaultJumpTargetOffset_ = here; + + tdzCacheCaseAndBody_.emplace(bce_); + + hasDefault_ = true; + state_ = State::DefaultBody; + return true; +} + +bool +SwitchEmitter::emitEnd() +{ + MOZ_ASSERT(state_ == State::Cond || state_ == State::Table || + state_ == State::CaseBody || state_ == State::DefaultBody); + + tdzCacheCaseAndBody_.reset(); + + if (!hasDefault_) { + // If no default case, offset for default is to end of switch. + if (!bce_->emitJumpTarget(&defaultJumpTargetOffset_)) + return false; + } + MOZ_ASSERT(defaultJumpTargetOffset_.offset != -1); + + // Set the default offset (to end of switch if no default). + jsbytecode* pc; + if (kind_ == Kind::Cond) { + pc = nullptr; + bce_->patchJumpsToTarget(condSwitchDefaultOffset_, defaultJumpTargetOffset_); + } else { + // Fill in the default jump target. + pc = bce_->code(top_); + SET_JUMP_OFFSET(pc, defaultJumpTargetOffset_.offset - top_); + pc += JUMP_OFFSET_LEN; + } + + // Set the SRC_SWITCH note's offset operand to tell end of switch. + if (!bce_->setSrcNoteOffset(noteIndex_, 0, bce_->lastNonJumpTargetOffset() - top_)) + return false; + + if (kind_ == Kind::Table) { + // Skip over the already-initialized switch bounds. + pc += 2 * JUMP_OFFSET_LEN; + + // Fill in the jump table, if there is one. + for (uint32_t i = 0, length = caseOffsets_.length(); i < length; i++) { + ptrdiff_t off = caseOffsets_[i]; + SET_JUMP_OFFSET(pc, off == 0 ? 0 : off - top_); + pc += JUMP_OFFSET_LEN; + } + } + + // Patch breaks before leaving the scope, as all breaks are under the + // lexical scope if it exists. + if (!controlInfo_->patchBreaks(bce_)) + return false; + + if (emitterScope_ && !emitterScope_->leave(bce_)) + return false; + + emitterScope_.reset(); + tdzCacheLexical_.reset(); + + controlInfo_.reset(); + + state_ = State::End; + return true; +}
new file mode 100644 --- /dev/null +++ b/js/src/frontend/SwitchEmitter.h @@ -0,0 +1,469 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef frontend_SwitchEmitter_h +#define frontend_SwitchEmitter_h + +#include "mozilla/Attributes.h" +#include "mozilla/Maybe.h" + +#include <stddef.h> +#include <stdint.h> + +#include "frontend/BytecodeControlStructures.h" +#include "frontend/EmitterScope.h" +#include "frontend/JumpList.h" +#include "frontend/TDZCheckCache.h" +#include "gc/Rooting.h" +#include "js/AllocPolicy.h" +#include "js/Value.h" +#include "js/Vector.h" +#include "vm/Scope.h" + +namespace js { +namespace frontend { + +struct BytecodeEmitter; + +// Class for emitting bytecode for switch-case-default block. +// +// Usage: (check for the return value is omitted for simplicity) +// +// `switch (discriminant) { case c1_expr: c1_body; }` +// SwitchEmitter se(this); +// se.emitDiscriminant(Some(offset_of_switch)); +// emit(discriminant); +// +// se.validateCaseCount(1); +// se.emitCond(); +// +// emit(c1_expr); +// se.emitCaseJump(); +// +// se.emitCaseBody(); +// emit(c1_body); +// +// se.emitEnd(); +// +// `switch (discriminant) { case c1_expr: c1_body; case c2_expr: c2_body; +// default: def_body; }` +// SwitchEmitter se(this); +// se.emitDiscriminant(Some(offset_of_switch)); +// emit(discriminant); +// +// se.validateCaseCount(2); +// se.emitCond(); +// +// emit(c1_expr); +// se.emitCaseJump(); +// +// emit(c2_expr); +// se.emitCaseJump(); +// +// se.emitCaseBody(); +// emit(c1_body); +// +// se.emitCaseBody(); +// emit(c2_body); +// +// se.emitDefaultBody(); +// emit(def_body); +// +// se.emitEnd(); +// +// `switch (discriminant) { case c1_expr: c1_body; case c2_expr: c2_body; }` +// with Table Switch +// SwitchEmitter::TableGenerator tableGen(this); +// tableGen.addNumber(c1_expr_value); +// tableGen.addNumber(c2_expr_value); +// tableGen.finish(2); +// +// // If `!tableGen.isValid()` here, `emitCond` should be used instead. +// +// SwitchEmitter se(this); +// se.emitDiscriminant(Some(offset_of_switch)); +// emit(discriminant); +// se.validateCaseCount(2); +// se.emitTable(tableGen); +// +// se.emitCaseBody(c1_expr_value, tableGen); +// emit(c1_body); +// +// se.emitCaseBody(c2_expr_value, tableGen); +// emit(c2_body); +// +// se.emitEnd(); +// +// `switch (discriminant) { case c1_expr: c1_body; case c2_expr: c2_body; +// default: def_body; }` +// with Table Switch +// SwitchEmitter::TableGenerator tableGen(bce); +// tableGen.addNumber(c1_expr_value); +// tableGen.addNumber(c2_expr_value); +// tableGen.finish(2); +// +// // If `!tableGen.isValid()` here, `emitCond` should be used instead. +// +// SwitchEmitter se(this); +// se.emitDiscriminant(Some(offset_of_switch)); +// emit(discriminant); +// se.validateCaseCount(2); +// se.emitTable(tableGen); +// +// se.emitCaseBody(c1_expr_value, tableGen); +// emit(c1_body); +// +// se.emitCaseBody(c2_expr_value, tableGen); +// emit(c2_body); +// +// se.emitDefaultBody(); +// emit(def_body); +// +// se.emitEnd(); +// +// `switch (discriminant) { case c1_expr: c1_body; }` +// in case c1_body contains lexical bindings +// SwitchEmitter se(this); +// se.emitDiscriminant(Some(offset_of_switch)); +// emit(discriminant); +// +// se.validateCaseCount(1); +// +// se.emitLexical(bindings); +// +// se.emitCond(); +// +// emit(c1_expr); +// se.emitCaseJump(); +// +// se.emitCaseBody(); +// emit(c1_body); +// +// se.emitEnd(); +// +// `switch (discriminant) { case c1_expr: c1_body; }` +// in case c1_body contains hosted functions +// SwitchEmitter se(this); +// se.emitDiscriminant(Some(offset_of_switch)); +// emit(discriminant); +// +// se.validateCaseCount(1); +// +// se.emitLexical(bindings); +// emit(hosted functions); +// +// se.emitCond(); +// +// emit(c1_expr); +// se.emitCaseJump(); +// +// se.emitCaseBody(); +// emit(c1_body); +// +// se.emitEnd(); +// +class MOZ_STACK_CLASS SwitchEmitter +{ + // Bytecode for each case. + // + // Cond Switch + // {discriminant} + // JSOP_CONDSWITCH + // + // {c1_expr} + // JSOP_CASE c1 + // + // JSOP_JUMPTARGET + // {c2_expr} + // JSOP_CASE c2 + // + // ... + // + // JSOP_JUMPTARGET + // JSOP_DEFAULT default + // + // c1: + // JSOP_JUMPTARGET + // {c1_body} + // JSOP_GOTO end + // + // c2: + // JSOP_JUMPTARGET + // {c2_body} + // JSOP_GOTO end + // + // default: + // end: + // JSOP_JUMPTARGET + // + // Table Switch + // {discriminant} + // JSOP_TABLESWITCH c1, c2, ... + // + // c1: + // JSOP_JUMPTARGET + // {c1_body} + // JSOP_GOTO end + // + // c2: + // JSOP_JUMPTARGET + // {c2_body} + // JSOP_GOTO end + // + // ... + // + // end: + // JSOP_JUMPTARGET + + public: + enum class Kind { + Table, + Cond + }; + + // Class for generating optimized table switch data. + class MOZ_STACK_CLASS TableGenerator + { + BytecodeEmitter* bce_; + + // Bit array for given numbers. + mozilla::Maybe<js::Vector<size_t, 128, SystemAllocPolicy>> intmap_; + + // The length of the intmap_. + int32_t intmapBitLength_ = 0; + + // The length of the table. + uint32_t tableLength_ = 0; + + // The lower and higher bounds of the table. + int32_t low_ = JSVAL_INT_MAX, high_ = JSVAL_INT_MIN; + + // Whether the table is still valid. + bool valid_= true; + +#ifdef DEBUG + bool finished_ = false; +#endif + + public: + explicit TableGenerator(BytecodeEmitter* bce) + : bce_(bce) + {} + + void setInvalid() { + valid_ = false; + } + MOZ_MUST_USE bool isValid() const { + return valid_; + } + MOZ_MUST_USE bool isInvalid() const { + return !valid_; + } + + // Add the given number to the table. The number is the value of + // `expr` for `case expr:` syntax. + MOZ_MUST_USE bool addNumber(int32_t caseValue); + + // Finish generating the table. + // `caseCount` should be the number of cases in the switch statement, + // excluding the default case. + void finish(uint32_t caseCount); + + private: + friend SwitchEmitter; + + // The following methods can be used only after calling `finish`. + + // Returns the lower bound of the added numbers. + int32_t low() const { + MOZ_ASSERT(finished_); + return low_; + } + + // Returns the higher bound of the numbers. + int32_t high() const { + MOZ_ASSERT(finished_); + return high_; + } + + // Returns the index in SwitchEmitter.caseOffsets_ for table switch. + uint32_t toCaseIndex(int32_t caseValue) const; + + // Returns the length of the table. + // This method can be called only if `isValid()` is true. + uint32_t tableLength() const; + }; + + private: + BytecodeEmitter* bce_; + + // `kind_` should be set to the correct value in emitCond/emitTable. + Kind kind_ = Kind::Cond; + + // True if there's explicit default case. + bool hasDefault_ = false; + + // The source note index for SRC_CONDSWITCH. + unsigned noteIndex_ = 0; + + // Source note index of the previous SRC_NEXTCASE. + unsigned caseNoteIndex_ = 0; + + // The number of cases in the switch statement, excluding the default case. + uint32_t caseCount_ = 0; + + // Internal index for case jump and case body, used by cond switch. + uint32_t caseIndex_ = 0; + + // Bytecode offset after emitting `discriminant`. + ptrdiff_t top_ = 0; + + // Bytecode offset of the previous JSOP_CASE. + ptrdiff_t lastCaseOffset_ = 0; + + // Bytecode offset of the JSOP_JUMPTARGET for default body. + JumpTarget defaultJumpTargetOffset_ = { -1 }; + + // Bytecode offset of the JSOP_DEFAULT. + JumpList condSwitchDefaultOffset_; + + // Instantiated when there's lexical scope for entire switch. + mozilla::Maybe<TDZCheckCache> tdzCacheLexical_; + mozilla::Maybe<EmitterScope> emitterScope_; + + // Instantiated while emitting case expression and case/default body. + mozilla::Maybe<TDZCheckCache> tdzCacheCaseAndBody_; + + // Control for switch. + mozilla::Maybe<BreakableControl> controlInfo_; + + mozilla::Maybe<uint32_t> switchPos_; + + // Cond Switch: + // Offset of each JSOP_CASE. + // Table Switch: + // Offset of each JSOP_JUMPTARGET for case. + js::Vector<ptrdiff_t, 32, SystemAllocPolicy> caseOffsets_; + + // The state of this emitter. + // + // +-------+ emitDiscriminant +--------------+ + // | Start |----------------->| Discriminant |-+ + // +-------+ +--------------+ | + // | + // +-------------------------------------------+ + // | + // | validateCaseCount +-----------+ + // +->+------------------------>+------------------>| CaseCount |-+ + // | ^ +-----------+ | + // | emitLexical +---------+ | | + // +------------>| Lexical |-+ | + // +---------+ | + // | + // +--------------------------------------------------------------+ + // | + // | emitTable +-------+ + // +---------->| Table |---------------------------->+-+ + // | +-------+ ^ | + // | | | + // | emitCond +------+ | | + // +---------->| Cond |-+------------------------>+->+ | + // +------+ | ^ | + // | | | + // | emitCase +------+ | | + // +->+--------->| Case |->+-+ | + // ^ +------+ | | + // | | | + // +--------------------+ | + // | + // +---------------------------------------------------+ + // | + // | emitEnd +-----+ + // +-+----------------------------------------->+-------->| End | + // | ^ +-----+ + // | emitCaseBody +----------+ | + // +->+-+---------------->| CaseBody |--->+-+-+ + // ^ | +----------+ ^ | + // | | | | + // | | emitDefaultBody +-------------+ | | + // | +---------------->| DefaultBody |-+ | + // | +-------------+ | + // | | + // +-------------------------------------+ + // + enum class State { + // The initial state. + Start, + + // After calling emitDiscriminant. + Discriminant, + + // After calling validateCaseCount. + CaseCount, + + // After calling emitLexical. + Lexical, + + // After calling emitCond. + Cond, + + // After calling emitTable. + Table, + + // After calling emitCase. + Case, + + // After calling emitCaseBody. + CaseBody, + + // After calling emitDefaultBody. + DefaultBody, + + // After calling emitEnd. + End + }; + State state_ = State::Start; + + public: + explicit SwitchEmitter(BytecodeEmitter* bce); + + // `switchPos` is the offset in the source code for the character below: + // + // switch ( cond ) { ... } + // ^ + // | + // switchPos + // + // Can be Nothing() if not available. + MOZ_MUST_USE bool emitDiscriminant(const mozilla::Maybe<uint32_t>& switchPos); + + // `caseCount` should be the number of cases in the switch statement, + // excluding the default case. + MOZ_MUST_USE bool validateCaseCount(uint32_t caseCount); + + // `bindings` is a lexical scope for the entire switch, in case there's + // let/const effectively directly under case or default blocks. + MOZ_MUST_USE bool emitLexical(Handle<LexicalScope::Data*> bindings); + + MOZ_MUST_USE bool emitCond(); + MOZ_MUST_USE bool emitTable(const TableGenerator& tableGen); + + MOZ_MUST_USE bool emitCaseJump(); + + MOZ_MUST_USE bool emitCaseBody(); + MOZ_MUST_USE bool emitCaseBody(int32_t caseValue, const TableGenerator& tableGen); + MOZ_MUST_USE bool emitDefaultBody(); + MOZ_MUST_USE bool emitEnd(); + + private: + MOZ_MUST_USE bool emitCaseOrDefaultJump(uint32_t caseIndex, bool isDefault); + MOZ_MUST_USE bool emitImplicitDefault(); +}; + +} /* namespace frontend */ +} /* namespace js */ + +#endif /* frontend_SwitchEmitter_h */
--- a/js/src/frontend/TokenStream.cpp +++ b/js/src/frontend/TokenStream.cpp @@ -435,16 +435,42 @@ TokenStreamAnyChars::TokenStreamAnyChars template<typename CharT> TokenStreamCharsBase<CharT>::TokenStreamCharsBase(JSContext* cx, const CharT* chars, size_t length, size_t startOffset) : TokenStreamCharsShared(cx), sourceUnits(chars, length, startOffset) {} +template<> +MOZ_MUST_USE bool +TokenStreamCharsBase<char16_t>::fillCharBufferWithTemplateStringContents(const char16_t* cur, + const char16_t* end) +{ + MOZ_ASSERT(this->charBuffer.length() == 0); + + while (cur < end) { + // Template literals normalize only '\r' and "\r\n" to '\n'. The + // Unicode separators need no special handling here. + // https://tc39.github.io/ecma262/#sec-static-semantics-tv-and-trv + char16_t ch = *cur++; + if (ch == '\r') { + ch = '\n'; + if (cur < end && *cur == '\n') + cur++; + } + + if (!this->charBuffer.append(ch)) + return false; + } + + MOZ_ASSERT(cur == end); + return true; +} + template<typename CharT, class AnyCharsAccess> TokenStreamSpecific<CharT, AnyCharsAccess>::TokenStreamSpecific(JSContext* cx, const ReadOnlyCompileOptions& options, const CharT* base, size_t length) : TokenStreamChars<CharT, AnyCharsAccess>(cx, base, length, options.scriptSourceOffset) {} bool @@ -482,19 +508,16 @@ void TokenStreamAnyChars::undoInternalUpdateLineInfoForEOL() { MOZ_ASSERT(prevLinebase != size_t(-1)); // we should never get more than one EOL linebase = prevLinebase; prevLinebase = size_t(-1); lineno--; } -// This gets a full code point, starting from an already-consumed leading code -// unit, normalizing EOL sequences to '\n', also updating line/column info as -// needed. template<class AnyCharsAccess> bool TokenStreamChars<char16_t, AnyCharsAccess>::getCodePoint(int32_t* cp) { TokenStreamAnyChars& anyChars = anyCharsAccess(); if (MOZ_UNLIKELY(this->sourceUnits.atEnd())) { anyChars.flags.isEOF = true; @@ -505,20 +528,17 @@ TokenStreamChars<char16_t, AnyCharsAcces int32_t c = this->sourceUnits.getCodeUnit(); do { // Normalize the char16_t if it was a newline. if (MOZ_UNLIKELY(c == '\n')) break; if (MOZ_UNLIKELY(c == '\r')) { - // If it's a \r\n sequence: treat as a single EOL, skip over the \n. - if (MOZ_LIKELY(!this->sourceUnits.atEnd())) - this->sourceUnits.matchCodeUnit('\n'); - + matchLineTerminator('\n'); break; } if (MOZ_UNLIKELY(c == unicode::LINE_SEPARATOR || c == unicode::PARA_SEPARATOR)) break; *cp = c; return true; @@ -596,31 +616,16 @@ TokenStreamChars<char16_t, AnyCharsAcces unicode::UTF16Encode(codePoint, units, &numUnits); MOZ_ASSERT(numUnits == 1 || numUnits == 2); while (numUnits-- > 0) ungetCodeUnit(units[numUnits]); } -template<class AnyCharsAccess> -void -TokenStreamChars<char16_t, AnyCharsAccess>::ungetLineTerminator() -{ - this->sourceUnits.ungetCodeUnit(); - - char16_t last = this->sourceUnits.peekCodeUnit(); - MOZ_ASSERT(SourceUnits::isRawEOLChar(last)); - - if (last == '\n') - this->sourceUnits.ungetOptionalCRBeforeLF(); - - anyCharsAccess().undoInternalUpdateLineInfoForEOL(); -} - template<typename CharT> size_t SourceUnits<CharT>::findEOLMax(size_t start, size_t max) { const CharT* p = codeUnitPtrAt(start); size_t n = 0; while (true) { @@ -1324,30 +1329,25 @@ TokenStreamSpecific<CharT, AnyCharsAcces return false; continue; } if (unit != '\\' || !matchUnicodeEscapeIdent(&codePoint)) break; } else { - int32_t cp; - if (!getNonAsciiCodePoint(unit, &cp)) + // |restoreNextRawCharAddress| undoes all gets, and this function + // doesn't update line/column info. + char32_t cp; + if (!getNonAsciiCodePointDontNormalize(unit, &cp)) return false; - codePoint = AssertedCast<uint32_t>(cp); - - if (!unicode::IsIdentifierPart(codePoint)) { - if (MOZ_UNLIKELY(codePoint == '\n')) { - // |restoreNextRawCharAddress| will undo all gets, but we - // have to revert a line/column update manually. - anyCharsAccess().undoInternalUpdateLineInfoForEOL(); - } + codePoint = cp; + if (!unicode::IsIdentifierPart(codePoint)) break; - } } if (!appendCodePointToCharBuffer(codePoint)) return false; } while (true); return true; } @@ -1506,26 +1506,26 @@ static const uint8_t firstCharKinds[] = #undef T_RB #undef T_LC #undef T_RC #undef _______ static_assert(LastCharKind < (1 << (sizeof(firstCharKinds[0]) * 8)), "Elements of firstCharKinds[] are too small"); -template<typename CharT, class AnyCharsAccess> void -GeneralTokenStreamChars<CharT, AnyCharsAccess>::consumeRestOfSingleLineComment() +SpecializedTokenStreamCharsBase<char16_t>::infallibleConsumeRestOfSingleLineComment() { - int32_t c; - do { - c = getCodeUnit(); - } while (c != EOF && !SourceUnits::isRawEOLChar(c)); - - ungetCodeUnit(c); + while (MOZ_LIKELY(!this->sourceUnits.atEnd())) { + char16_t unit = this->sourceUnits.peekCodeUnit(); + if (SourceUnits::isRawEOLChar(unit)) + return; + + this->sourceUnits.consumeKnownCodeUnit(unit); + } } template<typename CharT, class AnyCharsAccess> MOZ_MUST_USE bool TokenStreamSpecific<CharT, AnyCharsAccess>::decimalNumber(int32_t unit, TokenStart start, const CharT* numStart, Modifier modifier, TokenKind* out) { @@ -1623,23 +1623,26 @@ template<typename CharT, class AnyCharsA MOZ_MUST_USE bool TokenStreamSpecific<CharT, AnyCharsAccess>::regexpLiteral(TokenStart start, TokenKind* out) { MOZ_ASSERT(this->sourceUnits.previousCodeUnit() == '/'); this->charBuffer.clear(); auto ProcessNonAsciiCodePoint = [this](int32_t lead) { MOZ_ASSERT(lead != EOF); - - int32_t codePoint; - if (!this->getNonAsciiCodePoint(lead, &codePoint)) + MOZ_ASSERT(!this->isAsciiCodePoint(lead)); + + char32_t codePoint; + if (!this->getNonAsciiCodePointDontNormalize(lead, &codePoint)) return false; - if (codePoint == '\n') { - this->ungetLineTerminator(); + if (MOZ_UNLIKELY(codePoint == unicode::LINE_SEPARATOR || + codePoint == unicode::PARA_SEPARATOR)) + { + this->sourceUnits.ungetLineOrParagraphSeparator(); this->reportError(JSMSG_UNTERMINATED_REGEXP); return false; } return this->appendCodePointToCharBuffer(codePoint); }; auto ReportUnterminatedRegExp = [this](CharT unit) { @@ -1650,55 +1653,63 @@ TokenStreamSpecific<CharT, AnyCharsAcces bool inCharClass = false; do { int32_t unit = getCodeUnit(); if (unit == EOF) { ReportUnterminatedRegExp(unit); return badToken(); } - if (MOZ_LIKELY(isAsciiCodePoint(unit))) { - if (unit == '\\') { - if (!this->charBuffer.append(unit)) - return badToken(); - - unit = getCodeUnit(); - if (unit == EOF) { - ReportUnterminatedRegExp(unit); - return badToken(); - } - - // Fallthrough only handles ASCII code points, so - // deal with non-ASCII and skip everything else. - if (MOZ_UNLIKELY(!isAsciiCodePoint(unit))) { - if (!ProcessNonAsciiCodePoint(unit)) - return badToken(); - - continue; - } - } else if (unit == '[') { - inCharClass = true; - } else if (unit == ']') { - inCharClass = false; - } else if (unit == '/' && !inCharClass) { - // For IE compat, allow unescaped / in char classes. - break; - } - - if (unit == '\r' || unit == '\n') { + if (MOZ_UNLIKELY(!isAsciiCodePoint(unit))) { + if (!ProcessNonAsciiCodePoint(unit)) + return badToken(); + + continue; + } + + if (unit == '\\') { + if (!this->charBuffer.append(unit)) + return badToken(); + + unit = getCodeUnit(); + if (unit == EOF) { ReportUnterminatedRegExp(unit); return badToken(); } - if (!this->charBuffer.append(unit)) - return badToken(); - } else { - if (!ProcessNonAsciiCodePoint(unit)) - return badToken(); + // Fallthrough only handles ASCII code points, so + // deal with non-ASCII and skip everything else. + if (MOZ_UNLIKELY(!isAsciiCodePoint(unit))) { + if (!ProcessNonAsciiCodePoint(unit)) + return badToken(); + + continue; + } + } else if (unit == '[') { + inCharClass = true; + } else if (unit == ']') { + inCharClass = false; + } else if (unit == '/' && !inCharClass) { + // For IE compat, allow unescaped / in char classes. + break; } + + if (unit == '\r' || unit == '\n') { + ReportUnterminatedRegExp(unit); + return badToken(); + } + + // We're accumulating regular expression *source* text here: source + // text matching a line break will appear as U+005C REVERSE SOLIDUS + // U+006E LATIN SMALL LETTER N, and |unit| here would be the latter + // code point. + MOZ_ASSERT(!SourceUnits::isRawEOLChar(unit)); + + if (!this->charBuffer.append(unit)) + return badToken(); } while (true); int32_t unit; RegExpFlag reflags = NoFlags; while (true) { RegExpFlag flag; unit = getCodeUnit(); if (unit == 'g') @@ -1850,19 +1861,18 @@ TokenStreamSpecific<CharT, AnyCharsAcces // Look for a string or a template string. // if (c1kind == String) return getStringOrTemplateToken(static_cast<char>(unit), modifier, ttp); // Skip over EOL chars, updating line state along the way. // if (c1kind == EOL) { - // If it's a \r\n sequence, consume it as a single EOL. - if (unit == '\r' && !this->sourceUnits.atEnd()) - this->sourceUnits.matchCodeUnit('\n'); + if (unit == '\r') + matchLineTerminator('\n'); if (!updateLineInfoForEOL()) return badToken(); anyCharsAccess().updateFlagsForEOL(); continue; } @@ -2092,17 +2102,19 @@ TokenStreamSpecific<CharT, AnyCharsAcces break; case '<': if (anyCharsAccess().options().allowHTMLComments) { // Treat HTML begin-comment as comment-till-end-of-line. if (matchCodeUnit('!')) { if (matchCodeUnit('-')) { if (matchCodeUnit('-')) { - consumeRestOfSingleLineComment(); + if (!consumeRestOfSingleLineComment()) + return false; + continue; } ungetCodeUnit('-'); } ungetCodeUnit('!'); } } if (matchCodeUnit('<')) @@ -2137,17 +2149,19 @@ TokenStreamSpecific<CharT, AnyCharsAcces bool shouldWarn = unit == '@'; if (!getDirectives(false, shouldWarn)) return false; } else { // NOTE: |unit| may be EOF here. ungetCodeUnit(unit); } - consumeRestOfSingleLineComment(); + if (!consumeRestOfSingleLineComment()) + return false; + continue; } // Look for a multi-line comment. if (matchCodeUnit('*')) { TokenStreamAnyChars& anyChars = anyCharsAccess(); unsigned linenoBefore = anyChars.lineno; @@ -2194,17 +2208,19 @@ TokenStreamSpecific<CharT, AnyCharsAcces break; case '-': if (matchCodeUnit('-')) { if (anyCharsAccess().options().allowHTMLComments && !anyCharsAccess().flags.isDirtyLine) { if (matchCodeUnit('>')) { - consumeRestOfSingleLineComment(); + if (!consumeRestOfSingleLineComment()) + return false; + continue; } } simpleKind = TokenKind::Dec; } else { simpleKind = matchCodeUnit('=') ? TokenKind::SubAssign : TokenKind::Sub; } @@ -2337,18 +2353,17 @@ TokenStreamSpecific<CharT, AnyCharsAcces case 'b': unit = '\b'; break; case 'f': unit = '\f'; break; case 'n': unit = '\n'; break; case 'r': unit = '\r'; break; case 't': unit = '\t'; break; case 'v': unit = '\v'; break; case '\r': - if (MOZ_LIKELY(!this->sourceUnits.atEnd())) - this->sourceUnits.matchCodeUnit('\n'); + matchLineTerminator('\n'); MOZ_FALLTHROUGH; case '\n': { // LineContinuation represents no code points. We're manually // consuming a LineTerminatorSequence, so we must manually // update line/column info. if (!updateLineInfoForEOL()) return false; @@ -2544,20 +2559,17 @@ TokenStreamSpecific<CharT, AnyCharsAcces // String literals don't allow ASCII line breaks. ungetCodeUnit(unit); ReportPrematureEndOfLiteral(JSMSG_EOL_BEFORE_END_OF_STRING); return false; } if (unit == '\r') { unit = '\n'; - - // If it's a \r\n sequence: treat as a single EOL, skip over the \n. - if (!this->sourceUnits.atEnd()) - this->sourceUnits.matchCodeUnit('\n'); + matchLineTerminator('\n'); } if (!updateLineInfoForEOL()) return false; anyCharsAccess().updateFlagsForEOL(); } else if (parsingTemplate && unit == '$' && matchCodeUnit('{')) { templateHead = true; @@ -2610,31 +2622,31 @@ TokenKindToString(TokenKind tt) #undef EMIT_CASE case TokenKind::Limit: break; } return "<bad TokenKind>"; } #endif -template class frontend::TokenStreamCharsBase<Utf8Unit>; -template class frontend::TokenStreamCharsBase<char16_t>; - -template class frontend::TokenStreamChars<char16_t, frontend::TokenStreamAnyCharsAccess>; -template class frontend::TokenStreamSpecific<char16_t, frontend::TokenStreamAnyCharsAccess>; +template class TokenStreamCharsBase<Utf8Unit>; +template class TokenStreamCharsBase<char16_t>; + +template class TokenStreamChars<char16_t, TokenStreamAnyCharsAccess>; +template class TokenStreamSpecific<char16_t, TokenStreamAnyCharsAccess>; template class -frontend::TokenStreamChars<char16_t, frontend::ParserAnyCharsAccess<frontend::GeneralParser<frontend::FullParseHandler, char16_t>>>; +TokenStreamChars<char16_t, ParserAnyCharsAccess<GeneralParser<FullParseHandler, char16_t>>>; template class -frontend::TokenStreamChars<char16_t, frontend::ParserAnyCharsAccess<frontend::GeneralParser<frontend::SyntaxParseHandler, char16_t>>>; +TokenStreamChars<char16_t, ParserAnyCharsAccess<GeneralParser<SyntaxParseHandler, char16_t>>>; template class -frontend::TokenStreamSpecific<char16_t, frontend::ParserAnyCharsAccess<frontend::GeneralParser<frontend::FullParseHandler, char16_t>>>; +TokenStreamSpecific<char16_t, ParserAnyCharsAccess<GeneralParser<FullParseHandler, char16_t>>>; template class -frontend::TokenStreamSpecific<char16_t, frontend::ParserAnyCharsAccess<frontend::GeneralParser<frontend::SyntaxParseHandler, char16_t>>>; +TokenStreamSpecific<char16_t, ParserAnyCharsAccess<GeneralParser<SyntaxParseHandler, char16_t>>>; } // namespace frontend } // namespace js JS_FRIEND_API(int) js_fgets(char* buf, int size, FILE* file)
--- a/js/src/frontend/TokenStream.h +++ b/js/src/frontend/TokenStream.h @@ -55,33 +55,51 @@ * potentially the compiler *can't* unify them because offsets into the * hypothetical TokenStream<CharT>s would differ.) Second, some of this stuff * needs to be accessible in ParserBase, the aspects of JS language parsing * that have meaning independent of the character type of the source text being * parsed. So we need a separate data structure that ParserBase can hold on to * for it. (ParserBase isn't the only instance of this, but it's certainly the * biggest case of it.) Ergo, TokenStreamAnyChars. * - * == TokenStreamCharsBase<CharT> → ∅ == + * == TokenStreamCharsShared → ∅ == + * + * Some functionality has meaning independent of character type, yet has no use + * *unless* you know the character type in actual use. It *could* live in + * TokenStreamAnyChars, but it makes more sense to live in a separate class + * that character-aware token information can simply inherit. * - * Certain data structures in tokenizing are character-type-specific: + * This class currently exists only to contain a char16_t buffer, transiently + * used to accumulate strings in tricky cases that can't just be read directly + * from source text. It's not used outside character-aware tokenizing, so it + * doesn't make sense in TokenStreamAnyChars. + * + * == TokenStreamCharsBase<CharT> → TokenStreamCharsShared == + * + * Certain data structures in tokenizing are character-type-specific: namely, * the various pointers identifying the source text (including current offset - * and end) , and the temporary vector into which characters are read/written - * in certain cases (think writing out the actual codepoints identified by an - * identifier containing a Unicode escape, to create the atom for the - * identifier: |a\u0062c| versus |abc|, for example). + * and end). * * Additionally, some functions operating on this data are defined the same way - * no matter what character type you have -- the offset being |offset - start| - * no matter whether those two variables are single- or double-byte pointers. + * no matter what character type you have (e.g. current offset in code units + * into the source text) or share a common interface regardless of character + * type (e.g. consume the next code unit if it has a given value). * * All such functionality lives in TokenStreamCharsBase<CharT>. * + * == SpecializedTokenStreamCharsBase<CharT> → TokenStreamCharsBase<CharT> == + * + * Certain tokenizing functionality is specific to a single character type. + * For example, JS's UTF-16 encoding recognizes no coding errors, because lone + * surrogates are not an error; but a UTF-8 encoding must recognize a variety + * of validation errors. Such functionality is defined only in the appropriate + * SpecializedTokenStreamCharsBase specialization. + * * == GeneralTokenStreamChars<CharT, AnyCharsAccess> → - * TokenStreamCharsBase<CharT> == + * SpecializedTokenStreamCharsBase<CharT> == * * Some functionality operates differently on different character types, just * as for TokenStreamCharsBase, but additionally requires access to character- * type-agnostic information in TokenStreamAnyChars. For example, getting the * next character performs different steps for different character types and * must access TokenStreamAnyChars to update line break information. * * Such functionality, if it can be defined using the same algorithm for all @@ -923,16 +941,19 @@ CodeUnitValue(char16_t unit) } constexpr uint8_t CodeUnitValue(mozilla::Utf8Unit unit) { return unit.toUint8(); } +template<typename CharT> +class TokenStreamCharsBase; + // This is the low-level interface to the JS source code buffer. It just gets // raw Unicode code units -- 16-bit char16_t units of source text that are not // (always) full code points, and 8-bit units of UTF-8 source text soon. // TokenStreams functions are layered on top and do some extra stuff like // converting all EOL sequences to '\n', tracking the line number, and setting // |flags.isEOF|. (The "raw" in "raw Unicode code units" refers to the lack of // EOL sequence normalization.) // @@ -1045,39 +1066,53 @@ class SourceUnits void unskipCodeUnits(uint32_t n) { MOZ_ASSERT(ptr, "shouldn't use poisoned SourceUnits"); MOZ_ASSERT(n <= mozilla::PointerRangeSize(base_, ptr), "shouldn't unskip beyond start of SourceUnits"); ptr -= n; } - bool matchCodeUnit(CharT c) { - if (*ptr == c) { // this will nullptr-crash if poisoned + private: + friend class TokenStreamCharsBase<CharT>; + + bool internalMatchCodeUnit(CharT c) { + MOZ_ASSERT(ptr, "shouldn't use poisoned SourceUnits"); + if (MOZ_LIKELY(!atEnd()) && *ptr == c) { ptr++; return true; } return false; } + public: + void consumeKnownCodeUnit(CharT c) { + MOZ_ASSERT(ptr, "shouldn't use poisoned SourceUnits"); + MOZ_ASSERT(*ptr == c, "consuming the wrong code unit"); + ptr++; + } + /** * Unget the '\n' (CR) that precedes a '\n' (LF), when ungetting a line * terminator that's a full "\r\n" sequence. If the prior code unit isn't * '\r', do nothing. */ void ungetOptionalCRBeforeLF() { MOZ_ASSERT(ptr, "shouldn't unget a '\\r' from poisoned SourceUnits"); MOZ_ASSERT(*ptr == CharT('\n'), "function should only be called when a '\\n' was just " "ungotten, and any '\\r' preceding it must also be " "ungotten"); if (*(ptr - 1) == CharT('\r')) ptr--; } + /** Unget U+2028 LINE SEPARATOR or U+2029 PARAGRAPH SEPARATOR. */ + inline void ungetLineOrParagraphSeparator(); + void ungetCodeUnit() { MOZ_ASSERT(!atStart(), "can't unget if currently at start"); MOZ_ASSERT(ptr); // make sure it hasn't been poisoned ptr--; } const CharT* addressOfNextCodeUnit(bool allowPoisoned = false) const { MOZ_ASSERT_IF(!allowPoisoned, ptr); // make sure it hasn't been poisoned @@ -1117,16 +1152,43 @@ class SourceUnits /** Limit for quick bounds check. */ const CharT* limit_; /** Next char to get. */ const CharT* ptr; }; +template<> +inline void +SourceUnits<char16_t>::ungetLineOrParagraphSeparator() +{ +#ifdef DEBUG + char16_t prev = previousCodeUnit(); +#endif + MOZ_ASSERT(prev == unicode::LINE_SEPARATOR || prev == unicode::PARA_SEPARATOR); + + ungetCodeUnit(); +} + +template<> +inline void +SourceUnits<mozilla::Utf8Unit>::ungetLineOrParagraphSeparator() +{ + unskipCodeUnits(3); + + MOZ_ASSERT(ptr[0].toUint8() == 0xE2); + MOZ_ASSERT(ptr[1].toUint8() == 0x80); + +#ifdef DEBUG + uint8_t last = ptr[2].toUint8(); +#endif + MOZ_ASSERT(last == 0xA8 || last == 0xA9); +} + class TokenStreamCharsShared { // Using char16_t (not CharT) is a simplifying decision that hopefully // eliminates the need for a UTF-8 regular expression parser and makes // |copyCharBufferTo| markedly simpler. using CharBuffer = Vector<char16_t, 32>; protected: @@ -1166,58 +1228,79 @@ class TokenStreamCharsShared CharBuffer& getCharBuffer() { return charBuffer; } }; template<typename CharT> class TokenStreamCharsBase : public TokenStreamCharsShared { protected: + TokenStreamCharsBase(JSContext* cx, const CharT* chars, size_t length, size_t startOffset); + /** * Convert a non-EOF code unit returned by |getCodeUnit()| or * |peekCodeUnit()| to a CharT code unit. */ inline CharT toCharT(int32_t codeUnitValue); void ungetCodeUnit(int32_t c) { if (c == EOF) return; sourceUnits.ungetCodeUnit(); } - public: - TokenStreamCharsBase(JSContext* cx, const CharT* chars, size_t length, size_t startOffset); - static MOZ_ALWAYS_INLINE JSAtom* atomizeSourceChars(JSContext* cx, const CharT* chars, size_t length); using SourceUnits = frontend::SourceUnits<CharT>; - /** Match a non-EOL, non-EOF code unit; return true iff it was matched. */ - inline bool matchCodeUnit(int32_t expect); + /** + * Try to match a non-LineTerminator ASCII code point. Return true iff it + * was matched. + */ + bool matchCodeUnit(char expect) { + MOZ_ASSERT(mozilla::IsAscii(expect)); + MOZ_ASSERT(expect != '\r'); + MOZ_ASSERT(expect != '\n'); + return this->sourceUnits.internalMatchCodeUnit(CharT(expect)); + } - protected: + /** + * Try to match an ASCII LineTerminator code point. Return true iff it was + * matched. + */ + bool matchLineTerminator(char expect) { + MOZ_ASSERT(expect == '\r' || expect == '\n'); + return this->sourceUnits.internalMatchCodeUnit(CharT(expect)); + } + + template<typename T> bool matchCodeUnit(T) = delete; + template<typename T> bool matchLineTerminator(T) = delete; + int32_t peekCodeUnit() { return MOZ_LIKELY(!sourceUnits.atEnd()) ? CodeUnitValue(sourceUnits.peekCodeUnit()) : EOF; } - void consumeKnownCodeUnit(int32_t unit) { - MOZ_ASSERT(unit != EOF, "shouldn't be matching EOF"); - MOZ_ASSERT(!sourceUnits.atEnd(), "must have units to consume"); -#ifdef DEBUG - CharT next = -#endif - sourceUnits.getCodeUnit(); - MOZ_ASSERT(CodeUnitValue(next) == unit, - "must be consuming the correct unit"); - } + /** Consume a known, non-EOF code unit. */ + inline void consumeKnownCodeUnit(int32_t unit); - MOZ_MUST_USE inline bool - fillCharBufferWithTemplateStringContents(const CharT* cur, const CharT* end); + // Forbid accidental calls to consumeKnownCodeUnit *not* with the single + // unit-or-EOF type. CharT should use SourceUnits::consumeKnownCodeUnit; + // CodeUnitValue() results should go through toCharT(), or better yet just + // use the original CharT. + template<typename T> inline void consumeKnownCodeUnit(T) = delete; + + /** + * Accumulate the provided range of already-validated (i.e. valid UTF-8, or + * anything if CharT is char16_t because JS permits lone and mispaired + * surrogates) raw template literal text (i.e. containing no escapes or + * substitutions) into |charBuffer|. + */ + MOZ_MUST_USE bool fillCharBufferWithTemplateStringContents(const CharT* cur, const CharT* end); protected: /** Code units in the source code being tokenized. */ SourceUnits sourceUnits; }; template<> inline char16_t @@ -1230,59 +1313,103 @@ TokenStreamCharsBase<char16_t>::toCharT( template<> inline mozilla::Utf8Unit TokenStreamCharsBase<mozilla::Utf8Unit>::toCharT(int32_t value) { MOZ_ASSERT(value != EOF, "EOF is not a CharT"); return mozilla::Utf8Unit(static_cast<unsigned char>(value)); } +template<typename CharT> +inline void +TokenStreamCharsBase<CharT>::consumeKnownCodeUnit(int32_t unit) +{ + sourceUnits.consumeKnownCodeUnit(toCharT(unit)); +} + template<> /* static */ MOZ_ALWAYS_INLINE JSAtom* TokenStreamCharsBase<char16_t>::atomizeSourceChars(JSContext* cx, const char16_t* chars, size_t length) { return AtomizeChars(cx, chars, length); } template<typename CharT> -inline bool -TokenStreamCharsBase<CharT>::matchCodeUnit(int32_t expect) -{ - MOZ_ASSERT(expect != EOF, "shouldn't be matching EOFs"); - MOZ_ASSERT(!SourceUnits::isRawEOLChar(expect)); - return MOZ_LIKELY(!this->sourceUnits.atEnd()) && - this->sourceUnits.matchCodeUnit(toCharT(expect)); -} +class SpecializedTokenStreamCharsBase; template<> -MOZ_MUST_USE inline bool -TokenStreamCharsBase<char16_t>::fillCharBufferWithTemplateStringContents(const char16_t* cur, - const char16_t* end) +class SpecializedTokenStreamCharsBase<char16_t> + : public TokenStreamCharsBase<char16_t> { - MOZ_ASSERT(this->charBuffer.length() == 0); + using CharsBase = TokenStreamCharsBase<char16_t>; + + protected: + using TokenStreamCharsShared::isAsciiCodePoint; + // Deliberately don't |using| |sourceUnits| because of bug 1472569. :-( + + using typename CharsBase::SourceUnits; + + protected: + // These APIs are only usable by UTF-16-specific code. - while (cur < end) { - // U+2028 LINE SEPARATOR and U+2029 PARAGRAPH SEPARATOR are - // interpreted literally inside template literal contents; only - // literal CRLF sequences are normalized to '\n'. See - // <https://tc39.github.io/ecma262/#sec-static-semantics-tv-and-trv>. - char16_t ch = *cur++; - if (ch == '\r') { - ch = '\n'; - if (cur < end && *cur == '\n') - cur++; + /** + * Consume the rest of a single-line comment (but not the EOL/EOF that + * terminates it) -- infallibly because no 16-bit code unit sequence in a + * comment is an error. + */ + void infallibleConsumeRestOfSingleLineComment(); + + /** + * Given |lead| already consumed, consume and return the code point encoded + * starting from it. Infallible because lone surrogates in JS encode a + * "code point" of the same value. + */ + char32_t infallibleGetNonAsciiCodePointDontNormalize(char16_t lead) { + MOZ_ASSERT(!isAsciiCodePoint(lead)); + MOZ_ASSERT(this->sourceUnits.previousCodeUnit() == lead); + + // Handle single-unit code points and lone trailing surrogates. + if (MOZ_LIKELY(!unicode::IsLeadSurrogate(lead)) || + // Or handle lead surrogates not paired with trailing surrogates. + MOZ_UNLIKELY(this->sourceUnits.atEnd() || + !unicode::IsTrailSurrogate(this->sourceUnits.peekCodeUnit()))) + { + return lead; } - if (!this->charBuffer.append(ch)) - return false; + // Otherwise it's a multi-unit code point. + return unicode::UTF16Decode(lead, this->sourceUnits.getCodeUnit()); } - return true; -} + protected: + // These APIs are in both SpecializedTokenStreamCharsBase specializations + // and so are usable in subclasses no matter what CharT is. + + using CharsBase::CharsBase; +}; + +template<> +class SpecializedTokenStreamCharsBase<mozilla::Utf8Unit> + : public TokenStreamCharsBase<mozilla::Utf8Unit> +{ + using CharsBase = TokenStreamCharsBase<mozilla::Utf8Unit>; + + protected: + // Deliberately don't |using| |sourceUnits| because of bug 1472569. :-( + + protected: + // These APIs are only usable by UTF-8-specific code. + + protected: + // These APIs are in both SpecializedTokenStreamCharsBase specializations + // and so are usable in subclasses no matter what CharT is. + + using CharsBase::CharsBase; +}; /** A small class encapsulating computation of the start-offset of a Token. */ class TokenStart { uint32_t startOffset_; public: /** @@ -1297,19 +1424,20 @@ class TokenStart TokenStart(const TokenStart&) = default; uint32_t offset() const { return startOffset_; } }; template<typename CharT, class AnyCharsAccess> class GeneralTokenStreamChars - : public TokenStreamCharsBase<CharT> + : public SpecializedTokenStreamCharsBase<CharT> { using CharsBase = TokenStreamCharsBase<CharT>; + using SpecializedCharsBase = SpecializedTokenStreamCharsBase<CharT>; Token* newTokenInternal(TokenKind kind, TokenStart start, TokenKind* out); /** * Allocates a new Token from the given offset to the current offset, * ascribes it the given kind, and sets |*out| to that kind. */ Token* newToken(TokenKind kind, TokenStart start, TokenStreamShared::Modifier modifier, @@ -1327,20 +1455,23 @@ class GeneralTokenStreamChars return token; } uint32_t matchUnicodeEscape(uint32_t* codePoint); uint32_t matchExtendedUnicodeEscape(uint32_t* codePoint); protected: + using TokenStreamCharsShared::drainCharBufferIntoAtom; + using CharsBase::fillCharBufferWithTemplateStringContents; + using typename CharsBase::SourceUnits; protected: - using CharsBase::CharsBase; + using SpecializedCharsBase::SpecializedCharsBase; TokenStreamAnyChars& anyCharsAccess() { return AnyCharsAccess::anyChars(this); } const TokenStreamAnyChars& anyCharsAccess() const { return AnyCharsAccess::anyChars(this); } @@ -1412,62 +1543,96 @@ class GeneralTokenStreamChars } void ungetCodeUnit(int32_t c) { MOZ_ASSERT_IF(c == EOF, anyCharsAccess().flags.isEOF); CharsBase::ungetCodeUnit(c); } - /** - * Consume code units til EOL/EOF following the start of a single-line - * comment, without consuming the EOL/EOF. - */ - void consumeRestOfSingleLineComment(); - MOZ_MUST_USE MOZ_ALWAYS_INLINE bool updateLineInfoForEOL() { return anyCharsAccess().internalUpdateLineInfoForEOL(this->sourceUnits.offset()); } uint32_t matchUnicodeEscapeIdStart(uint32_t* codePoint); bool matchUnicodeEscapeIdent(uint32_t* codePoint); + + public: + JSAtom* getRawTemplateStringAtom() { + TokenStreamAnyChars& anyChars = anyCharsAccess(); + + MOZ_ASSERT(anyChars.currentToken().type == TokenKind::TemplateHead || + anyChars.currentToken().type == TokenKind::NoSubsTemplate); + const CharT* cur = this->sourceUnits.codeUnitPtrAt(anyChars.currentToken().pos.begin + 1); + const CharT* end; + if (anyChars.currentToken().type == TokenKind::TemplateHead) { + // Of the form |`...${| or |}...${| + end = this->sourceUnits.codeUnitPtrAt(anyChars.currentToken().pos.end - 2); + } else { + // NO_SUBS_TEMPLATE is of the form |`...`| or |}...`| + end = this->sourceUnits.codeUnitPtrAt(anyChars.currentToken().pos.end - 1); + } + + if (!fillCharBufferWithTemplateStringContents(cur, end)) + return nullptr; + + return drainCharBufferIntoAtom(anyChars.cx); + } }; template<typename CharT, class AnyCharsAccess> class TokenStreamChars; template<class AnyCharsAccess> class TokenStreamChars<char16_t, AnyCharsAccess> : public GeneralTokenStreamChars<char16_t, AnyCharsAccess> { private: using CharsBase = TokenStreamCharsBase<char16_t>; + using SpecializedCharsBase = SpecializedTokenStreamCharsBase<char16_t>; using GeneralCharsBase = GeneralTokenStreamChars<char16_t, AnyCharsAccess>; using Self = TokenStreamChars<char16_t, AnyCharsAccess>; using GeneralCharsBase::asSpecific; using typename GeneralCharsBase::TokenStreamSpecific; protected: using GeneralCharsBase::anyCharsAccess; using GeneralCharsBase::getCodeUnit; + using SpecializedCharsBase::infallibleConsumeRestOfSingleLineComment; + using SpecializedCharsBase::infallibleGetNonAsciiCodePointDontNormalize; using TokenStreamCharsShared::isAsciiCodePoint; + using CharsBase::matchLineTerminator; // Deliberately don't |using| |sourceUnits| because of bug 1472569. :-( using GeneralCharsBase::ungetCodeUnit; using GeneralCharsBase::updateLineInfoForEOL; using typename GeneralCharsBase::SourceUnits; protected: using GeneralCharsBase::GeneralCharsBase; - // Try to get the next code point, normalizing '\r', '\r\n', '\n', and the - // Unicode line/paragraph separators into '\n'. Also updates internal - // line-counter state. Return true on success and store the code point in - // |*c|. Return false and leave |*c| undefined on failure. + /** + * Given the non-ASCII |lead| code unit just consumed, consume and return a + * complete non-ASCII code point. Line/column updates are not performed, + * and line breaks are returned as-is without normalization. + */ + MOZ_MUST_USE bool getNonAsciiCodePointDontNormalize(char16_t lead, char32_t* codePoint) { + // There are no encoding errors in 16-bit JS, so implement this so that + // the compiler knows it, too. + *codePoint = infallibleGetNonAsciiCodePointDontNormalize(lead); + return true; + } + + /** + * Get the next code point, converting LineTerminatorSequences to '\n' and + * updating internal line-counter state if needed. Return true on success + * and store the code point in |*c|. Return false and leave |*c| undefined + * on failure. + */ MOZ_MUST_USE bool getCodePoint(int32_t* cp); /** * Given a just-consumed ASCII code unit/point |lead|, consume a full code * point or LineTerminatorSequence (normalizing it to '\n') and store it in * |*codePoint|. Return true on success, otherwise return false and leave * |*codePoint| undefined on failure. * @@ -1478,19 +1643,17 @@ class TokenStreamChars<char16_t, AnyChar MOZ_MUST_USE bool getFullAsciiCodePoint(int32_t lead, int32_t* codePoint) { MOZ_ASSERT(isAsciiCodePoint(lead), "non-ASCII code units must be handled separately"); // NOTE: |this->|-qualify to avoid a gcc bug: see bug 1472569. MOZ_ASSERT(lead == this->sourceUnits.previousCodeUnit(), "getFullAsciiCodePoint called incorrectly"); if (MOZ_UNLIKELY(lead == '\r')) { - // NOTE: |this->|-qualify to avoid a gcc bug: see bug 1472569. - if (MOZ_LIKELY(!this->sourceUnits.atEnd())) - this->sourceUnits.matchCodeUnit('\n'); + matchLineTerminator('\n'); } else if (MOZ_LIKELY(lead != '\n')) { *codePoint = lead; return true; } *codePoint = '\n'; bool ok = updateLineInfoForEOL(); if (!ok) { @@ -1498,26 +1661,27 @@ class TokenStreamChars<char16_t, AnyChar *codePoint = EOF; // sentinel value to hopefully cause errors #endif MOZ_MAKE_MEM_UNDEFINED(codePoint, sizeof(*codePoint)); } return ok; } /** - * Given a just-consumed non-ASCII code unit (and maybe point) |lead|, - * consume a full code point or LineTerminatorSequence (normalizing it to - * '\n') and store it in |*codePoint|. Return true on success, otherwise - * return false and leave |*codePoint| undefined on failure. + * Given a just-consumed non-ASCII code unit |lead| (which may also be a + * full code point, for UTF-16), consume a full code point or + * LineTerminatorSequence (normalizing it to '\n') and store it in + * |*codePoint|. Return true on success, otherwise return false and leave + * |*codePoint| undefined on failure. * * If a LineTerminatorSequence was consumed, also update line/column info. * * This may change the current |sourceUnits| offset. */ - MOZ_MUST_USE bool getNonAsciiCodePoint(int32_t lead, int32_t* cp); + MOZ_MUST_USE bool getNonAsciiCodePoint(int32_t lead, int32_t* codePoint); /** * Unget a full code point (ASCII or not) without altering line/column * state. If line/column state must be updated, this must happen manually. * This method ungets a single code point, not a LineTerminatorSequence * that is multiple code points. (Generally you shouldn't be in a state * where you've just consumed "\r\n" and want to unget that full sequence.) * @@ -1540,21 +1704,25 @@ class TokenStreamChars<char16_t, AnyChar "should not be ungetting un-normalized code points"); ungetCodePointIgnoreEOL(codePoint); if (codePoint == '\n') anyCharsAccess().undoInternalUpdateLineInfoForEOL(); } /** - * Unget a just-gotten LineTerminator sequence: '\r', '\n', '\r\n', or - * a Unicode line/paragraph separator, also undoing line/column information - * changes reflecting that LineTerminator. + * Consume code points til EOL/EOF following the start of a single-line + * comment, without consuming the EOL/EOF. */ - void ungetLineTerminator(); + MOZ_MUST_USE bool consumeRestOfSingleLineComment() { + // This operation is infallible for UTF-16 -- and this implementation + // approach lets the compiler boil away call-side fallibility handling. + infallibleConsumeRestOfSingleLineComment(); + return true; + } }; // TokenStream is the lexical scanner for JavaScript source text. // // It takes a buffer of CharT code units (currently only char16_t encoding // UTF-16, but we're adding either UTF-8 or Latin-1 single-byte text soon) and // linearly scans it into |Token|s. // @@ -1596,18 +1764,19 @@ class TokenStreamChars<char16_t, AnyChar template<typename CharT, class AnyCharsAccess> class MOZ_STACK_CLASS TokenStreamSpecific : public TokenStreamChars<CharT, AnyCharsAccess>, public TokenStreamShared, public ErrorReporter { public: using CharsBase = TokenStreamCharsBase<CharT>; + using SpecializedCharsBase = SpecializedTokenStreamCharsBase<CharT>; using GeneralCharsBase = GeneralTokenStreamChars<CharT, AnyCharsAccess>; - using SpecializedCharsBase = TokenStreamChars<CharT, AnyCharsAccess>; + using SpecializedChars = TokenStreamChars<CharT, AnyCharsAccess>; using Position = TokenStreamPosition<CharT>; // Anything inherited through a base class whose type depends upon this // class's template parameters can only be accessed through a dependent // name: prefixed with |this|, by explicit qualification, and so on. (This // is so that references to inherited fields are statically distinguishable // from references to names outside of the class.) This is tedious and @@ -1624,38 +1793,40 @@ class MOZ_STACK_CLASS TokenStreamSpecifi using typename CharsBase::SourceUnits; private: using TokenStreamCharsShared::appendCodePointToCharBuffer; using CharsBase::atomizeSourceChars; using GeneralCharsBase::badToken; // Deliberately don't |using| |charBuffer| because of bug 1472569. :-( using CharsBase::consumeKnownCodeUnit; - using GeneralCharsBase::consumeRestOfSingleLineComment; + using SpecializedChars::consumeRestOfSingleLineComment; using TokenStreamCharsShared::copyCharBufferTo; using TokenStreamCharsShared::drainCharBufferIntoAtom; using CharsBase::fillCharBufferWithTemplateStringContents; - using SpecializedCharsBase::getCodePoint; + using SpecializedChars::getCodePoint; using GeneralCharsBase::getCodeUnit; - using SpecializedCharsBase::getFullAsciiCodePoint; - using SpecializedCharsBase::getNonAsciiCodePoint; + using SpecializedChars::getFullAsciiCodePoint; + using SpecializedChars::getNonAsciiCodePoint; + using SpecializedChars::getNonAsciiCodePointDontNormalize; using TokenStreamCharsShared::isAsciiCodePoint; using CharsBase::matchCodeUnit; + using CharsBase::matchLineTerminator; using GeneralCharsBase::matchUnicodeEscapeIdent; using GeneralCharsBase::matchUnicodeEscapeIdStart; using GeneralCharsBase::newAtomToken; using GeneralCharsBase::newNameToken; using GeneralCharsBase::newNumberToken; using GeneralCharsBase::newRegExpToken; using GeneralCharsBase::newSimpleToken; using CharsBase::peekCodeUnit; // Deliberately don't |using| |sourceUnits| because of bug 1472569. :-( - using SpecializedCharsBase::ungetCodePointIgnoreEOL; + using SpecializedChars::ungetCodePointIgnoreEOL; using GeneralCharsBase::ungetCodeUnit; - using SpecializedCharsBase::ungetNonAsciiNormalizedCodePoint; + using SpecializedChars::ungetNonAsciiNormalizedCodePoint; using GeneralCharsBase::updateLineInfoForEOL; template<typename CharU> friend class TokenStreamPosition; public: TokenStreamSpecific(JSContext* cx, const ReadOnlyCompileOptions& options, const CharT* base, size_t length); @@ -1733,37 +1904,16 @@ class MOZ_STACK_CLASS TokenStreamSpecifi // These functions take a |va_list*| parameter, not a |va_list| parameter, // to hack around bug 1363116. (Longer-term, the right fix is of course to // not use ellipsis functions or |va_list| at all in error reporting.) bool reportStrictModeErrorNumberVA(UniquePtr<JSErrorNotes> notes, uint32_t offset, bool strictMode, unsigned errorNumber, va_list* args); bool reportExtraWarningErrorNumberVA(UniquePtr<JSErrorNotes> notes, uint32_t offset, unsigned errorNumber, va_list* args); - JSAtom* getRawTemplateStringAtom() { - TokenStreamAnyChars& anyChars = anyCharsAccess(); - - MOZ_ASSERT(anyChars.currentToken().type == TokenKind::TemplateHead || - anyChars.currentToken().type == TokenKind::NoSubsTemplate); - const CharT* cur = this->sourceUnits.codeUnitPtrAt(anyChars.currentToken().pos.begin + 1); - const CharT* end; - if (anyChars.currentToken().type == TokenKind::TemplateHead) { - // Of the form |`...${| or |}...${| - end = this->sourceUnits.codeUnitPtrAt(anyChars.currentToken().pos.end - 2); - } else { - // NO_SUBS_TEMPLATE is of the form |`...`| or |}...`| - end = this->sourceUnits.codeUnitPtrAt(anyChars.currentToken().pos.end - 1); - } - - if (!fillCharBufferWithTemplateStringContents(cur, end)) - return nullptr; - - return drainCharBufferIntoAtom(anyChars.cx); - } - private: // This is private because it should only be called by the tokenizer while // tokenizing not by, for example, BytecodeEmitter. bool reportStrictModeError(unsigned errorNumber, ...); void reportInvalidEscapeError(uint32_t offset, InvalidEscapeType type) { switch (type) { case InvalidEscapeType::None:
--- a/js/src/gc/ArenaList.h +++ b/js/src/gc/ArenaList.h @@ -236,17 +236,17 @@ class FreeLists inline void clear(); MOZ_ALWAYS_INLINE TenuredCell* allocate(AllocKind kind); inline TenuredCell* setArenaAndAllocate(Arena* arena, AllocKind kind); inline void unmarkPreMarkedFreeCells(AllocKind kind); - const void* addressOfFreeList(AllocKind thingKind) const { + FreeSpan** addressOfFreeList(AllocKind thingKind) { return &freeLists_[thingKind]; } }; class ArenaLists { JS::Zone* zone_; @@ -293,17 +293,17 @@ class ArenaLists public: explicit ArenaLists(JS::Zone* zone); ~ArenaLists(); FreeLists& freeLists() { return freeLists_.ref(); } const FreeLists& freeLists() const { return freeLists_.ref(); } - const void* addressOfFreeList(AllocKind thingKind) const { + FreeSpan** addressOfFreeList(AllocKind thingKind) { return freeLists_.refNoCheck().addressOfFreeList(thingKind); } inline Arena* getFirstArena(AllocKind thingKind) const; inline Arena* getFirstArenaToSweep(AllocKind thingKind) const; inline Arena* getFirstSweptArena(AllocKind thingKind) const; inline Arena* getArenaAfterCursor(AllocKind thingKind) const;
--- a/js/src/gc/GCRuntime.h +++ b/js/src/gc/GCRuntime.h @@ -288,17 +288,19 @@ class GCRuntime void purgeRuntimeForMinorGC(); void shrinkBuffers(); void onOutOfMallocMemory(); void onOutOfMallocMemory(const AutoLockGC& lock); #ifdef JS_GC_ZEAL - const void* addressOfZealModeBits() { return &zealModeBits; } + const uint32_t* addressOfZealModeBits() { + return &zealModeBits.refNoCheck(); + } void getZealBits(uint32_t* zealBits, uint32_t* frequency, uint32_t* nextScheduled); void setZeal(uint8_t zeal, uint32_t frequency); bool parseAndSetZeal(const char* str); void setNextScheduled(uint32_t count); void verifyPreBarriers(); void maybeVerifyPreBarriers(bool always); bool selectForMarking(JSObject* object); void clearSelectedForMarking(); @@ -1000,17 +1002,17 @@ class GCRuntime public: Nursery& nursery() { return nursery_.ref(); } gc::StoreBuffer& storeBuffer() { return storeBuffer_.ref(); } // Free LIFO blocks are transferred to this allocator before being freed // after minor GC. MainThreadData<LifoAlloc> blocksToFreeAfterMinorGC; - const void* addressOfNurseryPosition() { + void* addressOfNurseryPosition() { return nursery_.refNoCheck().addressOfPosition(); } const void* addressOfNurseryCurrentEnd() { return nursery_.refNoCheck().addressOfCurrentEnd(); } const void* addressOfStringNurseryCurrentEnd() { return nursery_.refNoCheck().addressOfCurrentStringEnd(); }
--- a/js/src/gc/Nursery.h +++ b/js/src/gc/Nursery.h @@ -319,19 +319,21 @@ class Nursery void renderProfileJSON(JSONPrinter& json) const; /* Print header line for profile times. */ static void printProfileHeader(); /* Print total profile times on shutdown. */ void printTotalProfileTimes(); - void* addressOfCurrentEnd() const { return (void*)¤tEnd_; } - void* addressOfPosition() const { return (void*)&position_; } - void* addressOfCurrentStringEnd() const { return (void*)¤tStringEnd_; } + void* addressOfPosition() const { return (void**)&position_; } + const void* addressOfCurrentEnd() const { return (void**)¤tEnd_; } + const void* addressOfCurrentStringEnd() const { + return (void*)¤tStringEnd_; + } void requestMinorGC(JS::gcreason::Reason reason) const; bool minorGCRequested() const { return minorGCTriggerReason_ != JS::gcreason::NO_REASON; } JS::gcreason::Reason minorGCTriggerReason() const { return minorGCTriggerReason_; } void clearMinorGCRequest() { minorGCTriggerReason_ = JS::gcreason::NO_REASON; } bool needIdleTimeCollection() const;
--- a/js/src/jit/CodeGenerator.cpp +++ b/js/src/jit/CodeGenerator.cpp @@ -4044,18 +4044,19 @@ CodeGenerator::maybeEmitGlobalBarrierChe if (!maybeGlobal->isConstant()) return; JSObject* obj = &maybeGlobal->toConstant()->toObject(); if (gen->realm->maybeGlobal() != obj) return; - auto addr = AbsoluteAddress(gen->realm->addressOfGlobalWriteBarriered()); - masm.branch32(Assembler::NotEqual, addr, Imm32(0), ool->rejoin()); + const uint32_t* addr = gen->realm->addressOfGlobalWriteBarriered(); + masm.branch32(Assembler::NotEqual, AbsoluteAddress(addr), Imm32(0), + ool->rejoin()); } template <class LPostBarrierType, MIRType nurseryType> void CodeGenerator::visitPostWriteBarrierCommon(LPostBarrierType* lir, OutOfLineCode* ool) { addOutOfLineCode(ool, lir->mir()); @@ -13281,17 +13282,18 @@ CodeGenerator::visitRandom(LRandom* ins) #ifdef JS_PUNBOX64 Register64 s0Reg(ToRegister(ins->temp1())); Register64 s1Reg(ToRegister(ins->temp2())); #else Register64 s0Reg(ToRegister(ins->temp1()), ToRegister(ins->temp2())); Register64 s1Reg(ToRegister(ins->temp3()), ToRegister(ins->temp4())); #endif - const void* rng = gen->realm->addressOfRandomNumberGenerator(); + const XorShift128PlusRNG* rng = + gen->realm->addressOfRandomNumberGenerator(); masm.movePtr(ImmPtr(rng), tempReg); static_assert(sizeof(XorShift128PlusRNG) == 2 * sizeof(uint64_t), "Code below assumes XorShift128PlusRNG contains two uint64_t values"); Address state0Addr(tempReg, XorShift128PlusRNG::offsetOfState0()); Address state1Addr(tempReg, XorShift128PlusRNG::offsetOfState1());
--- a/js/src/jit/CompileWrappers.cpp +++ b/js/src/jit/CompileWrappers.cpp @@ -23,17 +23,17 @@ CompileRuntime::runtime() /* static */ CompileRuntime* CompileRuntime::get(JSRuntime* rt) { return reinterpret_cast<CompileRuntime*>(rt); } #ifdef JS_GC_ZEAL -const void* +const uint32_t* CompileRuntime::addressOfGCZealModeBits() { return runtime()->gc.addressOfZealModeBits(); } #endif const JitRuntime* CompileRuntime::jitRuntime() @@ -166,50 +166,56 @@ CompileZone::isAtomsZone() #ifdef DEBUG const void* CompileZone::addressOfIonBailAfter() { return zone()->runtimeFromAnyThread()->jitRuntime()->addressOfIonBailAfter(); } #endif -const void* +const uint32_t* CompileZone::addressOfNeedsIncrementalBarrier() { return zone()->addressOfNeedsIncrementalBarrier(); } -const void* +gc::FreeSpan** CompileZone::addressOfFreeList(gc::AllocKind allocKind) { return zone()->arenas.addressOfFreeList(allocKind); } -const void* +void* CompileZone::addressOfNurseryPosition() { return zone()->runtimeFromAnyThread()->gc.addressOfNurseryPosition(); } -const void* +void* CompileZone::addressOfStringNurseryPosition() { // Objects and strings share a nursery, for now at least. return zone()->runtimeFromAnyThread()->gc.addressOfNurseryPosition(); } const void* CompileZone::addressOfNurseryCurrentEnd() { return zone()->runtimeFromAnyThread()->gc.addressOfNurseryCurrentEnd(); } const void* CompileZone::addressOfStringNurseryCurrentEnd() { + // Although objects and strings share a nursery (and this may change) + // there is still a separate string end address. The only time it + // is different from the regular end address, is when nursery strings are + // disabled (it will be NULL). + // + // This function returns _a pointer to_ that end address. return zone()->runtimeFromAnyThread()->gc.addressOfStringNurseryCurrentEnd(); } bool CompileZone::canNurseryAllocateStrings() { return nurseryExists() && zone()->runtimeFromAnyThread()->gc.nursery().canAllocateStrings() && @@ -249,17 +255,17 @@ CompileRealm::zone() } CompileRuntime* CompileRealm::runtime() { return CompileRuntime::get(realm()->runtimeFromAnyThread()); } -const void* +const mozilla::non_crypto::XorShift128PlusRNG* CompileRealm::addressOfRandomNumberGenerator() { return realm()->addressOfRandomNumberGenerator(); } const JitRealm* CompileRealm::jitRealm() {
--- a/js/src/jit/CompileWrappers.h +++ b/js/src/jit/CompileWrappers.h @@ -23,17 +23,17 @@ class JitRuntime; class CompileRuntime { JSRuntime* runtime(); public: static CompileRuntime* get(JSRuntime* rt); #ifdef JS_GC_ZEAL - const void* addressOfGCZealModeBits(); + const uint32_t* addressOfGCZealModeBits(); #endif const JitRuntime* jitRuntime(); // Compilation does not occur off thread when the Gecko Profiler is enabled. GeckoProfilerRuntime& geckoProfiler(); bool jitSupportsFloatingPoint(); @@ -70,20 +70,20 @@ class CompileZone CompileRuntime* runtime(); bool isAtomsZone(); #ifdef DEBUG const void* addressOfIonBailAfter(); #endif - const void* addressOfNeedsIncrementalBarrier(); - const void* addressOfFreeList(gc::AllocKind allocKind); - const void* addressOfNurseryPosition(); - const void* addressOfStringNurseryPosition(); + const uint32_t* addressOfNeedsIncrementalBarrier(); + gc::FreeSpan** addressOfFreeList(gc::AllocKind allocKind); + void* addressOfNurseryPosition(); + void* addressOfStringNurseryPosition(); const void* addressOfNurseryCurrentEnd(); const void* addressOfStringNurseryCurrentEnd(); bool nurseryExists(); bool canNurseryAllocateStrings(); void setMinorGCShouldCancelIonCompilations(); }; @@ -98,17 +98,18 @@ class CompileRealm CompileZone* zone(); CompileRuntime* runtime(); const void* realmPtr() { return realm(); } - const void* addressOfRandomNumberGenerator(); + const mozilla::non_crypto::XorShift128PlusRNG* + addressOfRandomNumberGenerator(); const JitRealm* jitRealm(); const GlobalObject* maybeGlobal(); const uint32_t* addressOfGlobalWriteBarriered(); bool hasAllocationMetadataBuilder();
--- a/js/src/jit/MacroAssembler-inl.h +++ b/js/src/jit/MacroAssembler-inl.h @@ -632,18 +632,18 @@ MacroAssembler::branchTestProxyHandlerFa branchPtr(cond, familyAddr, ImmPtr(handlerp), label); } void MacroAssembler::branchTestNeedsIncrementalBarrier(Condition cond, Label* label) { MOZ_ASSERT(cond == Zero || cond == NonZero); CompileZone* zone = GetJitContext()->realm->zone(); - AbsoluteAddress needsBarrierAddr(zone->addressOfNeedsIncrementalBarrier()); - branchTest32(cond, needsBarrierAddr, Imm32(0x1), label); + const uint32_t* needsBarrierAddr = zone->addressOfNeedsIncrementalBarrier(); + branchTest32(cond, AbsoluteAddress(needsBarrierAddr), Imm32(0x1), label); } void MacroAssembler::branchTestMagicValue(Condition cond, const ValueOperand& val, JSWhyMagic why, Label* label) { MOZ_ASSERT(cond == Equal || cond == NotEqual); branchTestValue(cond, val, MagicValue(why), label);
--- a/js/src/jit/MacroAssembler.cpp +++ b/js/src/jit/MacroAssembler.cpp @@ -813,19 +813,20 @@ void MacroAssembler::checkAllocatorState(Label* fail) { // Don't execute the inline path if we are tracing allocations. if (js::gc::gcTracer.traceEnabled()) jump(fail); #ifdef JS_GC_ZEAL // Don't execute the inline path if gc zeal or tracing are active. - branch32(Assembler::NotEqual, - AbsoluteAddress(GetJitContext()->runtime->addressOfGCZealModeBits()), Imm32(0), - fail); + const uint32_t *ptrZealModeBits = + GetJitContext()->runtime->addressOfGCZealModeBits(); + branch32(Assembler::NotEqual, AbsoluteAddress(ptrZealModeBits), Imm32(0), + fail); #endif // Don't execute the inline path if the realm has an object metadata callback, // as the metadata to use for the object may vary between executions of the op. if (GetJitContext()->realm->hasAllocationMetadataBuilder()) jump(fail); } @@ -858,20 +859,23 @@ MacroAssembler::nurseryAllocateObject(Re } // No explicit check for nursery.isEnabled() is needed, as the comparison // with the nursery's end will always fail in such cases. CompileZone* zone = GetJitContext()->realm->zone(); int thingSize = int(gc::Arena::thingSize(allocKind)); int totalSize = thingSize + nDynamicSlots * sizeof(HeapSlot); MOZ_ASSERT(totalSize % gc::CellAlignBytes == 0); - loadPtr(AbsoluteAddress(zone->addressOfNurseryPosition()), result); + void *ptrNurseryPosition = zone->addressOfNurseryPosition(); + loadPtr(AbsoluteAddress(ptrNurseryPosition), result); computeEffectiveAddress(Address(result, totalSize), temp); - branchPtr(Assembler::Below, AbsoluteAddress(zone->addressOfNurseryCurrentEnd()), temp, fail); - storePtr(temp, AbsoluteAddress(zone->addressOfNurseryPosition())); + const void *ptrNurseryCurrentEnd = zone->addressOfNurseryCurrentEnd(); + branchPtr(Assembler::Below, AbsoluteAddress(ptrNurseryCurrentEnd), temp, + fail); + storePtr(temp, AbsoluteAddress(ptrNurseryPosition)); if (nDynamicSlots) { computeEffectiveAddress(Address(result, thingSize), temp); storePtr(temp, Address(result, NativeObject::offsetOfSlots())); } } // Inlined version of FreeSpan::allocate. This does not fill in slots_. @@ -881,35 +885,36 @@ MacroAssembler::freeListAllocate(Registe CompileZone* zone = GetJitContext()->realm->zone(); int thingSize = int(gc::Arena::thingSize(allocKind)); Label fallback; Label success; // Load the first and last offsets of |zone|'s free list for |allocKind|. // If there is no room remaining in the span, fall back to get the next one. - loadPtr(AbsoluteAddress(zone->addressOfFreeList(allocKind)), temp); + gc::FreeSpan **ptrFreeList = zone->addressOfFreeList(allocKind); + loadPtr(AbsoluteAddress(ptrFreeList), temp); load16ZeroExtend(Address(temp, js::gc::FreeSpan::offsetOfFirst()), result); load16ZeroExtend(Address(temp, js::gc::FreeSpan::offsetOfLast()), temp); branch32(Assembler::AboveOrEqual, result, temp, &fallback); // Bump the offset for the next allocation. add32(Imm32(thingSize), result); - loadPtr(AbsoluteAddress(zone->addressOfFreeList(allocKind)), temp); + loadPtr(AbsoluteAddress(ptrFreeList), temp); store16(result, Address(temp, js::gc::FreeSpan::offsetOfFirst())); sub32(Imm32(thingSize), result); addPtr(temp, result); // Turn the offset into a pointer. jump(&success); bind(&fallback); // If there are no free spans left, we bail to finish the allocation. The // interpreter will call the GC allocator to set up a new arena to allocate // from, after which we can resume allocating in the jit. branchTest32(Assembler::Zero, result, result, fail); - loadPtr(AbsoluteAddress(zone->addressOfFreeList(allocKind)), temp); + loadPtr(AbsoluteAddress(ptrFreeList), temp); addPtr(temp, result); // Turn the offset into a pointer. Push(result); // Update the free list to point to the next span (which may be empty). load32(Address(result, 0), result); store32(result, Address(temp, js::gc::FreeSpan::offsetOfFirst())); Pop(result); bind(&success);
--- a/js/src/jit/MacroAssembler.h +++ b/js/src/jit/MacroAssembler.h @@ -55,36 +55,36 @@ // x86-shared/MacroAssembler-x86-shared.h, and also in arm/MacroAssembler-arm.h. // // - If there is no annotation, then there is only one generic definition in // MacroAssembler.cpp. // // - If the declaration is "inline", then the method definition(s) would be in // the "-inl.h" variant of the same file(s). // -// The script check_macroassembler_style.py (check-masm target of the Makefile) -// is used to verify that method definitions are matching the annotation added -// to the method declarations. If there is any difference, then you either -// forgot to define the method in one of the macro assembler, or you forgot to -// update the annotation of the macro assembler declaration. +// The script check_macroassembler_style.py (which runs on every build) is +// used to verify that method definitions match the annotation on the method +// declarations. If there is any difference, then you either forgot to define +// the method in one of the macro assembler, or you forgot to update the +// annotation of the macro assembler declaration. // // Some convenient short-cuts are used to avoid repeating the same list of // architectures on each method declaration, such as PER_ARCH and // PER_SHARED_ARCH. // // Functions that are architecture-agnostic and are the same for all // architectures, that it's necessary to define inline *in this header* to // avoid used-before-defined warnings/errors that would occur if the // definitions were in MacroAssembler-inl.h, should use the OOL_IN_HEADER // marker at end of the declaration: // // inline uint32_t framePushed() const OOL_IN_HEADER; // // Such functions should then be defined immediately after MacroAssembler's -// definition, for example like so: +// definition, for example: // // //{{{ check_macroassembler_style // inline uint32_t // MacroAssembler::framePushed() const // { // return framePushed_; // } // ////}}} check_macroassembler_style @@ -95,20 +95,20 @@ // * How this macro works: // // DEFINED_ON is a macro which check if, for the current architecture, the // method is defined on the macro assembler or not. // // For each architecture, we have a macro named DEFINED_ON_arch. This macro is // empty if this is not the current architecture. Otherwise it must be either -// set to "define" or "crash" (only use for the none target so-far). +// set to "define" or "crash" (only used for the none target so far). // -// The DEFINED_ON macro maps the list of architecture names given as argument to -// a list of macro names. For example, +// The DEFINED_ON macro maps the list of architecture names given as arguments +// to a list of macro names. For example, // // DEFINED_ON(arm, x86_shared) // // is expanded to // // DEFINED_ON_none DEFINED_ON_arm DEFINED_ON_x86_shared // // which are later expanded on ARM, x86, x64 by DEFINED_ON_EXPAND_ARCH_RESULTS @@ -121,17 +121,17 @@ // crash // // or to nothing, if the current architecture is not listed in the list of // arguments of DEFINED_ON. Note, only one of the DEFINED_ON_arch macro // contributes to the non-empty result, which is the macro of the current // architecture if it is listed in the arguments of DEFINED_ON. // // This result is appended to DEFINED_ON_RESULT_ before expanding the macro, -// which result is either no annotation, a MOZ_CRASH(), or a "= delete" +// which results in either no annotation, a MOZ_CRASH(), or a "= delete" // annotation on the method declaration. # define DEFINED_ON_x86 # define DEFINED_ON_x64 # define DEFINED_ON_x86_shared # define DEFINED_ON_arm # define DEFINED_ON_arm64 # define DEFINED_ON_mips32
--- a/js/src/moz.build +++ b/js/src/moz.build @@ -214,16 +214,17 @@ UNIFIED_SOURCES += [ 'frontend/BytecodeEmitter.cpp', 'frontend/EmitterScope.cpp', 'frontend/FoldConstants.cpp', 'frontend/ForOfLoopControl.cpp', 'frontend/IfEmitter.cpp', 'frontend/JumpList.cpp', 'frontend/NameFunctions.cpp', 'frontend/ParseNode.cpp', + 'frontend/SwitchEmitter.cpp', 'frontend/TDZCheckCache.cpp', 'frontend/TokenStream.cpp', 'frontend/TryEmitter.cpp', 'gc/Allocator.cpp', 'gc/AtomMarking.cpp', 'gc/Barrier.cpp', 'gc/GC.cpp', 'gc/GCTrace.cpp',
new file mode 100644 --- /dev/null +++ b/js/src/tests/non262/regress/regress-1476383-calloc-exc.js @@ -0,0 +1,15 @@ +if (!this.oomTest) { + this.reportCompare && reportCompare(true, true); + quit(0); +} + +let lfPreamble = ` +`; +oomTest(new Function(`var TOTAL_MEMORY = 50 * 1024 * 1024; +HEAP = IHEAP = new Int32Array(TOTAL_MEMORY); +function __Z9makeFastaI10RandomizedEvPKcS2_jRT_(\$id, \$desc, \$N, \$output) +{ +} +`)); + +this.reportCompare && reportCompare(true, true);
--- a/js/src/vm/JSContext.h +++ b/js/src/vm/JSContext.h @@ -172,17 +172,17 @@ struct JSContext : public JS::RootingCon void recoverFromOutOfMemory(); /* * This variation of calloc will call the large-allocation-failure callback * on OOM and retry the allocation. */ template <typename T> T* pod_callocCanGC(size_t numElems, arena_id_t arena = js::MallocArena) { - T* p = pod_calloc<T>(numElems, arena); + T* p = maybe_pod_calloc<T>(numElems, arena); if (MOZ_LIKELY(!!p)) return p; size_t bytes; if (MOZ_UNLIKELY(!js::CalculateAllocSize<T>(numElems, &bytes))) { reportAllocationOverflow(); return nullptr; } p = static_cast<T*>(runtime()->onOutOfMemoryCanGC(js::AllocFunction::Calloc, bytes));
--- a/js/src/vm/Realm.h +++ b/js/src/vm/Realm.h @@ -807,17 +807,18 @@ class JS::Realm : public JS::shadow::Rea // scripts. bool ensureDelazifyScriptsForDebugger(JSContext* cx); void clearBreakpointsIn(js::FreeOp* fop, js::Debugger* dbg, JS::HandleObject handler); // Initializes randomNumberGenerator if needed. mozilla::non_crypto::XorShift128PlusRNG& getOrCreateRandomNumberGenerator(); - const void* addressOfRandomNumberGenerator() const { + const mozilla::non_crypto::XorShift128PlusRNG* + addressOfRandomNumberGenerator() const { return randomNumberGenerator_.ptr(); } mozilla::HashCodeScrambler randomHashCodeScrambler(); bool isAccessValid() const { return validAccessPtr_ ? *validAccessPtr_ : true; }
--- a/mfbt/Utf8.cpp +++ b/mfbt/Utf8.cpp @@ -1,79 +1,39 @@ /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* vim: set ts=8 sts=2 et sw=2 tw=80: */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +#include "mozilla/Maybe.h" +#include "mozilla/TextUtils.h" #include "mozilla/Types.h" #include "mozilla/Utf8.h" #include <stddef.h> #include <stdint.h> MFBT_API bool mozilla::IsValidUtf8(const void* aCodeUnits, size_t aCount) { const auto* s = static_cast<const unsigned char*>(aCodeUnits); - const auto* limit = s + aCount; + const auto* const limit = s + aCount; while (s < limit) { - uint32_t n = *s++; + unsigned char c = *s++; // If the first byte is ASCII, it's the only one in the code point. Have a // fast path that avoids all the rest of the work and looping in that case. - if ((n & 0x80) == 0) { + if (IsAscii(c)) { continue; } - // The leading code unit determines the length of the next code point and - // the number of bits of the leading code unit that contribute to the code - // point's value. - uint_fast8_t remaining; - uint32_t min; - if ((n & 0xE0) == 0xC0) { - remaining = 1; - min = 0x80; - n &= 0x1F; - } else if ((n & 0xF0) == 0xE0) { - remaining = 2; - min = 0x800; - n &= 0x0F; - } else if ((n & 0xF8) == 0xF0) { - remaining = 3; - min = 0x10000; - n &= 0x07; - } else { - // UTF-8 used to have a hyper-long encoding form, but it's been removed - // for years now. So in this case, the string is not valid UTF-8. + Maybe<char32_t> maybeCodePoint = + DecodeOneUtf8CodePoint(Utf8Unit(c), &s, limit); + if (maybeCodePoint.isNothing()) { return false; } - - // If the code point would require more code units than remain, the encoding - // is invalid. - if (s + remaining > limit) { - return false; - } - - for (uint_fast8_t i = 0; i < remaining; i++) { - // Every non-leading code unit in properly encoded UTF-8 has its high bit - // set and the next-highest bit unset. - if ((s[i] & 0xC0) != 0x80) { - return false; - } - - // The code point being encoded is the concatenation of all the - // unconstrained bits. - n = (n << 6) | (s[i] & 0x3F); - } - - // Don't consider code points that are overlong, UTF-16 surrogates, or - // exceed the maximum code point to be valid. - if (n < min || (0xD800 <= n && n < 0xE000) || n >= 0x110000) { - return false; - } - - s += remaining; } + MOZ_ASSERT(s == limit); return true; }
--- a/mfbt/Utf8.h +++ b/mfbt/Utf8.h @@ -7,16 +7,20 @@ /* * UTF-8-related functionality, including a type-safe structure representing a * UTF-8 code unit. */ #ifndef mozilla_Utf8_h #define mozilla_Utf8_h +#include "mozilla/Casting.h" // for mozilla::AssertedCast +#include "mozilla/Likely.h" // for MOZ_UNLIKELY +#include "mozilla/Maybe.h" // for mozilla::Maybe +#include "mozilla/TextUtils.h" // for mozilla::IsAscii #include "mozilla/Types.h" // for MFBT_API #include <limits.h> // for CHAR_BIT #include <stddef.h> // for size_t #include <stdint.h> // for uint8_t namespace mozilla { @@ -200,11 +204,222 @@ public: * * A valid UTF-8 string contains no overlong-encoded code points (as one would * expect) and contains no code unit sequence encoding a UTF-16 surrogate. The * string *may* contain U+0000 NULL code points. */ extern MFBT_API bool IsValidUtf8(const void* aCodeUnits, size_t aCount); +/** + * Given |aLeadUnit| that is a non-ASCII code unit, a pointer to an |Iter aIter| + * that (initially) itself points one unit past |aLeadUnit|, and + * |const EndIter aEnd| that denotes the end of the UTF-8 data when compared + * against |*aIter| using |aEnd - *aIter|: + * + * If |aLeadUnit| and subsequent code units computed using |*aIter| (up to + * |aEnd|) encode a valid code point -- not exceeding Unicode's range, not a + * surrogate, in shortest form -- then return Some(that code point) and advance + * |*aIter| past those code units. + * + * Otherwise decrement |*aIter| (so that it points at |aLeadUnit|) and return + * Nothing(). + * + * |Iter| and |EndIter| are generalized concepts most easily understood as if + * they were |const char*|, |const unsigned char*|, or |const Utf8Unit*|: + * iterators that when dereferenced can be used to construct a |Utf8Unit| and + * that can be compared and modified in certain limited ways. (Carefully note + * that this function mutates |*aIter|.) |Iter| and |EndIter| are template + * parameters to support more-complicated adaptor iterators. + * + * The template parameters after |Iter| allow users to implement custom handling + * for various forms of invalid UTF-8. A version of this function that defaults + * all such handling to no-ops is defined below this function. To learn how to + * define your own custom handling, consult the implementation of that function, + * which documents exactly how custom handler functors are invoked. + * + * This function is MOZ_ALWAYS_INLINE: if you don't need that, use the version + * of this function without the "Inline" suffix on the name. + */ +template<typename Iter, + typename EndIter, + class OnBadLeadUnit, + class OnNotEnoughUnits, + class OnBadTrailingUnit, + class OnBadCodePoint, + class OnNotShortestForm> +MOZ_ALWAYS_INLINE Maybe<char32_t> +DecodeOneUtf8CodePointInline(const Utf8Unit aLeadUnit, + Iter* aIter, const EndIter aEnd, + OnBadLeadUnit aOnBadLeadUnit, + OnNotEnoughUnits aOnNotEnoughUnits, + OnBadTrailingUnit aOnBadTrailingUnit, + OnBadCodePoint aOnBadCodePoint, + OnNotShortestForm aOnNotShortestForm) +{ + MOZ_ASSERT(Utf8Unit((*aIter)[-1]) == aLeadUnit); + + char32_t n = aLeadUnit.toUint8(); + MOZ_ASSERT(!IsAscii(n)); + + // |aLeadUnit| determines the number of trailing code units in the code point + // and the bits of |aLeadUnit| that contribute to the code point's value. + uint8_t remaining; + uint32_t min; + if ((n & 0b1110'0000) == 0b1100'0000) { + remaining = 1; + min = 0x80; + n &= 0b0001'1111; + } else if ((n & 0b1111'0000) == 0b1110'0000) { + remaining = 2; + min = 0x800; + n &= 0b0000'1111; + } else if ((n & 0b1111'1000) == 0b1111'0000) { + remaining = 3; + min = 0x10000; + n &= 0b0000'0111; + } else { + *aIter -= 1; + aOnBadLeadUnit(); + return Nothing(); + } + + // If the code point would require more code units than remain, the encoding + // is invalid. + auto actual = aEnd - *aIter; + if (MOZ_UNLIKELY(actual < remaining)) { + *aIter -= 1; + aOnNotEnoughUnits(AssertedCast<uint8_t>(actual + 1), remaining + 1); + return Nothing(); + } + + for (uint8_t i = 0; i < remaining; i++) { + uint8_t unit = Utf8Unit(*(*aIter)++).toUint8(); + + // Every non-leading code unit in properly encoded UTF-8 has its high + // bit set and the next-highest bit unset. + if (MOZ_UNLIKELY((unit & 0b1100'0000) != 0b1000'0000)) { + uint8_t unitsObserved = i + 1 + 1; + *aIter -= unitsObserved; + aOnBadTrailingUnit(unitsObserved); + return Nothing(); + } + + // The code point being encoded is the concatenation of all the + // unconstrained bits. + n = (n << 6) | (unit & 0b0011'1111); + } + + // UTF-16 surrogates and values outside the Unicode range are invalid. + if (MOZ_UNLIKELY(n > 0x10FFFF || (0xD800 <= n && n <= 0xDFFF))) { + uint8_t unitsObserved = remaining + 1; + *aIter -= unitsObserved; + aOnBadCodePoint(n, unitsObserved); + return Nothing(); + } + + // Overlong code points are also invalid. + if (MOZ_UNLIKELY(n < min)) { + uint8_t unitsObserved = remaining + 1; + *aIter -= unitsObserved; + aOnNotShortestForm(n, unitsObserved); + return Nothing(); + } + + return Some(n); +} + +/** + * Identical to the above function, but not forced to be instantiated inline -- + * the compiler is permitted to common up separate invocations if it chooses. + */ +template<typename Iter, + typename EndIter, + class OnBadLeadUnit, + class OnNotEnoughUnits, + class OnBadTrailingUnit, + class OnBadCodePoint, + class OnNotShortestForm> +inline Maybe<char32_t> +DecodeOneUtf8CodePoint(const Utf8Unit aLeadUnit, + Iter* aIter, const EndIter aEnd, + OnBadLeadUnit aOnBadLeadUnit, + OnNotEnoughUnits aOnNotEnoughUnits, + OnBadTrailingUnit aOnBadTrailingUnit, + OnBadCodePoint aOnBadCodePoint, + OnNotShortestForm aOnNotShortestForm) +{ + return DecodeOneUtf8CodePointInline(aLeadUnit, aIter, aEnd, + aOnBadLeadUnit, aOnNotEnoughUnits, + aOnBadTrailingUnit, aOnBadCodePoint, + aOnNotShortestForm); +} + +/** + * Like the always-inlined function above, but with no-op behavior from all + * trailing if-invalid notifier functors. + * + * This function is MOZ_ALWAYS_INLINE: if you don't need that, use the version + * of this function without the "Inline" suffix on the name. + */ +template<typename Iter, typename EndIter> +MOZ_ALWAYS_INLINE Maybe<char32_t> +DecodeOneUtf8CodePointInline(const Utf8Unit aLeadUnit, + Iter* aIter, const EndIter aEnd) +{ + // aOnBadLeadUnit is called when |aLeadUnit| itself is an invalid lead unit in + // a multi-unit code point. It is passed no arguments: the caller already has + // |aLeadUnit| on hand, so no need to provide it again. + auto onBadLeadUnit = []() {}; + + // aOnNotEnoughUnits is called when |aLeadUnit| properly indicates a code + // point length, but there aren't enough units from |*aIter| to |aEnd| to + // satisfy that length. It is passed the number of code units actually + // available (according to |aEnd - *aIter|) and the number of code units that + // |aLeadUnit| indicates are needed. Both numbers include the contribution + // of |aLeadUnit| itself: so |aUnitsAvailable <= 3|, |aUnitsNeeded <= 4|, and + // |aUnitsAvailable < aUnitsNeeded|. As above, it also is not passed the lead + // code unit. + auto onNotEnoughUnits = [](uint8_t aUnitsAvailable, uint8_t aUnitsNeeded) {}; + + // aOnBadTrailingUnit is called when one of the trailing code units implied by + // |aLeadUnit| doesn't match the 0b10xx'xxxx bit pattern that all UTF-8 + // trailing code units must satisfy. It is passed the total count of units + // observed (including |aLeadUnit|). The bad trailing code unit will + // conceptually be at |(*aIter)[aUnitsObserved - 1]| if this functor is + // called, and so |aUnitsObserved <= 4|. + auto onBadTrailingUnit = [](uint8_t aUnitsObserved) {}; + + // aOnBadCodePoint is called when a structurally-correct code point encoding + // is found, but the *value* that is encoded is not a valid code point: either + // because it exceeded the U+10FFFF Unicode maximum code point, or because it + // was a UTF-16 surrogate. It is passed the non-code point value and the + // number of code units used to encode it. + auto onBadCodePoint = [](char32_t aBadCodePoint, uint8_t aUnitsObserved) {}; + + // aOnNotShortestForm is called when structurally-correct encoding is found, + // but the encoded value should have been encoded in fewer code units (e.g. + // mis-encoding U+0000 as 0b1100'0000 0b1000'0000 in two code units instead of + // as 0b0000'0000). It is passed the mis-encoded code point (which will be + // valid and not a surrogate) and the count of code units that mis-encoded it. + auto onNotShortestForm = [](char32_t aBadCodePoint, uint8_t aUnitsObserved) {}; + + return DecodeOneUtf8CodePointInline(aLeadUnit, aIter, aEnd, + onBadLeadUnit, onNotEnoughUnits, + onBadTrailingUnit, onBadCodePoint, + onNotShortestForm); +} + +/** + * Identical to the above function, but not forced to be instantiated inline -- + * the compiler/linker are allowed to common up separate invocations. + */ +template<typename Iter, typename EndIter> +inline Maybe<char32_t> +DecodeOneUtf8CodePoint(const Utf8Unit aLeadUnit, + Iter* aIter, const EndIter aEnd) +{ + return DecodeOneUtf8CodePointInline(aLeadUnit, aIter, aEnd); +} + } // namespace mozilla #endif /* mozilla_Utf8_h */