Bug 1473003 - Part 2: Avoid upcasting parameter types and duplicate code in typed array code. r=jandem
authorAndré Bargull <andre.bargull@gmail.com>
Wed, 04 Jul 2018 10:15:02 -0700
changeset 814665 071479680af90941f570e2aa798d6ed2d5479eee
parent 814664 d7a5d9b4dc85305a50b397bd77a27948b8d3d822
child 814666 1ad5e959f5944956689259c7cac1455f59a9cfdf
push id115307
push userbmo:ntim.bugs@gmail.com
push dateThu, 05 Jul 2018 21:47:40 +0000
reviewersjandem
bugs1473003
milestone63.0a1
Bug 1473003 - Part 2: Avoid upcasting parameter types and duplicate code in typed array code. r=jandem
js/src/vm/TypedArrayObject.cpp
js/src/vm/TypedArrayObject.h
--- a/js/src/vm/TypedArrayObject.cpp
+++ b/js/src/vm/TypedArrayObject.cpp
@@ -991,31 +991,30 @@ class TypedArrayObjectTemplate : public 
 
     static JSObject*
     fromTypedArray(JSContext* cx, HandleObject other, bool isWrapped, HandleObject proto);
 
     static JSObject*
     fromObject(JSContext* cx, HandleObject other, HandleObject proto);
 
     static const NativeType
-    getIndex(JSObject* obj, uint32_t index)
+    getIndex(TypedArrayObject* tarray, uint32_t index)
     {
-        TypedArrayObject& tarray = obj->as<TypedArrayObject>();
-        MOZ_ASSERT(index < tarray.length());
-        return jit::AtomicOperations::loadSafeWhenRacy(tarray.viewDataEither().cast<NativeType*>() + index);
+        MOZ_ASSERT(index < tarray->length());
+        return jit::AtomicOperations::loadSafeWhenRacy(tarray->viewDataEither().cast<NativeType*>() + index);
     }
 
     static void
     setIndex(TypedArrayObject& tarray, uint32_t index, NativeType val)
     {
         MOZ_ASSERT(index < tarray.length());
         jit::AtomicOperations::storeSafeWhenRacy(tarray.viewDataEither().cast<NativeType*>() + index, val);
     }
 
-    static Value getIndexValue(JSObject* tarray, uint32_t index);
+    static Value getIndexValue(TypedArrayObject* tarray, uint32_t index);
 };
 
 #define CREATE_TYPE_FOR_TYPED_ARRAY(T, N) \
     typedef TypedArrayObjectTemplate<T> N##Array;
 JS_FOR_EACH_TYPED_ARRAY(CREATE_TYPE_FOR_TYPED_ARRAY)
 #undef CREATE_TYPE_FOR_TYPED_ARRAY
 
 } /* anonymous namespace */
@@ -1712,46 +1711,46 @@ TypedArrayObject::sharedTypedArrayProtot
     JS_NULL_CLASS_OPS,
     &TypedArrayObjectSharedTypedArrayPrototypeClassSpec
 };
 
 // this default implementation is only valid for integer types
 // less than 32-bits in size.
 template<typename NativeType>
 Value
-TypedArrayObjectTemplate<NativeType>::getIndexValue(JSObject* tarray, uint32_t index)
+TypedArrayObjectTemplate<NativeType>::getIndexValue(TypedArrayObject* tarray, uint32_t index)
 {
     static_assert(sizeof(NativeType) < 4,
                   "this method must only handle NativeType values that are "
                   "always exact int32_t values");
 
     return Int32Value(getIndex(tarray, index));
 }
 
 namespace {
 
 // and we need to specialize for 32-bit integers and floats
 template<>
 Value
-TypedArrayObjectTemplate<int32_t>::getIndexValue(JSObject* tarray, uint32_t index)
+TypedArrayObjectTemplate<int32_t>::getIndexValue(TypedArrayObject* tarray, uint32_t index)
 {
     return Int32Value(getIndex(tarray, index));
 }
 
 template<>
 Value
-TypedArrayObjectTemplate<uint32_t>::getIndexValue(JSObject* tarray, uint32_t index)
+TypedArrayObjectTemplate<uint32_t>::getIndexValue(TypedArrayObject* tarray, uint32_t index)
 {
     uint32_t val = getIndex(tarray, index);
     return NumberValue(val);
 }
 
 template<>
 Value
-TypedArrayObjectTemplate<float>::getIndexValue(JSObject* tarray, uint32_t index)
+TypedArrayObjectTemplate<float>::getIndexValue(TypedArrayObject* tarray, uint32_t index)
 {
     float val = getIndex(tarray, index);
     double dval = val;
 
     /*
      * Doubles in typed arrays could be typed-punned arrays of integers. This
      * could allow user code to break the engine-wide invariant that only
      * canonical nans are stored into jsvals, which means user code could
@@ -1761,17 +1760,17 @@ TypedArrayObjectTemplate<float>::getInde
      * This could be removed for platforms/compilers known to convert a 32-bit
      * non-canonical nan to a 64-bit canonical nan.
      */
     return DoubleValue(CanonicalizeNaN(dval));
 }
 
 template<>
 Value
-TypedArrayObjectTemplate<double>::getIndexValue(JSObject* tarray, uint32_t index)
+TypedArrayObjectTemplate<double>::getIndexValue(TypedArrayObject* tarray, uint32_t index)
 {
     double val = getIndex(tarray, index);
 
     /*
      * Doubles in typed arrays could be typed-punned arrays of integers. This
      * could allow user code to break the engine-wide invariant that only
      * canonical nans are stored into jsvals, which means user code could
      * confuse the engine into interpreting a double-typed jsval as an
--- a/js/src/vm/TypedArrayObject.h
+++ b/js/src/vm/TypedArrayObject.h
@@ -187,30 +187,30 @@ class TypedArrayObject : public NativeOb
      * typed arrays created with an existing ArrayBuffer.
      */
     static const uint32_t SINGLETON_BYTE_LENGTH = 1024 * 1024 * 10;
 
     static bool isOriginalLengthGetter(Native native);
 
     ArrayBufferObject* bufferUnshared() const {
         MOZ_ASSERT(!isSharedMemory());
-        JSObject* obj = bufferValue(this).toObjectOrNull();
+        JSObject* obj = bufferObject();
         if (!obj)
             return nullptr;
         return &obj->as<ArrayBufferObject>();
     }
     SharedArrayBufferObject* bufferShared() const {
         MOZ_ASSERT(isSharedMemory());
-        JSObject* obj = bufferValue(this).toObjectOrNull();
+        JSObject* obj = bufferObject();
         if (!obj)
             return nullptr;
         return &obj->as<SharedArrayBufferObject>();
     }
     ArrayBufferObjectMaybeShared* bufferEither() const {
-        JSObject* obj = bufferValue(this).toObjectOrNull();
+        JSObject* obj = bufferObject();
         if (!obj)
             return nullptr;
         if (isSharedMemory())
             return &obj->as<SharedArrayBufferObject>();
         return &obj->as<ArrayBufferObject>();
     }
 
     SharedMem<void*> viewDataShared() const {