Bug 1520129 - Remove redundant isSelfHostedBuiltin checks in GetFunctionThis / JSOP_FUNCTIONTHIS. r=anba
authorJan de Mooij <jdemooij@mozilla.com>
Wed, 16 Jan 2019 09:14:38 +0000
changeset 511172 17f1c985c5bc0340dea8d5d3105a07c93b20d93c
parent 511171 d54846d01280026138135bde6e0bb1bcfe58feae
child 511173 e3ebc4a9f6d4540471cd5fe5c3927d6aee37c1a5
push id10547
push userffxbld-merge
push dateMon, 21 Jan 2019 13:03:58 +0000
treeherdermozilla-beta@24ec1916bffe [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersanba
bugs1520129
milestone66.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1520129 - Remove redundant isSelfHostedBuiltin checks in GetFunctionThis / JSOP_FUNCTIONTHIS. r=anba Differential Revision: https://phabricator.services.mozilla.com/D16536
js/src/jit/BaselineCompiler.cpp
js/src/jit/IonBuilder.cpp
js/src/vm/Interpreter.cpp
js/src/vm/SelfHosting.cpp
--- a/js/src/jit/BaselineCompiler.cpp
+++ b/js/src/jit/BaselineCompiler.cpp
@@ -1735,18 +1735,18 @@ static const VMFunction GetFunctionThisI
 
 template <typename Handler>
 bool BaselineCodeGen<Handler>::emit_JSOP_FUNCTIONTHIS() {
   MOZ_ASSERT(function());
   MOZ_ASSERT(!function()->isArrow());
 
   frame.pushThis();
 
-  // In strict mode code or self-hosted functions, |this| is left alone.
-  if (script->strict() || (function() && function()->isSelfHostedBuiltin())) {
+  // In strict mode code, |this| is left alone.
+  if (script->strict()) {
     return true;
   }
 
   // Load |thisv| in R0. Skip the call if it's already an object.
   Label skipCall;
   frame.popRegsAndSync(1);
   masm.branchTestObject(Assembler::Equal, R0, &skipCall);
 
--- a/js/src/jit/IonBuilder.cpp
+++ b/js/src/jit/IonBuilder.cpp
@@ -12847,18 +12847,18 @@ AbortReasonOr<Ok> IonBuilder::jsop_check
 
   return Ok();
 }
 
 AbortReasonOr<Ok> IonBuilder::jsop_functionthis() {
   MOZ_ASSERT(info().funMaybeLazy());
   MOZ_ASSERT(!info().funMaybeLazy()->isArrow());
 
-  if (script()->strict() || info().funMaybeLazy()->isSelfHostedBuiltin()) {
-    // No need to wrap primitive |this| in strict mode or self-hosted code.
+  if (script()->strict()) {
+    // No need to wrap primitive |this| in strict mode.
     current->pushSlot(info().thisSlot());
     return Ok();
   }
 
   if (thisTypes && (thisTypes->getKnownMIRType() == MIRType::Object ||
                     (thisTypes->empty() && baselineFrame_ &&
                      baselineFrame_->thisType.isSomeObject()))) {
     // This is safe, because if the entry type of |this| is an object, it
--- a/js/src/vm/Interpreter.cpp
+++ b/js/src/vm/Interpreter.cpp
@@ -114,22 +114,24 @@ bool js::BoxNonStrictThis(JSContext* cx,
   return true;
 }
 
 bool js::GetFunctionThis(JSContext* cx, AbstractFramePtr frame,
                          MutableHandleValue res) {
   MOZ_ASSERT(frame.isFunctionFrame());
   MOZ_ASSERT(!frame.callee()->isArrow());
 
-  if (frame.thisArgument().isObject() || frame.callee()->strict() ||
-      frame.callee()->isSelfHostedBuiltin()) {
+  if (frame.thisArgument().isObject() || frame.callee()->strict()) {
     res.set(frame.thisArgument());
     return true;
   }
 
+  MOZ_ASSERT(!frame.callee()->isSelfHostedBuiltin(),
+             "Self-hosted builtins must be strict");
+
   RootedValue thisv(cx, frame.thisArgument());
 
   // If there is a NSVO on environment chain, use it as basis for fallback
   // global |this|. This gives a consistent definition of global lexical
   // |this| between function and global contexts.
   //
   // NOTE: If only non-syntactic WithEnvironments are on the chain, we use the
   // global lexical |this| value. This is for compatibility with the Subscript
--- a/js/src/vm/SelfHosting.cpp
+++ b/js/src/vm/SelfHosting.cpp
@@ -3342,16 +3342,17 @@ bool JSRuntime::cloneSelfHostedFunctionS
   RootedScope emptyGlobalScope(cx, &cx->global()->emptyGlobalScope());
   if (!CloneScriptIntoFunction(cx, emptyGlobalScope, targetFun, sourceScript)) {
     return false;
   }
   MOZ_ASSERT(!targetFun->isInterpretedLazy());
 
   MOZ_ASSERT(sourceFun->nargs() == targetFun->nargs());
   MOZ_ASSERT(sourceScript->hasRest() == targetFun->nonLazyScript()->hasRest());
+  MOZ_ASSERT(targetFun->strict(), "Self-hosted builtins must be strict");
 
   // The target function might have been relazified after its flags changed.
   targetFun->setFlags(targetFun->flags() | sourceFun->flags());
   return true;
 }
 
 bool JSRuntime::getUnclonedSelfHostedValue(JSContext* cx,
                                            HandlePropertyName name,