Bug 1530146 part 2. Back out the fix for bug 1526624, since it's no longer needed. r=bholley
authorBoris Zbarsky <bzbarsky@mit.edu>
Fri, 01 Mar 2019 00:19:53 +0000
changeset 519801 dadc02e71d59e18fb6829fa83509b38ea0acc58c
parent 519800 fe2cba661d5eae557c0d7611bb5442fc0bfc02a2
child 519802 39380f2678a3685fd3f10d06463612805443afb9
push id10862
push userffxbld-merge
push dateMon, 11 Mar 2019 13:01:11 +0000
treeherdermozilla-beta@a2e7f5c935da [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbholley
bugs1530146, 1526624
milestone67.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1530146 part 2. Back out the fix for bug 1526624, since it's no longer needed. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D21482
js/xpconnect/wrappers/WrapperFactory.cpp
--- a/js/xpconnect/wrappers/WrapperFactory.cpp
+++ b/js/xpconnect/wrappers/WrapperFactory.cpp
@@ -31,160 +31,17 @@ namespace xpc {
 
 // When chrome pulls a naked property across the membrane using
 // .wrappedJSObject, we want it to cross the membrane into the
 // chrome compartment without automatically being wrapped into an
 // X-ray wrapper. We achieve this by wrapping it into a special
 // transparent wrapper in the origin (non-chrome) compartment. When
 // an object with that special wrapper applied crosses into chrome,
 // we know to not apply an X-ray wrapper.
-//
-// These transparent wrappers are guaranteed to be same-compartment
-// with their target, but due to transplants may not be same-Realm
-// with it.  Since they should look as if we were operating on their
-// target, in its Realm, they need to enter its realm before actually
-// operating on it.  But since the compartments are the same, there's
-// no need to wrap values or objects or anything like that; we're just
-// entering the right Realm so security checks will work correctly.
-#define IMPL_PROXY_METHOD(returntype, name, typedargs, args)      \
-  returntype name typedargs const override {                      \
-    MOZ_ASSERT(js::GetObjectCompartment(wrapper) ==               \
-               js::GetObjectCompartment(wrappedObject(wrapper))); \
-    JSAutoRealm ar(cx, wrappedObject(wrapper));                   \
-    return Wrapper::name args;                                    \
-  }
-
-class XrayWaiver : public Wrapper {
- public:
-  explicit constexpr XrayWaiver()
-      : Wrapper(WrapperFactory::WAIVE_XRAY_WRAPPER_FLAG) {}
-
-  // We have to override all the things that CrossCompartmentWrapper overrides.
-
-  /* Standard internal methods */
-  IMPL_PROXY_METHOD(bool, getOwnPropertyDescriptor,
-                    (JSContext * cx, HandleObject wrapper, HandleId id,
-                     MutableHandle<PropertyDescriptor> desc),
-                    (cx, wrapper, id, desc))
-
-  IMPL_PROXY_METHOD(bool, defineProperty,
-                    (JSContext * cx, HandleObject wrapper, HandleId id,
-                     Handle<PropertyDescriptor> desc, ObjectOpResult& result),
-                    (cx, wrapper, id, desc, result))
-
-  IMPL_PROXY_METHOD(bool, ownPropertyKeys,
-                    (JSContext * cx, HandleObject wrapper, AutoIdVector& props),
-                    (cx, wrapper, props))
-
-  IMPL_PROXY_METHOD(bool, delete_,
-                    (JSContext * cx, HandleObject wrapper, HandleId id,
-                     ObjectOpResult& result),
-                    (cx, wrapper, id, result))
-
-  IMPL_PROXY_METHOD(bool, enumerate,
-                    (JSContext * cx, HandleObject wrapper, AutoIdVector& props),
-                    (cx, wrapper, props))
-
-  IMPL_PROXY_METHOD(bool, getPrototype,
-                    (JSContext * cx, HandleObject wrapper,
-                     MutableHandleObject protop),
-                    (cx, wrapper, protop))
-
-  IMPL_PROXY_METHOD(bool, setPrototype,
-                    (JSContext * cx, HandleObject wrapper, HandleObject proto,
-                     ObjectOpResult& result),
-                    (cx, wrapper, proto, result))
-
-  IMPL_PROXY_METHOD(bool, getPrototypeIfOrdinary,
-                    (JSContext * cx, HandleObject wrapper, bool* isOrdinary,
-                     MutableHandleObject protop),
-                    (cx, wrapper, isOrdinary, protop))
-
-  IMPL_PROXY_METHOD(bool, setImmutablePrototype,
-                    (JSContext * cx, HandleObject wrapper, bool* succeeded),
-                    (cx, wrapper, succeeded))
-
-  IMPL_PROXY_METHOD(bool, preventExtensions,
-                    (JSContext * cx, HandleObject wrapper,
-                     ObjectOpResult& result),
-                    (cx, wrapper, result))
-
-  IMPL_PROXY_METHOD(bool, isExtensible,
-                    (JSContext * cx, HandleObject wrapper, bool* extensible),
-                    (cx, wrapper, extensible))
-
-  IMPL_PROXY_METHOD(bool, has,
-                    (JSContext * cx, HandleObject wrapper, HandleId id,
-                     bool* bp),
-                    (cx, wrapper, id, bp))
-
-  IMPL_PROXY_METHOD(bool, get,
-                    (JSContext * cx, HandleObject wrapper, HandleValue receiver,
-                     HandleId id, MutableHandleValue vp),
-                    (cx, wrapper, receiver, id, vp))
-
-  IMPL_PROXY_METHOD(bool, set,
-                    (JSContext * cx, HandleObject wrapper, HandleId id,
-                     HandleValue v, HandleValue receiver,
-                     ObjectOpResult& result),
-                    (cx, wrapper, id, v, receiver, result))
-
-  IMPL_PROXY_METHOD(bool, call,
-                    (JSContext * cx, HandleObject wrapper,
-                     const CallArgs& args),
-                    (cx, wrapper, args))
-
-  IMPL_PROXY_METHOD(bool, construct,
-                    (JSContext * cx, HandleObject wrapper,
-                     const CallArgs& args),
-                    (cx, wrapper, args))
-
-  /* SpiderMonkey extensions. */
-  IMPL_PROXY_METHOD(bool, hasOwn,
-                    (JSContext * cx, HandleObject wrapper, HandleId id,
-                     bool* bp),
-                    (cx, wrapper, id, bp))
-
-  IMPL_PROXY_METHOD(bool, getOwnEnumerablePropertyKeys,
-                    (JSContext * cx, HandleObject wrapper, AutoIdVector& props),
-                    (cx, wrapper, props))
-
-  // nativeCall is the one thing that's not handed a wrapper directly.
-  bool nativeCall(JSContext* cx, IsAcceptableThis test, NativeImpl impl,
-                  const CallArgs& args) const override {
-    JSAutoRealm ar(cx, wrappedObject(&args.thisv().toObject()));
-    return Wrapper::nativeCall(cx, test, impl, args);
-  }
-
-  IMPL_PROXY_METHOD(bool, hasInstance,
-                    (JSContext * cx, HandleObject wrapper, MutableHandleValue v,
-                     bool* bp),
-                    (cx, wrapper, v, bp))
-
-  IMPL_PROXY_METHOD(const char*, className,
-                    (JSContext * cx, HandleObject wrapper), (cx, wrapper))
-
-  IMPL_PROXY_METHOD(JSString*, fun_toString,
-                    (JSContext * cx, HandleObject wrapper, bool isToSource),
-                    (cx, wrapper, isToSource))
-
-  IMPL_PROXY_METHOD(RegExpShared*, regexp_toShared,
-                    (JSContext * cx, HandleObject wrapper), (cx, wrapper))
-
-  IMPL_PROXY_METHOD(bool, boxedValue_unbox,
-                    (JSContext * cx, HandleObject wrapper,
-                     MutableHandleValue vp),
-                    (cx, wrapper, vp))
-
-  static const XrayWaiver singleton;
-};
-
-#undef IMPL_PROXY_METHOD
-
-const XrayWaiver XrayWaiver::singleton;
+const Wrapper XrayWaiver(WrapperFactory::WAIVE_XRAY_WRAPPER_FLAG);
 
 // When objects for which we waived the X-ray wrapper cross into
 // chrome, we wrap them into a special cross-compartment wrapper
 // that transitively extends the waiver to all properties we get
 // off it.
 const WaiveXrayWrapper WaiveXrayWrapper::singleton(0);
 
 bool WrapperFactory::IsCOW(JSObject* obj) {
@@ -210,17 +67,17 @@ JSObject* WrapperFactory::CreateXrayWaiv
                                            bool allowExisting) {
   // The caller is required to have already done a lookup, unless it's
   // trying to replace an existing waiver.
   // NB: This implictly performs the assertions of GetXrayWaiver.
   MOZ_ASSERT(bool(GetXrayWaiver(obj)) == allowExisting);
   XPCWrappedNativeScope* scope = ObjectScope(obj);
 
   JSAutoRealm ar(cx, obj);
-  JSObject* waiver = Wrapper::New(cx, obj, &XrayWaiver::singleton);
+  JSObject* waiver = Wrapper::New(cx, obj, &XrayWaiver);
   if (!waiver) {
     return nullptr;
   }
 
   // Add the new waiver to the map. It's important that we only ever have
   // one waiver for the lifetime of the target object.
   if (!scope->mWaiverWrapperMap) {
     scope->mWaiverWrapperMap =
@@ -610,18 +467,17 @@ static const Wrapper* SelectWrapper(bool
     return &FilteringWrapper<CrossCompartmentSecurityWrapper,
                              OpaqueWithCall>::singleton;
   }
   return &FilteringWrapper<CrossCompartmentSecurityWrapper, Opaque>::singleton;
 }
 
 JSObject* WrapperFactory::Rewrap(JSContext* cx, HandleObject existing,
                                  HandleObject obj) {
-  MOZ_ASSERT(!IsWrapper(obj) ||
-                 GetProxyHandler(obj) == &XrayWaiver::singleton ||
+  MOZ_ASSERT(!IsWrapper(obj) || GetProxyHandler(obj) == &XrayWaiver ||
                  js::IsWindowProxy(obj),
              "wrapped object passed to rewrap");
   MOZ_ASSERT(!js::IsWindow(obj));
   MOZ_ASSERT(dom::IsJSAPIActive());
 
   // Compute the information we need to select the right wrapper.
   JS::Realm* origin = js::GetNonCCWObjectRealm(obj);
   JS::Realm* target = js::GetContextRealm(cx);
@@ -829,17 +685,17 @@ bool WrapperFactory::WaiveXrayAndWrap(JS
 /*
  * Calls to JS_TransplantObject* should go through these helpers here so that
  * waivers get fixed up properly.
  */
 
 static bool FixWaiverAfterTransplant(JSContext* cx, HandleObject oldWaiver,
                                      HandleObject newobj,
                                      bool crossCompartmentTransplant) {
-  MOZ_ASSERT(Wrapper::wrapperHandler(oldWaiver) == &XrayWaiver::singleton);
+  MOZ_ASSERT(Wrapper::wrapperHandler(oldWaiver) == &XrayWaiver);
   MOZ_ASSERT(!js::IsCrossCompartmentWrapper(newobj));
 
   if (crossCompartmentTransplant) {
     // If the new compartment has a CCW for oldWaiver, nuke this CCW. This
     // prevents confusing RemapAllWrappersForObject: it would call RemapWrapper
     // with two same-compartment objects (the CCW and the new waiver).
     //
     // This can happen when loading a chrome page in a content frame and there