Bug 610306 - MarkStackRangeConservatively in jsgc.cpp marked wrong objects on big endian system (r=gal)
authorLuke Wagner <lw@mozilla.com>
Mon, 08 Nov 2010 09:28:20 -0800
changeset 57729 18d56745c3e69369bf29af4138f7b5a781836e7e
parent 57728 f048a94e5f27febb7a8f57ceecbdacba02d9e904
child 57730 298e753a172696e6353cd246e0e8e500fb76b16b
push id1
push usershaver@mozilla.com
push dateTue, 04 Jan 2011 17:58:04 +0000
reviewersgal
bugs610306
milestone2.0b8pre
Bug 610306 - MarkStackRangeConservatively in jsgc.cpp marked wrong objects on big endian system (r=gal)
js/src/jsgc.cpp
js/src/jsvalue.h
--- a/js/src/jsgc.cpp
+++ b/js/src/jsgc.cpp
@@ -729,25 +729,25 @@ MarkThreadDataConservatively(JSTracer *t
     MarkRangeConservatively(trc, ctd->registerSnapshot.words,
                             JS_ARRAY_END(ctd->registerSnapshot.words));
 
 }
 
 void
 MarkStackRangeConservatively(JSTracer *trc, Value *beginv, Value *endv)
 {
-    jsuword *begin = (jsuword *) beginv;
-    jsuword *end = (jsuword *) endv;
+    jsuword *begin = beginv->payloadWord();
+    jsuword *end = endv->payloadWord();;
 #ifdef JS_NUNBOX32
     /*
      * With 64-bit jsvals on 32-bit systems, we can optimize a bit by
      * scanning only the payloads.
      */
     JS_ASSERT(begin <= end);
-    for (jsuword *i = begin; i != end; i += 2)
+    for (jsuword *i = begin; i != end; i += sizeof(Value)/sizeof(jsuword))
         MarkWordConservatively(trc, *i);
 #else
     MarkRangeConservatively(trc, begin, end);
 #endif
 }
 
 void
 MarkConservativeStackRoots(JSTracer *trc)
--- a/js/src/jsvalue.h
+++ b/js/src/jsvalue.h
@@ -723,16 +723,20 @@ class Value
         data.asPtr = ptr;
     }
 
     JS_ALWAYS_INLINE
     void *toUnmarkedPtr() const {
         return data.asPtr;
     }
 
+    jsuword *payloadWord() const {
+        return (jsuword *)&data.s.payload;
+    }
+
   private:
     void staticAssertions() {
         JS_STATIC_ASSERT(sizeof(JSValueType) == 1);
         JS_STATIC_ASSERT(sizeof(JSValueTag) == 4);
         JS_STATIC_ASSERT(sizeof(JSBool) == 4);
         JS_STATIC_ASSERT(sizeof(JSWhyMagic) <= 4);
         JS_STATIC_ASSERT(sizeof(jsval) == 8);
     }