Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade to Spidermonkey 39 #37

Merged
merged 9 commits into from Jun 19, 2015
Merged

Upgrade to Spidermonkey 39 #37

merged 9 commits into from Jun 19, 2015

Conversation

@michaelwu
Copy link
Contributor

michaelwu commented May 21, 2015

Well, not really spidermonkey 39. It's just whatever I had pulled from master at the time. Maybe mozilla/gecko-dev@2f60231 ?

All the imported code goes into the mozjs directory now. There's a linker hack to disable some weak linking in MFBT which doesn't work with the way servo links things together. I'll probably have to discuss that with glandium. There's also a hack to remove PR_GetCurrentThread since that's totally broken if you're not using NSPR. That just needs to be cleaned up a bit and landed upstream.

I'm not entirely sure what to do with the library naming. I would actually prefer if we didn't use a shared mozjs on Android.

@michaelwu michaelwu force-pushed the smupgrade2 branch from 1a18d59 to 6f1daaf May 21, 2015
@jdm
Copy link
Member

jdm commented Jun 1, 2015

Note - I included this version of JS_GetAddressableObject in my original mozjs upgrade:

/*
 * Returns the object that the given candidate pointer points to, if it points
 * to a valid object in this runtime.
 */
JS_FRIEND_API(JSObject *)
JS_GetAddressableObject(JSRuntime *rt, uintptr_t candidateObj)
{
    gc::AllocKind kind;
    void *thing;
    if (IsAddressableGCThing(rt,
                             candidateObj,
                             false,
                             &kind,
                             NULL,
                             &thing) != CGCT_VALID) {
        return NULL;
    }
    if (MapAllocToTraceKind(kind) != JSTRACE_OBJECT) {
        return NULL;
    }
    return reinterpret_cast<JSObject *>(thing);
}
@jdm
Copy link
Member

jdm commented Jun 1, 2015

This existed at the time:

+/*
+ * Tests whether w is a (possibly dead) GC thing. Returns CGCT_VALID and
+ * details about the thing if so. On failure, returns the reason for rejection.
+ */
+static inline ConservativeGCTest
+IsAddressableGCThing(JSRuntime *rt, uintptr_t w,
+                     bool skipUncollectedCompartments,
+                     gc::AllocKind *thingKindPtr,
+                     ArenaHeader **arenaHeader,
+                     void **thing)
+{
+    /*
+     * We assume that the compiler never uses sub-word alignment to store
+     * pointers and does not tag pointers on its own. Additionally, the value
+     * representation for all values and the jsid representation for GC-things
+     * do not touch the low two bits. Thus any word with the low two bits set
+     * is not a valid GC-thing.
+     */
+    JS_STATIC_ASSERT(JSID_TYPE_STRING == 0 && JSID_TYPE_OBJECT == 4);
+    if (w & 0x3)
+        return CGCT_LOWBITSET;
+
+    /*
+     * An object jsid has its low bits tagged. In the value representation on
+     * 64-bit, the high bits are tagged.
+     */
+    const uintptr_t JSID_PAYLOAD_MASK = ~uintptr_t(JSID_TYPE_MASK);
+#if JS_BITS_PER_WORD == 32
+    uintptr_t addr = w & JSID_PAYLOAD_MASK;
+#elif JS_BITS_PER_WORD == 64
+    uintptr_t addr = w & JSID_PAYLOAD_MASK & JSVAL_PAYLOAD_MASK;
+#endif
+
+    Chunk *chunk = Chunk::fromAddress(addr);
+
+    if (!rt->gcChunkSet.has(chunk))
+        return CGCT_NOTCHUNK;
+
+    /*
+     * We query for pointers outside the arena array after checking for an
+     * allocated chunk. Such pointers are rare and we want to reject them
+     * after doing more likely rejections.
+     */
+    if (!Chunk::withinArenasRange(addr))
+        return CGCT_NOTARENA;
+
+    /* If the arena is not currently allocated, don't access the header. */
+    size_t arenaOffset = Chunk::arenaIndex(addr);
+    if (chunk->decommittedArenas.get(arenaOffset))
+        return CGCT_FREEARENA;
+
+    ArenaHeader *aheader = &chunk->arenas[arenaOffset].aheader;
+
+    if (!aheader->allocated())
+        return CGCT_FREEARENA;
+
+    if (skipUncollectedCompartments && !aheader->zone->isCollecting())
+        return CGCT_OTHERCOMPARTMENT;
+
+    AllocKind thingKind = aheader->getAllocKind();
+    uintptr_t offset = addr & ArenaMask;
+    uintptr_t minOffset = Arena::firstThingOffset(thingKind);
+    if (offset < minOffset)
+        return CGCT_NOTARENA;
+
+    /* addr can point inside the thing so we must align the address. */
+    uintptr_t shift = (offset - minOffset) % Arena::thingSize(thingKind);
+    addr -= shift;
+
+    if (thing)
+        *thing = reinterpret_cast<void *>(addr);
+    if (arenaHeader)
+        *arenaHeader = aheader;
+    if (thingKindPtr)
+        *thingKindPtr = thingKind;
+    return CGCT_VALID;
+}
@michaelwu michaelwu force-pushed the smupgrade2 branch from 5a49bbb to f66a429 Jun 15, 2015
@larsbergstrom
Copy link
Contributor

larsbergstrom commented Jun 18, 2015

@metajack
Copy link
Contributor

metajack commented Jun 18, 2015

@bors-servo r=larsbergstrom

@bors-servo
Copy link
Contributor

bors-servo commented Jun 18, 2015

📌 Commit f66a429 has been approved by larsbergstrom

@bors-servo
Copy link
Contributor

bors-servo commented Jun 18, 2015

Testing commit f66a429 with merge b7e62f0...

bors-servo pushed a commit that referenced this pull request Jun 18, 2015
Upgrade to Spidermonkey 39

Well, not really spidermonkey 39. It's just whatever I had pulled from master at the time. Maybe mozilla/gecko-dev@2f60231 ?

All the imported code goes into the mozjs directory now. There's a linker hack to disable some weak linking in MFBT which doesn't work with the way servo links things together. I'll probably have to discuss that with glandium. There's also a hack to remove PR_GetCurrentThread since that's totally broken if you're not using NSPR. That just needs to be cleaned up a bit and landed upstream.

I'm not entirely sure what to do with the library naming. I would actually prefer if we didn't use a shared mozjs on Android.
@bors-servo
Copy link
Contributor

bors-servo commented Jun 18, 2015

💔 Test failed - travis

@michaelwu michaelwu force-pushed the smupgrade2 branch from f66a429 to 8deda47 Jun 18, 2015
@metajack
Copy link
Contributor

metajack commented Jun 18, 2015

@bors-servo r=larsbergstrom,metajack

I reviewed the final commit.

@bors-servo
Copy link
Contributor

bors-servo commented Jun 18, 2015

📌 Commit 8deda47 has been approved by larsbergstrom,metajack

@bors-servo
Copy link
Contributor

bors-servo commented Jun 18, 2015

Testing commit 8deda47 with merge 3cabf49...

bors-servo pushed a commit that referenced this pull request Jun 18, 2015
Upgrade to Spidermonkey 39

Well, not really spidermonkey 39. It's just whatever I had pulled from master at the time. Maybe mozilla/gecko-dev@2f60231 ?

All the imported code goes into the mozjs directory now. There's a linker hack to disable some weak linking in MFBT which doesn't work with the way servo links things together. I'll probably have to discuss that with glandium. There's also a hack to remove PR_GetCurrentThread since that's totally broken if you're not using NSPR. That just needs to be cleaned up a bit and landed upstream.

I'm not entirely sure what to do with the library naming. I would actually prefer if we didn't use a shared mozjs on Android.
@bors-servo
Copy link
Contributor

bors-servo commented Jun 18, 2015

💔 Test failed - travis

@michaelwu michaelwu force-pushed the smupgrade2 branch from 8deda47 to dd39a97 Jun 18, 2015
@metajack
Copy link
Contributor

metajack commented Jun 18, 2015

@bors-servo r=larsbergstrom,metajack

@bors-servo
Copy link
Contributor

bors-servo commented Jun 18, 2015

📌 Commit dd39a97 has been approved by larsbergstrom,metajack

@bors-servo
Copy link
Contributor

bors-servo commented Jun 18, 2015

Testing commit dd39a97 with merge 4f02426...

bors-servo pushed a commit that referenced this pull request Jun 18, 2015
Upgrade to Spidermonkey 39

Well, not really spidermonkey 39. It's just whatever I had pulled from master at the time. Maybe mozilla/gecko-dev@2f60231 ?

All the imported code goes into the mozjs directory now. There's a linker hack to disable some weak linking in MFBT which doesn't work with the way servo links things together. I'll probably have to discuss that with glandium. There's also a hack to remove PR_GetCurrentThread since that's totally broken if you're not using NSPR. That just needs to be cleaned up a bit and landed upstream.

I'm not entirely sure what to do with the library naming. I would actually prefer if we didn't use a shared mozjs on Android.
@bors-servo
Copy link
Contributor

bors-servo commented Jun 18, 2015

💔 Test failed - travis

@michaelwu michaelwu force-pushed the smupgrade2 branch 2 times, most recently from bbb194f to dd39a97 Jun 18, 2015
@michaelwu
Copy link
Contributor Author

michaelwu commented Jun 18, 2015

Merging directly since the default build won't work. -j4 appears to cause us to run out of resources on the build machine, and lower numbers cause the build to die by taking too long.

michaelwu added a commit that referenced this pull request Jun 19, 2015
Upgrade to Spidermonkey 39
@michaelwu michaelwu merged commit 7a2f5bb into master Jun 19, 2015
0 of 3 checks passed
0 of 3 checks passed
homu Test failed
Details
continuous-integration/appveyor Waiting for AppVeyor build to complete
Details
continuous-integration/travis-ci/push The Travis CI build is in progress
Details
@Ms2ger Ms2ger deleted the smupgrade2 branch Dec 7, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

5 participants
You can’t perform that action at this time.