From d8bbc7858622b6d9c278469aab701ca0b609cddf Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 15 May 2024 05:35:49 +0200 Subject: Merging upstream version 126.0. Signed-off-by: Daniel Baumann --- js/src/builtin/TestingFunctions.cpp | 154 ++++++++++++++++++++++++++---------- 1 file changed, 114 insertions(+), 40 deletions(-) (limited to 'js/src/builtin/TestingFunctions.cpp') diff --git a/js/src/builtin/TestingFunctions.cpp b/js/src/builtin/TestingFunctions.cpp index 498fa1746d..da7efd2fcc 100644 --- a/js/src/builtin/TestingFunctions.cpp +++ b/js/src/builtin/TestingFunctions.cpp @@ -604,15 +604,6 @@ static bool GetBuildConfiguration(JSContext* cx, unsigned argc, Value* vp) { return false; } -#ifdef ENABLE_JSON_PARSE_WITH_SOURCE - value = BooleanValue(true); -#else - value = BooleanValue(false); -#endif - if (!JS_SetProperty(cx, info, "json-parse-with-source", value)) { - return false; - } - #ifdef FUZZING value = BooleanValue(true); #else @@ -1620,7 +1611,7 @@ static bool WasmLosslessInvoke(JSContext* cx, unsigned argc, Value* vp) { if (!wasmCallFrame.resize(len)) { return false; } - wasmCallFrame[0].set(args.calleev()); + wasmCallFrame[0].set(ObjectValue(*func)); wasmCallFrame[1].set(args.thisv()); // Copy over the arguments needed to invoke the provided wasm function, // skipping the wasm function we're calling that is at `args.get(0)`. @@ -3714,6 +3705,85 @@ static bool NewString(JSContext* cx, unsigned argc, Value* vp) { return true; } +static bool NewDependentString(JSContext* cx, unsigned argc, Value* vp) { + CallArgs args = CallArgsFromVp(argc, vp); + + RootedString src(cx, ToString(cx, args.get(0))); + if (!src) { + return false; + } + + uint64_t indexStart = 0; + mozilla::Maybe indexEnd; + gc::Heap heap = gc::Heap::Default; + mozilla::Maybe requiredHeap; + + if (!ToIndex(cx, args.get(1), &indexStart)) { + return false; + } + + Rooted options(cx); + if (args.get(2).isObject()) { + options = args[2]; + } else { + uint64_t idx; + if (args.hasDefined(2)) { + if (!ToIndex(cx, args.get(2), &idx)) { + return false; + } + indexEnd.emplace(idx); + } + options = args.get(3); + } + + if (options.isObject()) { + Rooted v(cx); + Rooted optObj(cx, &options.toObject()); + if (!JS_GetProperty(cx, optObj, "tenured", &v)) { + return false; + } + if (v.isBoolean()) { + requiredHeap.emplace(v.toBoolean() ? gc::Heap::Tenured + : gc::Heap::Default); + heap = *requiredHeap; + } + } + + if (indexEnd.isNothing()) { + // Read the length now that no more JS code can run. + indexEnd.emplace(src->length()); + } + if (indexStart > src->length() || *indexEnd > src->length() || + indexStart >= *indexEnd) { + JS_ReportErrorASCII(cx, "invalid dependent string bounds"); + return false; + } + if (!src->ensureLinear(cx)) { + return false; + } + Rooted result( + cx, js::NewDependentString(cx, src, indexStart, *indexEnd - indexStart, + heap)); + if (!result) { + return false; + } + if (!result->isDependent()) { + JS_ReportErrorASCII(cx, "resulting string is not dependent (too short?)"); + return false; + } + + if (requiredHeap.isSome()) { + MOZ_ASSERT_IF(*requiredHeap == gc::Heap::Tenured, result->isTenured()); + if ((*requiredHeap == gc::Heap::Default) && result->isTenured()) { + JS_ReportErrorASCII(cx, "nursery string created in tenured heap"); + return false; + } + } + + args.rval().setString(result); + return true; +} + // Warning! This will let you create ropes that I'm not sure would be possible // otherwise, specifically: // @@ -7183,7 +7253,7 @@ static bool SetImmutablePrototype(JSContext* cx, unsigned argc, Value* vp) { return true; } -#ifdef DEBUG +#if defined(DEBUG) || defined(JS_JITSPEW) static bool DumpStringRepresentation(JSContext* cx, unsigned argc, Value* vp) { CallArgs args = CallArgsFromVp(argc, vp); @@ -7221,7 +7291,6 @@ static bool GetStringRepresentation(JSContext* cx, unsigned argc, Value* vp) { args.rval().setString(rep); return true; } - #endif static bool ParseCompileOptionsForModule(JSContext* cx, @@ -7237,9 +7306,7 @@ static bool ParseCompileOptionsForModule(JSContext* cx, options.setModule(); isModule = true; - // js::ParseCompileOptions should already be called. - if (options.lineno == 0) { - JS_ReportErrorASCII(cx, "Module cannot be compiled with lineNumber == 0"); + if (!ValidateModuleCompileOptions(cx, options)) { return false; } } else { @@ -9435,6 +9502,15 @@ static const JSFunctionSpecWithHelp TestingFunctions[] = { " - maybeExternal: create an external string, unless the data fits within an\n" " inline string. Inline strings may be nursery-allocated."), + JS_FN_HELP("newDependentString", NewDependentString, 2, 0, +"newDependentString(str, indexStart[, indexEnd] [, options])", +" Essentially the same as str.substring() but insist on\n" +" creating a dependent string and failing if not. Also has options to\n" +" control the heap the string object is allocated into:\n" +" \n" +" - tenured: if true, allocate in the tenured heap or throw. If false,\n" +" allocate in the nursery or throw."), + JS_FN_HELP("ensureLinearString", EnsureLinearString, 1, 0, "ensureLinearString(str)", " Ensures str is a linear (non-rope) string and returns it."), @@ -10058,20 +10134,6 @@ JS_FOR_WASM_FEATURES(WASM_FEATURE) "wasmMetadataAnalysis(wasmObject)", " Prints an analysis of the size of metadata on this wasm object.\n"), -#if defined(DEBUG) || defined(JS_JITSPEW) - JS_FN_HELP("dumpObject", DumpObject, 1, 0, -"dumpObject(obj)", -" Dump an internal representation of an object."), - - JS_FN_HELP("dumpValue", DumpValue, 1, 0, -"dumpValue(v)", -" Dump an internal representation of a value."), - - JS_FN_HELP("dumpValueToString", DumpValueToString, 1, 0, -"dumpValue(v)", -" Return a dump of an internal representation of a value."), -#endif - JS_FN_HELP("sharedMemoryEnabled", SharedMemoryEnabled, 0, 0, "sharedMemoryEnabled()", " Return true if SharedArrayBuffer and Atomics are enabled"), @@ -10129,17 +10191,6 @@ JS_FOR_WASM_FEATURES(WASM_FEATURE) " of internal error, or if the operation doesn't even make sense (for example,\n" " because the object is a revoked proxy)."), -#ifdef DEBUG - JS_FN_HELP("dumpStringRepresentation", DumpStringRepresentation, 1, 0, -"dumpStringRepresentation(str)", -" Print a human-readable description of how the string |str| is represented.\n"), - - JS_FN_HELP("stringRepresentation", GetStringRepresentation, 1, 0, -"stringRepresentation(str)", -" Return a human-readable description of how the string |str| is represented.\n"), - -#endif - JS_FN_HELP("allocationMarker", AllocationMarker, 0, 0, "allocationMarker([options])", " Return a freshly allocated object whose [[Class]] name is\n" @@ -10428,6 +10479,29 @@ JS_FN_HELP("getEnvironmentObjectType", GetEnvironmentObjectType, 1, 0, " Return an object describing the calling realm's fuse state, " "as well as the state of any runtime fuses."), +#if defined(DEBUG) || defined(JS_JITSPEW) + JS_FN_HELP("dumpObject", DumpObject, 1, 0, +"dumpObject(obj)", +" Dump an internal representation of an object."), + + JS_FN_HELP("dumpValue", DumpValue, 1, 0, +"dumpValue(v)", +" Dump an internal representation of a value."), + + JS_FN_HELP("dumpValueToString", DumpValueToString, 1, 0, +"dumpValue(v)", +" Return a dump of an internal representation of a value."), + + JS_FN_HELP("dumpStringRepresentation", DumpStringRepresentation, 1, 0, +"dumpStringRepresentation(str)", +" Print a human-readable description of how the string |str| is represented.\n"), + + JS_FN_HELP("stringRepresentation", GetStringRepresentation, 1, 0, +"stringRepresentation(str)", +" Return a human-readable description of how the string |str| is represented.\n"), + +#endif + JS_FS_HELP_END }; // clang-format on -- cgit v1.2.3