The Tor Browser / file diff

diff: js/src/jsapi-tests/testGCStoreBufferRemoval.cpp

js/src/jsapi-tests/testGCStoreBufferRemoval.cpp

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/js/src/jsapi-tests/testGCStoreBufferRemoval.cpp	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,125 @@
     1.4 +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
     1.5 +* vim: set ts=8 sts=4 et sw=4 tw=99:
     1.6 +*/
     1.7 +/* This Source Code Form is subject to the terms of the Mozilla Public
     1.8 + * License, v. 2.0. If a copy of the MPL was not distributed with this
     1.9 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
    1.10 +
    1.11 +#ifdef JSGC_GENERATIONAL
    1.12 +
    1.13 +#include "gc/Barrier.h"
    1.14 +#include "jsapi-tests/tests.h"
    1.15 +
    1.16 +using namespace JS;
    1.17 +using namespace js;
    1.18 +
    1.19 +struct AutoIgnoreRootingHazards {
    1.20 +    // Force a nontrivial destructor so the compiler sees the whole RAII scope
    1.21 +    static volatile int depth;
    1.22 +    AutoIgnoreRootingHazards() { depth++; }
    1.23 +    ~AutoIgnoreRootingHazards() { depth--; }
    1.24 +};
    1.25 +volatile int AutoIgnoreRootingHazards::depth = 0;
    1.26 +
    1.27 +BEGIN_TEST(testGCStoreBufferRemoval)
    1.28 +{
    1.29 +    // Sanity check - objects start in the nursery and then become tenured.
    1.30 +    JS_GC(cx->runtime());
    1.31 +    JS::RootedObject obj(cx, NurseryObject());
    1.32 +    CHECK(js::gc::IsInsideNursery(rt, obj.get()));
    1.33 +    JS_GC(cx->runtime());
    1.34 +    CHECK(!js::gc::IsInsideNursery(rt, obj.get()));
    1.35 +    JS::RootedObject tenuredObject(cx, obj);
    1.36 +
    1.37 +    // Hide the horrors herein from the static rooting analysis.
    1.38 +    AutoIgnoreRootingHazards ignore;
    1.39 +
    1.40 +    // Test removal of store buffer entries added by RelocatablePtr<T>.
    1.41 +    {
    1.42 +        JSObject *badObject = reinterpret_cast<JSObject*>(1);
    1.43 +        JSObject *punnedPtr = nullptr;
    1.44 +        RelocatablePtrObject* relocPtr =
    1.45 +            reinterpret_cast<RelocatablePtrObject*>(&punnedPtr);
    1.46 +        new (relocPtr) RelocatablePtrObject;
    1.47 +        *relocPtr = NurseryObject();
    1.48 +        relocPtr->~RelocatablePtrObject();
    1.49 +        punnedPtr = badObject;
    1.50 +        JS_GC(cx->runtime());
    1.51 +
    1.52 +        new (relocPtr) RelocatablePtrObject;
    1.53 +        *relocPtr = NurseryObject();
    1.54 +        *relocPtr = tenuredObject;
    1.55 +        relocPtr->~RelocatablePtrObject();
    1.56 +        punnedPtr = badObject;
    1.57 +        JS_GC(cx->runtime());
    1.58 +
    1.59 +        new (relocPtr) RelocatablePtrObject;
    1.60 +        *relocPtr = NurseryObject();
    1.61 +        *relocPtr = nullptr;
    1.62 +        relocPtr->~RelocatablePtrObject();
    1.63 +        punnedPtr = badObject;
    1.64 +        JS_GC(cx->runtime());
    1.65 +    }
    1.66 +
    1.67 +    // Test removal of store buffer entries added by RelocatableValue.
    1.68 +    {
    1.69 +        Value punnedValue;
    1.70 +        RelocatableValue *relocValue = reinterpret_cast<RelocatableValue*>(&punnedValue);
    1.71 +        new (relocValue) RelocatableValue;
    1.72 +        *relocValue = ObjectValue(*NurseryObject());
    1.73 +        relocValue->~RelocatableValue();
    1.74 +        punnedValue = ObjectValueCrashOnTouch();
    1.75 +        JS_GC(cx->runtime());
    1.76 +
    1.77 +        new (relocValue) RelocatableValue;
    1.78 +        *relocValue = ObjectValue(*NurseryObject());
    1.79 +        *relocValue = ObjectValue(*tenuredObject);
    1.80 +        relocValue->~RelocatableValue();
    1.81 +        punnedValue = ObjectValueCrashOnTouch();
    1.82 +        JS_GC(cx->runtime());
    1.83 +
    1.84 +        new (relocValue) RelocatableValue;
    1.85 +        *relocValue = ObjectValue(*NurseryObject());
    1.86 +        *relocValue = NullValue();
    1.87 +        relocValue->~RelocatableValue();
    1.88 +        punnedValue = ObjectValueCrashOnTouch();
    1.89 +        JS_GC(cx->runtime());
    1.90 +    }
    1.91 +
    1.92 +    // Test removal of store buffer entries added by Heap<T>.
    1.93 +    {
    1.94 +        JSObject *badObject = reinterpret_cast<JSObject*>(1);
    1.95 +        JSObject *punnedPtr = nullptr;
    1.96 +        Heap<JSObject*>* heapPtr =
    1.97 +            reinterpret_cast<Heap<JSObject*>*>(&punnedPtr);
    1.98 +        new (heapPtr) Heap<JSObject*>;
    1.99 +        *heapPtr = NurseryObject();
   1.100 +        heapPtr->~Heap<JSObject*>();
   1.101 +        punnedPtr = badObject;
   1.102 +        JS_GC(cx->runtime());
   1.103 +
   1.104 +        new (heapPtr) Heap<JSObject*>;
   1.105 +        *heapPtr = NurseryObject();
   1.106 +        *heapPtr = tenuredObject;
   1.107 +        heapPtr->~Heap<JSObject*>();
   1.108 +        punnedPtr = badObject;
   1.109 +        JS_GC(cx->runtime());
   1.110 +
   1.111 +        new (heapPtr) Heap<JSObject*>;
   1.112 +        *heapPtr = NurseryObject();
   1.113 +        *heapPtr = nullptr;
   1.114 +        heapPtr->~Heap<JSObject*>();
   1.115 +        punnedPtr = badObject;
   1.116 +        JS_GC(cx->runtime());
   1.117 +    }
   1.118 +
   1.119 +    return true;
   1.120 +}
   1.121 +
   1.122 +JSObject *NurseryObject()
   1.123 +{
   1.124 +    return JS_NewObject(cx, nullptr, JS::NullPtr(), JS::NullPtr());
   1.125 +}
   1.126 +END_TEST(testGCStoreBufferRemoval)
   1.127 +
   1.128 +#endif

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial