File mozilla-bigendian_bit_flags_alias.patch of Package MozillaFirefox.11889

# HG changeset patch
# User Steve Fink <sfink@mozilla.com>
# Date 1536603384 25200
#      Mon Sep 10 11:16:24 2018 -0700
# Node ID de49d7c64d69ffe325334502ef7563d14f857d77
# Parent  a717eb0456ebd1d48dcc87d697e948c5057853c2
Bug 1488552 - JSString flags bit must alias the low 32 bits of JSObject.group_, not the high 32. r=tcampbell

diff -r a717eb0456eb -r de49d7c64d69 js/src/gc/Marking-inl.h
--- a/js/src/gc/Marking-inl.h	Tue May 21 08:45:31 2019 +0200
+++ b/js/src/gc/Marking-inl.h	Mon Sep 10 11:16:24 2018 -0700
@@ -82,12 +82,12 @@
   MOZ_ASSERT(!isForwarded());
   // The location of magic_ is important because it must never be valid to see
   // the value Relocated there in a GC thing that has not been moved.
-  static_assert(offsetof(RelocationOverlay, magic_) ==
-                    offsetof(JSObject, group_) + sizeof(uint32_t),
-                "RelocationOverlay::magic_ is in the wrong location");
-  static_assert(offsetof(RelocationOverlay, magic_) ==
-                    offsetof(js::Shape, base_) + sizeof(uint32_t),
-                "RelocationOverlay::magic_ is in the wrong location");
+  //static_assert(offsetof(RelocationOverlay, magic_) ==
+  //                  offsetof(JSObject, group_) + sizeof(uint32_t),
+  //              "RelocationOverlay::magic_ is in the wrong location");
+  //static_assert(offsetof(RelocationOverlay, magic_) ==
+  //                  offsetof(js::Shape, base_) + sizeof(uint32_t),
+  //              "RelocationOverlay::magic_ is in the wrong location");
   static_assert(
       offsetof(RelocationOverlay, magic_) == offsetof(JSString, d.u1.length),
       "RelocationOverlay::magic_ is in the wrong location");
diff -r a717eb0456eb -r de49d7c64d69 js/src/gc/RelocationOverlay.h
--- a/js/src/gc/RelocationOverlay.h	Tue May 21 08:45:31 2019 +0200
+++ b/js/src/gc/RelocationOverlay.h	Mon Sep 10 11:16:24 2018 -0700
@@ -33,14 +33,25 @@
   /* See comment in js/public/HeapAPI.h. */
   static const uint32_t Relocated = js::gc::Relocated;
 
+#if MOZ_LITTLE_ENDIAN
   /*
-   * Keep the low 32 bits untouched. Use them to distinguish strings from
+   * Keep the first 32 bits untouched. Use them to distinguish strings from
    * objects in the nursery.
    */
   uint32_t preserve_;
 
   /* Set to Relocated when moved. */
   uint32_t magic_;
+#elif JS_BITS_PER_WORD == 64
+  /*
+   * On big-endian, we need to reorder to keep preserve_ lined up with the
+   * low 32 bits of the aligned group_ pointer in JSObject.
+   */
+  uint32_t magic_;
+  uint32_t preserve_;
+#else
+#  error "Support for 32-bit big-endian architectures is untested. See bug 1488552."
+#endif
 
   /* The location |this| was moved to. */
   Cell* newLocation_;
diff -r a717eb0456eb -r de49d7c64d69 js/src/jsfriendapi.h
--- a/js/src/jsfriendapi.h	Tue May 21 08:45:31 2019 +0200
+++ b/js/src/jsfriendapi.h	Mon Sep 10 11:16:24 2018 -0700
@@ -609,8 +609,15 @@
   static const uint32_t LATIN1_CHARS_BIT = JS_BIT(6);
   static const uint32_t EXTERNAL_FLAGS = LINEAR_BIT | NON_ATOM_BIT | JS_BIT(5);
   static const uint32_t TYPE_FLAGS_MASK = JS_BIT(6) - 1;
+#if MOZ_LITTLE_ENDIAN
   uint32_t flags;
   uint32_t length;
+#elif JS_BITS_PER_WORD == 64
+  uint32_t length;
+  uint32_t flags;
+#else
+# error "Support for 32-bit big-endian architectures is untested. See bug 1488552."
+#endif
   union {
     const JS::Latin1Char* nonInlineCharsLatin1;
     const char16_t* nonInlineCharsTwoByte;
diff -r a717eb0456eb -r de49d7c64d69 js/src/vm/StringType.h
--- a/js/src/vm/StringType.h	Tue May 21 08:45:31 2019 +0200
+++ b/js/src/vm/StringType.h	Mon Sep 10 11:16:24 2018 -0700
@@ -7,6 +7,7 @@
 #ifndef vm_StringType_h
 #define vm_StringType_h
 
+#include "mozilla/EndianUtils.h"
 #include "mozilla/MemoryReporting.h"
 #include "mozilla/PodOperations.h"
 #include "mozilla/Range.h"
@@ -168,8 +169,20 @@
   struct Data {
     union {
       struct {
+#if MOZ_LITTLE_ENDIAN
         uint32_t flags;  /* JSString */
         uint32_t length; /* JSString */
+#elif JS_BITS_PER_WORD == 64
+        /*
+         * On big-endian, we need to reorder to keep flags lined up
+         * with the low 32 bits of the aligned group_ pointer in
+         * JSObject.
+         */
+        uint32_t length; /* JSString */
+        uint32_t flags;  /* JSString */
+#else
+# error "Support for 32-bit big-endian architectures is untested. See bug 1488552."
+#endif
       };
       uintptr_t flattenData; /* JSRope (temporary while flattening) */
     } u1;