--- js-1.8.5/js/src/jsval.h 2017-03-10 16:27:06.000000000 +0100 +++ js-1.8.5/js/src/jsval.h 2017-03-10 16:30:39.000000000 +0100 @@ -66,7 +66,7 @@ JS_BEGIN_EXTERN_C #endif #if JS_BITS_PER_WORD == 64 -# define JSVAL_TAG_SHIFT 47 +# define JSVAL_TAG_SHIFT 48 #endif /* @@ -135,7 +135,8 @@ JS_STATIC_ASSERT(sizeof(JSValueTag) == 4 /* Remember to propagate changes to the C defines below. */ JS_ENUM_HEADER(JSValueTag, uint32) { - JSVAL_TAG_MAX_DOUBLE = 0x1FFF0, + JSVAL_TAG_DUMMY = 0xFFFFFFFF, /* Make sure the enums cannot fit 16-bits. */ + JSVAL_TAG_MAX_DOUBLE = 0xFFF8, JSVAL_TAG_INT32 = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_INT32, JSVAL_TAG_UNDEFINED = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_UNDEFINED, JSVAL_TAG_STRING = JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_STRING, @@ -196,7 +197,7 @@ typedef uint32 JSValueTag; #elif JS_BITS_PER_WORD == 64 typedef uint32 JSValueTag; -#define JSVAL_TAG_MAX_DOUBLE ((uint32)(0x1FFF0)) +#define JSVAL_TAG_MAX_DOUBLE ((uint32)(0xFFF8)) #define JSVAL_TAG_INT32 (uint32)(JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_INT32) #define JSVAL_TAG_UNDEFINED (uint32)(JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_UNDEFINED) #define JSVAL_TAG_STRING (uint32)(JSVAL_TAG_MAX_DOUBLE | JSVAL_TYPE_STRING) @@ -236,8 +237,8 @@ typedef uint64 JSValueShiftedTag; #elif JS_BITS_PER_WORD == 64 -#define JSVAL_PAYLOAD_MASK 0x00007FFFFFFFFFFFLL -#define JSVAL_TAG_MASK 0xFFFF800000000000LL +#define JSVAL_PAYLOAD_MASK 0x0000FFFFFFFFFFFFLL +#define JSVAL_TAG_MASK 0xFFFF000000000000LL #define JSVAL_TYPE_TO_TAG(type) ((JSValueTag)(JSVAL_TAG_MAX_DOUBLE | (type))) #define JSVAL_TYPE_TO_SHIFTED_TAG(type) (((uint64)JSVAL_TYPE_TO_TAG(type)) << JSVAL_TAG_SHIFT) @@ -297,8 +298,8 @@ typedef union jsval_layout #if (!defined(_WIN64) && defined(__cplusplus)) /* MSVC does not pack these correctly :-( */ struct { - uint64 payload47 : 47; - JSValueTag tag : 17; + uint64 payload48 : 48; + JSValueTag tag : 16; } debugView; #endif struct { @@ -339,8 +340,8 @@ typedef union jsval_layout { uint64 asBits; struct { - JSValueTag tag : 17; - uint64 payload47 : 47; + JSValueTag tag : 16; + uint64 payload48 : 48; } debugView; struct { uint32 padding; --- js-1.8.5/js/src/jsvalue.h 2017-03-10 16:27:06.000000000 +0100 +++ js-1.8.5/js/src/jsvalue.h 2017-03-10 16:27:06.000000000 +0100 @@ -255,7 +255,7 @@ JSVAL_SAME_TYPE_IMPL(jsval_layout lhs, j { uint64 lbits = lhs.asBits, rbits = rhs.asBits; return (lbits <= JSVAL_TAG_MAX_DOUBLE && rbits <= JSVAL_TAG_MAX_DOUBLE) || - (((lbits ^ rbits) & 0xFFFF800000000000LL) == 0); + (((lbits ^ rbits) & 0xFFFF000000000000LL) == 0); } static JS_ALWAYS_INLINE jsval_layout @@ -277,7 +277,7 @@ JSVAL_TO_PRIVATE_UINT32_IMPL(jsval_layou static JS_ALWAYS_INLINE JSValueType JSVAL_EXTRACT_NON_DOUBLE_TYPE_IMPL(jsval_layout l) { - uint64 type = (l.asBits >> JSVAL_TAG_SHIFT) & 0xF; + uint64 type = (l.asBits >> JSVAL_TAG_SHIFT) & 0x7; JS_ASSERT(type > JSVAL_TYPE_DOUBLE); return (JSValueType)type; } --- js-1.8.5/js/src/methodjit/MethodJIT.cpp 2011-03-31 21:08:36.000000000 +0200 +++ js-1.8.5/js/src/methodjit/MethodJIT.cpp 2017-03-10 16:27:06.000000000 +0100 @@ -186,8 +186,8 @@ JS_STATIC_ASSERT(sizeof(VMFrame) % 16 == JS_STATIC_ASSERT(offsetof(VMFrame, savedRBX) == 0x58); JS_STATIC_ASSERT(offsetof(VMFrame, regs.fp) == 0x38); -JS_STATIC_ASSERT(JSVAL_TAG_MASK == 0xFFFF800000000000LL); -JS_STATIC_ASSERT(JSVAL_PAYLOAD_MASK == 0x00007FFFFFFFFFFFLL); +JS_STATIC_ASSERT(JSVAL_TAG_MASK == 0xFFFF000000000000LL); +JS_STATIC_ASSERT(JSVAL_PAYLOAD_MASK == 0x0000FFFFFFFFFFFFLL); asm volatile ( ".text\n"