Bug 1842773 - Part 36: Rename ArrayBufferObject::MaxByteLength to ByteLengthLimit. r=sfink,nbp

Rename `MaxByteLength` to avoid confusion with the new `maxByteLength` slot for
resizable ArrayBuffers.

- Prefer "Limit" instead of "Max" because the latter could be misinterpreted to
  refer to `maxByteLength`, because it also includes the substring "max".

Differential Revision: https://phabricator.services.mozilla.com/D196312

Author: anba

js/src/builtin/DataViewObject.cpp

@@ -247,7 +247,7 @@ bool DataViewObject::getAndCheckConstructorArgs(
                               JSMSG_OFFSET_OUT_OF_BUFFER);
     return false;
   }
-  MOZ_ASSERT(offset <= ArrayBufferObject::MaxByteLength);
+  MOZ_ASSERT(offset <= ArrayBufferObject::ByteLengthLimit);
 
   uint64_t viewByteLength = 0;
   bool autoLength = false;
@@ -275,7 +275,7 @@ bool DataViewObject::getAndCheckConstructorArgs(
       return false;
     }
   }
-  MOZ_ASSERT(viewByteLength <= ArrayBufferObject::MaxByteLength);
+  MOZ_ASSERT(viewByteLength <= ArrayBufferObject::ByteLengthLimit);
 
   *byteOffsetPtr = offset;
   *byteLengthPtr = viewByteLength;

js/src/builtin/TestingFunctions.cpp

@@ -2216,8 +2216,8 @@ static bool WasmGcArrayLength(JSContext* cx, unsigned argc, Value* vp) {
 
 static bool LargeArrayBufferSupported(JSContext* cx, unsigned argc, Value* vp) {
   CallArgs args = CallArgsFromVp(argc, vp);
-  args.rval().setBoolean(ArrayBufferObject::MaxByteLength >
-                         ArrayBufferObject::MaxByteLengthForSmallBuffer);
+  args.rval().setBoolean(ArrayBufferObject::ByteLengthLimit >
+                         ArrayBufferObject::ByteLengthLimitForSmallBuffer);
   return true;
 }
 

js/src/ctypes/CTypes.cpp

@@ -8011,7 +8011,7 @@ static bool ReadTypedArrayCommon(JSContext* cx, unsigned argc, Value* vp,
 
   CheckedInt<size_t> size = *length;
   size *= CType::GetSize(baseType);
-  if (!size.isValid() || size.value() > ArrayBufferObject::MaxByteLength) {
+  if (!size.isValid() || size.value() > ArrayBufferObject::ByteLengthLimit) {
     return SizeOverflow(cx, "data", "typed array");
   }
 

js/src/jit/RangeAnalysis.cpp

@@ -1791,13 +1791,13 @@ void MInitializedLength::computeRange(TempAllocator& alloc) {
 }
 
 void MArrayBufferViewLength::computeRange(TempAllocator& alloc) {
-  if constexpr (ArrayBufferObject::MaxByteLength <= INT32_MAX) {
+  if constexpr (ArrayBufferObject::ByteLengthLimit <= INT32_MAX) {
     setRange(Range::NewUInt32Range(alloc, 0, INT32_MAX));
   }
 }
 
 void MArrayBufferViewByteOffset::computeRange(TempAllocator& alloc) {
-  if constexpr (ArrayBufferObject::MaxByteLength <= INT32_MAX) {
+  if constexpr (ArrayBufferObject::ByteLengthLimit <= INT32_MAX) {
     setRange(Range::NewUInt32Range(alloc, 0, INT32_MAX));
   }
 }

js/src/jit/VMFunctions.cpp

@@ -2353,16 +2353,16 @@ void AllocateAndInitTypedArrayBuffer(JSContext* cx, TypedArrayObject* obj,
   // Negative numbers or zero will bail out to the slow path, which in turn will
   // raise an invalid argument exception or create a correct object with zero
   // elements.
-  constexpr size_t maxByteLength = TypedArrayObject::MaxByteLength;
-  if (count <= 0 || size_t(count) > maxByteLength / obj->bytesPerElement()) {
+  constexpr size_t byteLengthLimit = TypedArrayObject::ByteLengthLimit;
+  if (count <= 0 || size_t(count) > byteLengthLimit / obj->bytesPerElement()) {
     obj->setFixedSlot(TypedArrayObject::LENGTH_SLOT, PrivateValue(size_t(0)));
     return;
   }
 
   obj->setFixedSlot(TypedArrayObject::LENGTH_SLOT, PrivateValue(count));
 
   size_t nbytes = size_t(count) * obj->bytesPerElement();
-  MOZ_ASSERT(nbytes <= maxByteLength);
+  MOZ_ASSERT(nbytes <= byteLengthLimit);
   nbytes = RoundUp(nbytes, sizeof(Value));
 
   MOZ_ASSERT(!obj->isTenured());

js/src/shell/OSObject.cpp

@@ -320,7 +320,7 @@ JSObject* FileAsTypedArray(JSContext* cx, JS::HandleString pathnameStr) {
     return nullptr;
   }
 
-  if (len > ArrayBufferObject::MaxByteLength) {
+  if (len > ArrayBufferObject::ByteLengthLimit) {
     JS_ReportErrorUTF8(cx, "file %s is too large for a Uint8Array",
                        pathname.get());
     return nullptr;

js/src/vm/ArrayBufferObject.cpp

@@ -162,7 +162,7 @@ uint64_t js::WasmReservedBytes() { return wasmReservedBytes; }
 [[nodiscard]] static bool CheckArrayBufferTooLarge(JSContext* cx,
                                                    uint64_t nbytes) {
   // Refuse to allocate too large buffers.
-  if (MOZ_UNLIKELY(nbytes > ArrayBufferObject::MaxByteLength)) {
+  if (MOZ_UNLIKELY(nbytes > ArrayBufferObject::ByteLengthLimit)) {
     JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
                               JSMSG_BAD_ARRAY_LENGTH);
     return false;
@@ -1488,7 +1488,7 @@ inline size_t ArrayBufferObject::associatedBytes() const {
 }
 
 void ArrayBufferObject::setByteLength(size_t length) {
-  MOZ_ASSERT(length <= ArrayBufferObject::MaxByteLength);
+  MOZ_ASSERT(length <= ArrayBufferObject::ByteLengthLimit);
   setFixedSlot(BYTE_LENGTH_SLOT, PrivateValue(length));
 }
 
@@ -1594,7 +1594,7 @@ ArrayBufferObject* ArrayBufferObject::wasmGrowToPagesInPlace(
     return nullptr;
   }
   MOZ_ASSERT(newPages <= wasm::MaxMemoryPages(t) &&
-             newPages.byteLength() <= ArrayBufferObject::MaxByteLength);
+             newPages.byteLength() <= ArrayBufferObject::ByteLengthLimit);
 
   // We have checked against the clamped maximum and so we know we can convert
   // to byte lengths now.
@@ -1652,7 +1652,7 @@ ArrayBufferObject* ArrayBufferObject::wasmMovingGrowToPages(
     return nullptr;
   }
   MOZ_ASSERT(newPages <= wasm::MaxMemoryPages(t) &&
-             newPages.byteLength() < ArrayBufferObject::MaxByteLength);
+             newPages.byteLength() < ArrayBufferObject::ByteLengthLimit);
 
   // We have checked against the clamped maximum and so we know we can convert
   // to byte lengths now.
@@ -1847,7 +1847,7 @@ template <class ArrayBufferType, ArrayBufferObject::FillContents FillType>
 ArrayBufferObject::createUninitializedBufferAndData(
     JSContext* cx, size_t nbytes, AutoSetNewObjectMetadata&,
     JS::Handle<JSObject*> proto) {
-  MOZ_ASSERT(nbytes <= ArrayBufferObject::MaxByteLength,
+  MOZ_ASSERT(nbytes <= ArrayBufferObject::ByteLengthLimit,
              "caller must validate the byte count it passes");
 
   static_assert(std::is_same_v<ArrayBufferType, FixedLengthArrayBufferObject> ||
@@ -1898,7 +1898,7 @@ template <ArrayBufferObject::FillContents FillType>
 ArrayBufferObject::createBufferAndData(
     JSContext* cx, size_t nbytes, AutoSetNewObjectMetadata& metadata,
     JS::Handle<JSObject*> proto /* = nullptr */) {
-  MOZ_ASSERT(nbytes <= ArrayBufferObject::MaxByteLength,
+  MOZ_ASSERT(nbytes <= ArrayBufferObject::ByteLengthLimit,
              "caller must validate the byte count it passes");
 
   auto [buffer, data] =
@@ -1925,7 +1925,7 @@ ResizableArrayBufferObject::createBufferAndData(
     JSContext* cx, size_t byteLength, size_t maxByteLength,
     AutoSetNewObjectMetadata& metadata, Handle<JSObject*> proto) {
   MOZ_ASSERT(byteLength <= maxByteLength);
-  MOZ_ASSERT(maxByteLength <= ArrayBufferObject::MaxByteLength,
+  MOZ_ASSERT(maxByteLength <= ArrayBufferObject::ByteLengthLimit,
              "caller must validate the byte count it passes");
 
   // NOTE: The spec proposal for resizable ArrayBuffers suggests to use a
@@ -1958,7 +1958,7 @@ ResizableArrayBufferObject::createBufferAndData(
     JSContext* cx, size_t newByteLength,
     JS::Handle<ArrayBufferObject*> source) {
   MOZ_ASSERT(!source->isDetached());
-  MOZ_ASSERT(newByteLength <= ArrayBufferObject::MaxByteLength,
+  MOZ_ASSERT(newByteLength <= ArrayBufferObject::ByteLengthLimit,
              "caller must validate the byte count it passes");
 
   size_t sourceByteLength = source->byteLength();
@@ -2037,7 +2037,7 @@ ResizableArrayBufferObject::createBufferAndData(
     JSContext* cx, size_t newByteLength,
     JS::Handle<ArrayBufferObject*> source) {
   MOZ_ASSERT(!source->isDetached());
-  MOZ_ASSERT(newByteLength <= ArrayBufferObject::MaxByteLength,
+  MOZ_ASSERT(newByteLength <= ArrayBufferObject::ByteLengthLimit,
              "caller must validate the byte count it passes");
 
   if (newByteLength > FixedLengthArrayBufferObject::MaxInlineBytes &&
@@ -2103,7 +2103,7 @@ ResizableArrayBufferObject::createBufferAndData(
   MOZ_ASSERT(source->bufferKind() == MALLOCED_ARRAYBUFFER_CONTENTS_ARENA);
   MOZ_ASSERT(newByteLength > FixedLengthArrayBufferObject::MaxInlineBytes,
              "prefer copying small buffers");
-  MOZ_ASSERT(newByteLength <= ArrayBufferObject::MaxByteLength,
+  MOZ_ASSERT(newByteLength <= ArrayBufferObject::ByteLengthLimit,
              "caller must validate the byte count it passes");
 
   size_t oldByteLength = source->associatedBytes();

js/src/vm/ArrayBufferObject.h

@@ -207,12 +207,12 @@ class ArrayBufferObject : public ArrayBufferObjectMaybeShared {
 
   // The length of an ArrayBuffer or SharedArrayBuffer can be at most INT32_MAX
   // on 32-bit platforms. Allow a larger limit on 64-bit platforms.
-  static constexpr size_t MaxByteLengthForSmallBuffer = INT32_MAX;
+  static constexpr size_t ByteLengthLimitForSmallBuffer = INT32_MAX;
 #ifdef JS_64BIT
-  static constexpr size_t MaxByteLength =
+  static constexpr size_t ByteLengthLimit =
       size_t(8) * 1024 * 1024 * 1024;  // 8 GB.
 #else
-  static constexpr size_t MaxByteLength = MaxByteLengthForSmallBuffer;
+  static constexpr size_t ByteLengthLimit = ByteLengthLimitForSmallBuffer;
 #endif
 
  public:
@@ -649,7 +649,7 @@ class ResizableArrayBufferObject : public ArrayBufferObject {
   bool hasInlineData() const { return dataPointer() == inlineDataPointer(); }
 
   void setMaxByteLength(size_t length) {
-    MOZ_ASSERT(length <= ArrayBufferObject::MaxByteLength);
+    MOZ_ASSERT(length <= ArrayBufferObject::ByteLengthLimit);
     setFixedSlot(MAX_BYTE_LENGTH_SLOT, PrivateValue(length));
   }
 

js/src/vm/ArrayBufferObjectMaybeShared.cpp

@@ -66,11 +66,11 @@ JS_PUBLIC_API bool JS::IsLargeArrayBufferMaybeShared(JSObject* obj) {
   size_t len = obj->is<ArrayBufferObject>()
                    ? obj->as<ArrayBufferObject>().byteLength()
                    : obj->as<SharedArrayBufferObject>().byteLength();
-  return len > ArrayBufferObject::MaxByteLengthForSmallBuffer;
+  return len > ArrayBufferObject::ByteLengthLimitForSmallBuffer;
 #else
   // Large ArrayBuffers are not supported on 32-bit.
-  static_assert(ArrayBufferObject::MaxByteLength ==
-                ArrayBufferObject::MaxByteLengthForSmallBuffer);
+  static_assert(ArrayBufferObject::ByteLengthLimit ==
+                ArrayBufferObject::ByteLengthLimitForSmallBuffer);
   return false;
 #endif
 }

js/src/vm/ArrayBufferViewObject.cpp

@@ -114,12 +114,12 @@ bool ArrayBufferViewObject::init(JSContext* cx,
   MOZ_ASSERT_IF(!buffer, byteOffset == 0);
   MOZ_ASSERT_IF(buffer, !buffer->isDetached());
 
-  MOZ_ASSERT(byteOffset <= ArrayBufferObject::MaxByteLength);
-  MOZ_ASSERT(length <= ArrayBufferObject::MaxByteLength);
-  MOZ_ASSERT(byteOffset + length <= ArrayBufferObject::MaxByteLength);
+  MOZ_ASSERT(byteOffset <= ArrayBufferObject::ByteLengthLimit);
+  MOZ_ASSERT(length <= ArrayBufferObject::ByteLengthLimit);
+  MOZ_ASSERT(byteOffset + length <= ArrayBufferObject::ByteLengthLimit);
 
   MOZ_ASSERT_IF(is<TypedArrayObject>(),
-                length <= TypedArrayObject::MaxByteLength / bytesPerElement);
+                length <= TypedArrayObject::ByteLengthLimit / bytesPerElement);
 
   // The isSharedMemory property is invariant.  Self-hosting code that
   // sets BUFFER_SLOT or the private slot (if it does) must maintain it by
@@ -359,11 +359,11 @@ JS_PUBLIC_API bool JS::IsLargeArrayBufferView(JSObject* obj) {
   size_t len = obj->is<DataViewObject>()
                    ? obj->as<DataViewObject>().byteLength().valueOr(0)
                    : obj->as<TypedArrayObject>().byteLength().valueOr(0);
-  return len > ArrayBufferObject::MaxByteLengthForSmallBuffer;
+  return len > ArrayBufferObject::ByteLengthLimitForSmallBuffer;
 #else
   // Large ArrayBuffers are not supported on 32-bit.
-  static_assert(ArrayBufferObject::MaxByteLength ==
-                ArrayBufferObject::MaxByteLengthForSmallBuffer);
+  static_assert(ArrayBufferObject::ByteLengthLimit ==
+                ArrayBufferObject::ByteLengthLimitForSmallBuffer);
   return false;
 #endif
 }

js/src/vm/SharedArrayObject.cpp

@@ -40,7 +40,7 @@ static size_t WasmSharedArrayAccessibleSize(size_t length) {
 }
 
 static size_t NonWasmSharedArrayAllocSize(size_t length) {
-  MOZ_ASSERT(length <= ArrayBufferObject::MaxByteLength);
+  MOZ_ASSERT(length <= ArrayBufferObject::ByteLengthLimit);
   return sizeof(SharedArrayRawBuffer) + length;
 }
 
@@ -60,8 +60,8 @@ static size_t SharedArrayMappedSize(bool isWasm, size_t length) {
 SharedArrayRawBuffer* SharedArrayRawBuffer::Allocate(bool isGrowable,
                                                      size_t length,
                                                      size_t maxLength) {
-  MOZ_RELEASE_ASSERT(length <= ArrayBufferObject::MaxByteLength);
-  MOZ_RELEASE_ASSERT(maxLength <= ArrayBufferObject::MaxByteLength);
+  MOZ_RELEASE_ASSERT(length <= ArrayBufferObject::ByteLengthLimit);
+  MOZ_RELEASE_ASSERT(maxLength <= ArrayBufferObject::ByteLengthLimit);
   MOZ_ASSERT_IF(!isGrowable, length == maxLength);
   MOZ_ASSERT_IF(isGrowable, length <= maxLength);
 
@@ -84,7 +84,7 @@ WasmSharedArrayRawBuffer* WasmSharedArrayRawBuffer::AllocateWasm(
   MOZ_ASSERT(initialPages.hasByteLength());
   size_t length = initialPages.byteLength();
 
-  MOZ_RELEASE_ASSERT(length <= ArrayBufferObject::MaxByteLength);
+  MOZ_RELEASE_ASSERT(length <= ArrayBufferObject::ByteLengthLimit);
 
   size_t accessibleSize = WasmSharedArrayAccessibleSize(length);
   if (accessibleSize < length) {
@@ -144,7 +144,7 @@ bool WasmSharedArrayRawBuffer::wasmGrowToPagesInPlace(const Lock&,
     return false;
   }
   MOZ_ASSERT(newPages <= wasm::MaxMemoryPages(t) &&
-             newPages.byteLength() <= ArrayBufferObject::MaxByteLength);
+             newPages.byteLength() <= ArrayBufferObject::ByteLengthLimit);
 
   // We have checked against the clamped maximum and so we know we can convert
   // to byte lengths now.
@@ -471,7 +471,7 @@ bool SharedArrayBufferObject::class_constructor(JSContext* cx, unsigned argc,
 
   // 24.2.1.1, step 3 (Inlined 6.2.7.2 CreateSharedByteDataBlock, step 2).
   // Refuse to allocate too large buffers.
-  if (byteLength > ArrayBufferObject::MaxByteLength) {
+  if (byteLength > ArrayBufferObject::ByteLengthLimit) {
     JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
                               JSMSG_SHARED_ARRAY_BAD_LENGTH);
     return false;
@@ -796,7 +796,7 @@ JS_PUBLIC_API void JS::GetSharedArrayBufferLengthAndData(JSObject* obj,
 JS_PUBLIC_API JSObject* JS::NewSharedArrayBuffer(JSContext* cx, size_t nbytes) {
   MOZ_ASSERT(cx->realm()->creationOptions().getSharedMemoryAndAtomicsEnabled());
 
-  if (nbytes > ArrayBufferObject::MaxByteLength) {
+  if (nbytes > ArrayBufferObject::ByteLengthLimit) {
     JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
                               JSMSG_SHARED_ARRAY_BAD_LENGTH);
     return nullptr;

js/src/vm/StructuredClone.cpp

@@ -2621,8 +2621,8 @@ bool JSStructuredCloneReader::readTypedArray(uint32_t arrayType,
   }
 
   // Ensure invalid 64-bit values won't be truncated below.
-  if (nelems > ArrayBufferObject::MaxByteLength ||
-      byteOffset > ArrayBufferObject::MaxByteLength) {
+  if (nelems > ArrayBufferObject::ByteLengthLimit ||
+      byteOffset > ArrayBufferObject::ByteLengthLimit) {
     JS_ReportErrorNumberASCII(context(), GetErrorMessage, nullptr,
                               JSMSG_SC_BAD_SERIALIZED_DATA,
                               "invalid typed array length or offset");
@@ -2703,8 +2703,8 @@ bool JSStructuredCloneReader::readDataView(uint64_t byteLength,
   }
 
   // Ensure invalid 64-bit values won't be truncated below.
-  if (byteLength > ArrayBufferObject::MaxByteLength ||
-      byteOffset > ArrayBufferObject::MaxByteLength) {
+  if (byteLength > ArrayBufferObject::ByteLengthLimit ||
+      byteOffset > ArrayBufferObject::ByteLengthLimit) {
     JS_ReportErrorNumberASCII(context(), GetErrorMessage, nullptr,
                               JSMSG_SC_BAD_SERIALIZED_DATA,
                               "invalid DataView length or offset");
@@ -2753,8 +2753,8 @@ bool JSStructuredCloneReader::readArrayBuffer(StructuredDataType type,
 
   // The maximum ArrayBuffer size depends on the platform, and we cast to size_t
   // below, so we have to check this here.
-  if (nbytes > ArrayBufferObject::MaxByteLength ||
-      maxbytes > ArrayBufferObject::MaxByteLength) {
+  if (nbytes > ArrayBufferObject::ByteLengthLimit ||
+      maxbytes > ArrayBufferObject::ByteLengthLimit) {
     JS_ReportErrorNumberASCII(context(), GetErrorMessage, nullptr,
                               JSMSG_BAD_ARRAY_LENGTH);
     return false;
@@ -2799,7 +2799,7 @@ bool JSStructuredCloneReader::readSharedArrayBuffer(StructuredDataType type,
 
   // The maximum ArrayBuffer size depends on the platform, and we cast to size_t
   // below, so we have to check this here.
-  if (byteLength > ArrayBufferObject::MaxByteLength) {
+  if (byteLength > ArrayBufferObject::ByteLengthLimit) {
     JS_ReportErrorNumberASCII(context(), GetErrorMessage, nullptr,
                               JSMSG_BAD_ARRAY_LENGTH);
     return false;
@@ -3395,7 +3395,7 @@ bool JSStructuredCloneReader::readTransferMap() {
         return false;
       }
 
-      MOZ_RELEASE_ASSERT(extraData <= ArrayBufferObject::MaxByteLength);
+      MOZ_RELEASE_ASSERT(extraData <= ArrayBufferObject::ByteLengthLimit);
       size_t nbytes = extraData;
 
       MOZ_ASSERT(data == JS::SCTAG_TMO_ALLOC_DATA ||