Prevent unsafe use of RootedVec containing GC values

As determined in #39766, `RootedVec<JSVal>` is not a safe construct; GC values that live in heap memory need to stored in `Heap` wrappers, which enforces the correct barriers. However, it also isn't safe to use `RootedVec<Heap<JSVal>>` in case the underlying vector moves in memory during resizing.

This is a problem for code that is using a RootedVec to safely create a HandleValueArray; I think we need an alternative RootedArray which is a fixed size with inline memory and can be used with the `rooted!` macro. We should then remove the ability to create a HandleValueArray from a RootedVec and lint against `RootedVec<JSVal>`.

Existing uses that I've found:
* https://github.com/servo/servo/blob/cbff958f63cf3849943770c870dcf4761a41d173/components/script/dom/defaultteeunderlyingsource.rs#L199-L201
* https://github.com/servo/servo/blob/cbff958f63cf3849943770c870dcf4761a41d173/components/script/dom/paintworkletglobalscope.rs#L315-L319
* https://github.com/servo/servo/blob/cbff958f63cf3849943770c870dcf4761a41d173/components/script/dom/paintworkletglobalscope.rs#L323-L329
* https://github.com/servo/servo/blob/cbff958f63cf3849943770c870dcf4761a41d173/components/script/indexed_db.rs#L70

	rooted_vec!(let mut arguments_values);
	for argument in arguments {
	let style_value = CSSStyleValue::new(self.upcast(), argument.clone(), can_gc);
	arguments_values.push(ObjectValue(style_value.reflector().get_jsobject().get()));
	}

	rooted_vec!(let mut callback_args);
	callback_args.push(ObjectValue(
	rendering_context.reflector().get_jsobject().get(),
	));
	callback_args.push(ObjectValue(paint_size.reflector().get_jsobject().get()));
	callback_args.push(ObjectValue(properties.reflector().get_jsobject().get()));
	callback_args.push(ObjectValue(argument_object.get()));

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Prevent unsafe use of RootedVec containing GC values #40141

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

	rooted_vec!(let mut reasons_values);
	reasons_values.push(self.reason_1.get());
	reasons_values.push(self.reason_2.get());

Uh oh!

Prevent unsafe use of RootedVec containing GC values #40141

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions