From 1ff6c4f9aa52fa9dca5a370e30e92ad45549217b Mon Sep 17 00:00:00 2001
From: Anthony Ramine <n.oxyde@gmail.com>
Date: Tue, 26 Sep 2017 15:38:10 +0200
Subject: [PATCH 1/2] Make DomRoot::new unsafe

---
 components/script/dom/bindings/refcounted.rs | 3 +--
 components/script/dom/bindings/root.rs       | 6 +++---
 components/script/dom/bindings/weakref.rs    | 4 +++-
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/components/script/dom/bindings/refcounted.rs b/components/script/dom/bindings/refcounted.rs
index 02f6784fb2f..795847a8f5a 100644
--- a/components/script/dom/bindings/refcounted.rs
+++ b/components/script/dom/bindings/refcounted.rs
@@ -22,7 +22,6 @@
 //! its hash table during the next GC. During GC, the entries of the hash table are counted
 //! as JS roots.
 
-use core::nonzero::NonZero;
 use dom::bindings::conversions::ToJSValConvertible;
 use dom::bindings::error::Error;
 use dom::bindings::reflector::{DomObject, Reflector};
@@ -185,7 +184,7 @@ impl<T: DomObject> Trusted<T> {
             self.owner_thread == (&*live_references) as *const _ as *const libc::c_void
         }));
         unsafe {
-            DomRoot::new(NonZero::new_unchecked(self.refcount.0 as *const T))
+            DomRoot::from_ref(&*(self.refcount.0 as *const T))
         }
     }
 }
diff --git a/components/script/dom/bindings/root.rs b/components/script/dom/bindings/root.rs
index 1a81965fef9..3a6a3521132 100644
--- a/components/script/dom/bindings/root.rs
+++ b/components/script/dom/bindings/root.rs
@@ -591,11 +591,11 @@ impl<T: DomObject> DomRoot<T> {
     /// Create a new stack-bounded root for the provided JS-owned value.
     /// It cannot outlive its associated `RootCollection`, and it gives
     /// out references which cannot outlive this new `Root`.
-    pub fn new(unrooted: NonZero<*const T>) -> DomRoot<T> {
+    pub unsafe fn new(unrooted: NonZero<*const T>) -> DomRoot<T> {
         debug_assert!(thread_state::get().is_script());
         STACK_ROOTS.with(|ref collection| {
             let RootCollectionPtr(collection) = collection.get().unwrap();
-            unsafe { (*collection).root(&*(*unrooted.get()).reflector()) }
+            (*collection).root(&*(*unrooted.get()).reflector())
             DomRoot {
                 ptr: unrooted,
                 root_list: collection,
@@ -605,7 +605,7 @@ impl<T: DomObject> DomRoot<T> {
 
     /// Generate a new root from a reference
     pub fn from_ref(unrooted: &T) -> DomRoot<T> {
-        DomRoot::new(unsafe { NonZero::new_unchecked(unrooted) })
+        unsafe { DomRoot::new(NonZero::new_unchecked(unrooted)) }
     }
 }
 
diff --git a/components/script/dom/bindings/weakref.rs b/components/script/dom/bindings/weakref.rs
index 6ece47cea3b..885fa62cdc1 100644
--- a/components/script/dom/bindings/weakref.rs
+++ b/components/script/dom/bindings/weakref.rs
@@ -86,7 +86,9 @@ impl<T: WeakReferenceable> WeakRef<T> {
 
     /// DomRoot a weak reference. Returns `None` if the object was already collected.
     pub fn root(&self) -> Option<DomRoot<T>> {
-        unsafe { &*self.ptr.get() }.value.get().map(DomRoot::new)
+        unsafe { &*self.ptr.get() }.value.get().map(|ptr| unsafe {
+            DomRoot::from_ref(&*ptr.get())
+        })
     }
 
     /// Return whether the weakly-referenced object is still alive.

From 9ea645481b62b52c638c5fe3ccebb2518509ce37 Mon Sep 17 00:00:00 2001
From: Anthony Ramine <n.oxyde@gmail.com>
Date: Tue, 26 Sep 2017 16:10:57 +0200
Subject: [PATCH 2/2] Store a Dom<T> in DomRoot<T>

---
 components/script/dom/bindings/root.rs | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/components/script/dom/bindings/root.rs b/components/script/dom/bindings/root.rs
index 3a6a3521132..251b17c3054 100644
--- a/components/script/dom/bindings/root.rs
+++ b/components/script/dom/bindings/root.rs
@@ -558,10 +558,11 @@ pub unsafe fn trace_roots(tracer: *mut JSTracer) {
 /// are additive, so this object's destruction will not invalidate other roots
 /// for the same JS value. `Root`s cannot outlive the associated
 /// `RootCollection` object.
+#[allow(unrooted_must_root)]
 #[allow_unrooted_interior]
 pub struct DomRoot<T: DomObject> {
     /// Reference to rooted value that must not outlive this container
-    ptr: NonZero<*const T>,
+    ptr: Dom<T>,
     /// List that ensures correct dynamic root ordering
     root_list: *const RootCollection,
 }
@@ -591,11 +592,12 @@ impl<T: DomObject> DomRoot<T> {
     /// Create a new stack-bounded root for the provided JS-owned value.
     /// It cannot outlive its associated `RootCollection`, and it gives
     /// out references which cannot outlive this new `Root`.
-    pub unsafe fn new(unrooted: NonZero<*const T>) -> DomRoot<T> {
+    #[allow(unrooted_must_root)]
+    unsafe fn new(unrooted: Dom<T>) -> DomRoot<T> {
         debug_assert!(thread_state::get().is_script());
         STACK_ROOTS.with(|ref collection| {
             let RootCollectionPtr(collection) = collection.get().unwrap();
-            (*collection).root(&*(*unrooted.get()).reflector())
+            (*collection).root(unrooted.reflector());
             DomRoot {
                 ptr: unrooted,
                 root_list: collection,
@@ -605,7 +607,7 @@ impl<T: DomObject> DomRoot<T> {
 
     /// Generate a new root from a reference
     pub fn from_ref(unrooted: &T) -> DomRoot<T> {
-        unsafe { DomRoot::new(NonZero::new_unchecked(unrooted)) }
+        unsafe { DomRoot::new(Dom::from_ref(unrooted)) }
     }
 }
 
@@ -620,7 +622,7 @@ impl<T: DomObject> Deref for DomRoot<T> {
     type Target = T;
     fn deref(&self) -> &T {
         debug_assert!(thread_state::get().is_script());
-        unsafe { &*self.ptr.get() }
+        &self.ptr
     }
 }