Closed
Bug 1133760
Opened 10 years ago
Closed 10 years ago
Remove unforgeable holders from DOM proxies
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
FIXED
mozilla39
| Tracking | Status | |
|---|---|---|
| firefox39 | --- | fixed |
People
(Reporter: bzbarsky, Assigned: bzbarsky)
References
Details
Attachments
(4 files, 5 obsolete files)
|
1.60 KB,
patch
|
peterv
:
review+
|
Details | Diff | Splinter Review |
|
4.31 KB,
patch
|
Details | Diff | Splinter Review | |
|
34.31 KB,
patch
|
peterv
:
review+
|
Details | Diff | Splinter Review |
|
1.61 KB,
patch
|
Details | Diff | Splinter Review |
Right now, we have a setup for DOM proxies where unforgeable props are stored on a special "unforgeable holder" object that hangs off the proto.
I'm going to remove this and put the props on the object itself (so on the expando object). This should be fine, because the only proxy we have with unforgeables is HTMLDocument, and it's not like we have tons of those around.
|
Assignee | |
Comment 1•10 years ago
|
||
Attachment #8565490 -
Flags: review?(peterv)
|
|
Assignee | |
Comment 2•10 years ago
|
||
Attachment #8565491 -
Flags: review?(peterv)
|
|
Assignee | |
Updated•10 years ago
|
Assignee: nobody → bzbarsky
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 3•10 years ago
|
||
Apart from the removal of sharedRoot, the only changes to generated code are in HTMLDocumentBinding.cpp and ImageDocumentBinding.cpp. This is a diff of the former; the latter is much the same.
|
|
Assignee | |
Comment 4•10 years ago
|
||
Attachment #8565559 -
Flags: review?(peterv)
|
|
Assignee | |
Updated•10 years ago
|
Attachment #8565491 -
Attachment is obsolete: true
Attachment #8565491 -
Flags: review?(peterv)
|
|
Assignee | |
Comment 5•10 years ago
|
||
This has those ReleaseWrapper fixes we discussed on IRC.
Attachment #8565492 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 6•10 years ago
|
||
Attachment #8566660 -
Flags: review?(peterv)
|
|
Assignee | |
Updated•10 years ago
|
Attachment #8565559 -
Attachment is obsolete: true
Attachment #8565559 -
Flags: review?(peterv)
|
|
Assignee | |
Comment 7•10 years ago
|
||
This fixes the problem caught by the second part of the test: named getters can interfere with defineProperty on the proxy, so we really do want to define unforgeables directly on the expando object in the proxy case.
|
|
Assignee | |
Updated•10 years ago
|
Attachment #8565560 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 8•10 years ago
|
||
OK. There is in fact still an issue here, not even counting the bits in bug 928336 that might mean we want to hold on to the holder.
In particular, for the non-proxy case we really do want to define unforgeable stuff before we SetWrapper. Otherwise the unforgeable bits trigger wrapper preservation...
|
|
Assignee | |
Comment 9•10 years ago
|
||
Oh, and for proxies, simply creating the expando object triggers wrapper preservation. And there's no other obvious place to put it where it won't be slow.
Maybe we just need to have different ordering for the SetWrapper() calls in the proxy and non-proxy cases. I think that should be ok.
|
|
Assignee | |
Comment 10•10 years ago
|
||
|
|
Assignee | |
Updated•10 years ago
|
Attachment #8566660 -
Attachment is obsolete: true
Attachment #8566660 -
Flags: review?(peterv)
|
|
Assignee | |
Comment 11•10 years ago
|
||
|
|
Assignee | |
Updated•10 years ago
|
Attachment #8567927 -
Flags: review?(peterv)
|
||
Updated•10 years ago
|
Attachment #8565490 -
Flags: review?(peterv) → review+
|
|
||
Updated•10 years ago
|
Attachment #8567927 -
Flags: review?(peterv) → review+
|
|
Assignee | |
Comment 12•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/1b8c313a2586
https://hg.mozilla.org/mozilla-central/rev/6f320d0be370
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
status-firefox39:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla39
|
||
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•