Closed Bug 309389 Opened 19 years ago Closed 12 years ago

Incompatible API change on JS_NewObject

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: celsoaguiar, Unassigned)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6

For that 'if' test we fail, here are the values we're seeing in the app object
creation case (w/o my fix, of course):

proto -> 1

(map = proto->map)->ops == ops  -> 1

(protoclasp = OBJ_GET_CLASS(cx, proto)) == clasp  -> 0
(protoclasp is 'Object', clasp is 'App')

!((protoclasp->flags ^ clasp->flags) &
    (JSCLASS_HAS_PRIVATE | (JSCLASS_RESERVED_SLOTS_MASK <<
JSCLASS_RESERVED_SLOTS_SHIFT)))  -> 0


This is a problem.  If the static reserved slots structure of Object and App
don't match, it's possible that a prototype (Object) method that uses reserved
slots could be called on an App instance, with disastrous results.

Typically you want to delegate to a prototype of the same class as the instance,
but of course you don't have to, and the API used to support what you did
without requiring you to pass an explicit parent param.

Can you file a bug with the information in this message in it?  It's very
helpful.  We should think this through carefully in the bug, and try to restore
lost compatibility.  Thanks,

/be

 	 	
protoclasp->reserveSlots == clasp->reserveSlots   -> 1

   if (proto &&
       (map = proto->map)->ops == ops &&
       ((protoclasp = OBJ_GET_CLASS(cx, proto)) == clasp ||
        (!((protoclasp->flags ^ clasp->flags) &
           (JSCLASS_HAS_PRIVATE |
            (JSCLASS_RESERVED_SLOTS_MASK << JSCLASS_RESERVED_SLOTS_SHIFT))) &&
         protoclasp->reserveSlots == clasp->reserveSlots)))

Celso

 	 	/be


Reproducible: Always

Steps to Reproduce:
1. Call JS_NewObject, don't provide a parent, make sure protoclasp != clasp
2. Further calls to children methods of your object will not find Function's
methods (apply, call, toString)


Actual Results:  
Further calls to children methods of your object will not find Function's
methods (apply, call, toString)

Expected Results:  
Be able to see those functions
This is real.  Compatibility is hard.

/be
Status: UNCONFIRMED → NEW
Ever confirmed: true
> 1. Call JS_NewObject, don't provide a parent, make sure protoclasp != clasp

You need more: the classes must differ in whether there's a private slot, or the
number of reserved slots, or the reserveSlots function pointer.

/be
Flags: testcase-
Flags: blocking1.9a1?
Flags: blocking1.9a1? → blocking1.9-
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.