Closed
Bug 512389
Opened 15 years ago
Closed 15 years ago
Remove JSStackFrame::xmlNamespace
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
FIXED
| Tracking | Status | |
|---|---|---|
| status1.9.2 | --- | beta1-fixed |
People
(Reporter: dvander, Unassigned)
References
Details
(Whiteboard: fixed-in-tracemonkey)
Attachments
(1 file)
|
6.68 KB,
patch
|
brendan
:
review+
|
Details | Diff | Splinter Review |
No description provided.
|
Reporter | |
Comment 1•15 years ago
|
||
Here's my attempt at this after talking to Brendan. It passes the E4X tests. I added an assert in js_GetDefaultXmlNamespace because it seemed like obj could not be NULL - if I'm wrong, please let me know what to use there instead.
Attachment #396375 -
Flags: review?(brendan)
|
||
Updated•15 years ago
|
Attachment #396375 -
Flags: review?(brendan) → review+
|
|
||
Comment 2•15 years ago
|
||
Comment on attachment 396375 [details] [diff] [review] patch >+++ b/js/src/jsparse.cpp >@@ -5410,6 +5410,8 @@ > JSMSG_BAD_DEFAULT_XML_NAMESPACE); > return NULL; > } >+ /* Is this an E4X dagger I see before me? */ >+ tc->flags |= TCF_FUN_HEAVYWEIGHT; Hee hee -- but add a blank line before the comment. Need at least [defaults] diff = -U 8 -p and probably [diff] git = 1 showfunc = true in your .hgrc still: >@@ -7577,11 +7577,6 @@ > jsval v; > > fp = js_GetTopStackFrame(cx); > > obj = NULL; > for (tmp = fp->scopeChain; tmp; tmp = OBJ_GET_PARENT(cx, tmp)) { >@@ -7591,23 +7586,21 @@ > if (!tmp->getProperty(cx, JS_DEFAULT_XML_NAMESPACE_ID, &v)) > return JS_FALSE; > if (!JSVAL_IS_PRIMITIVE(v)) { >- fp->xmlNamespace = JSVAL_TO_OBJECT(v); > *vp = v; > return JS_TRUE; > } > obj = tmp; > } > >+ JS_ASSERT(obj); Don't add the assert, we'd prefer a null deref crash below -- but you are right that the loop exits only when tmp is null where tmp = OBJ_GET_PARENT(cx, obj), *and* (crucial point, so it could be a do-while but test-at-top is best here) fp->scopeChain is never null, so obj must be non-null. > ns = js_ConstructObject(cx, &js_NamespaceClass.base, NULL, obj, 0, NULL); > if (!ns) > return JS_FALSE; > v = OBJECT_TO_JSVAL(ns); >- if (obj && >- !obj->defineProperty(cx, JS_DEFAULT_XML_NAMESPACE_ID, v, JS_PropertyStub, JS_PropertyStub, >+ if (!obj->defineProperty(cx, JS_DEFAULT_XML_NAMESPACE_ID, v, JS_PropertyStub, JS_PropertyStub, > JSPROP_PERMANENT, NULL)) { > return JS_FALSE; Good change, better than being paranoid as I was in 2004 about null scope chains. >@@ -7628,15 +7621,11 @@ > > fp = js_GetTopStackFrame(cx); > varobj = fp->varobj; >- if (varobj) { >- if (!varobj->defineProperty(cx, JS_DEFAULT_XML_NAMESPACE_ID, v, >- JS_PropertyStub, JS_PropertyStub, JSPROP_PERMANENT, NULL)) { >- return JS_FALSE; >- } >- } else { >- JS_ASSERT(fp->fun && !JSFUN_HEAVYWEIGHT_TEST(fp->fun->flags)); >- } >- fp->xmlNamespace = JSVAL_TO_OBJECT(v); >+ JS_ASSERT(varobj); >+ if (!varobj->defineProperty(cx, JS_DEFAULT_XML_NAMESPACE_ID, v, >+ JS_PropertyStub, JS_PropertyStub, JSPROP_PERMANENT, NULL)) { >+ return JS_FALSE; >+ } Ditto, again no need to assert non-null just before dereferencing. r=me with these nitpicks. Thanks for doing this! /be
|
|
Reporter | |
Comment 3•15 years ago
|
||
(In reply to comment #2) > [diff] > git = 1 > showfunc = true Was missing this, thanks. Pushed http://hg.mozilla.org/tracemonkey/rev/0d4455046e03 with nits.
Whiteboard: fixed-in-tracemonkey
|
||
Comment 4•15 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/0d4455046e03
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
|
||
Comment 5•15 years ago
|
||
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/4027504879f2
status1.9.2:
--- → beta1-fixed
Flags: wanted1.9.2+
You need to log in
before you can comment on or make changes to this bug.
Description
•