Closed Bug 575024 Opened 11 years ago Closed 11 years ago

JSObject::resizeDenseArrayElements comparison is always false due to limited range of data type

Categories

(Core :: JavaScript Engine, defect)

x86_64
macOS
defect
Not set
normal

Tracking

()

RESOLVED FIXED
Tracking Status
blocking2.0 --- betaN+
status1.9.2 --- .13-fixed
status1.9.1 --- .17-fixed

People

(Reporter: timeless, Assigned: dveditz)

References

Details

Attachments

(2 files)

js/src/jsarray.cpp: In member function ‘bool JSObject::resizeDenseArrayElements(JSContext*, uint32, uint32, bool)’:
340: warning: comparison is always false due to limited range of data type
Attached patch patchSplinter Review
Attachment #454320 - Flags: review?(dvander)
Attachment #454320 - Flags: review?(dvander) → review+
blocking2.0: --- → ?
http://hg.mozilla.org/mozilla-central/rev/eece34b864ed
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
blocking2.0: ? → betaN+
Comment on attachment 454320 [details] [diff] [review]
patch

Nice safe stability win for branches.
Attachment #454320 - Flags: approval1.9.2.12?
Attachment #454320 - Flags: approval1.9.1.15?
Attachment #454320 - Flags: approval1.9.2.12?
Attachment #454320 - Flags: approval1.9.2.12+
Attachment #454320 - Flags: approval1.9.1.15?
Attachment #454320 - Flags: approval1.9.1.15+
Whiteboard: [needs branch check-in]
Comment on attachment 454320 [details] [diff] [review]
patch

patch doesn't apply on 1.9.1 because, trivially, the param was called "size" rather than "newlen", but also there is no MAX_DSLOTS_LENGTH32. Also the function patched is static ResizeSlots() rather than JSObject::resizeDesnseArrayElements() but that probably doesn't matter.
Attachment #454320 - Flags: approval1.9.1.16+ → approval1.9.1.16-
Attached patch 1.9.1 portSplinter Review
Attachment #494601 - Flags: review?
Attachment #494601 - Flags: review? → review?(dvander)
Attachment #494601 - Flags: approval1.9.1.17?
Attachment #494601 - Flags: approval1.9.1.16?
Comment on attachment 494601 [details] [diff] [review]
1.9.1 port

Got verbal r+ from dvander
Attachment #494601 - Flags: review?(dvander) → review+
Comment on attachment 494601 [details] [diff] [review]
1.9.1 port

Not going to respin 1.9.1.16 so .17 it is.
Attachment #494601 - Flags: approval1.9.1.17?
Attachment #494601 - Flags: approval1.9.1.17+
Attachment #494601 - Flags: approval1.9.1.16?
Assignee: timeless → dveditz
reassigning to myself so i remember to land it this time.
You need to log in before you can comment on or make changes to this bug.