JSObject::resizeDenseArrayElements comparison is always false due to limited range of data type

RESOLVED FIXED

Status

()

Core
JavaScript Engine
RESOLVED FIXED
7 years ago
6 years ago

People

(Reporter: timeless, Assigned: dveditz)

Tracking

Trunk
x86_64
Mac OS X
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(blocking2.0 betaN+, status1.9.2 .13-fixed, status1.9.1 .17-fixed)

Details

Attachments

(2 attachments)

(Reporter)

Description

7 years ago
js/src/jsarray.cpp: In member function ‘bool JSObject::resizeDenseArrayElements(JSContext*, uint32, uint32, bool)’:
340: warning: comparison is always false due to limited range of data type
(Reporter)

Comment 1

7 years ago
Created attachment 454320 [details] [diff] [review]
patch
Attachment #454320 - Flags: review?(dvander)
Attachment #454320 - Flags: review?(dvander) → review+
blocking2.0: --- → ?
(Reporter)

Comment 2

7 years ago
http://hg.mozilla.org/mozilla-central/rev/eece34b864ed
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED

Updated

7 years ago
blocking2.0: ? → betaN+
(Assignee)

Updated

7 years ago
Blocks: 599607
(Assignee)

Comment 3

7 years ago
Comment on attachment 454320 [details] [diff] [review]
patch

Nice safe stability win for branches.
Attachment #454320 - Flags: approval1.9.2.12?
Attachment #454320 - Flags: approval1.9.1.15?

Updated

7 years ago
Attachment #454320 - Flags: approval1.9.2.12?
Attachment #454320 - Flags: approval1.9.2.12+
Attachment #454320 - Flags: approval1.9.1.15?
Attachment #454320 - Flags: approval1.9.1.15+
(Assignee)

Updated

7 years ago
Whiteboard: [needs branch check-in]
(Assignee)

Comment 4

7 years ago
Comment on attachment 454320 [details] [diff] [review]
patch

patch doesn't apply on 1.9.1 because, trivially, the param was called "size" rather than "newlen", but also there is no MAX_DSLOTS_LENGTH32. Also the function patched is static ResizeSlots() rather than JSObject::resizeDesnseArrayElements() but that probably doesn't matter.
Attachment #454320 - Flags: approval1.9.1.16+ → approval1.9.1.16-
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/1207bf8fed24
status1.9.2: --- → .13-fixed
Whiteboard: [needs branch check-in]
(Assignee)

Comment 6

7 years ago
Created attachment 494601 [details] [diff] [review]
1.9.1 port
Attachment #494601 - Flags: review?
(Assignee)

Updated

7 years ago
Attachment #494601 - Flags: review? → review?(dvander)
(Assignee)

Updated

7 years ago
Attachment #494601 - Flags: approval1.9.1.17?
(Assignee)

Updated

7 years ago
Attachment #494601 - Flags: approval1.9.1.16?
(Assignee)

Comment 7

7 years ago
Comment on attachment 494601 [details] [diff] [review]
1.9.1 port

Got verbal r+ from dvander
Attachment #494601 - Flags: review?(dvander) → review+
(Assignee)

Comment 8

7 years ago
Comment on attachment 494601 [details] [diff] [review]
1.9.1 port

Not going to respin 1.9.1.16 so .17 it is.
Attachment #494601 - Flags: approval1.9.1.17?
Attachment #494601 - Flags: approval1.9.1.17+
Attachment #494601 - Flags: approval1.9.1.16?
(Assignee)

Updated

7 years ago
status1.9.1: --- → wanted
(Assignee)

Updated

7 years ago
Assignee: timeless → dveditz
(Assignee)

Comment 9

7 years ago
reassigning to myself so i remember to land it this time.
(Assignee)

Comment 10

6 years ago
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/ed88e6a66ef9
status1.9.1: wanted → .17-fixed
You need to log in before you can comment on or make changes to this bug.