Closed Bug 580084 Opened 15 years ago Closed 15 years ago

JS_InitClass with no methods or properties breaks JSScope::emptyScope invariant

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Version:
Other Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: jorendorff, Assigned: jorendorff)

Details

(Whiteboard: [fixed-in-tracemonkey])

Attachments

(1 file)

v1
2.54 KB, patch
brendan
: review+
Details | Diff | Splinter Review
js_InitClass says: 3518 if (!proto->scope()->ensureEmptyScope(cx, clasp)) 3519 goto bad; without first ensuring that proto->scope() is mutable. This causes an assertion during GC in debug builds if you manually hack JS_SetGCZeal(cx, 2) into jsapi-tests/tests.h. Easy patch coming.
Attached patch v1Splinter Review
(Locking here, because we may have called the constructor on this proto, which could have executed code on another context or whatever.)
Assignee: general → jorendorff
Attachment #458470 - Flags: review?(brendan)
Comment on attachment 458470 [details] [diff] [review] v1 Hurt me with more conflicts in my mq for bug 558451 -- all good ;-). /be
Attachment #458470 - Flags: review?(brendan) → review+
http://hg.mozilla.org/tracemonkey/rev/7fd49595dc3a
Whiteboard: [fixed-in-tracemonkey]
http://hg.mozilla.org/mozilla-central/rev/7fd49595dc3a
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: