Closed
Bug 829898
Opened 13 years ago
Closed 12 years ago
Various rooting in jsstr.cpp
Categories
(Core :: JavaScript Engine, defect)
Core
JavaScript Engine
Tracking
()
RESOLVED
FIXED
mozilla21
People
(Reporter: Ms2ger, Assigned: Ms2ger)
References
Details
Attachments
(3 files)
6.30 KB,
patch
|
terrence
:
review+
|
Details | Diff | Splinter Review |
3.75 KB,
patch
|
terrence
:
review+
|
Details | Diff | Splinter Review |
19.69 KB,
patch
|
terrence
:
review+
|
Details | Diff | Splinter Review |
No description provided.
Assignee | ||
Comment 1•13 years ago
|
||
Attachment #701496 -
Flags: review?(terrence)
Assignee | ||
Comment 2•13 years ago
|
||
Attachment #701497 -
Flags: review?(terrence)
Assignee | ||
Comment 3•13 years ago
|
||
Attachment #701498 -
Flags: review?(terrence)
Comment 4•13 years ago
|
||
Comment on attachment 701496 [details] [diff] [review]
Part a: Pass MutableHandleValue to Encode, Decode & TransferBufferToString
Review of attachment 701496 [details] [diff] [review]:
-----------------------------------------------------------------
Nice.
Attachment #701496 -
Flags: review?(terrence) → review+
Comment 5•13 years ago
|
||
Comment on attachment 701497 [details] [diff] [review]
Part b: Pass a HandleLinearString to Encode & Decode and remove pointless OOM check
Review of attachment 701497 [details] [diff] [review]:
-----------------------------------------------------------------
Oh, very nice indeed.
Attachment #701497 -
Flags: review?(terrence) → review+
Comment 6•13 years ago
|
||
Comment on attachment 701498 [details] [diff] [review]
Part c: Root various strings around the file
Review of attachment 701498 [details] [diff] [review]:
-----------------------------------------------------------------
::: js/src/jsstr.cpp
@@ +377,3 @@
> if (!str1)
> return false;
> value.setString(str1);
Make this |value.setString(DropUnrooted(str1));| to end the Unrooted's assertion region before we get to defineElement.
@@ +2692,5 @@
> if (!matches[i + 1].isUndefined()) {
> JSSubString parsub;
> res->getParen(i + 1, &parsub);
> + UnrootedString sub2 = js_NewStringCopyN(cx, parsub.chars, parsub.length);
> + if (!sub2 || !splits.append(StringValue(DropUnrooted(sub2))))
No need for DropUnrooted here: sub2 is going to go out of scope before we can GC.
@@ -2917,5 @@
> if (!str)
> return false;
> }
>
> -out:
\o/
@@ +2952,5 @@
> str_slice(JSContext *cx, unsigned argc, Value *vp)
> {
> CallArgs args = CallArgsFromVp(argc, vp);
>
> + // Common case.
That doesn't look like a spec step to me ;-). Lets leave this out.
@@ +2957,2 @@
> if (args.length() == 1 && args.thisv().isString() && args[0].isInt32()) {
> + RootedString str(cx, args.thisv().toString());
This is a fast path with an obvious rooting story, so just make this RawString and we'll let the rooting analysis protect it.
Attachment #701498 -
Flags: review?(terrence) → review+
Assignee | ||
Comment 7•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/11192d6d324d
https://hg.mozilla.org/mozilla-central/rev/0bf4b7cd6f82
https://hg.mozilla.org/mozilla-central/rev/6d2b3fff3628
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Flags: in-testsuite-
Resolution: --- → FIXED
Target Milestone: --- → mozilla21
Comment 8•12 years ago
|
||
You need to log in
before you can comment on or make changes to this bug.
Description
•