Summary: | Add liveness tests to JSC API entry points | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Oliver Hunt <oliver> | ||||||
Component: | New Bugs | Assignee: | Oliver Hunt <oliver> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | Normal | CC: | ggaren | ||||||
Priority: | P2 | ||||||||
Version: | 528+ (Nightly build) | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Attachments: |
|
Description
Oliver Hunt
2013-04-09 16:21:09 PDT
Created attachment 197185 [details]
Patch
Committed r148062: <http://trac.webkit.org/changeset/148062> Reopening to attach new patch. Created attachment 197191 [details]
Patch
Comment on attachment 197191 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=197191&action=review > Source/JavaScriptCore/API/JSObjectRef.cpp:343 > void* JSObjectGetPrivate(JSObjectRef object) > { > - JSObject* jsObject = toJS(object); > + JSObject* jsObject = unsafeToJS(object); Why does GetPrivate need to use the unsafe function? (In reply to comment #5) > (From update of attachment 197191 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=197191&action=review > > > Source/JavaScriptCore/API/JSObjectRef.cpp:343 > > void* JSObjectGetPrivate(JSObjectRef object) > > { > > - JSObject* jsObject = toJS(object); > > + JSObject* jsObject = unsafeToJS(object); > > Why does GetPrivate need to use the unsafe function? It's called by finalizers when (by definition) the structure chain for an object may no longer be perfect :-/ Somewhat annoying, but this still covers the majority of cases. > > Why does GetPrivate need to use the unsafe function?
>
> It's called by finalizers when (by definition) the structure chain for an object may no longer be perfect :-/
OK. You should add a comment that explains that detail.
Also, let's rename the function to "uncheckedToJS". It's always safe to call the function, it just does less checking.
Comment on attachment 197191 [details]
Patch
r=me with those changes
Committed r148073: <http://trac.webkit.org/changeset/148073> This has caused (or maybe uncovered) bug 114341. |