WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
13517
DOM Exception 8 in finance.aol.com sub-page
https://bugs.webkit.org/show_bug.cgi?id=13517
Summary
DOM Exception 8 in finance.aol.com sub-page
Charles Gaudette
Reported
2007-04-26 21:23:39 PDT
Using WebKit
r21131
Terminal, and the JavaScript Console, report two back-to-back lines: <DATE> <TIME> Safari[PID] ERROR : NOT_FOUND_ERR: DOM Exception 8 <DATE> <TIME> Safari[PID] ERROR : NOT_FOUND_ERR: DOM Exception 8
Attachments
reduction
(139 bytes, text/html)
2007-07-12 10:09 PDT
,
Alexey Proskuryakov
no flags
Details
Proposed patch
(67.97 KB, patch)
2007-07-12 19:07 PDT
,
Cameron Zwarich (cpst)
no flags
Details
Formatted Diff
Diff
Revised proposed patch
(73.34 KB, patch)
2007-07-13 03:56 PDT
,
Cameron Zwarich (cpst)
no flags
Details
Formatted Diff
Diff
Revised proposed patch
(32.64 KB, patch)
2007-07-13 23:16 PDT
,
Cameron Zwarich (cpst)
darin
: review+
Details
Formatted Diff
Diff
Show Obsolete
(2)
View All
Add attachment
proposed patch, testcase, etc.
Mark Rowe (bdash)
Comment 1
2007-04-26 22:03:21 PDT
Confirmed. This doesn't appear to break any functionality of the page, but something is clearly going wrong.
Charles Gaudette
Comment 2
2007-07-10 13:12:40 PDT
Update: Still a bug; with Safari 3.0.2 beta and
r24131
build on Mac -- exactly 300 revs later. Clearly one of the problems with is bug is that "ERROR : NOT_FOUND_ERR: DOM Exception 8" is not a very helpful message.
David Kilzer (:ddkilzer)
Comment 3
2007-07-10 22:01:42 PDT
This is not a regression as the same thing happens with Safari 2.0.4 (419.3) with its original WebKit on Mac OS 10.4.10 (8R218).
Alexey Proskuryakov
Comment 4
2007-07-12 10:09:09 PDT
Created
attachment 15487
[details]
reduction
Cameron Zwarich (cpst)
Comment 5
2007-07-12 19:07:17 PDT
Created
attachment 15495
[details]
Proposed patch Here is a patch that fixes the bug. The problem was in VarDeclNode::evaluate. If a binding already exists in the shallowest scope, then a var declaration should do nothing, except possibly assign to it if there is an initializer. The check was there, but only for var declarations without initializers. Hence, when there was already a binding in the shallowest scope from the combination of try / throw, it incorrectly did not assign to it, and instead caused some strange behaviour. This patch also fixes
bug 14237
and the test js1_5/Scope/regress-185485.js, which does not include any examples with 'try' and 'catch', only examples using 'with'. Perhaps we should also include Alexey's example as an additional regression test. In the patched expected.html there is a recorded failure of the test ecma/Date/15.9.5.12-6.js, but this has been failing for a while. Should have I edited this out of the diff somehow, or simply not included the changed file?
Cameron Zwarich (cpst)
Comment 6
2007-07-13 03:56:58 PDT
Created
attachment 15499
[details]
Revised proposed patch Here is a revised version of my patch. It fixes one coding style issue, and a regression on the test fast/js/const (the build was broken, so I submitted it only using the old JS tests). I added test cases for these two bugs. Alexey asked me why I copied the arguments check that was introduced in the patch for
bug 13456
in addition to the first check, so I added test cases to fast/js/vardecl-preserve-arguments that would fail if that second check weren't there. When fast/js/const failed, I fixed it by adding code to apply the ReadOnly attribute. In the process of doing so, I found a few existing bugs in the handling of const (that this patch neither introduces nor fixes). In particular, the following are allowed: var x = 1; const x = 2; const y = 1; const y = 2; There are some more elaborate ones than this, but I will file them all as a separate bug and include a fix. I simply wanted to mention it here because it is more apparent after looking at the code in this patch.
Oliver Hunt
Comment 7
2007-07-13 22:36:56 PDT
Comment on
attachment 15499
[details]
Revised proposed patch You should use ASSERT rather than assert I'd also prefer a for loop over the do-while in + do { + base = *iter; + if (base->getPropertySlot(exec, ident, slot)) + break; + + ++iter; + } while (iter != end); The test cases scare the hell out of me, i'd much rather there were no failures in the results -- i believe we have an expected failures dir into which you can put tests that you still expect to fail...
Mark Rowe (bdash)
Comment 8
2007-07-13 22:44:52 PDT
The do/while loop that Oliver mentions is a common pattern in nodes.cpp for walking the scope chain. I don't agree with changing it to a for loop.
Cameron Zwarich (cpst)
Comment 9
2007-07-13 23:16:54 PDT
Created
attachment 15512
[details]
Revised proposed patch Here is a revised copy of my proposed patch. I changed the assert to an ASSERT, and I ran the JSCore tests in the right time zone so that no new failures were introduced.
Darin Adler
Comment 10
2007-07-14 09:55:02 PDT
Comment on
attachment 15512
[details]
Revised proposed patch r=me
Mark Rowe (bdash)
Comment 11
2007-07-14 10:09:19 PDT
Landed in
r24287
. I had to tweak the ChangeLog a bit as they were missing some useful information. The LayoutTests one was missing half the files that had been touched, and neither had much information about what exactly was being fixed. It's usually a good idea to include a simple description of the bug being fixed (the Bugzilla title may suffice in some instances), and a brief comment of how the patch fixes it. Have a quick skim through JavaScriptCore/ChangeLog and WebCore/ChangeLog to get a feel for this. Another minor nit was that a tab character snuck into nodes.cpp in your patch -- not a big deal as a pre-commit hook catches them, but it's worth keeping in mind. Thanks for the patch!
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug