corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1013663 - Fix some bad implicit conversion constructors in the JS engine; r=jorendorff,jandem

Browse Source
This commit is contained in:
Ehsan Akhgari
2014-05-25 21:46:24 -04:00
parent 5bcd509591
commit 5292a10a42
188 changed files with 847 additions and 837 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
js/src/jsobj.cpp
View File

@@ -1506,7 +1506,7 @@ js::NewObjectWithClassProtoCommon(ExclusiveContext *cxArg,
gc::AllocKind allocKind, NewObjectKind newKind)
{
if (protoArg)
return NewObjectWithGivenProto(cxArg, clasp, protoArg, parentArg, allocKind, newKind);
return NewObjectWithGivenProto(cxArg, clasp, TaggedProto(protoArg), parentArg, allocKind, newKind);
if (CanBeFinalizedInBackground(allocKind, clasp))
allocKind = GetBackgroundAllocKind(allocKind);
@@ -1555,7 +1555,8 @@ js::NewObjectWithClassProtoCommon(ExclusiveContext *cxArg,
if (!FindProto(cxArg, clasp, &proto))
return nullptr;
types::TypeObject *type = cxArg->getNewType(clasp, proto.get());
Rooted<TaggedProto> taggedProto(cxArg, TaggedProto(proto));
types::TypeObject *type = cxArg->getNewType(clasp, taggedProto);
if (!type)
return nullptr;
@@ -1667,7 +1668,7 @@ CreateThisForFunctionWithType(JSContext *cx, HandleTypeObject type, JSObject *pa
if (!res)
return nullptr;
if (newKind == SingletonObject) {
Rooted<TaggedProto> proto(cx, templateObject->getProto());
Rooted<TaggedProto> proto(cx, TaggedProto(templateObject->getProto()));
if (!res->splicePrototype(cx, &JSObject::class_, proto))
return nullptr;
} else {
@@ -1687,7 +1688,7 @@ js::CreateThisForFunctionWithProto(JSContext *cx, HandleObject callee, JSObject
RootedObject res(cx);
if (proto) {
RootedTypeObject type(cx, cx->getNewType(&JSObject::class_, proto, &callee->as<JSFunction>()));
RootedTypeObject type(cx, cx->getNewType(&JSObject::class_, TaggedProto(proto), &callee->as<JSFunction>()));
if (!type)
return nullptr;
res = CreateThisForFunctionWithType(cx, type, callee->getParent(), newKind);
@@ -1954,7 +1955,7 @@ js::DeepCloneObjectLiteral(JSContext *cx, HandleObject obj, NewObjectKind newKin
if (!typeObj)
return nullptr;
RootedObject parent(cx, obj->getParent());
clone = NewObjectWithGivenProto(cx, &JSObject::class_, typeObj->proto().toObject(),
clone = NewObjectWithGivenProto(cx, &JSObject::class_, TaggedProto(typeObj->proto().toObject()),
parent, kind, newKind);
}
@@ -2213,7 +2214,7 @@ JSObject *
js::CloneObjectLiteral(JSContext *cx, HandleObject parent, HandleObject srcObj)
{
Rooted<TypeObject*> typeObj(cx);
typeObj = cx->getNewType(&JSObject::class_, cx->global()->getOrCreateObjectPrototype(cx));
typeObj = cx->getNewType(&JSObject::class_, TaggedProto(cx->global()->getOrCreateObjectPrototype(cx)));
JS_ASSERT(srcObj->getClass() == &JSObject::class_);
AllocKind kind = GetBackgroundAllocKind(GuessObjectGCKind(srcObj->numFixedSlots()));
@@ -2233,7 +2234,7 @@ struct JSObject::TradeGutsReserved {
HeapSlot *newaslots;
HeapSlot *newbslots;
TradeGutsReserved(JSContext *cx)
explicit TradeGutsReserved(JSContext *cx)
: avals(cx), bvals(cx),
newafixed(0), newbfixed(0),
newashape(cx), newbshape(cx),