| author | Bobby Holley <bobbyholley@gmail.com> |
| Thu, 02 Oct 2014 11:06:03 +0200 | |
| changeset 208371 | 4bff4b0ed99cc3d43745515b3a4716856312072f |
| parent 208370 | 13740fca92f2a957514ab91fc0243770583776ad |
| child 208372 | c70ca7e5474135b799f0bc26f5d8ff9c66faaf1b |
| push id | 49906 |
| push user | bobbyholley@gmail.com |
| push date | Thu, 02 Oct 2014 09:06:56 +0000 |
| treeherder | mozilla-inbound@4bff4b0ed99c [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | peterv |
| bugs | 1074863 |
| milestone | 35.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
--- a/js/xpconnect/tests/chrome/chrome.ini +++ b/js/xpconnect/tests/chrome/chrome.ini @@ -62,16 +62,17 @@ skip-if = buildapp == 'mulet' [test_bug865948.xul] [test_bug866823.xul] [test_bug895340.xul] [test_bug932906.xul] [test_bug996069.xul] [test_bug1041626.xul] [test_bug1042436.xul] [test_bug1050049.html] +[test_bug1074863.html] [test_xrayToJS.xul] skip-if = buildapp == 'mulet' [test_chrometoSource.xul] skip-if = buildapp == 'mulet' [test_cloneInto.xul] [test_cows.xul] skip-if = buildapp == 'mulet' [test_discardSystemSource.xul]
new file mode 100644 --- /dev/null +++ b/js/xpconnect/tests/chrome/test_bug1074863.html @@ -0,0 +1,32 @@ +<!DOCTYPE HTML> +<html> +<!-- +https://bugzilla.mozilla.org/show_bug.cgi?id=1074863 +--> +<head> + <meta charset="utf-8"> + <title>Test for Bug 1074863</title> + <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="chrome://global/skin"/> + <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"/> + <script type="application/javascript"> + + /** Test for Bug 1074863 **/ + const Cu = Components.utils; + var sb = new Cu.Sandbox('http://www.example.com'); + sb.namedCtor = Image; + ok(true, "Didn't assert"); + + + </script> +</head> +<body> +<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1074863">Mozilla Bug 1074863</a> +<p id="display"></p> +<div id="content" style="display: none"> + +</div> +<pre id="test"> +</pre> +</body> +</html>
--- a/js/xpconnect/wrappers/WrapperFactory.cpp +++ b/js/xpconnect/wrappers/WrapperFactory.cpp @@ -109,16 +109,21 @@ WrapperFactory::WaiveXray(JSContext *cx, // In general, we're trying to deprecate COWs incrementally as we introduce // Xrays to the corresponding object types. But switching off COWs for certain // things would be too tumultuous at present, so we punt on them for later. static bool ForceCOWBehavior(JSObject *obj) { JSProtoKey key = IdentifyStandardInstanceOrPrototype(obj); + if (key == JSProto_Function && GetXrayType(obj) == XrayForDOMObject) { + // This means that we've got a DOM constructor, which we never want to + // expose COW-style. + return false; + } if (key == JSProto_Object || key == JSProto_Array || key == JSProto_Function) { MOZ_ASSERT(GetXrayType(obj) == XrayForJSObject, "We should use XrayWrappers for standard ES Object, Array, and Function " "instances modulo this hack"); return true; } return false;