Bug 852563 - Initialize IdValuePair::value to avoid GC sequence-point trickiness. r=bhackett
authorJeff Walden <jwalden@mit.edu>
Tue, 19 Mar 2013 10:41:24 -0700
changeset 125501 fa248c4df2f1831500ddf06e895efc841f41c8a4
parent 125500 7731f59477898f99134dcc5202b3d2a92b330a9d
child 125502 8a1221cad0c0e94714365c62e487addba69dfc6c
push id24459
push useremorley@mozilla.com
push dateWed, 20 Mar 2013 11:46:36 +0000
treeherdermozilla-central@1d6fe70c79c5 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbhackett
bugs852563
milestone22.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 852563 - Initialize IdValuePair::value to avoid GC sequence-point trickiness. r=bhackett
js/src/jsprvtd.h
js/src/tests/ecma_5/JSON/parse-array-gc.js
--- a/js/src/jsprvtd.h
+++ b/js/src/jsprvtd.h
@@ -213,17 +213,17 @@ class FreeOp;
 
 struct IdValuePair
 {
     jsid id;
     Value value;
 
     IdValuePair() {}
     IdValuePair(jsid idArg)
-      : id(idArg)
+      : id(idArg), value(UndefinedValue())
     {}
 };
 
 } /* namespace js */
 
 namespace JSC {
 
 class ExecutableAllocator;
new file mode 100644
--- /dev/null
+++ b/js/src/tests/ecma_5/JSON/parse-array-gc.js
@@ -0,0 +1,30 @@
+// Any copyright is dedicated to the Public Domain.
+// http://creativecommons.org/licenses/publicdomain/
+
+var gTestfile = "parse-array-gc.js";
+//-----------------------------------------------------------------------------
+var BUGNUMBER = 852563;
+var summary =
+  "IdValuePair::value should be initialized to avoid GC sequence-point issues";
+
+print(BUGNUMBER + ": " + summary);
+
+print("Note: You must run this test under valgrind to be certain it passes");
+
+/**************
+ * BEGIN TEST *
+ **************/
+
+var x;
+
+gczeal(2, 1);
+x = JSON.parse('{"foo":[]}');
+Object.getPrototypeOf(x.foo) == Array.prototype;
+x = JSON.parse('{"foo":[], "bar":[]}');
+
+/******************************************************************************/
+
+if (typeof reportCompare === "function")
+  reportCompare(true, true);
+
+print("Tests complete");