Changeset 53091 in webkit


Ignore:
Timestamp:
Jan 11, 2010 11:55:39 AM (14 years ago)
Author:
ggaren@apple.com
Message:

2010-01-11 Geoffrey Garen <ggaren@apple.com>

Reviewed by Alexey Proskuryakov.

https://bugs.webkit.org/show_bug.cgi?id=33481
Uninitialized data members in ArrayStorage


SunSpider reports no change.

  • runtime/JSArray.cpp: (JSC::JSArray::JSArray): Initialize missing data members in the two cases where we don't use fastZeroedMalloc, so it doesn't happen automatically.
Location:
trunk/JavaScriptCore
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/JavaScriptCore/ChangeLog

    r53090 r53091  
     12010-01-11  Geoffrey Garen  <ggaren@apple.com>
     2
     3        Reviewed by Alexey Proskuryakov.
     4
     5        https://bugs.webkit.org/show_bug.cgi?id=33481
     6        Uninitialized data members in ArrayStorage
     7       
     8        SunSpider reports no change.
     9
     10        * runtime/JSArray.cpp:
     11        (JSC::JSArray::JSArray): Initialize missing data members in the two cases
     12        where we don't use fastZeroedMalloc, so it doesn't happen automatically.
     13
    1142010-01-11  Steve Falkenburg  <sfalken@apple.com>
    215
  • trunk/JavaScriptCore/runtime/JSArray.cpp

    r53025 r53091  
    153153    m_storage->m_sparseValueMap = 0;
    154154    m_storage->lazyCreationData = 0;
     155    m_storage->reportedMapCapacity = 0;
    155156
    156157    JSValue* vector = m_storage->m_vector;
     
    173174    m_storage->m_numValuesInVector = initialCapacity;
    174175    m_storage->m_sparseValueMap = 0;
     176    m_storage->lazyCreationData = 0;
     177    m_storage->reportedMapCapacity = 0;
    175178
    176179    size_t i = 0;
Note: See TracChangeset for help on using the changeset viewer.