Changeset 53091 in webkit
- Timestamp:
- Jan 11, 2010 11:55:39 AM (14 years ago)
- Location:
- trunk/JavaScriptCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/JavaScriptCore/ChangeLog
r53090 r53091 1 2010-01-11 Geoffrey Garen <ggaren@apple.com> 2 3 Reviewed by Alexey Proskuryakov. 4 5 https://bugs.webkit.org/show_bug.cgi?id=33481 6 Uninitialized data members in ArrayStorage 7 8 SunSpider reports no change. 9 10 * runtime/JSArray.cpp: 11 (JSC::JSArray::JSArray): Initialize missing data members in the two cases 12 where we don't use fastZeroedMalloc, so it doesn't happen automatically. 13 1 14 2010-01-11 Steve Falkenburg <sfalken@apple.com> 2 15 -
trunk/JavaScriptCore/runtime/JSArray.cpp
r53025 r53091 153 153 m_storage->m_sparseValueMap = 0; 154 154 m_storage->lazyCreationData = 0; 155 m_storage->reportedMapCapacity = 0; 155 156 156 157 JSValue* vector = m_storage->m_vector; … … 173 174 m_storage->m_numValuesInVector = initialCapacity; 174 175 m_storage->m_sparseValueMap = 0; 176 m_storage->lazyCreationData = 0; 177 m_storage->reportedMapCapacity = 0; 175 178 176 179 size_t i = 0;
Note: See TracChangeset
for help on using the changeset viewer.