Ignore:
Timestamp:
Mar 19, 2009, 5:03:57 PM (16 years ago)
Author:
[email protected]
Message:

2009-03-19 Cameron Zwarich <[email protected]>

Reviewed by Geoff Garen.

Bug 23771: REGRESSION (r36016): JSObjectHasProperty freezes on global class without kJSClassAttributeNoAutomaticPrototype
<https://bugs.webkit.org/show_bug.cgi?id=23771>
<rdar://problem/6561016>

  • API/tests/testapi.c: (main): Add a test for this bug.
  • runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::resetPrototype): Don't set the prototype of the last object in the prototype chain to the object prototype when the object prototype is already the last object in the prototype chain.
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/API/tests/testapi.c

    r36863 r41846  
    992992    JSClassRelease(globalObjectClass);
    993993
     994    // Test for an infinite prototype chain that used to be created. This test
     995    // passes if the call to JSObjectHasProperty() does not hang.
     996
     997    JSClassDefinition prototypeLoopClassDefinition = kJSClassDefinitionEmpty;
     998    prototypeLoopClassDefinition.staticFunctions = globalObject_staticFunctions;
     999    JSClassRef prototypeLoopClass = JSClassCreate(&prototypeLoopClassDefinition);
     1000    JSGlobalContextRef prototypeLoopContext = JSGlobalContextCreateInGroup(NULL, prototypeLoopClass);
     1001
     1002    JSStringRef nameProperty = JSStringCreateWithUTF8CString("name");
     1003    JSObjectHasProperty(prototypeLoopContext, JSContextGetGlobalObject(prototypeLoopContext), nameProperty);
     1004
     1005    JSGlobalContextRelease(prototypeLoopContext);
     1006    JSClassRelease(prototypeLoopClass);
     1007
     1008    printf("PASS: Infinite prototype chain does not occur.\n");
     1009
    9941010    printf("PASS: Program exited normally.\n");
    9951011    return 0;
Note: See TracChangeset for help on using the changeset viewer.