Bug 172939
| Summary: | Maintain an Invariant that a JSObject always has a GlobalObject | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Joseph Pecoraro <joepeck> |
| Component: | JavaScriptCore | Assignee: | Nobody <webkit-unassigned> |
| Status: | NEW | ||
| Severity: | Normal | CC: | saam |
| Priority: | P2 | ||
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Joseph Pecoraro
JavaScriptCore should maintain an invariant where a JSObject's Structure should always have a GlobalObject.
There are a few cases right now of Objects/Structures that do not have GlobalObject:
Structures created in VM.cpp:
exceptionStructure.set(*this, Exception::createStructure(*this, 0, jsNull()));
terminatedExecutionErrorStructure.set(*this, TerminatedExecutionError::createStructure(*this, 0, jsNull()));
iterationTerminator.set(*this, JSFinalObject::create(*this, JSFinalObject::createStructure(*this, 0, jsNull(), 1)));
GlobalObject structures themselves in creation:
jsc's GlobalObject
WebCore::JSDOMWindowPrototype::createStructure
WebCore::JSDOMWindowShell::createStructure
... Probably Others for JSContext / Workers ...
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |