Changeset 178266 in webkit for trunk/Source/JavaScriptCore/ChangeLog
- Timestamp:
- Jan 12, 2015, 8:29:22 AM (11 years ago)
- File:
-
- 1 edited
-
trunk/Source/JavaScriptCore/ChangeLog (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/ChangeLog
r178247 r178266 1 2015-01-12 Michael Saboff <[email protected]> 2 3 Local JSArray* "keys" in objectConstructorKeys() is not marked during garbage collection 4 https://bugs.webkit.org/show_bug.cgi?id=140348 5 6 Reviewed by Mark Lam. 7 8 Move the address of the local variable that is used to demarcate the top of the stack for 9 conservative roots down to MachineThreads::gatherFromCurrentThread() since it also gets 10 the register values using setjmp(). That way we don't lose any callee save register 11 contents between Heap::markRoots(), where it was set, and gatherFromCurrentThread(). 12 If we lose any JSObject* that are only in callee save registers, they will be GC'ed 13 erroneously. 14 15 * heap/Heap.cpp: 16 (JSC::Heap::markRoots): 17 (JSC::Heap::gatherStackRoots): 18 * heap/Heap.h: 19 * heap/MachineStackMarker.cpp: 20 (JSC::MachineThreads::gatherFromCurrentThread): 21 (JSC::MachineThreads::gatherConservativeRoots): 22 * heap/MachineStackMarker.h: 23 1 24 2015-01-11 Eric Carlson <[email protected]> 2 25
Note:
See TracChangeset
for help on using the changeset viewer.
