Changeset 29474 in webkit for trunk/JavaScriptCore/kjs/ExecState.cpp

Timestamp:

Jan 14, 2008, 11:02:46 AM (17 years ago)

Author:

Adam Roben

Message:

Fix Bug 16871: Crash when loading apple.com/startpage

<​http://bugs.webkit.org/show_bug.cgi?id=16871>
<rdar://problem/5686670>

Patch written by Darin, reviewed by me.

• kjs/ExecState.cpp: (KJS::ExecState::mark): Call ActivationImp::markChildren if our m_activation is on the stack. This is what ScopeChain::mark also does, but apparently in some cases it's possible for an ExecState's ActivationImp to not be in any ScopeChain.

File:

• trunk/JavaScriptCore/kjs/ExecState.cpp (modified) (1 diff)

trunk/JavaScriptCore/kjs/ExecState.cpp

@@ -128 +128 @@
     for (ExecState* exec = this; exec; exec = exec->m_callingExec)
         exec->m_scopeChain.mark();
+
+    // FIXME: It is surprising that this code is necessary, since at first
+    // glance it seems that all ActivationImps should be in a ScopeChain.
+    // However, <http://bugs.webkit.org/show_bug.cgi?id=16871> proves that is
+    // not the case.
+    if (m_activation && m_activation->isOnStack())
+        m_activation->markChildren();
 }