Changeset 39910 in webkit for trunk/JavaScriptCore/parser

Timestamp:

Jan 14, 2009, 2:14:55 PM (16 years ago)

Author:

[email protected]

Message:

Bug 22903: REGRESSION (r36267): visiting this site reliably crashes WebKit nightly

Reviewed by Cameron Zwarich

EvalCodeBlock's do not reference the functions that are declared inside the eval
code, this means that simply marking the EvalCodeBlock through the global object
is insufficient to mark the declared functions. This patch corrects this by
explicitly marking the CodeBlocks of all the functions declared in the cached
EvalNode.

Location:

trunk/JavaScriptCore/parser

Files:

• Nodes.cpp (modified) (2 diffs)
• Nodes.h (modified) (2 diffs)

trunk/JavaScriptCore/parser/Nodes.cpp

@@ -2403 +2403 @@
 }
 
+void ScopeNodeData::mark()
+{
+    FunctionStack::iterator end = m_functionStack.end();
+    for (FunctionStack::iterator ptr = m_functionStack.begin(); ptr != end; ++ptr) {
+        FunctionBodyNode* body = (*ptr)->body();
+        if (!body->isGenerated())
+            continue;
+        body->generatedBytecode().mark();
+    }
+}
+
 // ------------------------------ ScopeNode -----------------------------
 
@@ -2533 +2544 @@
 }
 
+void EvalNode::mark()
+{
+    // We don't need to mark our own CodeBlock as the JSGlobalObject takes care of that
+    data()->mark();
+}
+
 // ------------------------------ FunctionBodyNode -----------------------------
 

trunk/JavaScriptCore/parser/Nodes.h

@@ -2075 +2075 @@
         int m_numConstants;
         StatementVector m_children;
+
+        void mark();
     };
 
@@ -2159 +2161 @@
         EvalCodeBlock& bytecodeForExceptionInfoReparse(ScopeChainNode*, CodeBlock*) JSC_FAST_CALL;
 
+        void mark();
     private:
         EvalNode(JSGlobalData*, SourceElements*, VarStack*, FunctionStack*, const SourceCode&, CodeFeatures, int numConstants) JSC_FAST_CALL;