Changeset 39910 in webkit for trunk/JavaScriptCore/parser/Nodes.cpp

Timestamp:

Jan 14, 2009, 2:14:55 PM (16 years ago)

Author:

[email protected]

Message:

Bug 22903: REGRESSION (r36267): visiting this site reliably crashes WebKit nightly

Reviewed by Cameron Zwarich

EvalCodeBlock's do not reference the functions that are declared inside the eval
code, this means that simply marking the EvalCodeBlock through the global object
is insufficient to mark the declared functions. This patch corrects this by
explicitly marking the CodeBlocks of all the functions declared in the cached
EvalNode.

File:

• trunk/JavaScriptCore/parser/Nodes.cpp (modified) (2 diffs)

trunk/JavaScriptCore/parser/Nodes.cpp

@@ -2403 +2403 @@
 }
 
+void ScopeNodeData::mark()
+{
+    FunctionStack::iterator end = m_functionStack.end();
+    for (FunctionStack::iterator ptr = m_functionStack.begin(); ptr != end; ++ptr) {
+        FunctionBodyNode* body = (*ptr)->body();
+        if (!body->isGenerated())
+            continue;
+        body->generatedBytecode().mark();
+    }
+}
+
 // ------------------------------ ScopeNode -----------------------------
 
@@ -2533 +2544 @@
 }
 
+void EvalNode::mark()
+{
+    // We don't need to mark our own CodeBlock as the JSGlobalObject takes care of that
+    data()->mark();
+}
+
 // ------------------------------ FunctionBodyNode -----------------------------