Changeset 43603 in webkit for trunk/JavaScriptCore/API

Timestamp:

May 12, 2009, 7:39:34 PM (16 years ago)

Author:

[email protected]

Message:

<rdar://problem/6879881> Crash occurs at JSC::JSActivation::mark() when loading ​http://www.monster.com; ​http://www.cnet.com
<​https://bugs.webkit.org/show_bug.cgi?id=25736> Crash loading www.google.dk/ig (and other igoogle's as well)

Reviewed by Gavin Barraclough.

Following on from the lazy arguments creation patch, it's now
possible for an activation to to have a null register in the callframe
so we can't just blindly mark the local registers in an activation,
and must null check first instead.

Location:

trunk/JavaScriptCore/API/tests

Files:

• testapi.c (modified) (2 diffs)
• testapi.js (modified) (1 diff)

trunk/JavaScriptCore/API/tests/testapi.c

@@ -700 +700 @@
 }
 
+static JSValueRef functionGC(JSContextRef context, JSObjectRef function, JSObjectRef thisObject, size_t argumentCount, const JSValueRef arguments[], JSValueRef* exception)
+{
+    UNUSED_PARAM(function);
+    UNUSED_PARAM(thisObject);
+    UNUSED_PARAM(argumentCount);
+    UNUSED_PARAM(arguments);
+    UNUSED_PARAM(exception);
+    JSGarbageCollect(context);
+    return JSValueMakeUndefined(context);
+}
+
 static JSStaticValue globalObject_staticValues[] = {
     { "globalStaticValue", globalObject_get, globalObject_set, kJSPropertyAttributeNone },
@@ -707 +718 @@
 static JSStaticFunction globalObject_staticFunctions[] = {
     { "globalStaticFunction", globalObject_call, kJSPropertyAttributeNone },
+    { "gc", functionGC, kJSPropertyAttributeNone },
     { 0, 0, 0 }
 };

trunk/JavaScriptCore/API/tests/testapi.js

@@ -23 +23 @@
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
  */
+
+function bludgeonArguments() { if (0) arguments; return function g() {} }
+h = bludgeonArguments();
+gc();
+
 var failed = false;
 function pass(msg)