Changeset 230486 in webkit
- Timestamp:
- Apr 10, 2018 11:04:07 AM (6 years ago)
- Location:
- trunk/Source/JavaScriptCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/ChangeLog
r230485 r230486 1 2018-04-10 Filip Pizlo <fpizlo@apple.com> 2 3 ExecutableToCodeBlockEdge::visitChildren() should be cool with m_codeBlock being null since we clear it in finalizeUnconditionally() 4 https://bugs.webkit.org/show_bug.cgi?id=184460 5 <rdar://problem/37610966> 6 7 Reviewed by Mark Lam. 8 9 * bytecode/ExecutableToCodeBlockEdge.cpp: 10 (JSC::ExecutableToCodeBlockEdge::visitChildren): 11 1 12 2018-04-10 Filip Pizlo <fpizlo@apple.com> 2 13 -
trunk/Source/JavaScriptCore/bytecode/ExecutableToCodeBlockEdge.cpp
r226783 r230486 50 50 ExecutableToCodeBlockEdge* edge = jsCast<ExecutableToCodeBlockEdge*>(cell); 51 51 CodeBlock* codeBlock = edge->m_codeBlock.get(); 52 53 // It's possible for someone to hold a pointer to the edge after the edge has cleared its weak 54 // reference to the codeBlock. In a conservative GC like ours, that could happen at random for 55 // no good reason and it's Totally OK (TM). See finalizeUnconditionally() for where we clear 56 // m_codeBlock. 57 if (!codeBlock) 58 return; 52 59 53 60 if (!edge->m_isActive) {
Note: See TracChangeset
for help on using the changeset viewer.