Changeset 29474 in webkit

Timestamp:

Jan 14, 2008 11:02:46 AM (16 years ago)

Author:

Adam Roben

Message:

Fix Bug 16871: Crash when loading apple.com/startpage

<​http://bugs.webkit.org/show_bug.cgi?id=16871>
<rdar://problem/5686670>

Patch written by Darin, reviewed by me.

• kjs/ExecState.cpp: (KJS::ExecState::mark): Call ActivationImp::markChildren if our m_activation is on the stack. This is what ScopeChain::mark also does, but apparently in some cases it's possible for an ExecState's ActivationImp to not be in any ScopeChain.

Location:

trunk/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• kjs/ExecState.cpp (modified) (1 diff)

trunk/JavaScriptCore/ChangeLog

@@ +1 @@
+2008-01-14  Adam Roben  <aroben@apple.com>
+
+        Fix Bug 16871: Crash when loading apple.com/startpage
+
+        <http://bugs.webkit.org/show_bug.cgi?id=16871>
+        <rdar://problem/5686670>
+
+        Patch written by Darin, reviewed by me.
+
+        * kjs/ExecState.cpp:
+        (KJS::ExecState::mark): Call ActivationImp::markChildren if our
+        m_activation is on the stack. This is what ScopeChain::mark also does,
+        but apparently in some cases it's possible for an ExecState's
+        ActivationImp to not be in any ScopeChain.
+
 2008-01-14  Kevin McCullough  <kmccullough@apple.com>
 

trunk/JavaScriptCore/kjs/ExecState.cpp

@@ -128 +128 @@
     for (ExecState* exec = this; exec; exec = exec->m_callingExec)
         exec->m_scopeChain.mark();
+
+    // FIXME: It is surprising that this code is necessary, since at first
+    // glance it seems that all ActivationImps should be in a ScopeChain.
+    // However, <http://bugs.webkit.org/show_bug.cgi?id=16871> proves that is
+    // not the case.
+    if (m_activation && m_activation->isOnStack())
+        m_activation->markChildren();
 }