23016 2008-12-28 15:50:21 -0800 JavaScriptDebugServer::recompileAllJSFunctions() should not execute JS while reparsing all functions 2008-12-28 17:35:39 -0800 1 1 1 Unclassified WebKit Web Inspector (Deprecated) 528+ (Nightly build) All All RESOLVED FIXED InRadar P2 Normal --- 1 zwarich zwarich ddkilzer oldest_to_newest 103642 0 zwarich 2008-12-28 15:50:21 -0800 JavaScriptDebugServer::recompileAllJSFunctions() calls sourceParsed() while reparsing all JS functions, which will execute JS in the inspector. Depending on the order in which functions are recompiled, a function could have a new body but other functions that have not been recompiled could have an optimized (in the sense of inline caching) call to it, bypassing the check of whether or not there is generated bytecode. This leads to a crash caused by accessing indices off of a null pointer. The fix is to just make the calls to sourceParsed() after reparsing all functions. As a side note, it seems like a poor idea to add debug hooks to all inspector JS. This is probably a significant performance hit for the inspector. 103644 1 zwarich 2008-12-28 15:50:49 -0800 <rdar://problem/6425077> 103645 2 26284 zwarich 2008-12-28 16:02:28 -0800 Created attachment 26284 Proposed patch 103659 3 zwarich 2008-12-28 17:35:39 -0800 Landed in r39497. 26284 2008-12-28 16:02:28 -0800 2008-12-28 16:23:28 -0800 Proposed patch reparse.diff text/plain 3172 zwarich SW5kZXg6IENoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBDaGFuZ2VMb2cJKHJldmlzaW9uIDM5NDk0 KQorKysgQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMjcgQEAKKzIwMDgtMTIt MjggIENhbWVyb24gWndhcmljaCAgPGN3endhcmljaEB1d2F0ZXJsb28uY2E+CisKKyAgICAgICAg UmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgQnVnIDIzMDE2OiBKYXZhU2Ny aXB0RGVidWdTZXJ2ZXI6OnJlY29tcGlsZUFsbEpTRnVuY3Rpb25zKCkgc2hvdWxkIG5vdCBleGVj dXRlIEpTIHdoaWxlIHJlcGFyc2luZyBhbGwgZnVuY3Rpb25zCisgICAgICAgIDxodHRwczovL2J1 Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjMwMTY+CisgICAgICAgIDxyZGFyOi8vcHJv YmxlbS82NDI1MDc3PgorCisgICAgICAgIEphdmFTY3JpcHREZWJ1Z1NlcnZlcjo6cmVjb21waWxl QWxsSlNGdW5jdGlvbnMoKSBjYWxscyBzb3VyY2VQYXJzZWQoKSB3aGlsZQorICAgICAgICByZXBh cnNpbmcgYWxsIEpTIGZ1bmN0aW9ucywgd2hpY2ggd2lsbCBleGVjdXRlIEpTIGluIHRoZSBpbnNw ZWN0b3IuIERlcGVuZGluZworICAgICAgICBvbiB0aGUgb3JkZXIgaW4gd2hpY2ggZnVuY3Rpb25z IGFyZSByZWNvbXBpbGVkLCBhIGZ1bmN0aW9uIGNvdWxkIGhhdmUgYSBuZXcKKyAgICAgICAgYm9k eSBidXQgb3RoZXIgZnVuY3Rpb25zIHRoYXQgaGF2ZSBub3QgYmVlbiByZWNvbXBpbGVkIGNvdWxk IGhhdmUgYW4gb3B0aW1pemVkCisgICAgICAgIChpbiB0aGUgc2Vuc2Ugb2YgaW5saW5lIGNhY2hp bmcpIGNhbGwgdG8gaXQsIGJ5cGFzc2luZyB0aGUgY2hlY2sgb2Ygd2hldGhlciBvcgorICAgICAg ICBub3QgdGhlcmUgaXMgZ2VuZXJhdGVkIGJ5dGVjb2RlLiBUaGlzIGxlYWRzIHRvIGEgY3Jhc2gg Y2F1c2VkIGJ5IGFjY2Vzc2luZworICAgICAgICBpbmRpY2VzIG9mZiBvZiBhIG51bGwgcG9pbnRl ci4KKworICAgICAgICBUbyBmaXggdGhlIHByb2JsZW0sIHNpbXBseSBkZWxheSBjYWxsaW5nIHNv dXJjZVBhcnNlZCgpIHVudGlsIGFmdGVyIGFsbCBmdW5jdGlvbnMKKyAgICAgICAgaGF2ZSBiZWVu IHJlcGFyc2VkLiBUaGUgY3Jhc2ggaXNuJ3QgMTAwJSByZXByb2R1Y2libGUsIGJ1dCBvbiB0aGUg b25lIHRlc3QgY2FzZQorICAgICAgICBJIGhhdmUsIHRoaXMgbWFrZXMgaXQgaW1wb3NzaWJsZSB0 byByZXByb2R1Y2UgYWZ0ZXIgYSBsYXJnZSBudW1iZXIgb2YgYXR0ZW1wdHMsCisgICAgICAgIHdo ZW4gaXQgdXNlZCB0byBoYXBwZW4gZXZlcnkgZmV3IGF0dGVtcHRzLgorCisgICAgICAgICogaW5z cGVjdG9yL0phdmFTY3JpcHREZWJ1Z1NlcnZlci5jcHA6CisgICAgICAgIChXZWJDb3JlOjpKYXZh U2NyaXB0RGVidWdTZXJ2ZXI6OnJlY29tcGlsZUFsbEpTRnVuY3Rpb25zKToKKwogMjAwOC0xMi0y OCAgQ2FtZXJvbiBad2FyaWNoICA8Y3d6d2FyaWNoQHV3YXRlcmxvby5jYT4KIAogICAgICAgICBS ZXZpZXdlZCBieSBEYXJpbiBBZGxlci4KSW5kZXg6IGluc3BlY3Rvci9KYXZhU2NyaXB0RGVidWdT ZXJ2ZXIuY3BwCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT0KLS0tIGluc3BlY3Rvci9KYXZhU2NyaXB0RGVidWdTZXJ2ZXIu Y3BwCShyZXZpc2lvbiAzOTQ5MykKKysrIGluc3BlY3Rvci9KYXZhU2NyaXB0RGVidWdTZXJ2ZXIu Y3BwCSh3b3JraW5nIGNvcHkpCkBAIC01NDcsMTAgKzU0NywxMCBAQCB2b2lkIEphdmFTY3JpcHRE ZWJ1Z1NlcnZlcjo6cmVjb21waWxlQWxsCiAgICAgfQogCiAgICAgdHlwZWRlZiBIYXNoTWFwPFJl ZlB0cjxGdW5jdGlvbkJvZHlOb2RlPiwgUmVmUHRyPEZ1bmN0aW9uQm9keU5vZGU+ID4gRnVuY3Rp b25Cb2R5TWFwOwotICAgIHR5cGVkZWYgSGFzaFNldDxTb3VyY2VQcm92aWRlcio+IFNvdXJjZVBy b3ZpZGVyU2V0OworICAgIHR5cGVkZWYgSGFzaE1hcDxTb3VyY2VQcm92aWRlciosIEV4ZWNTdGF0 ZSo+IFNvdXJjZVByb3ZpZGVyTWFwOwogCiAgICAgRnVuY3Rpb25Cb2R5TWFwIGZ1bmN0aW9uQm9k aWVzOwotICAgIFNvdXJjZVByb3ZpZGVyU2V0IHNvdXJjZVByb3ZpZGVyczsKKyAgICBTb3VyY2VQ cm92aWRlck1hcCBzb3VyY2VQcm92aWRlcnM7CiAKICAgICBzaXplX3Qgc2l6ZSA9IGZ1bmN0aW9u cy5zaXplKCk7CiAgICAgZm9yIChzaXplX3QgaSA9IDA7IGkgPCBzaXplOyArK2kpIHsKQEAgLTU3 MywxMiArNTczLDE1IEBAIHZvaWQgSmF2YVNjcmlwdERlYnVnU2VydmVyOjpyZWNvbXBpbGVBbGwK ICAgICAgICAgcmVzdWx0LmZpcnN0LT5zZWNvbmQgPSBuZXdCb2R5OwogICAgICAgICBmdW5jdGlv bi0+c2V0Qm9keShuZXdCb2R5LnJlbGVhc2UoKSk7CiAKLSAgICAgICAgaWYgKGhhc0xpc3RlbmVy cygpKSB7Ci0gICAgICAgICAgICBTb3VyY2VQcm92aWRlciogcHJvdmlkZXIgPSBzb3VyY2VDb2Rl LnByb3ZpZGVyKCk7Ci0gICAgICAgICAgICBpZiAoc291cmNlUHJvdmlkZXJzLmFkZChwcm92aWRl cikuc2Vjb25kKQotICAgICAgICAgICAgICAgIHNvdXJjZVBhcnNlZChleGVjLCBTb3VyY2VDb2Rl KHByb3ZpZGVyKSwgLTEsIDApOwotICAgICAgICB9CisgICAgICAgIGlmIChoYXNMaXN0ZW5lcnMo KSkKKyAgICAgICAgICAgIHNvdXJjZVByb3ZpZGVycy5hZGQoc291cmNlQ29kZS5wcm92aWRlcigp LCBleGVjKTsKICAgICB9CisKKyAgICAvLyBDYWxsIHNvdXJjZVBhcnNlZCgpIGFmdGVyIHJlcGFy c2luZyBhbGwgZnVuY3Rpb25zIGJlY2F1c2UgaXQgd2lsbCBleGVjdXRlCisgICAgLy8gSmF2YVNj cmlwdCBpbiB0aGUgaW5zcGVjdG9yLgorICAgIFNvdXJjZVByb3ZpZGVyTWFwOjpjb25zdF9pdGVy YXRvciBlbmQgPSBzb3VyY2VQcm92aWRlcnMuZW5kKCk7CisgICAgZm9yIChTb3VyY2VQcm92aWRl ck1hcDo6Y29uc3RfaXRlcmF0b3IgaXRlciA9IHNvdXJjZVByb3ZpZGVycy5iZWdpbigpOyBpdGVy ICE9IGVuZDsgKytpdGVyKQorICAgICAgICBzb3VyY2VQYXJzZWQoKCppdGVyKS5zZWNvbmQsIFNv dXJjZUNvZGUoKCppdGVyKS5maXJzdCksIC0xLCAwKTsKIH0KIAogdm9pZCBKYXZhU2NyaXB0RGVi dWdTZXJ2ZXI6OmRpZEFkZExpc3RlbmVyKFBhZ2UqIHBhZ2UpCg==